Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: 5JeJL154pnwtKjAl8iFAu7411//0s0fMJblI3NJj9JY=
Subject key identifier: 65:A4:9F:5B:CF:A5:CF:64:80:E8:85:82:A9:CC:3A:39:32:40:83:A1
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 5A3A86688C10A729234CFB7DDE1608EF8E4C1DE7
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
Signing time: Thu 21 Aug 2025 12:45:17 +0000
ROA not before: Thu 21 Aug 2025 12:40:17 +0000
ROA not after: Thu 20 Aug 2026 12:45:17 +0000
asID: 174
IP address blocks: 139.28.32.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
176.53.157.0/24 maxlen: 24
176.53.159.0/24 maxlen: 24
193.32.184.0/23 maxlen: 23
193.32.186.0/23 maxlen: 23
193.38.44.0/24 maxlen: 24
193.38.45.0/24 maxlen: 24
194.93.61.0/24 maxlen: 24
194.93.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:3a:86:68:8c:10:a7:29:23:4c:fb:7d:de:16:08:ef:8e:4c:1d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 21 12:40:17 2025 GMT
Not After : Aug 20 12:45:17 2026 GMT
Subject: CN=65A49F5BCFA5CF6480E88582A9CC3A39324083A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d2:2a:87:e2:83:da:cd:19:1b:c6:b8:c4:1d:
9d:bb:39:26:67:ec:2a:89:d1:52:31:ba:c5:a2:ae:
1b:48:30:b6:02:fe:1d:76:04:b5:b9:a6:0b:2e:68:
a1:55:33:26:bc:de:5f:21:ae:05:64:07:b0:a6:b8:
64:5d:52:8e:00:e8:5e:2c:85:32:db:73:16:64:6c:
62:d3:28:93:02:ab:6d:a4:92:1b:c5:b1:9b:ce:17:
23:65:db:08:6a:b3:a9:de:24:38:4d:d2:51:2e:b9:
e4:4b:0e:c3:c1:41:bc:ab:a8:cf:a5:cd:99:9b:85:
66:90:c0:00:f6:57:db:46:0e:c4:f2:d8:5f:61:1b:
d7:6e:c6:04:be:0d:8f:d1:bf:a8:57:5d:7c:f5:af:
86:d2:ec:50:ec:6e:0a:59:65:1b:26:7d:12:cf:0e:
a9:80:94:24:f0:5a:38:fd:32:11:7b:96:8b:bc:bf:
72:04:71:3b:78:40:0b:29:22:14:f4:5c:9f:d7:fe:
d7:86:12:90:07:0b:51:a9:c7:20:60:78:0f:2a:29:
4c:80:f4:4d:f8:bc:0d:98:8f:91:ff:d6:7a:80:6a:
e1:56:b5:a0:03:4f:1a:28:b4:e8:58:07:a3:37:43:
05:52:90:39:de:84:7a:c5:b4:ad:65:e3:83:ce:db:
1f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A4:9F:5B:CF:A5:CF:64:80:E8:85:82:A9:CC:3A:39:32:40:83:A1
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.32.0/22
141.98.48.0/22
176.53.157.0/24
176.53.159.0/24
193.32.184.0/22
193.38.44.0/23
194.93.61.0/24
194.93.63.0/24
Signature Algorithm: sha256WithRSAEncryption
42:f8:70:e5:2a:47:61:70:6b:85:31:73:76:43:b0:58:5d:19:
9d:0f:c4:d7:7c:9a:d7:c8:9b:e7:b6:e1:3f:6a:84:75:fd:e0:
c0:74:07:a1:18:b1:85:21:ff:de:77:32:08:34:35:eb:95:0c:
df:7b:3b:d1:b5:00:fd:37:a0:38:8c:6b:14:14:0b:ba:3d:87:
64:af:a9:7b:4f:2e:32:36:32:a1:19:63:18:b2:6d:47:20:b9:
07:dc:b6:1f:8e:4a:97:d2:de:4f:52:e0:9b:3b:06:05:76:94:
ef:d9:84:40:8a:8c:b5:24:52:b4:8c:57:67:81:54:02:1c:17:
c8:3e:4a:79:ae:84:cc:9e:26:03:f1:00:d7:22:86:2e:c1:27:
bd:bd:c4:1d:cf:31:ac:e2:ee:81:42:98:bb:3e:ce:a2:dc:88:
4e:ac:3c:0d:00:9b:d9:c9:80:fe:87:16:21:82:21:53:40:e5:
37:a7:05:ca:e9:5f:6f:75:00:d8:7e:ee:a9:e7:83:be:b2:c9:
dc:da:88:c6:e8:98:55:ea:c6:7e:ac:9d:7b:d6:22:59:14:66:
af:b6:5b:32:02:50:f4:1e:c1:d9:1b:23:ac:d8:b9:ab:e5:e8:
01:a2:45:3a:1f:59:7b:9d:d4:e1:86:12:7e:d0:a7:4c:9b:79:
62:22:96:60
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgIUWjqGaIwQpykjTPt93hYI745MHecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjExMjQwMTdaFw0yNjA4MjAxMjQ1MTdaMDMxMTAvBgNV
BAMTKDY1QTQ5RjVCQ0ZBNUNGNjQ4MEU4ODU4MkE5Q0MzQTM5MzI0MDgzQTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO0iqH4oPazRkbxrjEHZ27OSZn
7CqJ0VIxusWirhtIMLYC/h12BLW5pgsuaKFVMya83l8hrgVkB7CmuGRdUo4A6F4s
hTLbcxZkbGLTKJMCq22kkhvFsZvOFyNl2whqs6neJDhN0lEuueRLDsPBQbyrqM+l
zZmbhWaQwAD2V9tGDsTy2F9hG9duxgS+DY/Rv6hXXXz1r4bS7FDsbgpZZRsmfRLP
DqmAlCTwWjj9MhF7lou8v3IEcTt4QAspIhT0XJ/X/teGEpAHC1GpxyBgeA8qKUyA
9E34vA2Yj5H/1nqAauFWtaADTxootOhYB6M3QwVSkDnehHrFtK1l44PO2x9/AgMB
AAGjggIxMIICLTAdBgNVHQ4EFgQUZaSfW8+lz2SA6IWCqcw6OTJAg6EwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCixwgAwQC
jWIwAwQAsDWdAwQAsDWfAwQCwSC4AwQBwSYsAwQAwl09AwQAwl0/MA0GCSqGSIb3
DQEBCwUAA4IBAQBC+HDlKkdhcGuFMXN2Q7BYXRmdD8TXfJrXyJvntuE/aoR1/eDA
dAehGLGFIf/edzIINDXrlQzfezvRtQD9N6A4jGsUFAu6PYdkr6l7Ty4yNjKhGWMY
sm1HILkH3LYfjkqX0t5PUuCbOwYFdpTv2YRAioy1JFK0jFdngVQCHBfIPkp5roTM
niYD8QDXIoYuwSe9vcQdzzGs4u6BQpi7Ps6i3IhOrDwNAJvZyYD+hxYhgiFTQOU3
pwXK6V9vdQDYfu6p54O+ssnc2ojG6JhV6sZ+rJ171iJZFGavtlsyAlD0HsHZGyOs
2Lmr5egBokU6H1l7ndThhhJ+0KdMm3liIpZg
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:45:06 2025 by rpki-client