Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: KmqEJB1dxQIIloKVPkkbntlEcy1ARDYaPLLY3uMOIm8=
Subject key identifier: 84:EB:31:46:AE:C7:35:FE:00:2F:7C:49:14:DD:4A:17:9E:20:65:CB
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 791B135E51D22EBB913A6F39FECEED744FB15EB8
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
Signing time: Wed 26 Mar 2025 16:24:39 +0000
ROA not before: Wed 26 Mar 2025 16:19:39 +0000
ROA not after: Wed 25 Mar 2026 16:24:39 +0000
asID: 174
IP address blocks: 139.28.32.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
176.53.157.0/24 maxlen: 24
176.53.159.0/24 maxlen: 24
193.38.44.0/24 maxlen: 24
193.38.45.0/24 maxlen: 24
193.187.132.0/23 maxlen: 24
194.93.48.0/24 maxlen: 24
194.93.49.0/24 maxlen: 24
194.93.50.0/24 maxlen: 24
194.93.51.0/24 maxlen: 24
194.93.61.0/24 maxlen: 24
194.93.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 01:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:1b:13:5e:51:d2:2e:bb:91:3a:6f:39:fe:ce:ed:74:4f:b1:5e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Mar 26 16:19:39 2025 GMT
Not After : Mar 25 16:24:39 2026 GMT
Subject: CN=84EB3146AEC735FE002F7C4914DD4A179E2065CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b9:51:4c:f8:42:4c:37:de:8b:91:fd:f2:aa:
fa:86:05:91:64:9f:ce:de:ef:4d:67:46:49:46:b7:
67:30:f0:8a:7b:24:ec:54:9c:5f:42:ff:4d:56:2f:
40:32:cd:f5:7a:71:e8:05:ec:26:9e:59:6b:94:c9:
5d:88:38:a2:f8:07:dc:6b:16:fd:89:eb:89:e5:bc:
84:ed:09:e1:84:eb:17:c4:49:ec:5f:bb:0f:fe:cb:
5e:5a:7f:0a:55:36:4e:02:53:92:45:e6:62:02:74:
08:65:d7:7d:54:c4:e7:b0:02:a7:92:c0:b2:cc:8f:
4c:ec:02:9f:61:55:a0:ca:73:01:82:09:d7:a8:92:
47:40:24:4e:1f:e7:bd:32:d1:2a:33:26:39:c7:79:
81:35:0a:c5:b6:17:50:45:f4:8d:f0:ee:ef:1c:ba:
70:03:f5:11:b4:fa:6b:8c:be:a9:87:0c:ba:20:78:
3e:85:e4:a6:c6:3d:2b:ff:c2:8f:c4:ea:55:e1:a7:
e6:d6:22:30:37:36:ce:53:0b:95:b4:47:60:d9:36:
d6:31:6d:fb:8b:d2:c3:70:68:7e:01:1b:a8:c4:ac:
43:14:90:64:38:23:b2:cc:58:27:93:ce:3e:e8:99:
df:ff:37:fc:41:fc:b1:2e:71:aa:9a:0e:e2:96:12:
b7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:31:46:AE:C7:35:FE:00:2F:7C:49:14:DD:4A:17:9E:20:65:CB
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.32.0/22
141.98.48.0/22
176.53.157.0/24
176.53.159.0/24
193.38.44.0/23
193.187.132.0/23
194.93.48.0/22
194.93.61.0/24
194.93.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:aa:67:aa:65:71:ff:d7:ac:9c:a8:60:b3:0b:e7:e2:b5:ba:
c0:5b:5d:11:84:2a:0a:44:14:c6:ef:12:ee:c8:e2:cd:58:30:
7f:b9:ed:96:35:1c:3f:8b:0e:c3:15:74:36:cb:05:f9:3f:3b:
7d:23:35:a8:09:95:0a:36:91:ef:1c:70:1c:14:05:71:b5:cf:
14:67:30:01:8a:10:89:c7:e7:29:93:32:e9:3a:0d:5b:53:b5:
6e:bf:64:1a:fd:86:7b:93:24:22:bb:23:68:46:c5:a1:ad:75:
13:ad:fd:37:76:83:35:42:6f:68:64:bf:83:1b:64:42:32:d9:
d8:03:7f:a4:90:01:60:d5:ee:fc:fc:2e:a0:d5:d1:f2:22:ac:
ba:45:dc:95:03:4e:51:df:8b:ef:d5:b0:ad:f0:3a:6b:aa:f9:
ce:97:3a:a9:6e:16:7f:3d:bd:02:7e:72:82:cb:e9:66:3a:c7:
44:e3:27:d8:a5:cd:f1:bc:bf:65:4e:2a:c0:d6:20:5e:d6:5e:
a9:3e:26:4e:f2:41:e6:a1:3d:1e:1b:f8:7e:87:6f:c2:e2:7e:
67:a6:06:3f:c4:08:00:88:1e:53:10:72:6f:7b:2a:ab:25:c0:
53:10:de:96:6c:24:3f:f1:4f:43:14:f1:77:6f:89:0c:8d:e6:
4a:ab:a4:78
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUeRsTXlHSLruROm85/s7tdE+xXrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAzMjYxNjE5MzlaFw0yNjAzMjUxNjI0MzlaMDMxMTAvBgNV
BAMTKDg0RUIzMTQ2QUVDNzM1RkUwMDJGN0M0OTE0REQ0QTE3OUUyMDY1Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbuVFM+EJMN96Lkf3yqvqGBZFk
n87e701nRklGt2cw8Ip7JOxUnF9C/01WL0AyzfV6cegF7CaeWWuUyV2IOKL4B9xr
Fv2J64nlvITtCeGE6xfESexfuw/+y15afwpVNk4CU5JF5mICdAhl131UxOewAqeS
wLLMj0zsAp9hVaDKcwGCCdeokkdAJE4f570y0SozJjnHeYE1CsW2F1BF9I3w7u8c
unAD9RG0+muMvqmHDLogeD6F5KbGPSv/wo/E6lXhp+bWIjA3Ns5TC5W0R2DZNtYx
bfuL0sNwaH4BG6jErEMUkGQ4I7LMWCeTzj7omd//N/xB/LEucaqaDuKWErflAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUhOsxRq7HNf4AL3xJFN1KF54gZcswHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCixwgAwQC
jWIwAwQAsDWdAwQAsDWfAwQBwSYsAwQBwbuEAwQCwl0wAwQAwl09AwQAwl0/MA0G
CSqGSIb3DQEBCwUAA4IBAQCKqmeqZXH/16ycqGCzC+fitbrAW10RhCoKRBTG7xLu
yOLNWDB/ue2WNRw/iw7DFXQ2ywX5Pzt9IzWoCZUKNpHvHHAcFAVxtc8UZzABihCJ
x+cpkzLpOg1bU7Vuv2Qa/YZ7kyQiuyNoRsWhrXUTrf03doM1Qm9oZL+DG2RCMtnY
A3+kkAFg1e78/C6g1dHyIqy6RdyVA05R34vv1bCt8DprqvnOlzqpbhZ/Pb0CfnKC
y+lmOsdE4yfYpc3xvL9lTirA1iBe1l6pPiZO8kHmoT0eG/h+h2/C4n5npgY/xAgA
iB5TEHJveyqrJcBTEN6WbCQ/8U9DFPF3b4kMjeZKq6R4
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:36:22 2025 by rpki-client