Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: HqKA7xN2Bvl2C9Qbxfd8rY6wLGtYzYg4j3EvYik2HHc=
Subject key identifier: C1:DC:71:B1:FB:FD:97:D9:2B:04:60:A6:11:DF:82:D1:05:06:70:06
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 42892B7E093CECB2554AB39461FBCFDAD99DB259
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
Signing time: Mon 27 Oct 2025 00:04:33 +0000
ROA not before: Sun 26 Oct 2025 23:59:33 +0000
ROA not after: Mon 26 Oct 2026 00:04:33 +0000
asID: 22427
IP address blocks: 91.124.128.0/24 maxlen: 24
178.94.232.0/24 maxlen: 24
178.95.12.0/24 maxlen: 24
178.95.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:89:2b:7e:09:3c:ec:b2:55:4a:b3:94:61:fb:cf:da:d9:9d:b2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 26 23:59:33 2025 GMT
Not After : Oct 26 00:04:33 2026 GMT
Subject: CN=C1DC71B1FBFD97D92B0460A611DF82D105067006
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:66:0c:32:b2:75:d4:36:f0:15:19:88:3b:45:
6b:a6:b3:8e:e1:09:f8:0c:eb:a8:ee:a0:87:76:33:
88:a7:7d:ae:79:89:52:15:23:2a:27:38:db:3c:bb:
38:46:f1:66:1f:8f:e2:88:c8:06:e7:b2:f8:a2:a1:
70:8a:75:6f:ca:4f:17:7a:5e:84:06:f9:2c:b1:bc:
3e:64:b9:bc:5f:81:a0:d4:32:12:70:9a:80:6d:f5:
83:b8:ba:d9:4f:99:55:cc:0a:cc:11:70:89:c7:dc:
d0:53:dd:bc:94:5a:b5:26:13:4a:17:ba:82:e8:97:
d2:6d:68:d8:49:2e:8d:dd:1b:f2:91:fe:a6:8e:0e:
bd:16:9a:8b:0a:56:48:99:70:e8:96:73:b1:c1:60:
85:0d:5c:fc:5d:b0:92:a5:c0:b4:06:f9:35:63:32:
0a:7a:f4:1a:bd:f0:51:cd:a5:51:82:bb:e8:35:63:
5b:b6:93:6d:f3:c0:02:09:21:60:e4:d1:2d:a1:92:
91:7b:19:11:cb:2a:fd:f1:13:28:78:08:d4:dc:29:
0b:ee:da:8f:da:6a:c5:6a:8c:b0:1a:22:ed:3c:b4:
b4:7a:9a:2e:66:87:da:4f:31:a2:a5:50:d2:4d:cf:
2b:6e:8a:36:ca:c7:6f:d7:99:45:b9:37:f8:9e:65:
4e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DC:71:B1:FB:FD:97:D9:2B:04:60:A6:11:DF:82:D1:05:06:70:06
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.128.0/24
178.94.232.0/24
178.95.12.0/24
178.95.133.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:76:0c:09:aa:88:c2:75:53:e3:e9:75:f5:45:6d:3e:5c:34:
66:46:55:08:1c:2c:d2:09:8f:91:9a:1b:b1:ac:47:8d:ec:38:
f6:c6:bd:f1:8d:57:29:ce:77:b6:f2:2f:b7:1b:ef:c9:a9:ec:
f0:1b:cf:1c:6e:d1:49:05:42:66:07:80:90:ec:56:2b:0d:c7:
3c:34:df:d6:29:10:60:7b:d1:aa:e7:09:bb:13:7a:d4:d2:e7:
82:30:ce:a9:09:4b:23:31:9e:4c:33:78:94:6f:02:54:2e:6c:
90:17:af:05:b8:d3:6f:6a:47:04:64:5e:13:10:6f:e1:78:f0:
c9:d5:ce:89:91:ea:74:dd:50:e9:40:b6:40:b9:61:61:61:56:
df:25:31:26:0c:f0:97:10:d5:c8:76:f1:a1:93:95:11:6b:ca:
c6:a0:6b:48:bd:86:b8:56:60:4c:7e:81:f8:6b:26:08:b9:a7:
e2:49:54:89:e8:ff:b9:c6:67:5b:26:34:25:7f:11:39:53:d0:
cd:b1:6d:41:c0:11:15:93:4b:f3:d0:1a:de:4c:03:29:47:52:
26:59:24:c4:af:35:93:a1:b9:43:53:f6:ab:58:9a:1f:78:9b:
66:b6:c3:d3:14:07:68:e9:95:60:96:c1:c2:19:04:ca:aa:94:
13:f8:ed:37
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIUQokrfgk87LJVSrOUYfvP2tmdslkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjYyMzU5MzNaFw0yNjEwMjYwMDA0MzNaMDMxMTAvBgNV
BAMTKEMxREM3MUIxRkJGRDk3RDkyQjA0NjBBNjExREY4MkQxMDUwNjcwMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ZgwysnXUNvAVGYg7RWums47h
CfgM66juoId2M4infa55iVIVIyonONs8uzhG8WYfj+KIyAbnsviioXCKdW/KTxd6
XoQG+SyxvD5kubxfgaDUMhJwmoBt9YO4utlPmVXMCswRcInH3NBT3byUWrUmE0oX
uoLol9JtaNhJLo3dG/KR/qaODr0WmosKVkiZcOiWc7HBYIUNXPxdsJKlwLQG+TVj
Mgp69Bq98FHNpVGCu+g1Y1u2k23zwAIJIWDk0S2hkpF7GRHLKv3xEyh4CNTcKQvu
2o/aasVqjLAaIu08tLR6mi5mh9pPMaKlUNJNzytuijbKx2/XmUW5N/ieZU6zAgMB
AAGjggIbMIICFzAdBgNVHQ4EFgQUwdxxsfv9l9krBGCmEd+C0QUGcAYwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABbfIAD
BACyXugDBACyXwwDBACyX4UwDQYJKoZIhvcNAQELBQADggEBAD52DAmqiMJ1U+Pp
dfVFbT5cNGZGVQgcLNIJj5GaG7GsR43sOPbGvfGNVynOd7byL7cb78mp7PAbzxxu
0UkFQmYHgJDsVisNxzw039YpEGB70arnCbsTetTS54IwzqkJSyMxnkwzeJRvAlQu
bJAXrwW4029qRwRkXhMQb+F48MnVzomR6nTdUOlAtkC5YWFhVt8lMSYM8JcQ1ch2
8aGTlRFrysaga0i9hrhWYEx+gfhrJgi5p+JJVIno/7nGZ1smNCV/ETlT0M2xbUHA
ERWTS/PQGt5MAylHUiZZJMSvNZOhuUNT9qtYmh94m2a2w9MUB2jplWCWwcIZBMqq
lBP47Tc=
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:04:50 2025 by rpki-client