Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: uX1uMW+3HF5x/hh+GTjQkyfs4yW2tHZm1kbBYuLbomQ=
Subject key identifier: B1:DA:D3:B5:CA:97:08:1C:E6:B9:EE:26:1D:42:8C:E4:9F:F1:69:7E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 10F88AB181606FD61252EDA957EEFF0BD2A5457E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Sat 26 Jul 2025 00:00:05 +0000
ROA not before: Fri 25 Jul 2025 23:55:05 +0000
ROA not after: Sat 25 Jul 2026 00:00:05 +0000
asID: 174
IP address blocks: 45.88.97.0/24 maxlen: 24
45.89.249.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:f8:8a:b1:81:60:6f:d6:12:52:ed:a9:57:ee:ff:0b:d2:a5:45:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 25 23:55:05 2025 GMT
Not After : Jul 25 00:00:05 2026 GMT
Subject: CN=B1DAD3B5CA97081CE6B9EE261D428CE49FF1697E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:68:dc:c8:27:8b:54:1a:0e:2c:e7:7c:cd:ac:
50:71:4e:4f:3c:93:39:39:76:b6:63:1e:13:94:99:
02:2b:07:e0:65:b1:71:43:b4:79:d5:0a:4b:a6:fc:
00:51:c9:d8:0e:43:6e:67:4d:58:0f:44:69:a0:48:
b6:2a:8f:06:14:28:90:38:c5:40:74:4c:cc:8e:f9:
31:17:98:aa:26:e5:97:99:0a:4d:18:d1:ec:1f:ec:
a6:4c:1c:f1:26:21:03:7a:fa:b6:2d:29:8a:46:1c:
68:fa:f1:bd:c0:d7:19:50:d1:c9:26:20:73:83:56:
cd:b7:b0:70:b1:28:b2:f3:3c:69:e3:26:89:5d:58:
92:8b:33:d7:9b:ae:d0:b6:cc:1b:34:78:1d:40:74:
5d:f2:a0:bc:3c:36:1e:c9:10:89:e8:29:20:3a:27:
12:19:4a:30:e1:30:b7:b3:e5:03:73:82:1c:74:21:
43:e9:a5:75:06:12:f3:9b:3f:89:c9:3b:a3:8e:a8:
fd:a5:9e:fe:0b:a2:8e:87:6c:30:a9:f3:0a:4f:ef:
82:1d:1f:e8:08:f1:a3:6c:0f:b2:84:62:f3:93:35:
30:f5:a7:12:1e:76:45:f0:d2:b8:33:fa:a0:5e:16:
b4:49:da:8a:b7:35:e5:27:7a:18:ef:af:83:62:bc:
e5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:DA:D3:B5:CA:97:08:1C:E6:B9:EE:26:1D:42:8C:E4:9F:F1:69:7E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.97.0/24
45.89.249.0/24
45.133.172.0/23
179.61.197.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0-181.214.166.255
181.214.173.0/24
181.214.218.0/24
181.215.88.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:72:d9:26:5a:70:54:de:3d:9c:b0:e7:b5:4f:21:2f:8d:76:
21:01:83:da:f5:df:ee:56:cf:62:3b:cf:55:e6:6f:1c:d3:1b:
bf:cb:13:71:f2:d8:19:89:93:ae:3d:1b:e0:4f:d5:71:5b:a7:
d8:66:51:aa:d7:5f:9c:5a:93:9f:8e:5a:ba:c1:f0:d9:58:c5:
9d:e7:f5:0a:ce:0b:8d:0f:bb:8e:bf:f6:43:cd:1f:1b:78:06:
47:dc:c9:88:88:09:a5:51:68:b3:cd:cb:63:be:4f:db:1e:0a:
82:67:56:a5:7f:85:3f:5a:71:fb:ff:fe:80:e8:b3:ca:a1:92:
b4:b6:37:3a:7e:3a:b1:a0:93:85:98:0a:d0:a9:f4:af:95:4e:
1c:0c:2d:7b:1d:d5:a7:53:de:af:7d:a6:58:7e:fc:39:b4:e4:
48:17:54:63:ab:34:f6:eb:04:e1:97:7f:0a:98:89:3d:64:c7:
fc:ea:0f:8d:b9:87:bf:1f:64:11:1b:3c:b5:1e:55:bf:77:a8:
35:8d:97:9d:5a:db:93:86:d6:2b:c9:bd:12:1e:0c:26:cc:45:
60:6c:5f:4d:f8:ea:8f:43:3a:32:98:1c:60:c7:b0:9a:59:18:
49:76:af:d0:d9:76:58:67:1d:c7:ce:a3:97:f7:fa:a7:27:d6:
68:3a:a9:d0
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgIUEPiKsYFgb9YSUu2pV+7/C9KlRX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MjUyMzU1MDVaFw0yNjA3MjUwMDAwMDVaMDMxMTAvBgNV
BAMTKEIxREFEM0I1Q0E5NzA4MUNFNkI5RUUyNjFENDI4Q0U0OUZGMTY5N0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkaNzIJ4tUGg4s53zNrFBxTk88
kzk5drZjHhOUmQIrB+BlsXFDtHnVCkum/ABRydgOQ25nTVgPRGmgSLYqjwYUKJA4
xUB0TMyO+TEXmKom5ZeZCk0Y0ewf7KZMHPEmIQN6+rYtKYpGHGj68b3A1xlQ0ckm
IHODVs23sHCxKLLzPGnjJoldWJKLM9ebrtC2zBs0eB1AdF3yoLw8Nh7JEInoKSA6
JxIZSjDhMLez5QNzghx0IUPppXUGEvObP4nJO6OOqP2lnv4Loo6HbDCp8wpP74Id
H+gI8aNsD7KEYvOTNTD1pxIedkXw0rgz+qBeFrRJ2oq3NeUnehjvr4NivOXdAgMB
AAGjggKwMIICrDAdBgNVHQ4EFgQUsdrTtcqXCBzmue4mHUKM5J/xaX4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAAt
WGEDBAAtWfkDBAEthawDBACzPcUDBAC1KcoDBAC1Kc4DBAC11l0DBAC11pkwDAME
ArXWpAMEALXWpgMEALXWrQMEALXW2gMEALXXWAMEALXXsAMEALXXtgMEAb9gJAME
AL9gZwMEAL9gagMEAL9glgMEAL9gqAMEAL9guQMEAL9g4wMEAL9g/wMEAL9lHwME
AL9lPQMEAL9lnQMEAL9l2QMEAMJuDTANBgkqhkiG9w0BAQsFAAOCAQEAsHLZJlpw
VN49nLDntU8hL412IQGD2vXf7lbPYjvPVeZvHNMbv8sTcfLYGYmTrj0b4E/VcVun
2GZRqtdfnFqTn45ausHw2VjFnef1Cs4LjQ+7jr/2Q80fG3gGR9zJiIgJpVFos83L
Y75P2x4KgmdWpX+FP1px+//+gOizyqGStLY3On46saCThZgK0Kn0r5VOHAwtex3V
p1Per32mWH78ObTkSBdUY6s09usE4Zd/CpiJPWTH/OoPjbmHvx9kERs8tR5Vv3eo
NY2XnVrbk4bWK8m9Eh4MJsxFYGxfTfjqj0M6MpgcYMewmlkYSXav0Nl2WGcdx86j
l/f6pyfWaDqp0A==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:48 2025 by rpki-client