Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: Ya6cqbgpZaqXu7nvTJt+jaYo2BHl26CLJz04FhGTHd0=
Subject key identifier: 46:BA:FC:B4:26:48:36:CD:D9:EA:D9:45:B1:4C:C2:02:C7:82:07:A5
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4BA9762E870926525B093A8E22A7C58B80C2740C
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Wed 01 Apr 2026 00:26:45 +0000
ROA not before: Wed 01 Apr 2026 00:21:45 +0000
ROA not after: Wed 31 Mar 2027 00:26:45 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 Apr 2026 17:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:a9:76:2e:87:09:26:52:5b:09:3a:8e:22:a7:c5:8b:80:c2:74:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 1 00:21:45 2026 GMT
Not After : Mar 31 00:26:45 2027 GMT
Subject: CN=46BAFCB4264836CDD9EAD945B14CC202C78207A5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:d1:48:40:0a:ae:00:86:7c:49:e7:9d:1f:
b8:00:c7:a2:66:eb:33:dc:54:aa:dc:cf:22:1a:75:
6e:28:60:eb:ed:bc:bd:28:3b:8e:8a:cd:e7:fe:04:
10:53:7a:ec:19:2e:de:16:7b:fa:f8:f3:aa:de:fc:
99:12:b8:2c:61:dc:c1:83:80:86:14:87:9b:5a:10:
8e:67:73:41:74:f9:69:46:4f:99:44:8c:63:a2:98:
56:20:ac:48:50:70:0f:54:ce:ee:ab:47:04:5e:95:
93:fe:8d:30:d3:e5:f5:2e:b5:38:1d:4c:3f:c6:a9:
ab:7a:11:ea:0f:08:79:da:d9:7c:3a:7e:10:1b:47:
ba:51:6e:79:5e:71:c0:7e:1d:be:1c:02:41:d5:f4:
15:2a:69:65:b2:65:b7:1a:63:f2:88:1e:c5:00:6e:
16:87:b6:15:c5:48:6a:29:fe:42:3a:da:2f:7e:03:
fe:b1:38:ac:e4:a5:6d:1f:7b:15:bf:75:95:3b:10:
13:31:6e:54:c8:8d:fc:99:1a:cc:6e:72:d1:95:21:
5b:35:ee:c9:cf:39:ae:38:34:5a:bd:79:03:03:40:
0b:9a:3a:b6:fd:59:ff:8c:c9:84:05:0d:ed:45:9a:
41:93:da:5c:24:3b:08:6b:c3:67:fc:67:16:cf:27:
49:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:BA:FC:B4:26:48:36:CD:D9:EA:D9:45:B1:4C:C2:02:C7:82:07:A5
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
179.61.197.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.215.182.0/24
191.96.36.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
Signature Algorithm: sha256WithRSAEncryption
95:a6:43:30:cc:b7:de:b4:72:2e:6d:7e:2d:b9:70:da:14:bf:
92:9f:16:c7:b9:f8:b9:61:81:78:b4:a9:08:4d:0d:86:28:d5:
f2:04:0c:79:80:4d:7d:51:c7:cc:53:f1:5b:ea:6e:0b:2d:66:
37:f1:40:77:45:d6:cc:0d:77:48:00:66:d1:dd:d5:10:c3:c3:
6d:d6:2e:2c:47:51:c1:8d:df:7f:9a:6e:df:47:a9:21:3e:7b:
bb:73:81:83:2d:58:74:13:fc:06:c7:f2:dc:d7:e4:4b:70:ac:
2e:11:1f:77:d3:79:bf:f5:d3:30:df:42:65:c0:45:de:35:35:
a2:a5:a2:bd:1f:a7:e9:45:d8:03:bb:2f:a1:fd:bc:a8:b2:02:
09:35:fd:06:fe:88:f8:51:b2:41:de:1f:c0:57:89:7e:3c:d1:
87:e1:20:7c:ae:d1:c5:c3:58:cb:b7:ca:ae:e3:8a:43:98:f5:
9f:c8:ef:82:7e:b9:9f:ff:54:89:19:08:19:3c:ad:e6:8e:da:
78:6c:a4:52:c4:38:7d:cd:cc:d3:7f:39:a5:f6:24:01:02:4a:
71:21:dd:45:1d:04:b7:fc:1d:be:bd:9d:b8:f4:65:08:61:2e:
35:e0:ed:1d:8f:06:63:4f:a0:0f:13:b6:80:ba:b6:e7:56:61:
67:4c:ee:3a
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIUS6l2LocJJlJbCTqOIqfFi4DCdAwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MDEwMDIxNDVaFw0yNzAzMzEwMDI2NDVaMDMxMTAvBgNV
BAMTKDQ2QkFGQ0I0MjY0ODM2Q0REOUVBRDk0NUIxNENDMjAyQzc4MjA3QTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2rdFIQAquAIZ8SeedH7gAx6Jm
6zPcVKrczyIadW4oYOvtvL0oO46Kzef+BBBTeuwZLt4We/r486re/JkSuCxh3MGD
gIYUh5taEI5nc0F0+WlGT5lEjGOimFYgrEhQcA9Uzu6rRwRelZP+jTDT5fUutTgd
TD/Gqat6EeoPCHna2Xw6fhAbR7pRbnleccB+Hb4cAkHV9BUqaWWyZbcaY/KIHsUA
bhaHthXFSGop/kI62i9+A/6xOKzkpW0fexW/dZU7EBMxblTIjfyZGsxuctGVIVs1
7snPOa44NFq9eQMDQAuaOrb9Wf+MyYQFDe1FmkGT2lwkOwhrw2f8ZxbPJ0mFAgMB
AAGjggKMMIICiDAdBgNVHQ4EFgQURrr8tCZINs3Z6tlFsUzCAseCB6UwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAt
WGEDBACzPcUDBAC1KcoDBAC1Kc4DBAC11l0DBAC11pkwDAMEArXWpAMEALXWpgME
ALXWrQMEALXW2gMEALXXtgMEAL9gJAMEAL9gagMEAL9glgMEAL9gqAMEAL9guQME
AL9g4wMEAL9g/wMEAL9lHwMEAL9lPQMEAL9lnQMEAL9l2TANBgkqhkiG9w0BAQsF
AAOCAQEAlaZDMMy33rRyLm1+Lblw2hS/kp8Wx7n4uWGBeLSpCE0NhijV8gQMeYBN
fVHHzFPxW+puCy1mN/FAd0XWzA13SABm0d3VEMPDbdYuLEdRwY3ff5pu30epIT57
u3OBgy1YdBP8Bsfy3NfkS3CsLhEfd9N5v/XTMN9CZcBF3jU1oqWivR+n6UXYA7sv
of28qLICCTX9Bv6I+FGyQd4fwFeJfjzRh+EgfK7RxcNYy7fKruOKQ5j1n8jvgn65
n/9UiRkIGTyt5o7aeGykUsQ4fc3M0385pfYkAQJKcSHdRR0Et/wdvr2duPRlCGEu
NeDtHY8GY0+gDxO2gLq251ZhZ0zuOg==
-----END CERTIFICATE-----
Generated at Mon Apr 13 06:52:00 2026 by rpki-client