Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
File: AS20473.roa (raw, json)
Hash identifier: 4VmMwCPd4P3oldHnvqyaiMS25pmNB+AnR5viz7HkksY=
Subject key identifier: 50:4C:E0:3A:F0:58:46:8A:B2:EB:BE:34:97:6A:F2:E1:49:04:C0:A5
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 171CC3E5DC35FEC7E76AC1E7A8D58EEDEB01B3FF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
Signing time: Mon 31 Mar 2025 17:19:29 +0000
ROA not before: Mon 31 Mar 2025 17:14:29 +0000
ROA not after: Mon 30 Mar 2026 17:19:29 +0000
asID: 20473
IP address blocks: 46.203.120.0/24 maxlen: 24
46.203.145.0/24 maxlen: 24
46.203.149.0/24 maxlen: 24
46.203.152.0/24 maxlen: 24
46.203.155.0/24 maxlen: 24
91.124.177.0/24 maxlen: 24
92.112.58.0/24 maxlen: 24
95.134.149.0/24 maxlen: 24
95.135.252.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:1c:c3:e5:dc:35:fe:c7:e7:6a:c1:e7:a8:d5:8e:ed:eb:01:b3:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Mar 31 17:14:29 2025 GMT
Not After : Mar 30 17:19:29 2026 GMT
Subject: CN=504CE03AF058468AB2EBBE34976AF2E14904C0A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:64:c1:cf:97:34:51:02:1e:fc:54:26:ac:aa:
f7:bb:60:51:6b:42:ec:68:b3:40:6f:ce:23:40:ac:
c8:e2:a0:4c:1b:73:5f:d4:65:69:70:8c:ce:9d:3d:
cc:7d:af:7e:45:8c:7b:1b:c0:22:d9:a7:67:c4:db:
dc:99:19:af:22:49:a0:15:f0:9a:40:2b:39:ed:27:
8c:73:34:a6:bf:f1:8c:96:63:88:b7:e9:3e:73:93:
56:a6:71:55:f3:9d:94:b0:1f:28:e1:07:e1:77:0e:
9d:dd:fe:20:8a:60:fa:b8:b3:af:f7:2b:a0:d6:d1:
6a:4b:37:f7:2d:bc:65:f4:cb:29:43:37:1a:68:c5:
32:8c:a2:bf:47:85:3f:2d:2a:5b:27:b2:25:68:46:
99:07:02:a9:e3:c1:74:84:df:03:6f:61:5f:0d:b2:
d2:65:95:f9:d4:23:d0:8b:f6:34:4d:31:23:39:8a:
6d:3d:6d:5c:9d:3c:7a:5e:20:03:30:d0:65:8c:68:
77:34:5f:55:da:62:d3:92:8f:93:8a:24:b7:9c:e6:
53:c5:1a:9c:d3:59:c0:55:b3:e5:a7:bd:0c:a5:de:
e5:07:3d:91:1b:b9:2c:cd:35:4f:00:06:e2:e2:26:
e7:de:e3:0e:0e:94:c8:27:33:7c:aa:cc:ab:09:03:
b4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:4C:E0:3A:F0:58:46:8A:B2:EB:BE:34:97:6A:F2:E1:49:04:C0:A5
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.120.0/24
46.203.145.0/24
46.203.149.0/24
46.203.152.0/24
46.203.155.0/24
91.124.177.0/24
92.112.58.0/24
95.134.149.0/24
95.135.252.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:b9:71:e9:f2:87:34:91:af:cb:cc:76:b8:db:67:52:30:43:
74:10:1e:4a:34:83:11:83:df:3d:a7:68:1a:a9:3b:27:da:d5:
e1:fb:fe:a2:0b:08:38:6a:ec:0d:ec:65:8a:36:ce:df:c3:f3:
87:08:a6:36:33:5b:11:b9:db:97:6b:72:fb:27:2f:6b:3d:71:
6a:54:9d:35:87:21:43:2d:43:db:24:10:a1:cf:2e:8e:8a:d4:
d1:2d:22:9c:27:d6:a8:16:67:d8:2a:ec:3b:a1:62:d8:f6:d4:
d8:bb:8b:82:fb:0c:1a:38:40:b4:0e:9b:7e:3f:60:f1:c8:20:
87:db:af:27:4c:ab:87:47:f9:d9:cc:03:ac:5b:01:d5:cd:e2:
1a:ab:72:98:42:a7:6c:ef:00:ef:67:ce:cb:64:dc:7e:c7:f9:
af:00:52:52:a4:42:71:55:e7:22:c6:35:1b:d7:02:37:e7:07:
c2:b1:09:5d:18:27:d7:39:25:79:cb:68:37:21:ea:74:bf:23:
3f:52:fa:e6:de:59:ee:18:e1:f6:29:3a:21:00:8c:2d:2b:12:
3c:6b:8d:b6:c9:28:98:0c:cc:ed:eb:6e:5b:17:c1:3e:16:b8:
09:3d:c6:65:44:11:66:01:75:aa:ba:00:b4:69:cd:79:f2:99:
80:7a:fa:88
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIUFxzD5dw1/sfnasHnqNWO7esBs/8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAzMzExNzE0MjlaFw0yNjAzMzAxNzE5MjlaMDMxMTAvBgNV
BAMTKDUwNENFMDNBRjA1ODQ2OEFCMkVCQkUzNDk3NkFGMkUxNDkwNEMwQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKZMHPlzRRAh78VCasqve7YFFr
Quxos0BvziNArMjioEwbc1/UZWlwjM6dPcx9r35FjHsbwCLZp2fE29yZGa8iSaAV
8JpAKzntJ4xzNKa/8YyWY4i36T5zk1amcVXznZSwHyjhB+F3Dp3d/iCKYPq4s6/3
K6DW0WpLN/ctvGX0yylDNxpoxTKMor9HhT8tKlsnsiVoRpkHAqnjwXSE3wNvYV8N
stJllfnUI9CL9jRNMSM5im09bVydPHpeIAMw0GWMaHc0X1XaYtOSj5OKJLec5lPF
GpzTWcBVs+WnvQyl3uUHPZEbuSzNNU8ABuLiJufe4w4OlMgnM3yqzKsJA7TXAgMB
AAGjggI5MIICNTAdBgNVHQ4EFgQUUEzgOvBYRoqy6740l2ry4UkEwKUwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBAAuy3gD
BAAuy5EDBAAuy5UDBAAuy5gDBAAuy5sDBABbfLEDBABccDoDBABfhpUDBABfh/ww
DQYJKoZIhvcNAQELBQADggEBAKa5cenyhzSRr8vMdrjbZ1IwQ3QQHko0gxGD3z2n
aBqpOyfa1eH7/qILCDhq7A3sZYo2zt/D84cIpjYzWxG525drcvsnL2s9cWpUnTWH
IUMtQ9skEKHPLo6K1NEtIpwn1qgWZ9gq7DuhYtj21Ni7i4L7DBo4QLQOm34/YPHI
IIfbrydMq4dH+dnMA6xbAdXN4hqrcphCp2zvAO9nzstk3H7H+a8AUlKkQnFV5yLG
NRvXAjfnB8KxCV0YJ9c5JXnLaDch6nS/Iz9S+ubeWe4Y4fYpOiEAjC0rEjxrjbbJ
KJgMzO3rblsXwT4WuAk9xmVEEWYBdaq6ALRpzXnymYB6+og=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:29 2025 by rpki-client on console.sobornost.net