Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: K8ufY5v5IszBm8cTiE3g4oqLTCaiEZObqzfYI9gdRS4=
Subject key identifier: 39:D2:B8:F9:7C:52:1C:38:62:A7:96:1A:22:91:10:4D:47:08:2B:C3
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2E26DD12938DD2AA61CA8E089AFDBDFC2477EFAF
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Tue 01 Jul 2025 00:02:21 +0000
ROA not before: Mon 30 Jun 2025 23:57:21 +0000
ROA not after: Tue 30 Jun 2026 00:02:21 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
45.89.249.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
179.61.239.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:26:dd:12:93:8d:d2:aa:61:ca:8e:08:9a:fd:bd:fc:24:77:ef:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 30 23:57:21 2025 GMT
Not After : Jun 30 00:02:21 2026 GMT
Subject: CN=39D2B8F97C521C3862A7961A2291104D47082BC3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:91:89:5c:10:97:9d:bf:6b:73:70:1b:5f:bb:
9c:96:31:52:7a:4e:d2:cb:ce:45:b0:b7:cf:ac:8c:
5c:4c:33:90:6a:d4:ed:f1:61:10:2c:11:16:e2:21:
d1:55:3b:d3:f6:f0:59:97:fd:8b:29:52:7e:16:36:
b3:aa:28:71:76:3e:9b:35:bf:b8:4d:92:da:4b:31:
07:7c:d6:f8:ce:b6:2c:71:0d:a7:2a:be:5b:9c:92:
24:72:d1:fe:ad:8e:72:48:cd:36:dd:5c:e0:96:8a:
3a:fa:1e:9b:b9:3a:5e:35:fd:68:01:ff:e9:52:4f:
22:eb:76:01:23:dd:5c:99:f7:5e:f3:c5:e1:8d:54:
60:80:db:20:6b:ea:e4:b1:09:7e:29:e3:73:62:b9:
ab:7f:11:19:99:c5:ee:fd:4c:c3:8b:8d:bc:1c:b9:
b7:a6:93:73:27:7d:e0:78:eb:07:f8:5b:35:8a:47:
92:f8:4a:fa:c1:17:58:ad:68:09:5d:69:20:55:c3:
2f:f5:67:f6:37:a0:60:dd:93:c5:33:7f:c2:65:22:
81:73:e2:ac:83:18:a1:6e:13:07:7a:16:17:a1:4d:
b6:d2:b2:bc:c7:2e:aa:a8:8a:ec:d2:cf:b0:df:6a:
10:f6:26:d5:d2:7c:a5:ad:d9:65:a4:92:51:33:23:
ff:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D2:B8:F9:7C:52:1C:38:62:A7:96:1A:22:91:10:4D:47:08:2B:C3
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
45.89.249.0/24
45.133.172.0/23
179.61.197.0/24
179.61.239.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.215.88.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
99:81:d0:29:63:69:c0:6c:81:7e:7f:fb:b4:24:e6:91:77:83:
be:4f:35:f3:58:57:bf:cc:ea:a7:6d:2d:0a:cc:c8:db:15:90:
a0:8b:e3:2f:53:36:05:ab:13:26:00:a2:6d:bc:64:d7:49:40:
5e:89:d5:f9:63:e5:5a:da:84:cc:ff:6c:e8:c6:15:37:0b:cb:
11:62:5e:87:ae:f5:fd:e2:57:cd:02:52:70:8c:77:74:fc:a4:
f5:68:fa:f3:82:ce:59:ea:71:ad:e4:e5:63:16:47:61:e0:b7:
fa:59:ac:ff:40:55:38:19:77:d5:7a:4b:52:79:28:40:2d:b4:
b4:75:20:1d:0b:9e:8b:9f:ec:32:ef:df:fb:85:94:57:c5:52:
48:d2:bb:dc:78:ab:15:19:4e:5e:51:79:7c:cb:56:1e:d1:26:
b0:68:92:dc:8f:6e:87:c2:10:09:a1:04:b3:d4:95:d6:b9:ae:
9f:37:57:08:fb:05:92:d1:0c:08:0b:86:eb:0d:d4:50:b1:1e:
2f:03:a0:39:42:4e:02:b8:13:32:9d:f9:c4:bb:35:ee:4d:68:
82:fb:c9:1e:10:87:11:24:bb:9d:8d:ea:f8:cc:45:16:eb:36:
d2:15:8e:ef:98:1f:5e:b7:51:05:87:63:9a:fb:c5:d0:60:18:
a2:a4:c9:23
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIULibdEpON0qphyo4Imv29/CR3768wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MzAyMzU3MjFaFw0yNjA2MzAwMDAyMjFaMDMxMTAvBgNV
BAMTKDM5RDJCOEY5N0M1MjFDMzg2MkE3OTYxQTIyOTExMDRENDcwODJCQzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXkYlcEJedv2tzcBtfu5yWMVJ6
TtLLzkWwt8+sjFxMM5Bq1O3xYRAsERbiIdFVO9P28FmX/YspUn4WNrOqKHF2Pps1
v7hNktpLMQd81vjOtixxDacqvluckiRy0f6tjnJIzTbdXOCWijr6Hpu5Ol41/WgB
/+lSTyLrdgEj3VyZ917zxeGNVGCA2yBr6uSxCX4p43Niuat/ERmZxe79TMOLjbwc
ubemk3MnfeB46wf4WzWKR5L4SvrBF1itaAldaSBVwy/1Z/Y3oGDdk8Uzf8JlIoFz
4qyDGKFuEwd6FhehTbbSsrzHLqqoiuzSz7DfahD2JtXSfKWt2WWkklEzI/9vAgMB
AAGjggK2MIICsjAdBgNVHQ4EFgQUOdK4+XxSHDhip5YaIpEQTUcIK8MwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
WGEDBAAtWfkDBAEthawDBACzPcUDBACzPe8DBAC1KcoDBAC1Kc4DBAC11l0DBAC1
1pkwDAMEArXWpAMEALXWpgMEALXWrQMEALXW2gMEALXXWAMEALXXsAMEALXXtgME
Ab9gJAMEAL9gZwMEAL9gagMEAL9glgMEAL9gqAMEAL9guQMEAL9g4wMEAL9g/wME
AL9lHwMEAL9lPQMEAL9lnQMEAL9l2QMEAMJuDTANBgkqhkiG9w0BAQsFAAOCAQEA
mYHQKWNpwGyBfn/7tCTmkXeDvk8181hXv8zqp20tCszI2xWQoIvjL1M2BasTJgCi
bbxk10lAXonV+WPlWtqEzP9s6MYVNwvLEWJeh671/eJXzQJScIx3dPyk9Wj684LO
WepxreTlYxZHYeC3+lms/0BVOBl31XpLUnkoQC20tHUgHQuei5/sMu/f+4WUV8VS
SNK73HirFRlOXlF5fMtWHtEmsGiS3I9uh8IQCaEEs9SV1rmunzdXCPsFktEMCAuG
6w3UULEeLwOgOUJOArgTMp35xLs17k1ogvvJHhCHESS7nY3q+MxFFus20hWO75gf
XrdRBYdjmvvF0GAYoqTJIw==
-----END CERTIFICATE-----
Generated at Tue Jul 1 09:12:33 2025 by rpki-client