Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: pUjZ2INs0xo1EnuTciZFP0UdRTYsu727b+z9E0l4iI4=
Subject key identifier: A6:4E:CB:7B:14:C2:2F:DA:2C:C4:93:AD:37:65:FE:79:4C:1D:16:1D
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 4DE60BE52A611DFC9B1D0FBFA456DC12151AF1C2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
Signing time: Wed 18 Mar 2026 18:42:01 +0000
ROA not before: Wed 18 Mar 2026 18:37:01 +0000
ROA not after: Wed 17 Mar 2027 18:42:01 +0000
asID: 174
IP address blocks: 82.27.133.0/24 maxlen: 24
82.27.134.0/24 maxlen: 24
82.27.135.0/24 maxlen: 24
2a13:9500:14f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:e6:0b:e5:2a:61:1d:fc:9b:1d:0f:bf:a4:56:dc:12:15:1a:f1:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 18 18:37:01 2026 GMT
Not After : Mar 17 18:42:01 2027 GMT
Subject: CN=A64ECB7B14C22FDA2CC493AD3765FE794C1D161D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:03:79:f7:29:9e:66:e4:db:f9:0b:86:57:8f:
39:cf:d6:2c:e7:17:52:0e:d2:26:26:4c:5b:b5:8d:
22:c5:fe:96:b0:69:8a:c2:eb:15:e3:5c:d6:cb:49:
57:62:0f:99:d5:21:7f:de:02:f3:85:0a:56:63:37:
70:70:9c:81:e1:8c:27:3b:52:1b:70:2f:77:eb:e3:
05:c6:25:f9:1b:40:f1:d5:0d:ae:a2:d8:26:96:cf:
1a:00:bf:bc:18:88:3c:42:ce:c4:67:bc:49:0d:12:
de:aa:04:e2:08:6d:d0:ec:75:df:d1:9f:b6:24:71:
47:7e:dc:75:6d:ad:2b:e2:c8:53:91:3e:d6:67:78:
13:47:85:e4:8d:db:60:f5:0e:a0:d7:7f:17:84:0b:
b9:b8:cc:a6:cf:3b:28:63:08:77:25:04:25:49:13:
06:d5:32:55:91:70:bf:c9:a8:78:09:73:dd:46:02:
fc:29:28:62:e7:cf:70:81:aa:8d:14:b6:1e:d0:2f:
e6:30:17:f3:4e:70:7a:e4:dc:e3:89:8e:87:1a:e4:
64:05:ab:9c:e5:bc:18:f1:e2:bf:c8:56:44:ff:13:
f1:e1:f1:05:e1:6a:86:b4:9a:b8:34:c5:64:25:57:
d9:1a:ba:e9:7c:dc:38:0d:bb:6a:29:dc:98:f6:c5:
91:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:4E:CB:7B:14:C2:2F:DA:2C:C4:93:AD:37:65:FE:79:4C:1D:16:1D
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.133.0-82.27.135.255
IPv6:
2a13:9500:14f::/48
Signature Algorithm: sha256WithRSAEncryption
93:af:f7:30:0e:84:ba:3d:93:c3:94:5f:04:e7:e9:e6:40:21:
04:b5:fa:60:d2:06:d3:fa:9d:b0:a5:06:2f:51:f7:bf:fa:03:
9d:df:4e:48:41:f9:d1:9c:a4:8c:1e:0c:e4:9b:27:49:78:ac:
6e:87:ff:1a:5c:cc:19:a5:ad:f5:da:9e:a9:6f:1b:05:d0:63:
96:84:75:bd:c7:7b:bd:5c:b7:b3:62:fb:21:02:f3:f5:03:4d:
32:04:2b:4f:e9:21:26:4a:a6:36:ad:c8:7c:53:10:38:40:2e:
b1:ca:fd:02:0b:20:47:1f:22:72:45:32:42:e7:26:ad:a4:95:
7f:b9:d3:e8:20:53:7b:00:e9:03:dc:66:0d:1f:b9:97:8b:ea:
7c:a3:01:16:9d:9a:9e:11:fc:62:4c:c5:99:2b:24:17:a0:7f:
f4:cd:a0:c6:25:70:2c:c7:1b:ed:5f:a6:7e:38:aa:b0:53:df:
76:ce:86:be:56:65:d6:58:17:24:45:ba:d5:f9:1a:0e:0b:e7:
b1:a7:2d:47:d7:55:ad:5f:aa:83:d8:70:2f:c2:53:47:af:4d:
54:a0:68:5b:2e:aa:ac:66:b1:7f:ad:ff:74:8d:23:d1:bc:bd:
51:d2:13:67:d8:b5:ce:e1:78:9a:98:de:80:00:18:2e:2a:a5:
f9:0e:dc:7b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUTeYL5SphHfybHQ+/pFbcEhUa8cIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMTgxODM3MDFaFw0yNzAzMTcxODQyMDFaMDMxMTAvBgNV
BAMTKEE2NEVDQjdCMTRDMjJGREEyQ0M0OTNBRDM3NjVGRTc5NEMxRDE2MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRA3n3KZ5m5Nv5C4ZXjznP1izn
F1IO0iYmTFu1jSLF/pawaYrC6xXjXNbLSVdiD5nVIX/eAvOFClZjN3BwnIHhjCc7
UhtwL3fr4wXGJfkbQPHVDa6i2CaWzxoAv7wYiDxCzsRnvEkNEt6qBOIIbdDsdd/R
n7YkcUd+3HVtrSviyFORPtZneBNHheSN22D1DqDXfxeEC7m4zKbPOyhjCHclBCVJ
EwbVMlWRcL/JqHgJc91GAvwpKGLnz3CBqo0Uth7QL+YwF/NOcHrk3OOJjoca5GQF
q5zlvBjx4r/IVkT/E/Hh8QXhaoa0mrg0xWQlV9kauul83DgNu2op3Jj2xZEJAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUpk7LexTCL9osxJOtN2X+eUwdFh0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBABSG4UD
BANSG4AwDwQCAAIwCQMHACoTlQABTzANBgkqhkiG9w0BAQsFAAOCAQEAk6/3MA6E
uj2Tw5RfBOfp5kAhBLX6YNIG0/qdsKUGL1H3v/oDnd9OSEH50ZykjB4M5JsnSXis
bof/GlzMGaWt9dqeqW8bBdBjloR1vcd7vVy3s2L7IQLz9QNNMgQrT+khJkqmNq3I
fFMQOEAuscr9AgsgRx8ickUyQucmraSVf7nT6CBTewDpA9xmDR+5l4vqfKMBFp2a
nhH8YkzFmSskF6B/9M2gxiVwLMcb7V+mfjiqsFPfds6GvlZl1lgXJEW61fkaDgvn
sactR9dVrV+qg9hwL8JTR69NVKBoWy6qrGaxf63/dI0j0by9UdITZ9i1zuF4mpje
gAAYLiql+Q7cew==
-----END CERTIFICATE-----
Generated at Wed Mar 25 21:32:10 2026 by rpki-client