Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: Hh138vYmKmEVuuU9ooMp3BSVweeP8pGGvznMhkfYI/o=
Subject key identifier: 18:E0:8F:14:1D:4A:CD:B6:50:10:1D:D2:11:40:0C:91:B6:E5:16:E2
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 78231DDD5EB41F689052838699D0C3113420BBCD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
Signing time: Wed 16 Apr 2025 00:01:56 +0000
ROA not before: Tue 15 Apr 2025 23:56:56 +0000
ROA not after: Wed 15 Apr 2026 00:01:56 +0000
asID: 174
IP address blocks: 82.27.128.0/24 maxlen: 24
82.27.129.0/24 maxlen: 24
82.27.130.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.27.132.0/24 maxlen: 24
82.27.133.0/24 maxlen: 24
82.27.134.0/24 maxlen: 24
82.27.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 01:27:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:23:1d:dd:5e:b4:1f:68:90:52:83:86:99:d0:c3:11:34:20:bb:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 15 23:56:56 2025 GMT
Not After : Apr 15 00:01:56 2026 GMT
Subject: CN=18E08F141D4ACDB650101DD211400C91B6E516E2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:93:e7:05:43:cc:9d:58:d6:56:32:4a:f6:9c:
0b:9c:7c:97:8a:73:bb:00:fe:0a:79:38:b1:92:48:
19:9e:fa:6c:ea:40:d1:67:ff:7a:93:24:23:5c:ea:
29:1a:94:07:5a:a3:51:4e:dd:7c:9e:95:f5:2a:db:
c7:0f:59:79:bc:c8:b4:f7:53:ce:43:94:5c:a2:e6:
0f:3a:4b:e4:02:61:b9:87:23:55:da:a4:ca:5e:68:
97:c8:94:41:87:99:1c:89:f9:12:55:b9:02:ce:a4:
64:96:98:d3:cc:2d:a5:71:91:f2:32:01:58:40:19:
29:de:36:95:5a:cf:9d:4f:2a:9d:0f:b1:4b:20:96:
9c:15:2d:68:a9:06:6b:be:d0:b9:b8:24:ae:d0:a1:
c4:74:60:76:1b:f2:5d:f2:6c:a0:69:d4:29:b9:89:
a2:b3:9a:2e:f9:75:83:2f:f6:94:9c:50:8a:62:57:
b7:79:5a:d9:6c:79:a6:cc:74:b5:5c:9c:ba:f6:a3:
bd:b6:11:47:8a:12:87:53:c1:9a:82:1a:d3:43:dc:
11:b7:1f:0f:c0:2d:dd:6b:bb:bd:c2:f7:60:c6:53:
f5:58:11:6d:5c:ce:37:35:5f:d4:02:0f:81:cf:88:
69:42:e4:17:6d:46:e7:44:37:80:55:71:4c:fe:d3:
0f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:E0:8F:14:1D:4A:CD:B6:50:10:1D:D2:11:40:0C:91:B6:E5:16:E2
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.27.128.0/21
Signature Algorithm: sha256WithRSAEncryption
02:ca:0a:a3:58:86:86:63:ff:0c:6a:16:ba:aa:20:41:6b:06:
ab:97:a2:94:6b:e0:70:22:c3:14:44:03:25:f5:08:c8:6f:a1:
5d:64:93:cb:23:e1:3d:a1:e5:c8:62:27:f6:de:84:2f:60:e1:
a5:31:0a:4c:28:e6:6d:22:cd:d1:44:5f:50:27:59:91:f4:b6:
ba:92:9d:d7:ad:2a:0b:c7:11:31:9b:37:40:06:95:2c:43:4c:
d2:1f:0d:03:45:ed:8d:4f:aa:5a:11:d8:6f:53:50:40:95:4b:
0c:88:35:5f:30:c5:ff:7f:b8:e1:13:8c:45:4f:b5:d0:dc:5e:
6d:43:e2:c0:da:bc:77:06:37:54:dd:7d:5f:c6:3c:d5:21:f2:
55:df:d5:31:e1:b0:51:9a:54:1e:8d:4e:5d:24:98:d1:08:8b:
a2:b4:ae:20:29:4b:72:e8:48:95:7f:5d:6e:f7:3c:f8:51:1d:
8b:b6:13:70:98:c6:14:bb:3d:52:27:1a:35:12:c5:d6:bc:fc:
7e:89:1d:14:fb:70:06:e3:e5:d7:f1:a4:ae:85:4c:fe:00:93:
ba:fb:7f:ca:b6:73:45:28:fa:6b:f1:14:ee:be:11:f3:35:c6:
4b:15:93:e5:ae:f9:02:95:58:59:d8:0d:a6:f0:1a:68:c9:68:
96:cc:2e:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIUeCMd3V60H2iQUoOGmdDDETQgu80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTUyMzU2NTZaFw0yNjA0MTUwMDAxNTZaMDMxMTAvBgNV
BAMTKDE4RTA4RjE0MUQ0QUNEQjY1MDEwMUREMjExNDAwQzkxQjZFNTE2RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9k+cFQ8ydWNZWMkr2nAucfJeK
c7sA/gp5OLGSSBme+mzqQNFn/3qTJCNc6ikalAdao1FO3XyelfUq28cPWXm8yLT3
U85DlFyi5g86S+QCYbmHI1XapMpeaJfIlEGHmRyJ+RJVuQLOpGSWmNPMLaVxkfIy
AVhAGSneNpVaz51PKp0PsUsglpwVLWipBmu+0Lm4JK7QocR0YHYb8l3ybKBp1Cm5
iaKzmi75dYMv9pScUIpiV7d5WtlseabMdLVcnLr2o722EUeKEodTwZqCGtND3BG3
Hw/ALd1ru73C92DGU/VYEW1czjc1X9QCD4HPiGlC5BdtRudEN4BVcUz+0w9ZAgMB
AAGjggIHMIICAzAdBgNVHQ4EFgQUGOCPFB1KzbZQEB3SEUAMkbblFuIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDUhuAMA0G
CSqGSIb3DQEBCwUAA4IBAQACygqjWIaGY/8Maha6qiBBawarl6KUa+BwIsMURAMl
9QjIb6FdZJPLI+E9oeXIYif23oQvYOGlMQpMKOZtIs3RRF9QJ1mR9La6kp3XrSoL
xxExmzdABpUsQ0zSHw0DRe2NT6paEdhvU1BAlUsMiDVfMMX/f7jhE4xFT7XQ3F5t
Q+LA2rx3BjdU3X1fxjzVIfJV39Ux4bBRmlQejU5dJJjRCIuitK4gKUty6EiVf11u
9zz4UR2LthNwmMYUuz1SJxo1EsXWvPx+iR0U+3AG4+XX8aSuhUz+AJO6+3/KtnNF
KPpr8RTuvhHzNcZLFZPlrvkClVhZ2A2m8BpoyWiWzC7X
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:16:12 2025 by rpki-client