Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: gkY9sA3HfrL1ioGwEFGUKPhS1Zlb3wFK9c7cgP2j/p8=
Subject key identifier: A9:DE:B4:BD:B2:2A:72:08:45:0B:98:57:3C:FF:E5:A7:6C:BD:BD:EA
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 560CF7808AE7223B9570FEF8BD00F456928ED152
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 16 Feb 2026 16:35:03 +0000
ROA not before: Mon 16 Feb 2026 16:30:03 +0000
ROA not after: Mon 15 Feb 2027 16:35:03 +0000
asID: 20473
IP address blocks: 92.112.147.0/24 maxlen: 24
178.92.48.0/24 maxlen: 24
178.92.125.0/24 maxlen: 24
178.95.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 08:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:0c:f7:80:8a:e7:22:3b:95:70:fe:f8:bd:00:f4:56:92:8e:d1:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 16 16:30:03 2026 GMT
Not After : Feb 15 16:35:03 2027 GMT
Subject: CN=A9DEB4BDB22A7208450B98573CFFE5A76CBDBDEA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:be:60:6c:00:9a:70:b7:5b:7b:4d:a9:f3:69:
94:13:54:53:cc:af:5b:d8:dd:85:db:a7:93:d6:2c:
70:f2:63:41:9e:b4:74:53:5e:a2:b1:ef:28:de:2a:
dc:af:28:d3:93:0d:5a:67:a7:f0:90:56:45:36:ef:
cd:54:5d:22:fd:82:8f:44:64:bc:61:48:80:66:4d:
af:de:47:e3:df:79:27:df:ae:73:a7:9b:28:26:fc:
cd:03:9d:9f:44:b8:08:68:ec:f3:f0:14:81:a0:3e:
70:da:ba:87:b0:7d:b6:7a:b3:c9:71:d3:97:33:74:
2c:bd:aa:82:d1:84:4c:b2:e3:7b:b0:07:49:d8:c4:
52:9a:c5:a9:d0:b0:f7:36:24:48:6f:47:62:56:5a:
f0:06:27:17:01:23:63:60:48:0a:ec:92:e1:08:04:
b4:80:88:90:40:03:c2:5f:6e:82:78:0c:ee:29:bf:
96:ac:c0:af:4a:c9:cf:b4:a4:4f:d1:54:02:8c:78:
2a:40:fe:e5:85:3e:ab:62:df:df:0d:70:ae:38:e7:
77:25:5f:f1:ba:2d:2e:c9:49:c4:9b:7c:3f:20:f5:
7f:8c:ca:df:c3:d1:d2:46:47:5a:10:f0:aa:df:16:
9b:f7:ce:32:6a:e8:f1:5f:3a:50:63:5c:68:ab:ae:
ca:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:DE:B4:BD:B2:2A:72:08:45:0B:98:57:3C:FF:E5:A7:6C:BD:BD:EA
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.112.147.0/24
178.92.48.0/24
178.92.125.0/24
178.95.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b9:91:07:00:ea:4d:da:73:97:9e:7c:f1:ca:27:1a:db:5a:
01:6a:2b:41:08:d9:ae:5f:7b:eb:6d:b5:4c:e0:f3:2a:95:9f:
42:e7:36:e9:35:0d:bd:ac:ab:9d:92:0d:8f:f5:3b:5d:b6:37:
dd:04:51:d6:95:be:58:21:0d:de:5d:5f:18:e1:14:f6:bf:bb:
92:dd:3b:4c:de:fe:60:c5:7d:f9:05:5b:c7:b0:f4:c2:43:80:
ff:61:bd:21:51:83:22:e8:30:84:27:06:83:f2:cd:80:79:79:
61:16:d9:5d:60:8a:97:2e:a5:b7:28:21:16:77:db:3e:c0:9e:
74:aa:b0:bc:cd:8b:37:b0:e3:de:82:c9:82:39:6b:80:a9:57:
5c:10:35:52:80:d1:7a:50:27:e5:87:20:19:bc:d2:9b:2c:56:
f1:2d:02:d2:8b:c1:e5:ad:be:d2:52:8d:0a:96:0d:e9:38:d8:
ae:b2:96:94:80:05:b2:55:dc:03:8e:61:1b:f5:58:a3:8f:72:
3e:0e:95:04:9b:a0:98:7c:c3:ad:fe:15:16:03:6b:aa:f5:37:
7d:07:75:98:47:21:ac:29:0d:35:34:6d:0a:86:c2:99:84:b8:
b5:8e:7b:e4:a0:86:c6:ba:56:26:14:34:18:b9:7d:cd:e5:74:
4f:63:0b:f8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUVgz3gIrnIjuVcP74vQD0VpKO0VIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMTYxNjMwMDNaFw0yNzAyMTUxNjM1MDNaMDMxMTAvBgNV
BAMTKEE5REVCNEJEQjIyQTcyMDg0NTBCOTg1NzNDRkZFNUE3NkNCREJERUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwvmBsAJpwt1t7TanzaZQTVFPM
r1vY3YXbp5PWLHDyY0GetHRTXqKx7yjeKtyvKNOTDVpnp/CQVkU2781UXSL9go9E
ZLxhSIBmTa/eR+PfeSffrnOnmygm/M0DnZ9EuAho7PPwFIGgPnDauoewfbZ6s8lx
05czdCy9qoLRhEyy43uwB0nYxFKaxanQsPc2JEhvR2JWWvAGJxcBI2NgSArskuEI
BLSAiJBAA8JfboJ4DO4pv5aswK9Kyc+0pE/RVAKMeCpA/uWFPqti398NcK4453cl
X/G6LS7JScSbfD8g9X+Myt/D0dJGR1oQ8KrfFpv3zjJq6PFfOlBjXGirrsqNAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUqd60vbIqcghFC5hXPP/lp2y9veowHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABccJMD
BACyXDADBACyXH0DBACyX8UwDQYJKoZIhvcNAQELBQADggEBAKa5kQcA6k3ac5ee
fPHKJxrbWgFqK0EI2a5fe+tttUzg8yqVn0LnNuk1Db2sq52SDY/1O122N90EUdaV
vlghDd5dXxjhFPa/u5LdO0ze/mDFffkFW8ew9MJDgP9hvSFRgyLoMIQnBoPyzYB5
eWEW2V1gipcupbcoIRZ32z7AnnSqsLzNizew496CyYI5a4CpV1wQNVKA0XpQJ+WH
IBm80pssVvEtAtKLweWtvtJSjQqWDek42K6ylpSABbJV3AOOYRv1WKOPcj4OlQSb
oJh8w63+FRYDa6r1N30HdZhHIawpDTU0bQqGwpmEuLWOe+Sghsa6ViYUNBi5fc3l
dE9jC/g=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:10:32 2026 by rpki-client