Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: zQayrTaAZw028DqGxjhokD89d/DSE1HTDHuqV0QAbw4=
Subject key identifier: DB:4C:2C:AE:D1:D3:97:C3:95:44:D3:1C:EE:5A:57:98:94:A5:E4:8E
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 149B4D361FF67258612D2BEFC8C7C47E54A4A883
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
Signing time: Wed 29 Apr 2026 08:52:08 +0000
ROA not before: Wed 29 Apr 2026 08:47:08 +0000
ROA not after: Wed 28 Apr 2027 08:52:08 +0000
asID: 22427
IP address blocks: 155.117.247.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.140.0/24 maxlen: 24
167.148.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:9b:4d:36:1f:f6:72:58:61:2d:2b:ef:c8:c7:c4:7e:54:a4:a8:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 29 08:47:08 2026 GMT
Not After : Apr 28 08:52:08 2027 GMT
Subject: CN=DB4C2CAED1D397C39544D31CEE5A579894A5E48E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5c:9b:18:99:bd:7f:38:ca:e6:50:fc:43:9a:
cb:6d:27:08:15:7c:ff:69:34:37:41:28:2c:86:2f:
72:0c:cb:c2:26:0b:b1:c8:6a:5c:e6:2a:7c:72:19:
5e:5e:9c:21:29:2f:7b:ce:d6:3a:c7:1b:ae:bb:03:
89:94:f7:63:97:f3:5c:59:cc:29:c0:37:bc:e6:9e:
6b:74:e3:3c:7d:85:1d:98:0c:c4:9f:c9:80:24:5a:
1a:13:a4:cd:fc:40:90:15:9c:c6:58:68:d1:e5:af:
50:13:c9:b8:0b:bc:04:77:31:4f:8e:5c:56:a6:13:
cf:f1:22:94:e4:29:9b:8e:b6:6a:fb:8f:84:85:75:
2d:63:75:aa:95:ff:25:0e:89:f6:fe:f9:c2:7f:3a:
10:9b:01:ce:e3:b4:bf:33:4b:db:41:97:e5:56:a5:
bf:be:ea:ed:51:18:ac:65:9a:d7:21:40:21:be:db:
f5:ba:46:71:83:b5:24:8b:1f:3d:e5:01:28:88:8b:
dd:08:c1:c5:92:cf:4c:e4:75:c4:be:67:37:6d:df:
b1:55:31:d7:3a:28:53:df:96:21:91:5a:ff:79:50:
67:40:b7:ad:58:e9:bd:14:c8:ad:aa:1c:eb:d2:51:
a7:26:b9:90:c3:10:c4:ed:ae:c2:7b:d9:5f:69:62:
f4:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:4C:2C:AE:D1:D3:97:C3:95:44:D3:1C:EE:5A:57:98:94:A5:E4:8E
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.117.247.0/24
162.141.107.0/24
167.148.28.0/24
167.148.140.0/24
167.148.179.0/24
Signature Algorithm: sha256WithRSAEncryption
55:3e:19:44:cb:61:46:46:8d:16:80:bd:df:2e:62:5e:f1:78:
2d:eb:69:28:f0:a0:5e:72:c4:ad:41:e4:bb:c4:77:dc:75:11:
db:75:96:66:c3:62:d0:bc:9b:9c:4d:29:fa:ea:0b:9b:68:a0:
87:a9:1d:90:02:99:be:23:29:88:7b:af:75:fe:30:3c:87:42:
bd:98:03:ba:07:39:c6:38:fe:d6:41:f9:7e:df:df:4e:ed:af:
ba:e2:c3:0d:36:0b:58:3d:20:b8:f7:f0:92:a9:5b:9a:fa:af:
6d:03:66:bd:60:7f:24:3b:09:c1:64:82:88:32:8b:a4:a2:02:
4e:ca:43:3a:b0:81:51:4a:16:3b:21:9c:ec:dc:20:25:42:91:
37:d2:54:47:1d:c3:db:c8:6f:e6:f2:d8:00:8a:0c:3b:1b:4e:
5c:7a:95:c4:28:c2:01:7a:19:6b:65:73:6a:85:94:15:00:5d:
39:7d:7e:3e:17:74:b0:84:30:1b:8b:ce:4f:e2:f5:1d:1d:1a:
34:1e:d2:fb:9f:f8:86:bd:5f:24:f2:8a:33:d1:06:38:eb:06:
60:80:e5:2b:20:3c:bf:f1:cb:01:9f:e0:94:28:76:ae:b0:f5:
c6:e8:75:3b:16:95:f4:28:68:5d:9c:06:5f:7c:4a:e8:c2:20:
3f:a0:2d:05
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIUFJtNNh/2clhhLSvvyMfEflSkqIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjkwODQ3MDhaFw0yNzA0MjgwODUyMDhaMDMxMTAvBgNV
BAMTKERCNEMyQ0FFRDFEMzk3QzM5NTQ0RDMxQ0VFNUE1Nzk4OTRBNUU0OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLXJsYmb1/OMrmUPxDmsttJwgV
fP9pNDdBKCyGL3IMy8ImC7HIalzmKnxyGV5enCEpL3vO1jrHG667A4mU92OX81xZ
zCnAN7zmnmt04zx9hR2YDMSfyYAkWhoTpM38QJAVnMZYaNHlr1ATybgLvAR3MU+O
XFamE8/xIpTkKZuOtmr7j4SFdS1jdaqV/yUOifb++cJ/OhCbAc7jtL8zS9tBl+VW
pb++6u1RGKxlmtchQCG+2/W6RnGDtSSLHz3lASiIi90IwcWSz0zkdcS+Zzdt37FV
Mdc6KFPfliGRWv95UGdAt61Y6b0UyK2qHOvSUacmuZDDEMTtrsJ72V9pYvTjAgMB
AAGjggIhMIICHTAdBgNVHQ4EFgQU20wsrtHTl8OVRNMc7lpXmJSl5I4wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACbdfcD
BACijWsDBACnlBwDBACnlIwDBACnlLMwDQYJKoZIhvcNAQELBQADggEBAFU+GUTL
YUZGjRaAvd8uYl7xeC3raSjwoF5yxK1B5LvEd9x1Edt1lmbDYtC8m5xNKfrqC5to
oIepHZACmb4jKYh7r3X+MDyHQr2YA7oHOcY4/tZB+X7f307tr7riww02C1g9ILj3
8JKpW5r6r20DZr1gfyQ7CcFkgogyi6SiAk7KQzqwgVFKFjshnOzcICVCkTfSVEcd
w9vIb+by2ACKDDsbTlx6lcQowgF6GWtlc2qFlBUAXTl9fj4XdLCEMBuLzk/i9R0d
GjQe0vuf+Ia9XyTyijPRBjjrBmCA5SsgPL/xywGf4JQodq6w9cbodTsWlfQoaF2c
Bl98SujCID+gLQU=
-----END CERTIFICATE-----
Generated at Tue May 12 22:33:43 2026 by rpki-client