Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: /x/gyuV2lBHgJzozNSFaSWkqZr6w5FxBDoqzpUoKrpI=
Subject key identifier: 64:D5:6A:00:C7:90:3A:19:10:A6:98:1E:19:D9:AB:FC:A9:6B:FE:BF
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4153D4CD00628234EEC0A51739EF1842280C0F99
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Fri 27 Feb 2026 10:57:45 +0000
ROA not before: Fri 27 Feb 2026 10:52:45 +0000
ROA not after: Fri 26 Feb 2027 10:57:45 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
179.61.207.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.214.254.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:53:d4:cd:00:62:82:34:ee:c0:a5:17:39:ef:18:42:28:0c:0f:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 27 10:52:45 2026 GMT
Not After : Feb 26 10:57:45 2027 GMT
Subject: CN=64D56A00C7903A1910A6981E19D9ABFCA96BFEBF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:c0:19:f8:06:2c:9d:cc:6d:18:8b:76:c9:18:
b4:12:44:24:85:69:30:40:ab:82:7e:cb:e3:53:b6:
4d:96:77:f2:5d:ea:fd:b2:9d:93:89:a1:4c:67:cc:
72:05:c0:14:04:8d:97:ac:c9:2d:73:66:d3:2f:06:
d6:81:4c:ed:54:e1:e4:24:29:13:10:a3:32:e3:b1:
5d:5c:e3:f2:13:73:a9:80:57:49:0d:8d:64:1e:58:
02:5d:66:f5:77:6e:2e:2f:39:d9:a4:ea:eb:02:fb:
f5:92:74:8a:5f:15:0d:37:ec:dd:b0:eb:a5:be:17:
07:35:06:fd:91:76:de:6a:ac:12:ab:89:02:9a:f0:
5d:74:67:ae:d6:83:43:1b:d1:8c:82:e1:59:a8:8a:
70:b9:c4:71:e7:46:02:d6:72:87:57:c2:3b:f1:89:
a1:0a:87:4e:f8:56:c2:85:81:52:54:8d:4b:14:1e:
1e:e3:77:ad:a4:ff:9e:ca:cf:ea:19:fa:c2:aa:d2:
3e:50:be:e7:a4:10:e5:dd:ba:78:2a:b5:96:a4:f9:
8f:72:8c:1c:5d:fd:73:73:ce:54:d8:de:ad:a8:a1:
f8:09:2c:ae:c2:fc:8d:70:c5:f3:6f:1e:3e:a4:dc:
51:70:ae:76:1b:19:6a:c8:4f:b7:ba:bf:76:a0:eb:
e3:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D5:6A:00:C7:90:3A:19:10:A6:98:1E:19:D9:AB:FC:A9:6B:FE:BF
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
45.133.172.0/23
179.61.197.0/24
179.61.207.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.214.254.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.99.0/24
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:65:36:d4:d2:f2:8e:9f:fd:a2:62:4a:a3:3f:7f:28:76:94:
b7:61:51:01:63:ee:ca:ae:e8:a9:01:3f:89:14:38:b1:91:76:
4c:74:56:74:85:bb:4e:84:52:18:1c:f9:59:7e:a7:87:9c:59:
b3:02:d4:ba:04:63:60:8b:ab:f5:43:64:8f:e3:67:37:41:9e:
f6:a9:2c:d7:02:66:26:5e:0a:af:9c:af:8e:1c:6a:c6:bd:d9:
52:ca:03:e8:ed:0a:7e:89:2a:cf:22:a1:a4:41:2e:26:cd:1d:
7f:5c:93:62:95:be:4a:d7:a6:15:a8:61:13:30:d6:f1:5d:7d:
cd:cf:9a:fe:7e:db:59:6f:ac:0f:e4:92:67:5a:a2:7a:be:07:
8e:d5:5f:ae:00:77:c1:79:c2:22:b6:55:1b:32:cb:20:6f:8e:
7f:48:78:19:0f:88:c8:5f:c1:bf:cc:d8:7e:ce:92:13:82:c4:
1e:7c:d1:0f:6e:0b:76:8d:20:48:3a:7f:4d:e7:84:51:47:1b:
3b:92:4e:15:e3:0f:b7:a8:b6:e4:8d:05:d4:9b:52:4a:92:4f:
79:9c:10:8e:a2:80:8e:85:0c:ea:01:61:6a:8b:a8:b0:13:b8:
51:08:82:bb:76:6d:30:7f:cc:9f:94:7f:cc:6e:aa:9f:09:b6:
dd:a6:1e:96
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgIUQVPUzQBigjTuwKUXOe8YQigMD5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAyMjcxMDUyNDVaFw0yNzAyMjYxMDU3NDVaMDMxMTAvBgNV
BAMTKDY0RDU2QTAwQzc5MDNBMTkxMEE2OTgxRTE5RDlBQkZDQTk2QkZFQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnwBn4BiydzG0Yi3bJGLQSRCSF
aTBAq4J+y+NTtk2Wd/Jd6v2ynZOJoUxnzHIFwBQEjZesyS1zZtMvBtaBTO1U4eQk
KRMQozLjsV1c4/ITc6mAV0kNjWQeWAJdZvV3bi4vOdmk6usC+/WSdIpfFQ037N2w
66W+Fwc1Bv2Rdt5qrBKriQKa8F10Z67Wg0Mb0YyC4VmoinC5xHHnRgLWcodXwjvx
iaEKh074VsKFgVJUjUsUHh7jd62k/57Kz+oZ+sKq0j5QvuekEOXdungqtZak+Y9y
jBxd/XNzzlTY3q2oofgJLK7C/I1wxfNvHj6k3FFwrnYbGWrIT7e6v3ag6+N/AgMB
AAGjggK2MIICsjAdBgNVHQ4EFgQUZNVqAMeQOhkQppgeGdmr/Klr/r8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAt
WGEDBAEthawDBACzPcUDBACzPc8DBAC1KcoDBAC1Kc4DBAC11l0DBAC11pkwDAME
ArXWpAMEALXWpgMEALXWrQMEALXW2gMEALXW/gMEALXXsAMEALXXtgMEAb9gJAME
AL9gYwMEAL9gZwMEAL9gagMEAL9glgMEAL9gqAMEAL9guQMEAL9g4wMEAL9g/wME
AL9lHwMEAL9lPQMEAL9lnQMEAL9l2QMEAMJuDTANBgkqhkiG9w0BAQsFAAOCAQEA
q2U21NLyjp/9omJKoz9/KHaUt2FRAWPuyq7oqQE/iRQ4sZF2THRWdIW7ToRSGBz5
WX6nh5xZswLUugRjYIur9UNkj+NnN0Ge9qks1wJmJl4Kr5yvjhxqxr3ZUsoD6O0K
fokqzyKhpEEuJs0df1yTYpW+StemFahhEzDW8V19zc+a/n7bWW+sD+SSZ1qier4H
jtVfrgB3wXnCIrZVGzLLIG+Of0h4GQ+IyF/Bv8zYfs6SE4LEHnzRD24Ldo0gSDp/
TeeEUUcbO5JOFeMPt6i25I0F1JtSSpJPeZwQjqKAjoUM6gFhaouosBO4UQiCu3Zt
MH/Mn5R/zG6qnwm23aYelg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:39:29 2026 by rpki-client