Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: hfrBMeSlChNgh5qMIWIUHU3JMjFIEZ3ZErxj5YLkqI0=
Subject key identifier: AA:1C:E7:47:2E:27:0C:55:A7:00:65:08:EE:1B:87:16:2B:74:3D:78
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 707A1DFF98242600E80AD2FECCDA54E44427F4C6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
Signing time: Fri 01 Aug 2025 08:04:32 +0000
ROA not before: Fri 01 Aug 2025 07:59:32 +0000
ROA not after: Fri 31 Jul 2026 08:04:32 +0000
asID: 22427
IP address blocks: 82.22.195.0/24 maxlen: 24
82.26.131.0/24 maxlen: 24
82.26.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:7a:1d:ff:98:24:26:00:e8:0a:d2:fe:cc:da:54:e4:44:27:f4:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 1 07:59:32 2025 GMT
Not After : Jul 31 08:04:32 2026 GMT
Subject: CN=AA1CE7472E270C55A7006508EE1B87162B743D78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8f:4d:ad:9b:07:6c:a5:33:f9:29:5c:72:ba:
1c:5b:35:9a:06:61:89:7d:d7:2c:64:ae:12:0e:c0:
fb:c2:32:76:d9:44:8c:01:1f:07:a1:11:2b:41:2d:
3c:be:3f:5c:64:1c:d5:d5:ee:78:df:6c:3e:05:34:
77:1d:15:71:b3:d0:09:be:a8:b7:32:57:5a:2d:f6:
d6:6c:db:f0:0b:af:32:73:60:40:5d:df:a6:94:44:
a0:d9:ce:e2:0f:85:9f:00:d9:a7:43:e4:10:5a:24:
e0:c8:64:e0:d8:49:a2:72:b2:f6:94:ca:bb:fc:35:
0e:45:ba:d6:4c:37:71:bd:23:82:77:11:76:33:97:
5d:93:b0:eb:be:61:78:02:a8:c0:ac:11:5f:3b:c4:
c6:f2:80:5c:6a:84:d8:09:59:f9:f0:9f:0b:8d:1a:
3a:e2:9e:36:b9:cc:d0:94:62:d9:94:4e:a4:b2:a4:
da:21:13:bd:42:5d:48:55:86:b8:87:40:b0:5b:fa:
7b:a6:58:b9:ed:8e:06:4a:3c:ec:3e:4f:3c:bf:f6:
4b:9f:0b:32:d1:2f:54:7c:b1:4c:6f:b3:1d:fa:d1:
d4:98:e8:17:a7:f8:92:54:96:b5:1b:8a:23:0f:ee:
a3:e9:e5:02:3b:2e:d2:47:8b:a2:8a:1d:9b:af:0e:
1d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:1C:E7:47:2E:27:0C:55:A7:00:65:08:EE:1B:87:16:2B:74:3D:78
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.195.0/24
82.26.131.0/24
82.26.194.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:a9:35:52:24:7b:fc:9a:68:b0:6b:1e:77:ba:36:d5:c1:d5:
6d:dd:9b:54:4a:86:33:a8:f9:08:4d:4c:87:bd:b6:ea:bf:e5:
bf:0a:81:3d:9d:e3:15:b6:3b:ac:60:14:fe:f1:24:22:50:b0:
7d:7f:14:32:43:93:76:77:c4:44:51:50:d7:34:37:e5:83:30:
d8:05:e2:9a:50:59:bc:ca:75:35:e0:ce:71:68:bb:0a:db:f7:
ae:c0:65:59:b3:81:c8:a7:b5:f2:00:6b:a1:1a:9e:0b:7f:1d:
07:a9:36:91:60:f0:70:f7:6f:0b:48:00:83:d0:2d:c4:f9:08:
0a:8a:47:d6:1f:41:07:6d:e0:ff:ca:61:87:95:79:74:1d:91:
23:a8:0d:ff:a4:46:39:c0:46:f6:0f:6c:1b:2c:39:3d:e0:0e:
b2:e5:c7:74:bb:ea:0a:79:c4:47:9b:9b:f5:89:cc:08:fc:b5:
e9:98:8b:db:76:4e:e9:73:6c:4b:ed:ef:09:b6:2b:a8:a6:7f:
dc:c2:b4:3c:12:04:dc:74:02:ec:9d:53:17:28:ff:6c:15:a8:
38:cf:61:6c:bb:2f:d9:d8:59:92:c6:3d:03:bd:18:35:f3:f9:
cb:78:e7:61:3d:54:ec:a6:a4:c5:79:da:dd:50:20:5d:4d:d8:
e3:01:f7:0a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUcHod/5gkJgDoCtL+zNpU5EQn9MYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MDEwNzU5MzJaFw0yNjA3MzEwODA0MzJaMDMxMTAvBgNV
BAMTKEFBMUNFNzQ3MkUyNzBDNTVBNzAwNjUwOEVFMUI4NzE2MkI3NDNENzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjj02tmwdspTP5KVxyuhxbNZoG
YYl91yxkrhIOwPvCMnbZRIwBHwehEStBLTy+P1xkHNXV7njfbD4FNHcdFXGz0Am+
qLcyV1ot9tZs2/ALrzJzYEBd36aURKDZzuIPhZ8A2adD5BBaJODIZODYSaJysvaU
yrv8NQ5FutZMN3G9I4J3EXYzl12TsOu+YXgCqMCsEV87xMbygFxqhNgJWfnwnwuN
Gjrinja5zNCUYtmUTqSypNohE71CXUhVhriHQLBb+numWLntjgZKPOw+Tzy/9kuf
CzLRL1R8sUxvsx360dSY6Ben+JJUlrUbiiMP7qPp5QI7LtJHi6KKHZuvDh0XAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUqhznRy4nDFWnAGUI7huHFit0PXgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABSFsMD
BABSGoMDBABSGsIwDQYJKoZIhvcNAQELBQADggEBAAupNVIke/yaaLBrHne6NtXB
1W3dm1RKhjOo+QhNTIe9tuq/5b8KgT2d4xW2O6xgFP7xJCJQsH1/FDJDk3Z3xERR
UNc0N+WDMNgF4ppQWbzKdTXgznFouwrb967AZVmzgcintfIAa6Eangt/HQepNpFg
8HD3bwtIAIPQLcT5CAqKR9YfQQdt4P/KYYeVeXQdkSOoDf+kRjnARvYPbBssOT3g
DrLlx3S76gp5xEebm/WJzAj8temYi9t2TulzbEvt7wm2K6imf9zCtDwSBNx0Auyd
Uxco/2wVqDjPYWy7L9nYWZLGPQO9GDXz+ct452E9VOympMV52t1QIF1N2OMB9wo=
-----END CERTIFICATE-----
Generated at Mon Aug 4 10:59:34 2025 by rpki-client