Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: jtE4GlftbLqvCbZZALaOUcqU/m11PJvG6y8vsbjC/8U=
Subject key identifier: D0:22:FB:7E:BB:77:67:39:98:2D:23:FF:80:25:A9:06:38:EC:A2:30
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 67FDB79C4008FFC794864B5A178DF8BCF99194A7
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
Signing time: Fri 06 Mar 2026 11:17:19 +0000
ROA not before: Fri 06 Mar 2026 11:12:19 +0000
ROA not after: Fri 05 Mar 2027 11:17:19 +0000
asID: 174
IP address blocks: 193.38.44.0/24 maxlen: 24
193.38.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:fd:b7:9c:40:08:ff:c7:94:86:4b:5a:17:8d:f8:bc:f9:91:94:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Mar 6 11:12:19 2026 GMT
Not After : Mar 5 11:17:19 2027 GMT
Subject: CN=D022FB7EBB776739982D23FF8025A90638ECA230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:6c:78:14:d9:e5:f1:b7:0b:aa:c9:2a:6e:4a:
9d:4d:64:bc:19:22:02:51:48:33:5c:83:28:a6:ac:
ba:87:f4:96:48:3b:b4:23:8a:68:1c:03:b4:4a:4e:
42:da:cd:00:e0:13:bc:38:65:6c:fc:cd:00:66:2d:
e7:e0:a0:34:99:aa:92:bd:d3:57:33:93:f4:63:a0:
6d:42:05:7f:69:43:44:23:ef:1b:40:be:e9:88:05:
03:af:5e:18:c8:50:09:33:1a:13:00:17:3f:31:9e:
80:92:fa:21:bb:5d:cb:65:33:7f:a2:fb:a5:d9:03:
e1:4c:30:dd:ee:93:a7:ce:65:38:69:0a:3e:77:b8:
39:60:9c:3c:a5:2e:2f:25:a9:b3:a1:5d:16:b5:f9:
c5:52:32:1e:bb:ea:63:5b:ef:64:70:3f:69:4c:51:
6a:2e:c4:58:2d:83:44:46:bc:47:48:cf:55:1a:be:
2e:3b:0c:be:ab:57:0e:45:f4:21:ae:bd:00:2c:b2:
c4:f8:ec:81:09:f8:8b:e5:e7:34:0f:15:a6:52:28:
cb:0f:42:7d:00:e8:10:94:21:9a:92:19:73:1c:e8:
89:72:ce:2d:71:73:83:0a:c5:3e:b4:a6:ed:05:27:
12:4e:8f:fb:a3:1d:9e:27:20:f4:b8:18:8b:6e:f9:
7f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:22:FB:7E:BB:77:67:39:98:2D:23:FF:80:25:A9:06:38:EC:A2:30
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.44.0/23
Signature Algorithm: sha256WithRSAEncryption
15:b9:cd:aa:a3:c8:68:94:89:31:63:83:9f:4b:e1:5a:d2:4a:
21:3e:f1:1f:55:2d:03:91:5e:19:8e:4c:55:3e:fe:9c:3d:29:
3e:6b:7d:b8:d1:17:2c:cf:1e:eb:01:c4:5f:00:9c:9a:e6:3a:
3a:d2:41:49:15:cc:2f:27:5f:f9:d2:af:08:1b:38:84:7d:7c:
51:70:52:bf:00:74:65:d5:3c:fd:bd:a6:8e:09:fc:35:b3:d1:
74:7b:3d:32:fe:8d:0c:00:e4:fc:6e:b8:25:e0:f5:bf:17:ee:
ce:6d:ac:ef:d9:10:f2:00:6c:37:8d:d1:64:18:5c:1e:4b:8c:
eb:65:13:6f:c7:4c:39:25:0f:83:99:30:3f:7b:02:e2:06:d1:
e6:08:67:49:ac:24:66:e7:c9:b9:8b:8f:b6:14:a1:75:03:ad:
1d:03:6d:24:2a:56:a1:68:f9:03:81:9d:9d:40:eb:c3:9f:8d:
f6:a9:6e:e3:d8:7c:4e:e3:b5:d0:43:89:a5:c2:88:73:38:71:
bb:e2:5f:1f:ce:39:e6:f5:64:a8:6c:71:ca:59:c4:07:5c:ef:
55:2e:4a:fa:08:3c:0c:6a:b7:12:cc:b1:cb:ef:3e:db:21:9b:
8d:68:56:b5:db:31:60:5c:da:e2:77:66:59:2a:5d:47:04:44:
93:bf:da:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUZ/23nEAI/8eUhktaF434vPmRlKcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAzMDYxMTEyMTlaFw0yNzAzMDUxMTE3MTlaMDMxMTAvBgNV
BAMTKEQwMjJGQjdFQkI3NzY3Mzk5ODJEMjNGRjgwMjVBOTA2MzhFQ0EyMzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnbHgU2eXxtwuqySpuSp1NZLwZ
IgJRSDNcgyimrLqH9JZIO7QjimgcA7RKTkLazQDgE7w4ZWz8zQBmLefgoDSZqpK9
01czk/RjoG1CBX9pQ0Qj7xtAvumIBQOvXhjIUAkzGhMAFz8xnoCS+iG7XctlM3+i
+6XZA+FMMN3uk6fOZThpCj53uDlgnDylLi8lqbOhXRa1+cVSMh676mNb72RwP2lM
UWouxFgtg0RGvEdIz1Uavi47DL6rVw5F9CGuvQAsssT47IEJ+Ivl5zQPFaZSKMsP
Qn0A6BCUIZqSGXMc6Ilyzi1xc4MKxT60pu0FJxJOj/ujHZ4nIPS4GItu+X8nAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQU0CL7frt3ZzmYLSP/gCWpBjjsojAwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwSYsMA0G
CSqGSIb3DQEBCwUAA4IBAQAVuc2qo8holIkxY4OfS+Fa0kohPvEfVS0DkV4ZjkxV
Pv6cPSk+a3240Rcszx7rAcRfAJya5jo60kFJFcwvJ1/50q8IGziEfXxRcFK/AHRl
1Tz9vaaOCfw1s9F0ez0y/o0MAOT8brgl4PW/F+7Obazv2RDyAGw3jdFkGFweS4zr
ZRNvx0w5JQ+DmTA/ewLiBtHmCGdJrCRm58m5i4+2FKF1A60dA20kKlahaPkDgZ2d
QOvDn432qW7j2HxO47XQQ4mlwohzOHG74l8fzjnm9WSobHHKWcQHXO9VLkr6CDwM
arcSzLHL7z7bIZuNaFa12zFgXNrid2ZZKl1HBESTv9q3
-----END CERTIFICATE-----
Generated at Sat Mar 28 08:49:27 2026 by rpki-client