Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: xrneTw7coDDUJOBqrq2r67M5lDjZKqkduU1+5CdmYjc=
Subject key identifier: BB:5B:54:56:77:FC:00:68:09:34:B0:EC:BB:3B:C3:29:27:2E:CC:7D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5917F88DAEA22CCE417E1D85EBBA83D8E0115557
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Tue 15 Apr 2025 00:00:20 +0000
ROA not before: Mon 14 Apr 2025 23:55:20 +0000
ROA not after: Tue 14 Apr 2026 00:00:20 +0000
asID: 20473
IP address blocks: 91.124.177.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
95.134.149.0/24 maxlen: 24
95.135.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:17:f8:8d:ae:a2:2c:ce:41:7e:1d:85:eb:ba:83:d8:e0:11:55:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 14 23:55:20 2025 GMT
Not After : Apr 14 00:00:20 2026 GMT
Subject: CN=BB5B545677FC00680934B0ECBB3BC329272ECC7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:64:ef:ac:bd:ad:3d:17:71:51:03:17:5f:b1:
a5:5e:11:75:eb:84:4d:77:28:3d:be:fa:e5:b2:e1:
66:a3:51:dd:27:4a:68:46:b4:d0:b6:f4:f3:16:59:
7e:65:95:b6:63:d7:24:d8:1d:2c:17:52:45:11:22:
95:32:03:21:0b:0f:ac:bd:da:15:1e:c5:32:e1:e9:
5b:0d:d6:29:8e:9a:b7:29:88:a7:4b:43:93:0c:1e:
3b:0b:68:e5:1c:4e:8f:8c:e4:3d:39:cd:b0:88:09:
fd:b3:d5:a2:71:ec:1f:ca:eb:16:65:e9:8e:c7:e2:
b9:ca:c3:51:fc:38:37:58:26:21:ba:bd:9b:87:9c:
39:4d:ae:8f:09:57:85:8c:42:aa:c2:29:3d:dc:21:
7c:58:8d:2c:48:4b:04:e6:d2:d8:88:70:dc:e9:cf:
99:fb:3f:72:bb:a2:29:fc:cd:f6:fb:93:1b:7f:c6:
b7:0c:bc:07:ba:73:59:83:38:37:9f:e8:36:c8:48:
17:da:a4:04:cb:3c:9e:61:78:0f:d1:fc:a8:65:68:
50:5f:79:0e:8a:81:47:03:c9:7f:59:53:d9:7a:ac:
9f:67:7a:fe:ab:40:99:a9:0a:65:b9:ee:e0:de:7d:
48:66:38:2a:ed:eb:a0:f5:f5:2c:b7:7c:48:da:5b:
05:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:5B:54:56:77:FC:00:68:09:34:B0:EC:BB:3B:C3:29:27:2E:CC:7D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.177.0/24
92.112.58.0/24
95.134.149.0/24
95.135.252.0/24
Signature Algorithm: sha256WithRSAEncryption
62:3b:77:22:75:e7:75:fe:e8:9f:06:da:16:c1:ef:3b:09:67:
8e:91:a7:54:2c:75:8d:19:52:97:e6:63:4d:9c:15:76:ba:55:
4a:23:6d:2e:24:f2:41:50:fb:af:da:0b:ec:f4:b2:ed:7b:e8:
c7:c3:2d:0c:1c:eb:cd:41:cc:24:8d:28:52:c3:8b:4e:c4:83:
84:55:45:95:b3:45:7b:cf:ae:c6:c2:c0:fc:bc:a1:35:5c:00:
ee:8f:3d:74:59:6c:96:b9:20:50:f4:c1:41:8e:d5:c5:2d:a6:
4a:72:74:b9:9c:89:08:b6:ca:60:70:a3:8a:c8:c3:a6:37:cf:
39:5f:1f:29:d9:c4:e5:59:8e:b6:8a:97:fb:ec:3b:98:c4:fe:
0c:76:26:61:a0:40:0f:ca:17:dd:ca:19:1c:27:0e:31:7e:91:
5c:04:8c:c3:03:37:78:cd:ff:4e:f0:d6:ba:c5:fe:e7:79:07:
ac:91:bc:18:c2:9e:d0:fe:5f:11:8f:0c:0c:0a:f9:5a:b7:b9:
50:bf:bd:13:a1:0d:74:be:9d:ae:a4:43:bc:63:cd:e1:e6:54:
5d:d1:c4:6f:9a:67:1f:45:8b:a3:e9:2d:75:a3:51:e2:fa:a0:
b2:d2:92:07:8e:10:35:d4:e3:2f:72:a2:df:d2:c5:e0:86:aa:
d1:a2:35:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUWRf4ja6iLM5Bfh2F67qD2OARVVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTQyMzU1MjBaFw0yNjA0MTQwMDAwMjBaMDMxMTAvBgNV
BAMTKEJCNUI1NDU2NzdGQzAwNjgwOTM0QjBFQ0JCM0JDMzI5MjcyRUNDN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTZO+sva09F3FRAxdfsaVeEXXr
hE13KD2++uWy4WajUd0nSmhGtNC29PMWWX5llbZj1yTYHSwXUkURIpUyAyELD6y9
2hUexTLh6VsN1imOmrcpiKdLQ5MMHjsLaOUcTo+M5D05zbCICf2z1aJx7B/K6xZl
6Y7H4rnKw1H8ODdYJiG6vZuHnDlNro8JV4WMQqrCKT3cIXxYjSxISwTm0tiIcNzp
z5n7P3K7oin8zfb7kxt/xrcMvAe6c1mDODef6DbISBfapATLPJ5heA/R/KhlaFBf
eQ6KgUcDyX9ZU9l6rJ9nev6rQJmpCmW57uDefUhmOCrt66D19Sy3fEjaWwVfAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUu1tUVnf8AGgJNLDsuzvDKScuzH0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABbfLED
BABccDoDBABfhpUDBABfh/wwDQYJKoZIhvcNAQELBQADggEBAGI7dyJ153X+6J8G
2hbB7zsJZ46Rp1QsdY0ZUpfmY02cFXa6VUojbS4k8kFQ+6/aC+z0su176MfDLQwc
681BzCSNKFLDi07Eg4RVRZWzRXvPrsbCwPy8oTVcAO6PPXRZbJa5IFD0wUGO1cUt
pkpydLmciQi2ymBwo4rIw6Y3zzlfHynZxOVZjraKl/vsO5jE/gx2JmGgQA/KF93K
GRwnDjF+kVwEjMMDN3jN/07w1rrF/ud5B6yRvBjCntD+XxGPDAwK+Vq3uVC/vROh
DXS+na6kQ7xjzeHmVF3RxG+aZx9Fi6PpLXWjUeL6oLLSkgeOEDXU4y9yot/SxeCG
qtGiNVw=
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:27 2025 by rpki-client