Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: +AnYOP9jVASC4DnOlzr6PFLUkWNm+0f1BpXu8AOa7n8=
Subject key identifier: 93:7C:B0:6F:79:69:79:87:A2:8C:6A:F1:86:0A:FF:C1:35:ED:0C:90
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 41AC5BCE0F57A299AF058D3DCE3EAF3814227D2E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
Signing time: Tue 24 Feb 2026 10:19:11 +0000
ROA not before: Tue 24 Feb 2026 10:14:11 +0000
ROA not after: Tue 23 Feb 2027 10:19:11 +0000
asID: 22427
IP address blocks: 91.124.128.0/24 maxlen: 24
95.134.50.0/24 maxlen: 24
95.135.84.0/24 maxlen: 24
178.94.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 08:09:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:ac:5b:ce:0f:57:a2:99:af:05:8d:3d:ce:3e:af:38:14:22:7d:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 24 10:14:11 2026 GMT
Not After : Feb 23 10:19:11 2027 GMT
Subject: CN=937CB06F79697987A28C6AF1860AFFC135ED0C90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0b:bc:28:2d:bf:41:38:b1:2b:69:00:88:c6:
1a:48:72:b2:32:7d:5b:93:18:27:e5:57:c9:d3:e0:
05:00:3c:82:38:bc:b0:32:76:13:60:e7:2e:70:66:
1d:30:63:c7:6b:47:b0:e7:53:21:91:bf:68:1f:19:
0a:c9:60:c0:1e:43:63:e3:ba:24:9c:9b:99:b6:e3:
ae:28:57:d3:49:4f:f6:02:2c:4c:53:89:54:e9:fe:
7a:a4:c4:2e:a7:45:85:0b:4c:77:74:a4:d0:4c:fd:
5d:67:4a:df:73:19:7c:ca:7a:b4:bc:9c:06:91:b9:
60:47:b6:37:41:3f:ab:38:e6:70:d2:ec:1d:da:70:
2f:72:13:a6:02:e7:46:2a:f2:de:c8:93:d5:cd:9b:
a7:12:f0:58:98:bd:ac:72:c2:a3:e5:95:74:1f:22:
37:e7:cf:3a:c7:51:48:90:c4:07:cc:2f:20:ce:23:
d5:3c:28:0e:ad:86:0c:ce:27:2f:19:5b:4f:3f:dd:
16:79:28:89:39:78:1d:10:4d:c6:1d:19:ca:ba:71:
5a:e1:39:00:3c:5a:4e:a1:d2:dc:fb:01:56:ca:0d:
d2:79:83:7b:d3:e8:ea:70:70:9e:7f:55:ec:53:4f:
57:25:3e:03:f1:7d:ff:66:97:15:25:58:66:1a:a5:
78:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7C:B0:6F:79:69:79:87:A2:8C:6A:F1:86:0A:FF:C1:35:ED:0C:90
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.128.0/24
95.134.50.0/24
95.135.84.0/24
178.94.232.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:ea:53:20:7a:0a:95:ad:9c:71:8c:70:8d:39:d0:80:4b:6c:
83:47:d8:8d:e3:90:65:db:eb:4a:3e:38:f9:3b:10:bb:b4:b9:
44:a0:38:d4:69:d3:04:95:77:26:a0:25:46:97:93:fd:03:fc:
51:e7:61:f0:5f:b3:32:47:34:6d:4d:85:0f:5d:ba:1c:ff:53:
4b:73:82:6f:73:86:26:72:78:2b:b7:0e:85:f7:d2:6e:80:46:
9d:7b:7a:9c:4a:96:73:d5:95:2e:e3:8d:2f:8b:58:29:c0:9a:
47:b1:73:e4:2d:4e:0a:09:fa:76:e5:fd:b7:f2:9f:27:60:17:
8b:b9:2d:e4:cc:2d:60:b7:8b:df:7f:52:4d:13:16:22:99:39:
ae:2c:c2:f1:c6:62:b3:88:e1:54:e8:99:17:25:1f:38:4d:d3:
6c:01:9b:a7:52:a6:92:26:01:41:84:61:92:a7:32:7d:a9:6d:
ab:22:ff:89:5d:c2:b5:47:6a:63:9e:60:5c:34:df:70:f1:65:
5b:35:23:f5:c6:44:93:b1:fd:06:a1:cb:e2:ff:bd:bf:60:2e:
30:b4:42:9b:97:ba:7f:78:da:50:50:85:87:16:69:77:0f:1a:
8b:5a:62:8d:66:67:6d:7c:50:e0:48:9e:0f:00:a9:4b:da:c5:
5d:88:5a:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQaxbzg9XopmvBY09zj6vOBQifS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjAyMjQxMDE0MTFaFw0yNzAyMjMxMDE5MTFaMDMxMTAvBgNV
BAMTKDkzN0NCMDZGNzk2OTc5ODdBMjhDNkFGMTg2MEFGRkMxMzVFRDBDOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJC7woLb9BOLEraQCIxhpIcrIy
fVuTGCflV8nT4AUAPII4vLAydhNg5y5wZh0wY8drR7DnUyGRv2gfGQrJYMAeQ2Pj
uiScm5m2464oV9NJT/YCLExTiVTp/nqkxC6nRYULTHd0pNBM/V1nSt9zGXzKerS8
nAaRuWBHtjdBP6s45nDS7B3acC9yE6YC50Yq8t7Ik9XNm6cS8FiYvaxywqPllXQf
IjfnzzrHUUiQxAfMLyDOI9U8KA6thgzOJy8ZW08/3RZ5KIk5eB0QTcYdGcq6cVrh
OQA8Wk6h0tz7AVbKDdJ5g3vT6OpwcJ5/VexTT1clPgPxff9mlxUlWGYapXgrAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUk3ywb3lpeYeijGrxhgr/wTXtDJAwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABbfIAD
BABfhjIDBABfh1QDBACyXugwDQYJKoZIhvcNAQELBQADggEBAHvqUyB6CpWtnHGM
cI050IBLbINH2I3jkGXb60o+OPk7ELu0uUSgONRp0wSVdyagJUaXk/0D/FHnYfBf
szJHNG1NhQ9duhz/U0tzgm9zhiZyeCu3DoX30m6ARp17epxKlnPVlS7jjS+LWCnA
mkexc+QtTgoJ+nbl/bfynydgF4u5LeTMLWC3i99/Uk0TFiKZOa4swvHGYrOI4VTo
mRclHzhN02wBm6dSppImAUGEYZKnMn2pbasi/4ldwrVHamOeYFw033DxZVs1I/XG
RJOx/Qahy+L/vb9gLjC0QpuXun942lBQhYcWaXcPGotaYo1mZ218UOBIng8AqUva
xV2IWtg=
-----END CERTIFICATE-----
Generated at Sun Mar 1 20:10:38 2026 by rpki-client