Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: mD0xjWpLjZ0QBSyxVxVC5MBx63NJ1IsC54+2jGeiIA4=
Subject key identifier: CC:9A:5B:4F:8F:21:7D:A1:6E:A0:E1:22:86:86:83:97:3E:C4:9C:93
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 417E910D01FE7A36051899DEE897A95B068C47FB
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
Signing time: Thu 12 Feb 2026 08:05:08 +0000
ROA not before: Thu 12 Feb 2026 08:00:08 +0000
ROA not after: Thu 11 Feb 2027 08:05:08 +0000
asID: 22427
IP address blocks: 155.117.247.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.140.0/24 maxlen: 24
167.148.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:7e:91:0d:01:fe:7a:36:05:18:99:de:e8:97:a9:5b:06:8c:47:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 12 08:00:08 2026 GMT
Not After : Feb 11 08:05:08 2027 GMT
Subject: CN=CC9A5B4F8F217DA16EA0E122868683973EC49C93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:c2:d9:99:eb:10:59:21:65:3a:2e:26:e7:a6:
36:ce:d3:ac:c8:54:12:1e:2b:db:85:46:01:32:2b:
50:b7:2e:cf:46:57:71:fa:f2:84:dc:cd:7a:00:49:
d6:fd:f8:5a:ff:53:ce:3f:54:b5:1d:ab:53:41:59:
1a:a5:b3:43:94:74:40:27:a2:96:a6:bf:8f:44:9f:
51:d3:fa:b3:ea:cb:d2:db:34:75:9d:cb:62:18:1a:
ff:9b:94:ba:da:5a:0f:9d:43:1b:a9:e3:1c:00:f9:
01:5d:66:5c:4f:ed:26:76:61:8e:a1:84:97:eb:cb:
17:80:be:dc:97:90:5c:6c:f8:61:66:15:50:db:61:
b9:46:0a:43:00:b4:95:4e:8e:fd:85:25:1a:a0:41:
28:95:98:e5:bb:a3:08:47:38:45:be:35:02:78:5c:
9f:fe:63:aa:e8:fd:38:0d:bc:62:a7:a3:70:8f:57:
28:7b:7a:4b:a6:2c:df:4a:23:c7:03:0e:61:bb:45:
90:4a:94:44:1b:a9:17:ca:8e:de:4e:57:55:c2:60:
ef:1a:82:fb:66:03:de:33:25:28:48:30:79:a6:53:
a9:36:08:54:76:5c:a3:74:4f:53:94:6d:e2:76:75:
79:55:4a:4d:54:f3:9e:ab:9d:fa:ae:53:ca:be:4f:
9a:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9A:5B:4F:8F:21:7D:A1:6E:A0:E1:22:86:86:83:97:3E:C4:9C:93
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.247.0/24
167.148.28.0/24
167.148.140.0/24
167.148.179.0/24
Signature Algorithm: sha256WithRSAEncryption
57:1e:8c:c0:97:aa:c8:6a:d8:c1:1c:99:6f:3a:3c:3a:3d:e6:
dc:b6:c9:fc:14:ac:82:5e:17:af:36:86:73:80:7d:61:8b:ec:
32:5e:f8:98:ae:93:77:12:40:8e:58:7c:ca:0a:2b:38:2c:55:
17:f4:f5:63:9e:2a:14:b1:fe:b2:fa:69:bb:2b:1d:5a:47:93:
6c:5d:1c:88:f5:3b:7e:c9:67:f2:93:f1:1e:5e:4d:10:e4:88:
36:ce:74:80:7e:f7:96:60:b6:58:2a:ac:eb:1c:0d:4f:61:b9:
ae:82:d4:b1:8c:1d:5a:ed:97:d0:14:8b:8e:a7:98:41:e8:1d:
4c:40:e0:4f:74:30:d1:c5:55:38:b7:e9:d3:60:0a:17:f9:c0:
9f:9f:de:96:9d:a1:22:5a:ca:37:39:40:da:eb:ac:73:6c:f9:
e7:f0:a1:fc:cf:74:f7:9c:43:dd:3b:d5:bf:85:b8:97:ae:e8:
3d:6f:0e:29:f9:f3:69:c9:98:78:8c:d5:f7:55:62:d0:03:00:
cd:fe:5a:3c:60:5a:f8:b1:a8:40:f6:02:9f:2c:39:8e:45:59:
98:c3:08:6a:95:58:18:f7:5c:fc:20:07:99:58:d8:dc:1f:60:
c1:de:64:f7:66:e3:0a:e4:4a:eb:9e:36:99:d1:2b:f9:04:8f:
e8:ec:f4:18
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQX6RDQH+ejYFGJne6JepWwaMR/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMTIwODAwMDhaFw0yNzAyMTEwODA1MDhaMDMxMTAvBgNV
BAMTKENDOUE1QjRGOEYyMTdEQTE2RUEwRTEyMjg2ODY4Mzk3M0VDNDlDOTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1wtmZ6xBZIWU6LibnpjbO06zI
VBIeK9uFRgEyK1C3Ls9GV3H68oTczXoASdb9+Fr/U84/VLUdq1NBWRqls0OUdEAn
opamv49En1HT+rPqy9LbNHWdy2IYGv+blLraWg+dQxup4xwA+QFdZlxP7SZ2YY6h
hJfryxeAvtyXkFxs+GFmFVDbYblGCkMAtJVOjv2FJRqgQSiVmOW7owhHOEW+NQJ4
XJ/+Y6ro/TgNvGKno3CPVyh7ekumLN9KI8cDDmG7RZBKlEQbqRfKjt5OV1XCYO8a
gvtmA94zJShIMHmmU6k2CFR2XKN0T1OUbeJ2dXlVSk1U856rnfquU8q+T5qvAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUzJpbT48hfaFuoOEihoaDlz7EnJMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACbdfcD
BACnlBwDBACnlIwDBACnlLMwDQYJKoZIhvcNAQELBQADggEBAFcejMCXqshq2MEc
mW86PDo95ty2yfwUrIJeF682hnOAfWGL7DJe+Jiuk3cSQI5YfMoKKzgsVRf09WOe
KhSx/rL6absrHVpHk2xdHIj1O37JZ/KT8R5eTRDkiDbOdIB+95ZgtlgqrOscDU9h
ua6C1LGMHVrtl9AUi46nmEHoHUxA4E90MNHFVTi36dNgChf5wJ+f3padoSJayjc5
QNrrrHNs+efwofzPdPecQ9071b+FuJeu6D1vDin582nJmHiM1fdVYtADAM3+Wjxg
WvixqED2Ap8sOY5FWZjDCGqVWBj3XPwgB5lY2NwfYMHeZPdm4wrkSuueNpnRK/kE
j+js9Bg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:03:53 2026 by rpki-client