Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: 7TsbabeFwwr0GD+epVrGNGwCsWZZ5r/IAa4RZlTNapc=
Subject key identifier: D6:DC:65:23:D6:67:FA:C8:E1:AF:C1:6B:94:89:75:B6:DE:B9:C4:D3
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 0FA140CB91CF5E28FDF9926A74D46ED20BAA371E
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
Signing time: Wed 10 Sep 2025 13:43:06 +0000
ROA not before: Wed 10 Sep 2025 13:38:06 +0000
ROA not after: Wed 09 Sep 2026 13:43:06 +0000
asID: 174
IP address blocks: 139.28.32.0/22 maxlen: 22
141.98.48.0/22 maxlen: 22
176.53.157.0/24 maxlen: 24
176.53.159.0/24 maxlen: 24
193.38.44.0/24 maxlen: 24
193.38.45.0/24 maxlen: 24
194.93.61.0/24 maxlen: 24
194.93.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:a1:40:cb:91:cf:5e:28:fd:f9:92:6a:74:d4:6e:d2:0b:aa:37:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Sep 10 13:38:06 2025 GMT
Not After : Sep 9 13:43:06 2026 GMT
Subject: CN=D6DC6523D667FAC8E1AFC16B948975B6DEB9C4D3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:d9:49:a3:7f:e7:56:2a:81:c7:65:66:25:
45:1f:9f:ce:78:be:6f:9b:fb:88:92:ad:ae:1b:ef:
f6:b3:00:6f:ec:ec:b2:79:71:07:31:0d:ec:f0:3b:
81:08:f1:91:fa:94:76:fb:0c:78:7c:21:78:42:7a:
07:7e:23:0b:4c:d4:52:80:f8:7f:6f:27:66:7b:e1:
2f:8c:de:52:f8:c9:4e:92:b3:64:86:53:9a:26:35:
5f:e4:fe:b8:b0:c0:33:5b:80:ec:bc:94:9d:87:b5:
79:41:de:90:6a:56:d7:39:bd:59:b4:b0:b9:92:d3:
6e:9a:48:d2:c6:29:b5:f0:f3:e2:85:31:e2:c1:d3:
fd:0f:1a:de:c9:5a:42:5f:c9:a2:4b:ad:ec:3c:a5:
20:4e:3d:f9:85:b2:97:61:d9:05:8b:d4:0c:40:e7:
a2:51:87:c9:d4:dd:ca:a7:65:6d:3d:1a:4f:27:68:
76:5c:53:99:3e:54:dd:dd:ce:77:08:4b:c9:e5:7d:
c6:c8:4a:57:85:27:ee:40:5c:2b:71:f9:1c:60:d1:
55:f9:02:a0:81:34:71:31:cf:8f:5b:31:d0:d2:78:
c0:f9:dd:45:1c:1e:f8:e9:8c:6d:01:15:fd:84:1d:
9e:fc:8c:99:f0:5d:66:95:d8:60:49:dd:5c:bb:8d:
7d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:DC:65:23:D6:67:FA:C8:E1:AF:C1:6B:94:89:75:B6:DE:B9:C4:D3
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.32.0/22
141.98.48.0/22
176.53.157.0/24
176.53.159.0/24
193.38.44.0/23
194.93.61.0/24
194.93.63.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:cc:05:bd:ac:a3:56:72:d8:4d:1c:d5:f3:cc:86:45:8b:ea:
0d:ed:95:c1:b1:a3:d7:5d:7c:f6:19:f3:41:1d:07:a7:cb:c0:
dc:bd:11:f3:42:08:e4:20:9b:4b:cd:70:e1:50:ad:8d:36:65:
e7:77:e4:97:1c:36:02:09:91:84:64:d5:94:4d:8f:b1:d2:76:
9f:c8:dc:1d:61:e0:7e:30:17:2d:19:c9:cd:35:4e:b8:76:3e:
ee:4d:c8:fc:91:e2:f3:d0:3e:9a:5c:e3:d7:6e:4f:fc:7a:d0:
3e:1c:9d:e0:ee:86:1d:1f:b5:f6:0e:bc:01:0a:76:74:b9:1f:
fd:1c:69:d5:c5:79:c4:73:f4:84:bd:4c:24:4a:38:be:33:c0:
49:f1:25:c4:8a:cd:1b:06:2b:47:5e:68:34:ef:23:83:de:70:
3d:f8:a0:48:ec:1b:92:89:ca:e9:8f:ec:35:19:fc:06:82:87:
a2:91:f8:44:ac:d5:be:63:3d:ca:dd:93:85:41:f8:ba:bc:f2:
c8:25:c0:77:95:06:62:a8:e2:49:9e:d7:e0:b6:43:6f:6f:03:
0b:cf:22:f2:ba:8e:99:62:08:a0:ee:82:ce:96:74:56:16:4e:
1d:57:d0:e9:b9:60:08:44:ba:f5:51:81:63:6e:96:26:29:c9:
c3:bc:a3:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIUD6FAy5HPXij9+ZJqdNRu0guqNx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA5MTAxMzM4MDZaFw0yNjA5MDkxMzQzMDZaMDMxMTAvBgNV
BAMTKEQ2REM2NTIzRDY2N0ZBQzhFMUFGQzE2Qjk0ODk3NUI2REVCOUM0RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjYtlJo3/nViqBx2VmJUUfn854
vm+b+4iSra4b7/azAG/s7LJ5cQcxDezwO4EI8ZH6lHb7DHh8IXhCegd+IwtM1FKA
+H9vJ2Z74S+M3lL4yU6Ss2SGU5omNV/k/riwwDNbgOy8lJ2HtXlB3pBqVtc5vVm0
sLmS026aSNLGKbXw8+KFMeLB0/0PGt7JWkJfyaJLrew8pSBOPfmFspdh2QWL1AxA
56JRh8nU3cqnZW09Gk8naHZcU5k+VN3dzncIS8nlfcbISleFJ+5AXCtx+Rxg0VX5
AqCBNHExz49bMdDSeMD53UUcHvjpjG0BFf2EHZ78jJnwXWaV2GBJ3Vy7jX1FAgMB
AAGjggIrMIICJzAdBgNVHQ4EFgQU1txlI9Zn+sjhr8FrlIl1tt65xNMwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCixwgAwQC
jWIwAwQAsDWdAwQAsDWfAwQBwSYsAwQAwl09AwQAwl0/MA0GCSqGSIb3DQEBCwUA
A4IBAQCLzAW9rKNWcthNHNXzzIZFi+oN7ZXBsaPXXXz2GfNBHQeny8DcvRHzQgjk
IJtLzXDhUK2NNmXnd+SXHDYCCZGEZNWUTY+x0nafyNwdYeB+MBctGcnNNU64dj7u
Tcj8keLz0D6aXOPXbk/8etA+HJ3g7oYdH7X2DrwBCnZ0uR/9HGnVxXnEc/SEvUwk
Sji+M8BJ8SXEis0bBitHXmg07yOD3nA9+KBI7BuSicrpj+w1GfwGgoeikfhErNW+
Yz3K3ZOFQfi6vPLIJcB3lQZiqOJJntfgtkNvbwMLzyLyuo6ZYgig7oLOlnRWFk4d
V9DpuWAIRLr1UYFjbpYmKcnDvKN4
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:48:28 2025 by rpki-client