Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: 3rjF6IvjgEgKkEKkwtYC/4kxcvTkRaNrZ+LlJHzR2NQ=
Subject key identifier: EC:07:F4:BA:42:F8:E0:A7:68:91:CE:52:01:3F:0C:AE:A9:EE:65:1C
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3D9B8C75984E659F60F85400102A1EA1BE88436B
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
Signing time: Mon 13 Oct 2025 08:01:27 +0000
ROA not before: Mon 13 Oct 2025 07:56:27 +0000
ROA not after: Mon 12 Oct 2026 08:01:27 +0000
asID: 22427
IP address blocks: 91.124.128.0/24 maxlen: 24
178.94.232.0/24 maxlen: 24
178.94.249.0/24 maxlen: 24
178.95.12.0/24 maxlen: 24
178.95.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 15:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:9b:8c:75:98:4e:65:9f:60:f8:54:00:10:2a:1e:a1:be:88:43:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 13 07:56:27 2025 GMT
Not After : Oct 12 08:01:27 2026 GMT
Subject: CN=EC07F4BA42F8E0A76891CE52013F0CAEA9EE651C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:f9:7c:3a:21:98:1a:9b:b9:df:5d:cd:47:84:
99:94:c1:2f:fb:12:66:35:21:3e:38:e9:88:d2:df:
71:28:0f:17:1f:a8:88:6b:75:81:d5:cb:91:4d:d7:
cf:cd:ab:4d:85:76:36:25:c2:eb:bd:bf:d6:cd:f0:
55:f5:c5:5a:70:e4:0d:4a:56:c1:61:84:4f:96:99:
ef:57:9a:74:b7:6b:f7:e4:7b:f0:94:a1:ac:a5:ee:
42:fd:27:d2:b6:3f:56:b1:fe:7f:ff:d2:f5:f8:52:
05:cb:1b:ba:57:c4:ce:e6:dd:5e:35:21:c1:05:e5:
97:e1:05:4e:c5:38:0c:1f:3d:fa:17:6d:d6:0d:0b:
56:04:70:b1:44:aa:05:a0:8a:75:de:26:58:28:e1:
55:31:e8:98:b7:a7:c0:fc:e4:99:aa:26:42:89:8a:
57:62:41:a2:18:6f:31:75:c0:cc:75:85:00:df:71:
e5:4d:4a:6a:25:80:77:59:82:cf:9b:68:69:66:49:
b1:35:a1:fc:ad:66:e9:5b:9c:eb:3c:44:07:3c:cc:
eb:c7:5c:ea:32:4f:14:59:2f:57:57:c3:a3:d5:45:
40:fa:10:90:94:c7:33:bd:63:2a:f0:6c:6d:18:52:
58:87:99:f0:a3:90:7d:e1:97:03:67:2d:52:0e:4a:
29:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:07:F4:BA:42:F8:E0:A7:68:91:CE:52:01:3F:0C:AE:A9:EE:65:1C
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.124.128.0/24
178.94.232.0/24
178.94.249.0/24
178.95.12.0/24
178.95.133.0/24
Signature Algorithm: sha256WithRSAEncryption
45:50:7c:17:13:7d:37:0a:5f:6c:56:c4:44:cd:bf:dd:0c:ba:
1b:35:1b:0f:f5:42:01:f3:42:5e:40:48:04:0f:e5:66:29:c5:
4d:50:2c:ab:a7:dc:7b:d3:1d:59:eb:ce:bd:5b:17:c3:d1:59:
7e:c3:33:fc:29:ba:39:3c:9d:ea:6d:6f:45:4d:e1:90:93:25:
ad:44:bf:2a:06:0d:35:f4:b6:66:ed:71:ed:78:c8:86:d3:2e:
0d:0d:86:b8:bd:0d:ec:68:fa:0b:ad:37:97:f7:1b:21:0a:78:
9d:c4:62:cd:fd:0c:c8:d8:90:da:3a:65:d4:de:e9:09:ee:87:
44:6f:90:c0:e8:04:cc:3c:00:3c:44:70:fc:8b:10:fb:a8:49:
79:d6:37:17:5f:f5:53:b6:1d:e2:1f:f7:f9:84:38:6a:8c:75:
1c:02:b5:bf:1c:14:94:53:2c:d9:14:e6:8b:d7:b1:20:7c:d5:
59:e5:34:b1:e9:02:d5:e4:39:28:b8:4b:47:4b:89:6f:11:f8:
89:ff:66:08:69:4f:2d:67:4c:c7:27:c6:a4:51:70:71:7f:88:
5e:2e:2a:98:16:cc:66:53:30:ef:cd:80:71:a0:9b:67:60:cf:
cc:65:ff:ee:2a:2e:43:c5:b5:ab:dd:82:8b:6b:ab:92:cf:94:
56:31:c1:ef
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUPZuMdZhOZZ9g+FQAECoeob6IQ2swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMTMwNzU2MjdaFw0yNjEwMTIwODAxMjdaMDMxMTAvBgNV
BAMTKEVDMDdGNEJBNDJGOEUwQTc2ODkxQ0U1MjAxM0YwQ0FFQTlFRTY1MUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn+Xw6IZgam7nfXc1HhJmUwS/7
EmY1IT446YjS33EoDxcfqIhrdYHVy5FN18/Nq02FdjYlwuu9v9bN8FX1xVpw5A1K
VsFhhE+Wme9XmnS3a/fke/CUoayl7kL9J9K2P1ax/n//0vX4UgXLG7pXxM7m3V41
IcEF5ZfhBU7FOAwfPfoXbdYNC1YEcLFEqgWginXeJlgo4VUx6Ji3p8D85JmqJkKJ
ildiQaIYbzF1wMx1hQDfceVNSmolgHdZgs+baGlmSbE1ofytZulbnOs8RAc8zOvH
XOoyTxRZL1dXw6PVRUD6EJCUxzO9YyrwbG0YUliHmfCjkH3hlwNnLVIOSinJAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU7Af0ukL44Kdokc5SAT8MrqnuZRwwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBABbfIAD
BACyXugDBACyXvkDBACyXwwDBACyX4UwDQYJKoZIhvcNAQELBQADggEBAEVQfBcT
fTcKX2xWxETNv90Muhs1Gw/1QgHzQl5ASAQP5WYpxU1QLKun3HvTHVnrzr1bF8PR
WX7DM/wpujk8neptb0VN4ZCTJa1EvyoGDTX0tmbtce14yIbTLg0Nhri9Dexo+gut
N5f3GyEKeJ3EYs39DMjYkNo6ZdTe6Qnuh0RvkMDoBMw8ADxEcPyLEPuoSXnWNxdf
9VO2HeIf9/mEOGqMdRwCtb8cFJRTLNkU5ovXsSB81VnlNLHpAtXkOSi4S0dLiW8R
+In/ZghpTy1nTMcnxqRRcHF/iF4uKpgWzGZTMO/NgHGgm2dgz8xl/+4qLkPFtavd
gotrq5LPlFYxwe8=
-----END CERTIFICATE-----
Generated at Thu Oct 16 21:30:43 2025 by rpki-client