Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: B55BuYHW5+tqzTkuS4nywF/RcawrsjfXUhoSe0pew+I=
Subject key identifier: 5D:4D:41:46:75:33:BB:84:9E:F3:68:46:C9:C1:6D:7C:42:71:BB:57
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 65370EB783DE07BC29DBF5916EEC05C24EA3D610
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Wed 01 Oct 2025 05:41:36 +0000
ROA not before: Wed 01 Oct 2025 05:36:36 +0000
ROA not after: Wed 30 Sep 2026 05:41:36 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 14 Oct 2025 12:40:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:37:0e:b7:83:de:07:bc:29:db:f5:91:6e:ec:05:c2:4e:a3:d6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 1 05:36:36 2025 GMT
Not After : Sep 30 05:41:36 2026 GMT
Subject: CN=5D4D41467533BB849EF36846C9C16D7C4271BB57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:74:62:ea:42:dc:19:35:0f:da:b2:cb:cc:fb:
3f:50:1e:c0:0f:ea:99:0f:15:be:25:2d:cd:08:8c:
f3:9e:60:2c:74:a4:23:6d:41:0d:c4:00:0e:c6:ad:
d8:40:09:cc:11:36:62:e4:b7:79:25:cf:d4:42:4a:
39:b4:f3:a1:e9:14:1a:26:35:e9:38:b3:48:5f:b1:
1f:e7:73:59:6e:33:56:ec:ba:59:61:e6:19:a6:34:
14:48:a0:69:bd:75:86:72:21:01:c9:fb:f4:2b:e0:
bb:36:5c:50:cf:82:92:05:85:b5:2f:30:d5:19:38:
06:7e:df:1b:cc:3a:4d:9c:d4:e9:89:aa:79:da:9f:
74:8a:f7:1a:a6:4b:7a:de:55:54:4b:d9:9d:c6:a8:
a4:64:c1:fa:9d:27:06:3c:22:50:dd:86:ac:47:6f:
d7:8e:22:1c:0f:09:b7:5a:eb:a3:35:ed:1c:69:68:
a5:f1:66:2f:53:85:1a:02:11:e0:8c:8f:af:c7:19:
2d:25:00:e3:b4:2f:53:5c:05:53:75:3e:e9:9d:73:
8b:50:9c:1e:a7:e7:e1:00:d3:3d:2a:e3:0c:7a:39:
e0:32:ce:8a:c9:b2:89:f9:f5:87:91:e3:be:76:4d:
70:d8:11:b4:89:62:85:d3:f0:42:85:a1:fa:c1:70:
5d:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4D:41:46:75:33:BB:84:9E:F3:68:46:C9:C1:6D:7C:42:71:BB:57
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
45.133.172.0/23
179.61.197.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:84:ec:b1:3f:38:52:c0:cc:7f:3e:e0:8d:be:d5:d9:3e:67:
88:bd:9f:7b:2d:8c:a1:7f:79:e3:03:e3:a5:ef:f4:3d:42:46:
8a:4b:45:7e:05:5b:d3:f8:e9:74:29:ad:2a:ce:11:dc:bf:36:
94:d2:01:74:36:23:ea:b3:da:af:83:0d:32:fa:7d:5e:d2:90:
91:0e:3f:02:42:c5:74:4e:dc:ce:90:f2:9a:1f:1a:1d:d8:8a:
d6:b0:5d:2c:e5:d5:fb:cf:e0:4c:11:47:c7:5b:a0:c6:3d:fc:
67:f0:92:eb:27:57:68:9f:cc:ea:25:40:de:27:1a:96:2f:a8:
5d:76:0f:7c:eb:ac:cc:57:7e:a2:a0:12:a6:08:e6:cf:bd:1b:
86:d3:b6:96:09:28:7b:28:20:52:6b:d7:76:87:f3:f5:d2:80:
a3:c6:52:13:0d:b1:d7:28:c9:78:4c:c0:e7:2d:c3:f7:47:98:
62:73:90:7f:d8:54:f8:28:fb:b3:49:fa:1c:53:84:2d:e6:96:
1c:de:37:83:81:21:4d:b0:07:83:94:de:11:59:42:ee:eb:31:
a5:b0:10:5e:12:f5:7e:19:03:18:75:92:c0:47:d1:d4:f6:b3:
b4:ab:a5:3e:02:93:96:43:e7:7d:e0:47:eb:b5:fa:28:85:00:
8e:70:7d:0b
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIUZTcOt4PeB7wp2/WRbuwFwk6j1hAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMDEwNTM2MzZaFw0yNjA5MzAwNTQxMzZaMDMxMTAvBgNV
BAMTKDVENEQ0MTQ2NzUzM0JCODQ5RUYzNjg0NkM5QzE2RDdDNDI3MUJCNTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPdGLqQtwZNQ/assvM+z9QHsAP
6pkPFb4lLc0IjPOeYCx0pCNtQQ3EAA7GrdhACcwRNmLkt3klz9RCSjm086HpFBom
Nek4s0hfsR/nc1luM1bsullh5hmmNBRIoGm9dYZyIQHJ+/Qr4Ls2XFDPgpIFhbUv
MNUZOAZ+3xvMOk2c1OmJqnnan3SK9xqmS3reVVRL2Z3GqKRkwfqdJwY8IlDdhqxH
b9eOIhwPCbda66M17RxpaKXxZi9ThRoCEeCMj6/HGS0lAOO0L1NcBVN1Pumdc4tQ
nB6n5+EA0z0q4wx6OeAyzorJson59YeR4752TXDYEbSJYoXT8EKFofrBcF3TAgMB
AAGjggKkMIICoDAdBgNVHQ4EFgQUXU1BRnUzu4Se82hGycFtfEJxu1cwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAt
WGEDBAEthawDBACzPcUDBAC1KcoDBAC1Kc4DBAC11l0DBAC11pkwDAMEArXWpAME
ALXWpgMEALXWrQMEALXW2gMEALXXsAMEALXXtgMEAb9gJAMEAL9gZwMEAL9gagME
AL9glgMEAL9gqAMEAL9guQMEAL9g4wMEAL9g/wMEAL9lHwMEAL9lPQMEAL9lnQME
AL9l2QMEAMJuDTANBgkqhkiG9w0BAQsFAAOCAQEAtoTssT84UsDMfz7gjb7V2T5n
iL2fey2MoX954wPjpe/0PUJGiktFfgVb0/jpdCmtKs4R3L82lNIBdDYj6rPar4MN
Mvp9XtKQkQ4/AkLFdE7czpDymh8aHdiK1rBdLOXV+8/gTBFHx1ugxj38Z/CS6ydX
aJ/M6iVA3icali+oXXYPfOuszFd+oqASpgjmz70bhtO2lgkoeyggUmvXdofz9dKA
o8ZSEw2x1yjJeEzA5y3D90eYYnOQf9hU+Cj7s0n6HFOELeaWHN43g4EhTbAHg5Te
EVlC7usxpbAQXhL1fhkDGHWSwEfR1PaztKulPgKTlkPnfeBH67X6KIUAjnB9Cw==
-----END CERTIFICATE-----
Generated at Mon Oct 13 22:09:09 2025 by rpki-client