Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: KqKYdf6mYrXaz+EnSm7abK1n6AitQXURutlTTzxZMSM=
Subject key identifier: 33:24:5D:20:4F:41:6C:D7:05:BB:E7:3E:27:74:70:8F:A0:A6:B5:5E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 5AC75F6173C838C0CB3A684C8F0431E1E3B4B95D
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Mon 23 Mar 2026 15:21:22 +0000
ROA not before: Mon 23 Mar 2026 15:16:22 +0000
ROA not after: Mon 22 Mar 2027 15:21:22 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c7:5f:61:73:c8:38:c0:cb:3a:68:4c:8f:04:31:e1:e3:b4:b9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 23 15:16:22 2026 GMT
Not After : Mar 22 15:21:22 2027 GMT
Subject: CN=33245D204F416CD705BBE73E2774708FA0A6B55E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c2:61:8d:71:ad:ab:0f:8e:0a:88:ce:73:1b:
d3:6e:7b:7e:ae:29:35:83:bf:14:76:37:5e:29:b0:
01:59:74:52:9c:fa:89:10:d1:72:a2:f0:0b:5c:d7:
20:bc:3b:b2:34:ec:59:4d:d8:62:91:62:2a:83:21:
49:57:6f:37:9b:2a:31:d7:9b:c8:94:e1:83:63:bf:
d1:d0:0e:cd:9c:3f:5a:44:10:56:7b:1b:1e:03:26:
70:57:22:ab:ff:37:70:ae:1e:ef:8f:6d:43:97:23:
a2:c0:60:c6:49:00:42:e9:fb:97:8e:8a:fa:2f:b8:
03:00:5f:a5:2b:56:ff:37:28:06:31:bc:ff:64:9f:
2e:70:cd:a7:c2:d3:4b:8d:53:92:c3:3f:90:f3:9d:
7f:6f:ab:8c:a2:de:56:22:64:f0:05:74:0f:c5:41:
4d:33:ed:61:83:84:c8:22:16:02:10:2c:13:8f:39:
0d:22:7a:2e:6d:12:24:0a:b3:d1:f2:d5:2a:81:4c:
4c:08:08:44:2b:bf:2a:e4:bd:8b:27:09:93:c5:06:
28:8c:3e:a0:bb:a3:1f:ff:f8:88:de:9f:1a:99:d5:
8f:a4:56:5b:74:77:9b:f4:f1:b7:d9:e8:89:98:9e:
36:75:63:d9:2f:14:56:99:c9:4e:bc:35:56:6b:e4:
1e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:24:5D:20:4F:41:6C:D7:05:BB:E7:3E:27:74:70:8F:A0:A6:B5:5E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
45.133.172.0/23
179.61.197.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:9c:1e:b2:59:fa:8b:c7:15:4e:65:60:a2:aa:b4:6a:28:00:
45:a2:ba:b0:de:93:de:0a:cf:3e:82:47:19:f9:ee:39:a5:a1:
9a:ab:a6:d8:11:c1:bd:8d:a1:b9:9a:26:86:e6:15:a7:d5:43:
7c:5a:c5:24:4e:6a:35:88:1f:1c:97:fe:d0:63:8f:10:e8:27:
ce:7a:8d:60:30:4d:d1:a0:0d:65:20:85:80:7c:99:42:65:58:
bb:44:5c:54:b3:00:c8:01:dd:29:d1:4f:5e:ec:a7:18:7a:c7:
c1:0f:7f:e7:74:25:0a:00:a7:4b:61:b1:f4:a6:1b:f1:e3:89:
3f:f6:5a:b3:3b:2d:38:08:54:46:94:56:7f:e6:dd:18:93:98:
7a:8a:41:9f:37:e0:bc:a8:2b:18:ed:c2:5c:5f:63:1f:e5:d1:
3d:c6:9a:74:b3:5a:aa:c4:ae:75:9f:55:2c:7c:e3:fd:14:92:
be:96:2e:8f:de:57:1c:ea:51:89:05:3c:8e:5f:2b:2c:ce:e8:
b6:c5:93:88:4f:5e:a7:42:37:82:21:00:16:1f:88:92:75:85:
b8:0d:0e:ce:27:c2:db:48:a2:fc:85:12:32:b1:1e:a7:80:98:
49:5a:a8:60:98:06:6d:f8:db:12:39:6d:98:39:f0:f0:25:b3:
6a:c8:83:89
-----BEGIN CERTIFICATE-----
MIIFmjCCBIKgAwIBAgIUWsdfYXPIOMDLOmhMjwQx4eO0uV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjMxNTE2MjJaFw0yNzAzMjIxNTIxMjJaMDMxMTAvBgNV
BAMTKDMzMjQ1RDIwNEY0MTZDRDcwNUJCRTczRTI3NzQ3MDhGQTBBNkI1NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSwmGNca2rD44KiM5zG9Nue36u
KTWDvxR2N14psAFZdFKc+okQ0XKi8Atc1yC8O7I07FlN2GKRYiqDIUlXbzebKjHX
m8iU4YNjv9HQDs2cP1pEEFZ7Gx4DJnBXIqv/N3CuHu+PbUOXI6LAYMZJAELp+5eO
ivovuAMAX6UrVv83KAYxvP9kny5wzafC00uNU5LDP5DznX9vq4yi3lYiZPAFdA/F
QU0z7WGDhMgiFgIQLBOPOQ0iei5tEiQKs9Hy1SqBTEwICEQrvyrkvYsnCZPFBiiM
PqC7ox//+IjenxqZ1Y+kVlt0d5v08bfZ6ImYnjZ1Y9kvFFaZyU68NVZr5B4tAgMB
AAGjggKkMIICoDAdBgNVHQ4EFgQUMyRdIE9BbNcFu+c+J3Rwj6CmtV4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG7BggrBgEFBQcBBwEB/wSBqzCBqDCBpQQCAAEwgZ4DBAAt
WGEDBAEthawDBACzPcUDBAC1KcoDBAC1Kc4DBAC11l0DBAC11pkwDAMEArXWpAME
ALXWpgMEALXWrQMEALXW2gMEALXXsAMEALXXtgMEAb9gJAMEAL9gZwMEAL9gagME
AL9glgMEAL9gqAMEAL9guQMEAL9g4wMEAL9g/wMEAL9lHwMEAL9lPQMEAL9lnQME
AL9l2QMEAMJuDTANBgkqhkiG9w0BAQsFAAOCAQEArJwesln6i8cVTmVgoqq0aigA
RaK6sN6T3grPPoJHGfnuOaWhmqum2BHBvY2huZomhuYVp9VDfFrFJE5qNYgfHJf+
0GOPEOgnznqNYDBN0aANZSCFgHyZQmVYu0RcVLMAyAHdKdFPXuynGHrHwQ9/53Ql
CgCnS2Gx9KYb8eOJP/ZaszstOAhURpRWf+bdGJOYeopBnzfgvKgrGO3CXF9jH+XR
PcaadLNaqsSudZ9VLHzj/RSSvpYuj95XHOpRiQU8jl8rLM7otsWTiE9ep0I3giEA
Fh+IknWFuA0OzifC20ii/IUSMrEep4CYSVqoYJgGbfjbEjltmDnw8CWzasiDiQ==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:32:08 2026 by rpki-client