Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: U8GJB6ZgoFiClkublp/wQSZ6con/fFqdtt4EnlVORrk=
Subject key identifier: AD:73:48:0E:D9:2C:AB:BE:28:E1:05:61:8B:43:B2:D8:A7:C5:51:03
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3123DA8655C779964D5839F3AFF22AD9063EF9E1
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
Signing time: Fri 06 Jun 2025 02:06:52 +0000
ROA not before: Fri 06 Jun 2025 02:01:52 +0000
ROA not after: Fri 05 Jun 2026 02:06:52 +0000
asID: 22427
IP address blocks: 82.22.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:23:da:86:55:c7:79:96:4d:58:39:f3:af:f2:2a:d9:06:3e:f9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 6 02:01:52 2025 GMT
Not After : Jun 5 02:06:52 2026 GMT
Subject: CN=AD73480ED92CABBE28E105618B43B2D8A7C55103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:9a:e5:b9:c1:91:7e:ec:e5:6e:8c:98:15:f9:
a5:07:9c:b2:5e:53:3c:02:99:6c:89:44:e3:59:fa:
6a:40:dc:27:2b:31:91:51:9a:4d:e3:74:69:10:d6:
cb:e6:db:84:2f:0c:c9:22:fb:a6:e3:59:f6:fc:0a:
7f:5a:44:85:b9:1a:38:19:95:13:7b:9a:29:e6:16:
7a:2a:ee:84:ad:fb:f6:ed:2d:3b:0d:40:7d:75:86:
dd:ff:f9:53:fa:97:7f:5e:90:97:5c:eb:6f:72:a0:
79:a0:d7:70:0f:8d:42:04:18:e5:ff:81:55:fe:d2:
0a:2e:b3:e3:fb:43:55:6c:12:49:59:49:f1:95:6a:
7d:90:85:93:58:63:af:b4:78:b4:5e:1a:a2:f5:9b:
a2:d6:46:7b:1f:a4:7e:2d:05:fd:94:6a:49:3b:46:
64:53:5c:fc:97:12:89:68:e6:fd:0b:d1:7c:0e:37:
ad:10:cb:32:16:97:df:26:6d:08:c2:cc:7d:28:42:
ec:b0:26:7d:03:6c:65:4c:50:18:41:d0:d8:d3:b6:
91:bb:81:45:5c:2f:4a:ed:3d:9c:55:b4:a8:2d:31:
72:61:54:0a:21:33:44:75:aa:ad:78:91:32:3a:1d:
cb:da:e9:ad:8a:76:2f:5f:63:77:07:cb:c0:f5:33:
5f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:73:48:0E:D9:2C:AB:BE:28:E1:05:61:8B:43:B2:D8:A7:C5:51:03
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.195.0/24
Signature Algorithm: sha256WithRSAEncryption
92:1e:f0:81:ea:e2:47:c3:88:25:6c:58:6b:8c:a7:18:02:08:
db:98:59:dc:f9:11:ba:d0:46:38:4f:85:6d:ae:97:8a:e7:76:
f8:64:26:36:f9:be:80:70:28:7d:68:37:dd:25:2a:22:ad:b2:
52:5f:bb:5b:5f:0d:c9:a8:13:06:f0:4c:8e:be:e4:99:29:c3:
9a:78:ab:6d:23:5b:48:b5:a8:f6:3c:37:30:ff:25:13:7c:be:
5b:ad:aa:4d:27:9f:f4:ba:24:f4:56:f9:ad:c0:93:b7:49:78:
e3:00:c9:e4:98:d5:e6:6a:0f:fa:56:ab:fb:c1:42:48:09:48:
96:1e:35:ab:bf:ac:16:5a:e1:77:ed:91:08:1c:3b:e3:0c:3a:
77:16:15:dd:0a:48:8a:4f:c2:e2:88:df:79:29:55:f6:e3:3d:
5a:13:3c:94:85:d2:bc:45:55:a6:a5:c5:d0:ea:43:f5:2d:db:
54:0a:ac:b3:2b:55:aa:3a:9a:09:e3:5f:2b:a6:30:79:44:89:
14:43:96:ab:8b:96:9d:16:80:8d:46:7f:d6:e8:f9:db:2c:f4:
61:9c:73:a9:70:6e:cf:51:eb:7b:3f:4d:a4:92:45:06:4a:43:
e4:c2:7b:05:e4:05:6b:d7:9d:f0:8d:51:fc:54:47:d6:9d:75:
a0:5e:1e:2d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUMSPahlXHeZZNWDnzr/Iq2QY++eEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDYwMjAxNTJaFw0yNjA2MDUwMjA2NTJaMDMxMTAvBgNV
BAMTKEFENzM0ODBFRDkyQ0FCQkUyOEUxMDU2MThCNDNCMkQ4QTdDNTUxMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJmuW5wZF+7OVujJgV+aUHnLJe
UzwCmWyJRONZ+mpA3CcrMZFRmk3jdGkQ1svm24QvDMki+6bjWfb8Cn9aRIW5GjgZ
lRN7minmFnoq7oSt+/btLTsNQH11ht3/+VP6l39ekJdc629yoHmg13APjUIEGOX/
gVX+0gous+P7Q1VsEklZSfGVan2QhZNYY6+0eLReGqL1m6LWRnsfpH4tBf2Uakk7
RmRTXPyXEolo5v0L0XwON60QyzIWl98mbQjCzH0oQuywJn0DbGVMUBhB0NjTtpG7
gUVcL0rtPZxVtKgtMXJhVAohM0R1qq14kTI6Hcva6a2Kdi9fY3cHy8D1M18RAgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUrXNIDtksq74o4QVhi0Oy2KfFUQMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSFsMw
DQYJKoZIhvcNAQELBQADggEBAJIe8IHq4kfDiCVsWGuMpxgCCNuYWdz5EbrQRjhP
hW2ul4rndvhkJjb5voBwKH1oN90lKiKtslJfu1tfDcmoEwbwTI6+5Jkpw5p4q20j
W0i1qPY8NzD/JRN8vlutqk0nn/S6JPRW+a3Ak7dJeOMAyeSY1eZqD/pWq/vBQkgJ
SJYeNau/rBZa4XftkQgcO+MMOncWFd0KSIpPwuKI33kpVfbjPVoTPJSF0rxFVaal
xdDqQ/Ut21QKrLMrVao6mgnjXyumMHlEiRRDlquLlp0WgI1Gf9bo+dss9GGcc6lw
bs9R63s/TaSSRQZKQ+TCewXkBWvXnfCNUfxUR9addaBeHi0=
-----END CERTIFICATE-----
Generated at Fri Jun 6 21:54:15 2025 by rpki-client