Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: QuBcbCjgQwMoQIWKeHYKZxG5DGG/5ol/HQuPUdz+zS4=
Subject key identifier: 80:FA:08:99:40:49:A9:B4:FF:B5:5A:FF:D2:AB:22:48:25:27:AD:D6
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7BE408CE2D7EF3767EDBCDE7457B0441621807F6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
Signing time: Tue 28 Oct 2025 00:05:08 +0000
ROA not before: Tue 28 Oct 2025 00:00:08 +0000
ROA not after: Tue 27 Oct 2026 00:05:08 +0000
asID: 174
IP address blocks: 82.22.19.0/24 maxlen: 24
82.22.22.0/24 maxlen: 24
82.22.24.0/24 maxlen: 24
82.22.26.0/24 maxlen: 24
82.22.44.0/24 maxlen: 24
82.22.46.0/24 maxlen: 24
82.22.48.0/24 maxlen: 24
82.22.51.0/24 maxlen: 24
82.22.52.0/24 maxlen: 24
82.22.54.0/24 maxlen: 24
82.22.56.0/24 maxlen: 24
82.22.58.0/24 maxlen: 24
82.22.60.0/24 maxlen: 24
82.22.62.0/24 maxlen: 24
82.27.133.0/24 maxlen: 24
82.27.134.0/24 maxlen: 24
82.27.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:e4:08:ce:2d:7e:f3:76:7e:db:cd:e7:45:7b:04:41:62:18:07:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 28 00:00:08 2025 GMT
Not After : Oct 27 00:05:08 2026 GMT
Subject: CN=80FA08994049A9B4FFB55AFFD2AB22482527ADD6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:96:09:8c:0b:1c:f6:fa:10:5a:33:4b:eb:dd:
b3:6d:66:48:da:88:c2:ee:df:76:44:57:1f:cb:05:
fb:b5:e4:3f:63:e9:f6:fa:37:9b:39:fb:fb:58:c3:
68:76:bb:c3:c8:eb:b8:42:d6:a6:94:21:56:43:41:
b3:79:91:dd:1f:44:a5:c2:70:46:d2:80:42:16:86:
5e:3e:44:a8:ce:18:70:e6:f2:20:5b:61:50:8a:a4:
10:74:a4:91:81:76:ff:59:da:ae:63:d1:f2:81:eb:
e6:c6:2c:91:82:44:d5:bd:d5:61:ec:51:1d:41:2e:
fa:39:47:67:81:1d:53:d1:da:41:f7:7c:96:f9:b3:
4c:57:ce:6d:87:c9:6f:18:73:fa:8e:5d:18:d2:79:
36:69:65:7f:18:9c:b7:be:b7:81:0e:72:36:e9:c6:
0b:05:b5:4e:d9:7d:a4:b8:b9:83:3e:60:a3:9b:37:
ae:92:1b:f2:e4:da:82:57:06:3b:a7:53:46:94:fb:
0b:68:da:63:ed:34:d9:f2:61:0e:ab:fa:f5:b5:aa:
f5:cc:50:a1:de:ce:cf:4a:17:93:c4:e4:e0:96:77:
62:6f:00:98:ce:be:21:ff:92:90:ee:2a:a4:0f:30:
41:b9:ae:bc:92:35:a9:11:ab:65:6d:8a:f9:64:b5:
3e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:FA:08:99:40:49:A9:B4:FF:B5:5A:FF:D2:AB:22:48:25:27:AD:D6
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.19.0/24
82.22.22.0/24
82.22.24.0/24
82.22.26.0/24
82.22.44.0/24
82.22.46.0/24
82.22.48.0/24
82.22.51.0-82.22.52.255
82.22.54.0/24
82.22.56.0/24
82.22.58.0/24
82.22.60.0/24
82.22.62.0/24
82.27.133.0-82.27.135.255
Signature Algorithm: sha256WithRSAEncryption
7d:77:8a:66:96:9d:64:b0:7b:0d:85:9b:14:76:5c:b8:67:d6:
77:63:20:9c:02:e5:f9:13:5b:93:d3:ae:4a:f0:c3:dd:2e:ed:
43:39:92:09:3b:55:bf:27:e8:c1:ce:9d:50:46:4f:12:34:06:
1b:f5:47:b5:c8:46:48:16:95:45:91:58:cd:4d:da:75:75:63:
d3:08:71:2d:57:d5:ca:d3:7d:93:9c:ce:4c:be:63:3a:cf:c8:
9f:a4:29:d9:c0:35:c6:30:b4:9f:ee:0b:f8:cb:8b:68:f7:61:
bc:78:c2:15:3d:10:cc:50:6c:0b:85:65:90:95:ae:df:b1:34:
0b:20:06:99:be:cb:22:00:ee:9f:7a:65:19:f7:87:8e:e3:ee:
fe:11:05:69:1c:03:97:93:cd:2a:ed:4b:37:64:c3:79:05:63:
90:25:c6:df:fe:dc:98:57:be:97:4c:52:32:1f:63:cb:de:a8:
31:13:88:0e:4b:4c:d0:e2:c5:21:0a:a6:d4:de:11:3b:7f:9d:
5a:11:a5:6c:1b:aa:ea:d2:0a:ad:43:40:31:f0:19:12:1f:90:
1b:ea:1d:da:af:9b:c6:a8:bf:d7:89:4c:08:24:e0:04:bc:80:
41:d4:b1:4f:0e:98:88:44:27:e3:9a:5e:2e:bb:e6:fc:e6:41:
d7:d0:7d:60
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIUe+QIzi1+83Z+283nRXsEQWIYB/YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMjgwMDAwMDhaFw0yNjEwMjcwMDA1MDhaMDMxMTAvBgNV
BAMTKDgwRkEwODk5NDA0OUE5QjRGRkI1NUFGRkQyQUIyMjQ4MjUyN0FERDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOlgmMCxz2+hBaM0vr3bNtZkja
iMLu33ZEVx/LBfu15D9j6fb6N5s5+/tYw2h2u8PI67hC1qaUIVZDQbN5kd0fRKXC
cEbSgEIWhl4+RKjOGHDm8iBbYVCKpBB0pJGBdv9Z2q5j0fKB6+bGLJGCRNW91WHs
UR1BLvo5R2eBHVPR2kH3fJb5s0xXzm2HyW8Yc/qOXRjSeTZpZX8YnLe+t4EOcjbp
xgsFtU7ZfaS4uYM+YKObN66SG/Lk2oJXBjunU0aU+wto2mPtNNnyYQ6r+vW1qvXM
UKHezs9KF5PE5OCWd2JvAJjOviH/kpDuKqQPMEG5rrySNakRq2VtivlktT4LAgMB
AAGjggJlMIICYTAdBgNVHQ4EFgQUgPoImUBJqbT/tVr/0qsiSCUnrdYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQAUhYTAwQA
UhYWAwQAUhYYAwQAUhYaAwQAUhYsAwQAUhYuAwQAUhYwMAwDBABSFjMDBABSFjQD
BABSFjYDBABSFjgDBABSFjoDBABSFjwDBABSFj4wDAMEAFIbhQMEA1IbgDANBgkq
hkiG9w0BAQsFAAOCAQEAfXeKZpadZLB7DYWbFHZcuGfWd2MgnALl+RNbk9OuSvDD
3S7tQzmSCTtVvyfowc6dUEZPEjQGG/VHtchGSBaVRZFYzU3adXVj0whxLVfVytN9
k5zOTL5jOs/In6Qp2cA1xjC0n+4L+MuLaPdhvHjCFT0QzFBsC4VlkJWu37E0CyAG
mb7LIgDun3plGfeHjuPu/hEFaRwDl5PNKu1LN2TDeQVjkCXG3/7cmFe+l0xSMh9j
y96oMROIDktM0OLFIQqm1N4RO3+dWhGlbBuq6tIKrUNAMfAZEh+QG+od2q+bxqi/
14lMCCTgBLyAQdSxTw6YiEQn45peLrvm/OZB19B9YA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:26:31 2025 by rpki-client