Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS173.roa
File: AS173.roa (raw, json)
Hash identifier: jd7z+vVYjrHIsWt3wjYSBVc3oxDAD+Nnicl7Z+0tKuk=
Subject key identifier: FC:0D:7A:A1:00:79:1F:7A:BD:4B:AF:9C:46:7C:A7:87:56:EC:F7:B5
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 4FF0310B3DCB10F1C525FEEF5EE3A0AABF49CD4A
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS173.roa
Signing time: Mon 11 May 2026 16:19:00 +0000
ROA not before: Mon 11 May 2026 16:14:00 +0000
ROA not after: Mon 10 May 2027 16:19:00 +0000
asID: 173
IP address blocks: 77.241.72.0/24 maxlen: 24
77.241.73.0/24 maxlen: 24
77.241.74.0/24 maxlen: 24
77.241.75.0/24 maxlen: 24
194.169.92.0/24 maxlen: 24
194.169.93.0/24 maxlen: 24
194.169.94.0/24 maxlen: 24
194.169.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:f0:31:0b:3d:cb:10:f1:c5:25:fe:ef:5e:e3:a0:aa:bf:49:cd:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 11 16:14:00 2026 GMT
Not After : May 10 16:19:00 2027 GMT
Subject: CN=FC0D7AA100791F7ABD4BAF9C467CA78756ECF7B5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d6:13:e8:34:ce:48:d4:2c:64:93:54:d0:71:
46:02:08:3d:58:3c:b6:40:18:5b:2f:2b:e4:9c:1a:
a9:c9:93:9f:41:e0:d1:17:74:a6:dd:65:36:27:5f:
04:d1:c6:ed:d4:f1:17:8b:ce:dd:f5:32:db:88:c3:
e7:9d:7e:21:5e:5a:3a:2b:a4:bc:01:15:c8:67:b2:
2b:b0:0c:e5:f6:18:3e:91:2a:2e:47:9a:54:cd:ff:
e1:2a:1b:1f:1e:c3:4d:d2:c7:49:4f:1f:93:6e:40:
7c:2c:e3:e8:55:99:e2:d8:80:9b:5b:a5:8f:ce:cf:
3d:d7:12:85:c9:1c:79:aa:ef:bc:b9:2e:ed:ca:39:
b7:e8:65:cb:46:1c:6c:89:5e:56:c6:64:28:c6:75:
fc:3c:66:5c:f5:e7:6e:c9:34:66:ba:df:4a:8c:9d:
2f:b5:bb:46:f7:39:20:51:64:c9:71:bd:68:97:a5:
18:ce:18:dc:91:4d:b3:67:16:f9:b9:44:e1:00:10:
a4:a8:6f:ef:9d:a0:f8:8e:ac:e1:8f:67:1b:6d:10:
5a:ca:44:0d:36:15:c3:e7:39:b8:b0:62:d6:fb:97:
23:27:04:f7:03:e0:af:50:c6:32:89:7e:3b:79:61:
c3:11:62:59:63:6f:96:47:1b:4c:70:b5:5c:b7:32:
b8:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:0D:7A:A1:00:79:1F:7A:BD:4B:AF:9C:46:7C:A7:87:56:EC:F7:B5
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS173.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.72.0/22
194.169.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:16:db:2a:55:95:8a:f0:b2:f1:02:00:5f:38:be:4a:98:51:
bd:1e:03:d5:91:f8:71:e4:e5:42:4f:81:34:44:6b:46:60:bf:
59:f8:a3:a5:88:08:72:47:67:ac:0a:8f:a4:36:b0:bf:18:75:
c9:28:3b:0e:b6:cd:93:a1:3e:72:2c:97:75:1c:b4:73:ad:a0:
1c:ab:26:ff:44:62:4b:38:91:63:12:9f:5e:0c:5f:92:98:af:
07:cd:22:36:ca:1b:1f:3d:e7:7f:87:08:a9:ae:99:d4:bf:9a:
a2:f7:7f:b4:0c:a1:b8:e2:f0:fc:c9:8f:91:16:9e:ed:dc:1b:
7c:3d:70:c9:2d:c2:e0:24:c0:fc:18:5e:22:ec:85:b1:df:05:
79:4b:2f:10:78:af:6c:57:0a:43:90:29:aa:7f:db:08:ca:3d:
b6:78:ca:ec:4e:04:06:43:06:28:db:79:c2:6d:57:48:9b:35:
18:a7:66:47:3b:d8:18:27:1d:a5:67:43:24:35:e6:72:5d:03:
46:e9:56:a2:c5:3e:cc:4d:38:eb:eb:99:ea:33:eb:23:e9:21:
57:82:1e:47:a0:e0:95:bd:dd:00:23:70:cd:86:fb:b3:1b:3e:
30:af:8f:ec:c2:90:22:09:6b:a1:24:e4:ea:37:70:1d:8b:38:
eb:3a:20:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUT/AxCz3LEPHFJf7vXuOgqr9JzUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTExNjE0MDBaFw0yNzA1MTAxNjE5MDBaMDMxMTAvBgNV
BAMTKEZDMEQ3QUExMDA3OTFGN0FCRDRCQUY5QzQ2N0NBNzg3NTZFQ0Y3QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV1hPoNM5I1Cxkk1TQcUYCCD1Y
PLZAGFsvK+ScGqnJk59B4NEXdKbdZTYnXwTRxu3U8ReLzt31MtuIw+edfiFeWjor
pLwBFchnsiuwDOX2GD6RKi5HmlTN/+EqGx8ew03Sx0lPH5NuQHws4+hVmeLYgJtb
pY/Ozz3XEoXJHHmq77y5Lu3KObfoZctGHGyJXlbGZCjGdfw8Zlz1527JNGa630qM
nS+1u0b3OSBRZMlxvWiXpRjOGNyRTbNnFvm5ROEAEKSob++doPiOrOGPZxttEFrK
RA02FcPnObiwYtb7lyMnBPcD4K9QxjKJfjt5YcMRYlljb5ZHG0xwtVy3MrgxAgMB
AAGjggINMIICCTAdBgNVHQ4EFgQU/A16oQB5H3q9S6+cRnynh1bs97UwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMTczLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCTfFIAwQC
wqlcMA0GCSqGSIb3DQEBCwUAA4IBAQA6FtsqVZWK8LLxAgBfOL5KmFG9HgPVkfhx
5OVCT4E0RGtGYL9Z+KOliAhyR2esCo+kNrC/GHXJKDsOts2ToT5yLJd1HLRzraAc
qyb/RGJLOJFjEp9eDF+SmK8HzSI2yhsfPed/hwiprpnUv5qi93+0DKG44vD8yY+R
Fp7t3Bt8PXDJLcLgJMD8GF4i7IWx3wV5Sy8QeK9sVwpDkCmqf9sIyj22eMrsTgQG
QwYo23nCbVdImzUYp2ZHO9gYJx2lZ0MkNeZyXQNG6VaixT7MTTjr65nqM+sj6SFX
gh5HoOCVvd0AI3DNhvuzGz4wr4/swpAiCWuhJOTqN3AdizjrOiA0
-----END CERTIFICATE-----
Generated at Wed May 13 04:17:26 2026 by rpki-client