
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS22427.roa
File: AS22427.roa (raw, json)
Hash identifier: TTbEoHwyEP5++qftt7ZQcogzRppCS35/6BfA386aVHg=
Subject key identifier: 4B:7A:DB:ED:8A:A1:B0:AE:72:1C:7A:71:45:AC:C1:41:08:A1:A7:2E
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 1E5FA351CF711DBF1D21BFE9A58A7A947F90AF89
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS22427.roa
Signing time: Wed 01 Oct 2025 08:27:42 +0000
ROA not before: Wed 01 Oct 2025 08:22:42 +0000
ROA not after: Wed 30 Sep 2026 08:27:42 +0000
asID: 22427
IP address blocks: 143.20.76.0/24 maxlen: 24
143.20.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:5f:a3:51:cf:71:1d:bf:1d:21:bf:e9:a5:8a:7a:94:7f:90:af:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 1 08:22:42 2025 GMT
Not After : Sep 30 08:27:42 2026 GMT
Subject: CN=4B7ADBED8AA1B0AE721C7A7145ACC14108A1A72E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a4:20:7c:4b:74:65:7d:19:fe:59:92:88:86:
7b:62:24:7b:7f:65:e1:a4:4d:4b:9c:43:06:bc:bd:
5d:e4:75:f8:7a:d7:15:59:4e:b6:84:bc:0e:dd:66:
20:cf:cf:db:81:79:92:91:df:97:66:36:65:ef:ac:
03:3e:dc:96:9a:27:07:e6:a6:93:b0:34:cd:c6:dc:
75:72:4e:f0:87:1b:9c:fe:d4:9a:db:64:e6:7d:7e:
fc:ac:b1:ca:bd:15:a3:40:f0:39:3f:c3:31:45:5c:
f6:05:93:db:9b:7c:16:a7:e0:39:90:af:af:c5:62:
e1:4a:44:98:27:52:9d:b9:85:74:69:0a:31:fb:c8:
d9:07:93:af:75:e0:a5:1f:bf:36:48:f4:a8:57:33:
93:0d:1a:b6:e3:31:0c:d9:f8:b2:ad:e7:69:32:2c:
6b:5a:03:b7:f1:47:41:6e:9d:0e:83:a0:5a:1a:45:
91:14:22:89:82:0f:24:26:75:f4:c1:13:25:cd:b4:
43:38:69:6f:62:a1:3a:cc:83:98:ff:c5:e4:e3:e0:
33:7d:29:d1:41:6e:be:f6:d7:8a:e4:42:71:46:e3:
57:21:8d:e9:ef:e2:bc:8d:5d:9f:b6:f0:4d:a7:24:
1b:ce:fa:4b:73:1e:5a:6c:a8:0e:b5:e3:af:44:16:
cc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:DB:ED:8A:A1:B0:AE:72:1C:7A:71:45:AC:C1:41:08:A1:A7:2E
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS22427.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.76.0/24
143.20.92.0/24
Signature Algorithm: sha256WithRSAEncryption
27:39:c3:d5:46:5b:2d:fe:4d:02:3b:81:bb:51:e5:85:bf:81:
04:5a:76:ff:a1:f4:c1:ba:6e:21:4e:c4:8d:36:7d:6a:ee:95:
c3:e6:f5:82:c0:81:83:cc:a0:f7:b3:11:5c:2e:8a:f6:5e:20:
2b:98:58:cf:d4:af:c5:99:c5:68:45:d4:1d:fb:bd:f1:0f:b3:
34:fc:9d:19:23:df:12:fb:15:ae:85:a5:79:c3:96:f0:d6:88:
69:63:81:4b:e3:93:93:24:53:16:aa:c2:25:97:f1:27:c5:91:
1a:c5:7f:5c:b6:f6:ab:22:3f:8b:99:5d:3c:66:15:11:e2:f4:
ba:4a:8d:a0:af:16:92:c2:74:97:64:f6:26:25:e1:d2:3d:25:
a8:0e:02:a2:f3:07:35:e0:46:b5:14:e7:d2:48:f0:83:e0:53:
eb:c6:c2:cb:12:56:32:cf:e5:2f:45:72:cb:8a:fb:79:da:18:
93:7e:14:57:df:90:06:ea:1f:c5:87:b3:48:95:23:e5:de:44:
ff:40:4f:27:29:32:1c:51:6a:f8:47:a3:b0:86:60:22:44:36:
ea:57:1d:fb:ee:92:7d:b9:6d:3b:81:23:af:a6:a6:3e:d5:10:
95:c2:cb:68:ed:c5:d8:76:64:a7:85:f4:ad:1a:0e:02:c2:d2:
83:89:5d:ec
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIUHl+jUc9xHb8dIb/ppYp6lH+Qr4kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMDEwODIyNDJaFw0yNjA5MzAwODI3NDJaMDMxMTAvBgNV
BAMTKDRCN0FEQkVEOEFBMUIwQUU3MjFDN0E3MTQ1QUNDMTQxMDhBMUE3MkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNpCB8S3RlfRn+WZKIhntiJHt/
ZeGkTUucQwa8vV3kdfh61xVZTraEvA7dZiDPz9uBeZKR35dmNmXvrAM+3JaaJwfm
ppOwNM3G3HVyTvCHG5z+1JrbZOZ9fvysscq9FaNA8Dk/wzFFXPYFk9ubfBan4DmQ
r6/FYuFKRJgnUp25hXRpCjH7yNkHk6914KUfvzZI9KhXM5MNGrbjMQzZ+LKt52ky
LGtaA7fxR0FunQ6DoFoaRZEUIomCDyQmdfTBEyXNtEM4aW9ioTrMg5j/xeTj4DN9
KdFBbr7214rkQnFG41chjenv4ryNXZ+28E2nJBvO+ktzHlpsqA61469EFszRAgMB
AAGjggIPMIICCzAdBgNVHQ4EFgQUS3rb7YqhsK5yHHpxRazBQQihpy4wHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACPFEwD
BACPFFwwDQYJKoZIhvcNAQELBQADggEBACc5w9VGWy3+TQI7gbtR5YW/gQRadv+h
9MG6biFOxI02fWrulcPm9YLAgYPMoPezEVwuivZeICuYWM/Ur8WZxWhF1B37vfEP
szT8nRkj3xL7Fa6FpXnDlvDWiGljgUvjk5MkUxaqwiWX8SfFkRrFf1y29qsiP4uZ
XTxmFRHi9LpKjaCvFpLCdJdk9iYl4dI9JagOAqLzBzXgRrUU59JI8IPgU+vGwssS
VjLP5S9FcsuK+3naGJN+FFffkAbqH8WHs0iVI+XeRP9ATycpMhxRavhHo7CGYCJE
NupXHfvukn25bTuBI6+mpj7VEJXCy2jtxdh2ZKeF9K0aDgLC0oOJXew=
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:08:38 2025 by rpki-client