Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: yu3BEe2TsgFKOkDLgAK6L3/ad47uEbgaTYi6IZBzUv0=
Subject key identifier: A2:1A:65:FB:CB:28:BA:29:78:24:D2:15:F1:12:B7:2B:9A:03:51:4A
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 7AFBD363C69CDA4FFA4C48A5432E8F41A60EB12F
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
Signing time: Wed 06 May 2026 11:39:17 +0000
ROA not before: Wed 06 May 2026 11:34:17 +0000
ROA not after: Wed 05 May 2027 11:39:17 +0000
asID: 174
IP address blocks: 193.38.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:fb:d3:63:c6:9c:da:4f:fa:4c:48:a5:43:2e:8f:41:a6:0e:b1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 6 11:34:17 2026 GMT
Not After : May 5 11:39:17 2027 GMT
Subject: CN=A21A65FBCB28BA297824D215F112B72B9A03514A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ed:46:95:49:9a:6b:7e:65:f6:06:78:7a:4f:
6d:aa:19:23:13:13:06:40:6c:75:5f:4d:d7:e2:43:
ef:64:63:2d:02:13:73:f6:46:f4:c5:7c:7c:eb:5e:
19:f9:31:49:b3:34:69:06:95:3d:67:26:8c:22:9a:
67:6c:6e:cb:36:06:ba:d6:5b:e8:ef:3e:5c:ae:e8:
5e:cd:d6:c7:2b:b0:70:a8:01:09:21:b6:1f:2f:4d:
65:2f:87:93:9f:64:93:77:ac:59:7b:03:74:69:45:
c4:26:ea:d2:36:89:58:6b:01:ef:ee:0b:d5:44:cf:
3d:46:13:16:e8:f6:32:96:37:83:28:8b:97:60:5f:
89:5c:44:39:9b:f1:42:d9:ab:dc:4c:3b:20:08:67:
76:bc:b4:5a:0c:45:c1:76:78:29:61:b0:00:a2:36:
aa:d5:1c:1d:d5:81:8c:3a:16:2a:cd:7b:c2:6a:ef:
ab:10:d5:b7:8c:d4:92:32:f6:44:dc:8a:b2:af:28:
a1:32:0b:70:f6:1d:3a:b3:28:d1:2a:3e:11:8a:9a:
05:56:e2:f9:e2:c6:e4:18:0d:59:10:7f:c0:bf:39:
37:54:b3:fe:f4:36:67:eb:95:4f:19:81:bd:79:50:
7a:5c:ff:0e:75:8a:8a:1a:6f:50:51:80:11:19:79:
9f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:65:FB:CB:28:BA:29:78:24:D2:15:F1:12:B7:2B:9A:03:51:4A
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.45.0/24
Signature Algorithm: sha256WithRSAEncryption
94:19:75:b8:12:3e:38:bb:61:ba:28:f9:59:5d:5f:a5:75:85:
8c:42:7a:d5:3e:34:39:e8:bd:6e:07:90:2e:75:3f:98:be:e8:
53:c1:73:61:e4:4b:20:0b:c7:26:7b:85:cc:b2:99:0d:ee:96:
e8:01:61:97:4f:28:93:72:18:b6:0c:84:9d:db:10:42:3c:84:
23:b8:4a:dd:ab:4b:ac:65:47:04:33:7c:a0:7f:4a:5c:36:33:
18:1d:ca:3c:8f:34:23:9d:30:2c:bc:2f:77:9f:7d:aa:ea:e1:
fa:56:15:8b:43:e5:2b:67:42:07:87:79:81:21:0a:46:05:33:
c7:b8:2d:27:7d:74:c6:a6:a6:32:8b:ba:04:05:38:b7:1a:af:
26:2d:9f:5a:27:ff:27:d0:99:3f:b0:cb:c3:1c:28:50:e0:b8:
56:85:73:a2:62:f8:6e:60:b8:96:a0:16:0d:60:83:80:0f:dc:
c9:b6:4f:bc:9a:7c:0c:bf:f4:3e:26:fa:32:3a:9d:82:9b:93:
8a:83:27:38:f8:f8:6b:a7:05:c4:0e:e9:eb:3d:70:1e:90:72:
23:70:f8:62:09:4f:6d:9e:30:e1:5b:a9:5f:1d:cf:8e:39:c0:
08:c7:75:53:67:2e:42:67:89:f8:47:93:7e:6f:d0:1b:f6:f6:
8d:1e:f3:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUevvTY8ac2k/6TEilQy6PQaYOsS8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MDYxMTM0MTdaFw0yNzA1MDUxMTM5MTdaMDMxMTAvBgNV
BAMTKEEyMUE2NUZCQ0IyOEJBMjk3ODI0RDIxNUYxMTJCNzJCOUEwMzUxNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc7UaVSZprfmX2Bnh6T22qGSMT
EwZAbHVfTdfiQ+9kYy0CE3P2RvTFfHzrXhn5MUmzNGkGlT1nJowimmdsbss2BrrW
W+jvPlyu6F7N1scrsHCoAQkhth8vTWUvh5OfZJN3rFl7A3RpRcQm6tI2iVhrAe/u
C9VEzz1GExbo9jKWN4Moi5dgX4lcRDmb8ULZq9xMOyAIZ3a8tFoMRcF2eClhsACi
NqrVHB3VgYw6FirNe8Jq76sQ1beM1JIy9kTcirKvKKEyC3D2HTqzKNEqPhGKmgVW
4vnixuQYDVkQf8C/OTdUs/70NmfrlU8Zgb15UHpc/w51iooab1BRgBEZeZ9TAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUohpl+8souil4JNIV8RK3K5oDUUowHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSYtMA0G
CSqGSIb3DQEBCwUAA4IBAQCUGXW4Ej44u2G6KPlZXV+ldYWMQnrVPjQ56L1uB5Au
dT+YvuhTwXNh5EsgC8cme4XMspkN7pboAWGXTyiTchi2DISd2xBCPIQjuErdq0us
ZUcEM3ygf0pcNjMYHco8jzQjnTAsvC93n32q6uH6VhWLQ+UrZ0IHh3mBIQpGBTPH
uC0nfXTGpqYyi7oEBTi3Gq8mLZ9aJ/8n0Jk/sMvDHChQ4LhWhXOiYvhuYLiWoBYN
YIOAD9zJtk+8mnwMv/Q+JvoyOp2Cm5OKgyc4+PhrpwXEDunrPXAekHIjcPhiCU9t
njDhW6lfHc+OOcAIx3VTZy5CZ4n4R5N+b9Ab9vaNHvNg
-----END CERTIFICATE-----
Generated at Tue May 12 22:29:20 2026 by rpki-client