Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: DaMQTt3FIh4yanc24DJw+nqwU+ihbYdYEHEGuJChWyA=
Subject key identifier: 0D:78:17:D3:C8:4A:E5:8C:F6:FD:BB:72:06:3D:2D:32:21:B3:6E:6B
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 66690AD9CDCE646BE1FFA27682693446B24887FC
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS174.roa
Signing time: Sat 11 Oct 2025 14:23:49 +0000
ROA not before: Sat 11 Oct 2025 14:18:49 +0000
ROA not after: Sat 10 Oct 2026 14:23:49 +0000
asID: 174
IP address blocks: 46.236.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 09:14:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:69:0a:d9:cd:ce:64:6b:e1:ff:a2:76:82:69:34:46:b2:48:87:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Oct 11 14:18:49 2025 GMT
Not After : Oct 10 14:23:49 2026 GMT
Subject: CN=0D7817D3C84AE58CF6FDBB72063D2D3221B36E6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:25:fc:9b:62:d4:19:b3:35:76:c9:6b:e4:85:
ee:02:59:d9:b3:16:f3:6a:80:a5:23:85:db:0d:0e:
f5:28:d4:b0:64:69:c1:8d:77:30:c5:28:29:6a:43:
e2:79:23:77:9c:e2:35:9e:6d:a2:02:00:21:6b:56:
76:b7:9a:30:fa:0b:5f:d2:63:95:c7:f9:aa:d3:1c:
c0:86:f3:3f:96:93:4d:7e:40:83:47:89:a0:a6:c1:
29:a8:c0:49:1a:dd:5d:60:4e:3c:08:16:d2:74:aa:
c5:be:f8:b5:d1:b5:b7:77:3e:d8:8f:a8:58:cc:a1:
b0:b6:e7:87:db:da:5b:04:93:cb:b3:1c:8c:e9:3a:
6b:c5:55:34:2a:4c:d2:a7:47:be:c9:7e:97:aa:a7:
0b:6e:a1:8e:9a:28:1f:e6:88:08:4b:76:06:84:9b:
d7:5e:12:b5:ad:ab:8a:ae:30:41:39:9d:69:d5:ae:
49:16:0f:4a:f8:31:47:c5:57:26:aa:48:a5:68:1f:
df:a0:98:9e:fd:af:09:7c:20:44:2b:16:6b:0e:47:
e0:ba:55:b0:47:cc:a9:a4:8c:8a:02:84:70:9a:a0:
41:4a:5f:20:f8:8c:d3:a7:6d:e6:d0:23:ee:95:45:
3e:b3:d8:a4:69:f8:7b:7b:d7:35:bd:7b:77:13:dd:
44:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:78:17:D3:C8:4A:E5:8C:F6:FD:BB:72:06:3D:2D:32:21:B3:6E:6B
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:d7:af:3a:2d:00:04:b5:5e:84:cc:a3:9a:b4:3b:71:79:63:
35:b6:be:1c:89:79:6f:61:c0:48:c7:65:b4:f3:b6:19:78:db:
48:b0:94:17:c9:19:df:39:c5:5c:cf:23:6e:a5:a3:8f:b7:de:
0b:d2:0e:1d:d4:42:c5:ef:d5:0e:14:23:84:e3:6e:a9:96:5e:
16:93:4a:66:ed:1f:f9:9a:85:8d:b3:df:8d:31:28:fe:70:23:
c9:6a:a6:2b:f1:38:fc:03:8b:b2:9a:c0:49:38:e1:b7:92:02:
d8:48:10:38:38:ab:09:a8:98:0e:7d:21:e1:0e:5a:95:5c:28:
29:d1:d5:8d:ec:3b:13:61:57:36:6e:0b:98:85:b9:a3:df:38:
ca:95:f4:c1:46:96:c1:18:99:3e:32:19:70:b6:fa:bc:b0:47:
8e:dc:4c:51:49:07:dc:40:e4:95:5f:a5:78:46:7b:0b:1d:67:
84:67:7e:a2:1f:a2:06:46:19:1a:47:ef:0f:74:b4:ba:4e:f5:
3f:ad:94:11:92:d0:72:cf:0d:e6:85:0a:f6:5b:24:14:4f:2f:
f0:12:79:e6:27:73:a7:37:2a:d1:48:d4:8b:b2:0d:77:eb:0c:
82:cd:17:16:36:fb:5b:97:74:27:69:b3:b7:92:e5:cd:68:80:
f3:a9:a8:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUZmkK2c3OZGvh/6J2gmk0RrJIh/wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTEwMTExNDE4NDlaFw0yNjEwMTAxNDIzNDlaMDMxMTAvBgNV
BAMTKDBENzgxN0QzQzg0QUU1OENGNkZEQkI3MjA2M0QyRDMyMjFCMzZFNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVJfybYtQZszV2yWvkhe4CWdmz
FvNqgKUjhdsNDvUo1LBkacGNdzDFKClqQ+J5I3ec4jWebaICACFrVna3mjD6C1/S
Y5XH+arTHMCG8z+Wk01+QINHiaCmwSmowEka3V1gTjwIFtJ0qsW++LXRtbd3PtiP
qFjMobC254fb2lsEk8uzHIzpOmvFVTQqTNKnR77JfpeqpwtuoY6aKB/miAhLdgaE
m9deErWtq4quMEE5nWnVrkkWD0r4MUfFVyaqSKVoH9+gmJ79rwl8IEQrFmsOR+C6
VbBHzKmkjIoChHCaoEFKXyD4jNOnbebQI+6VRT6z2KRp+Ht71zW9e3cT3UQZAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUDXgX08hK5Yz2/btyBj0tMiGzbmswHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALuzeMA0G
CSqGSIb3DQEBCwUAA4IBAQBe1686LQAEtV6EzKOatDtxeWM1tr4ciXlvYcBIx2W0
87YZeNtIsJQXyRnfOcVczyNupaOPt94L0g4d1ELF79UOFCOE426pll4Wk0pm7R/5
moWNs9+NMSj+cCPJaqYr8Tj8A4uymsBJOOG3kgLYSBA4OKsJqJgOfSHhDlqVXCgp
0dWN7DsTYVc2bguYhbmj3zjKlfTBRpbBGJk+Mhlwtvq8sEeO3ExRSQfcQOSVX6V4
RnsLHWeEZ36iH6IGRhkaR+8PdLS6TvU/rZQRktByzw3mhQr2WyQUTy/wEnnmJ3On
NyrRSNSLsg136wyCzRcWNvtbl3QnabO3kuXNaIDzqahX
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:06:17 2025 by rpki-client