Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: p/Ue+J7r/clrIqjNEf6T3yYT0NlKyXfYGcSEXiBHitM=
Subject key identifier: 81:B8:FE:8D:F8:A3:C7:68:2B:5F:19:8B:19:05:3C:7F:E3:70:17:0B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5D7858B7F784DB284D88B322508954BB04D9EB52
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
Signing time: Fri 06 Jun 2025 01:55:10 +0000
ROA not before: Fri 06 Jun 2025 01:50:10 +0000
ROA not after: Fri 05 Jun 2026 01:55:10 +0000
asID: 22427
IP address blocks: 143.14.131.0/24 maxlen: 24
155.117.247.0/24 maxlen: 24
167.148.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:78:58:b7:f7:84:db:28:4d:88:b3:22:50:89:54:bb:04:d9:eb:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 6 01:50:10 2025 GMT
Not After : Jun 5 01:55:10 2026 GMT
Subject: CN=81B8FE8DF8A3C7682B5F198B19053C7FE370170B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:5f:f0:cc:6f:7f:0b:02:c8:ab:85:d5:a4:f8:
74:f2:21:46:d2:6a:6c:ea:87:ef:41:3e:63:29:f9:
f4:47:52:0c:b5:58:ad:a4:2c:7f:41:84:62:b9:e8:
41:87:c4:90:4c:2c:5e:51:e8:73:1a:58:79:78:4f:
67:73:4a:a3:66:73:5d:46:8a:00:32:86:5d:3f:c2:
24:6f:95:02:3d:fd:db:d9:17:23:f7:ca:46:e9:bd:
f1:e5:4d:20:f7:6f:ac:81:a8:8b:8c:e0:35:11:6e:
20:c4:c8:ba:6d:76:be:7d:ac:ff:3c:a8:fe:1a:1b:
b7:51:b4:80:c0:bd:e0:43:fc:72:85:fd:ff:75:59:
4b:75:4a:53:98:7c:0f:34:9d:bb:72:92:21:3e:6d:
ca:4c:e0:2d:f5:5b:5f:cb:24:e9:d4:a0:b5:e0:31:
91:06:a7:9d:7c:fb:80:04:5e:b1:fa:34:1b:34:d5:
ad:99:6b:19:13:0a:b5:f0:5f:2d:a2:26:ba:49:0f:
71:aa:4f:8b:11:23:77:1c:40:e6:80:38:ce:8b:bc:
82:71:55:e4:0c:ed:8a:38:65:d0:ac:07:d9:9b:cb:
1f:34:11:11:6d:0d:14:73:f1:8d:dd:6e:19:47:6d:
2f:ce:d4:ef:70:0e:61:45:0f:0e:f7:ff:90:cd:b3:
cf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B8:FE:8D:F8:A3:C7:68:2B:5F:19:8B:19:05:3C:7F:E3:70:17:0B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.14.131.0/24
155.117.247.0/24
167.148.179.0/24
Signature Algorithm: sha256WithRSAEncryption
96:b1:7d:c1:41:c1:ca:c0:17:a4:33:00:46:d5:ab:c2:f2:e8:
4b:3e:8b:38:46:88:3f:79:94:68:f5:5e:0c:6a:61:93:5d:02:
f2:c9:4e:76:bd:91:d3:c5:d7:a1:0b:f0:1b:b3:d5:5a:86:37:
12:18:e9:b9:c3:3b:49:1c:b4:60:59:98:41:10:ec:48:af:a3:
98:17:45:04:48:1d:0e:7b:d7:c7:78:52:34:53:2f:98:6e:1d:
44:42:71:da:62:e4:b4:2f:c1:63:c4:7f:ad:4f:04:82:fc:96:
a7:05:7c:74:c6:5b:15:2e:26:e1:53:a5:04:fa:bf:03:5e:40:
a0:ec:b6:3f:a4:04:47:fc:fe:72:1d:a1:03:98:1d:b5:27:f3:
5a:2d:df:aa:6c:da:df:d3:6d:32:5e:e1:59:83:99:1e:79:e0:
de:ac:74:bb:81:2f:63:91:4c:0b:74:71:74:59:92:86:22:dc:
f8:21:92:d3:3d:4c:f6:8d:06:02:d5:c5:50:3d:27:82:36:95:
1f:3a:0a:a6:5a:ab:d9:61:2d:a0:10:84:35:a1:d4:d2:8c:25:
93:48:a8:7e:0c:84:ea:f7:7b:48:8e:87:85:7e:ab:2b:f7:da:
1c:fd:39:7b:29:c5:d3:68:17:6d:38:03:68:d1:1a:07:ea:32:
49:2e:9c:96
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIUXXhYt/eE2yhNiLMiUIlUuwTZ61IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MDYwMTUwMTBaFw0yNjA2MDUwMTU1MTBaMDMxMTAvBgNV
BAMTKDgxQjhGRThERjhBM0M3NjgyQjVGMTk4QjE5MDUzQzdGRTM3MDE3MEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5X/DMb38LAsirhdWk+HTyIUbS
amzqh+9BPmMp+fRHUgy1WK2kLH9BhGK56EGHxJBMLF5R6HMaWHl4T2dzSqNmc11G
igAyhl0/wiRvlQI9/dvZFyP3ykbpvfHlTSD3b6yBqIuM4DURbiDEyLptdr59rP88
qP4aG7dRtIDAveBD/HKF/f91WUt1SlOYfA80nbtykiE+bcpM4C31W1/LJOnUoLXg
MZEGp518+4AEXrH6NBs01a2ZaxkTCrXwXy2iJrpJD3GqT4sRI3ccQOaAOM6LvIJx
VeQM7Yo4ZdCsB9mbyx80ERFtDRRz8Y3dbhlHbS/O1O9wDmFFDw73/5DNs8/DAgMB
AAGjggIVMIICETAdBgNVHQ4EFgQUgbj+jfijx2grXxmLGQU8f+NwFwswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACPDoMD
BACbdfcDBACnlLMwDQYJKoZIhvcNAQELBQADggEBAJaxfcFBwcrAF6QzAEbVq8Ly
6Es+izhGiD95lGj1XgxqYZNdAvLJTna9kdPF16EL8Buz1VqGNxIY6bnDO0kctGBZ
mEEQ7Eivo5gXRQRIHQ5718d4UjRTL5huHURCcdpi5LQvwWPEf61PBIL8lqcFfHTG
WxUuJuFTpQT6vwNeQKDstj+kBEf8/nIdoQOYHbUn81ot36ps2t/TbTJe4VmDmR55
4N6sdLuBL2ORTAt0cXRZkoYi3PghktM9TPaNBgLVxVA9J4I2lR86CqZaq9lhLaAQ
hDWh1NKMJZNIqH4MhOr3e0iOh4V+qyv32hz9OXspxdNoF204A2jRGgfqMkkunJY=
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:16:12 2025 by rpki-client