Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: ZlVEokkE/zLH0ncAne+dW8+QKrIFY0FROVvJzD5Gvns=
Subject key identifier: 10:53:74:0B:E5:A2:3F:65:BE:5D:08:3E:9C:D8:F8:31:18:DF:9D:E7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 701CA8ABC0D8E8790C0202527FFC53A0CC8E3E67
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
Signing time: Sun 12 Apr 2026 02:24:50 +0000
ROA not before: Sun 12 Apr 2026 02:19:50 +0000
ROA not after: Sun 11 Apr 2027 02:24:50 +0000
asID: 22427
IP address blocks: 91.124.128.0/24 maxlen: 24
95.134.50.0/24 maxlen: 24
95.134.153.0/24 maxlen: 24
178.94.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:1c:a8:ab:c0:d8:e8:79:0c:02:02:52:7f:fc:53:a0:cc:8e:3e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 12 02:19:50 2026 GMT
Not After : Apr 11 02:24:50 2027 GMT
Subject: CN=1053740BE5A23F65BE5D083E9CD8F83118DF9DE7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b2:6d:9b:b0:4b:05:cd:1c:f2:02:3a:bc:0d:
38:2c:8d:02:69:fb:11:0a:3c:f4:4d:08:47:85:16:
83:68:81:a0:ce:95:c7:7d:1c:d1:c0:e4:de:94:6a:
91:02:fb:12:5c:43:da:c3:1e:ed:5e:e5:06:32:05:
05:06:4f:58:d5:df:9c:bd:34:99:a1:7b:4f:8a:02:
58:39:61:de:86:9b:de:f4:f9:ce:9a:90:22:68:c1:
63:c0:d1:32:7d:3e:b4:e3:ab:75:4a:6c:cc:41:e6:
a7:1e:4b:d8:67:ca:5b:7f:dc:d8:02:73:e9:b5:85:
24:23:ce:ef:ce:1b:d4:bb:aa:5c:36:1b:e2:cd:df:
b1:ac:69:41:38:e1:08:db:10:89:83:79:fb:d6:6f:
52:27:3c:b6:18:74:be:94:7e:36:aa:dc:23:d4:75:
d2:07:ca:7c:16:26:3d:57:88:08:bf:8c:65:71:ce:
8b:d6:3d:0f:bf:6a:4b:4f:f4:0b:57:ac:c1:b7:02:
3d:f0:09:d2:a5:eb:7b:42:4b:ed:18:35:6f:14:6b:
ba:12:9d:18:a3:af:df:3a:2b:9d:05:4f:88:21:05:
54:cd:a5:08:5f:41:43:93:4c:db:ba:cf:77:03:a7:
1a:c5:e4:02:00:9e:ed:34:3f:f7:6d:c5:d9:c9:70:
ef:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:53:74:0B:E5:A2:3F:65:BE:5D:08:3E:9C:D8:F8:31:18:DF:9D:E7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.128.0/24
95.134.50.0/24
95.134.153.0/24
178.94.232.0/24
Signature Algorithm: sha256WithRSAEncryption
61:d8:7e:48:98:14:f3:ff:0b:2d:56:11:85:c2:54:a6:a3:bc:
75:aa:40:99:b1:d7:af:2b:ef:15:c1:bf:5d:ae:ca:36:71:53:
6c:56:49:07:97:03:2f:68:48:8a:a9:57:f7:30:6e:db:08:28:
ef:e9:5e:4c:b4:5c:cc:f0:8e:06:78:06:f8:12:bc:2f:ea:54:
4e:14:1a:a5:4b:2c:a9:3c:3c:98:72:b1:1e:41:27:7e:2b:78:
b3:91:ce:bd:7e:6c:d1:7f:89:e6:0e:99:cc:14:07:1f:d7:0e:
6f:cb:31:d7:89:90:47:55:c7:0b:9d:9a:c9:87:a8:74:7f:6f:
9f:9c:8c:50:5a:ec:4b:42:79:72:2c:5a:06:a6:9b:4b:58:c5:
59:32:35:62:50:29:d4:35:43:40:68:ac:9b:f3:cd:8d:c8:b8:
48:83:74:6e:54:cb:66:48:e0:ae:cc:52:2f:36:88:37:fc:0a:
2d:60:75:c9:09:38:c9:dd:55:c1:03:0b:a0:a5:ff:91:99:1e:
ea:96:05:be:9d:fd:02:7c:0a:32:a0:41:51:4c:67:fa:7f:8c:
a3:cb:50:f1:50:7a:ea:49:33:ef:50:5f:e7:c1:44:db:f4:f7:
2f:81:d2:90:88:c1:29:03:b6:af:db:b8:07:bd:27:b9:9b:a5:
e3:15:b5:b5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUcByoq8DY6HkMAgJSf/xToMyOPmcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA0MTIwMjE5NTBaFw0yNzA0MTEwMjI0NTBaMDMxMTAvBgNV
BAMTKDEwNTM3NDBCRTVBMjNGNjVCRTVEMDgzRTlDRDhGODMxMThERjlERTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrsm2bsEsFzRzyAjq8DTgsjQJp
+xEKPPRNCEeFFoNogaDOlcd9HNHA5N6UapEC+xJcQ9rDHu1e5QYyBQUGT1jV35y9
NJmhe0+KAlg5Yd6Gm970+c6akCJowWPA0TJ9PrTjq3VKbMxB5qceS9hnylt/3NgC
c+m1hSQjzu/OG9S7qlw2G+LN37GsaUE44QjbEImDefvWb1InPLYYdL6Ufjaq3CPU
ddIHynwWJj1XiAi/jGVxzovWPQ+/aktP9AtXrMG3Aj3wCdKl63tCS+0YNW8Ua7oS
nRijr986K50FT4ghBVTNpQhfQUOTTNu6z3cDpxrF5AIAnu00P/dtxdnJcO/bAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUEFN0C+WiP2W+XQg+nNj4MRjfnecwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABbfIAD
BABfhjIDBABfhpkDBACyXugwDQYJKoZIhvcNAQELBQADggEBAGHYfkiYFPP/Cy1W
EYXCVKajvHWqQJmx168r7xXBv12uyjZxU2xWSQeXAy9oSIqpV/cwbtsIKO/pXky0
XMzwjgZ4BvgSvC/qVE4UGqVLLKk8PJhysR5BJ34reLORzr1+bNF/ieYOmcwUBx/X
Dm/LMdeJkEdVxwudmsmHqHR/b5+cjFBa7EtCeXIsWgamm0tYxVkyNWJQKdQ1Q0Bo
rJvzzY3IuEiDdG5Uy2ZI4K7MUi82iDf8Ci1gdckJOMndVcEDC6Cl/5GZHuqWBb6d
/QJ8CjKgQVFMZ/p/jKPLUPFQeupJM+9QX+fBRNv09y+B0pCIwSkDtq/buAe9J7mb
peMVtbU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:52:57 2026 by rpki-client