Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: 1SiIEeHQW2zn4q68CElx7fBrRq/egXN5VquDbcCbp8A=
Subject key identifier: 29:5B:2E:A5:5B:98:14:E1:C4:BE:52:47:20:CE:62:BE:CB:70:58:4A
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 5B386E267F90CBB811738EBC47399790AE1ACCB1
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS174.roa
Signing time: Thu 17 Jul 2025 12:29:44 +0000
ROA not before: Thu 17 Jul 2025 12:24:44 +0000
ROA not after: Thu 16 Jul 2026 12:29:44 +0000
asID: 174
IP address blocks: 143.20.34.0/24 maxlen: 24
143.20.35.0/24 maxlen: 24
143.20.80.0/24 maxlen: 24
143.20.81.0/24 maxlen: 24
143.20.108.0/22 maxlen: 22
143.20.132.0/23 maxlen: 23
143.20.158.0/23 maxlen: 23
143.20.162.0/23 maxlen: 23
143.20.166.0/23 maxlen: 23
143.20.176.0/23 maxlen: 23
143.20.186.0/23 maxlen: 23
143.20.192.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 04 Aug 2025 19:04:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:38:6e:26:7f:90:cb:b8:11:73:8e:bc:47:39:97:90:ae:1a:cc:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jul 17 12:24:44 2025 GMT
Not After : Jul 16 12:29:44 2026 GMT
Subject: CN=295B2EA55B9814E1C4BE524720CE62BECB70584A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:15:6d:19:78:3f:22:55:2d:2b:dc:44:96:09:
5b:0a:39:19:0e:e8:b6:6e:bb:c3:f6:71:b6:c7:56:
3f:fc:83:2c:fa:ef:02:4f:e1:db:d6:58:f9:71:4e:
f9:7b:c9:0b:7f:41:b8:46:3e:e3:fc:04:31:85:7a:
72:65:4a:1b:26:52:13:46:53:16:3c:65:94:68:0a:
74:49:40:e4:41:3d:b7:91:be:c8:8a:35:72:d1:ea:
b3:55:35:e7:cb:42:8c:5d:5c:b5:7d:d1:bc:70:de:
93:1a:bb:30:a0:8e:d7:a5:27:48:00:af:9d:67:8e:
e5:91:25:b5:c4:f1:a4:de:5d:b8:fc:02:03:fe:8d:
a9:be:df:1a:0a:97:44:8d:03:ba:0a:aa:a6:6c:c6:
db:9a:29:45:4a:9e:6e:76:f1:9a:98:b6:81:ec:1b:
5c:bc:ff:7b:87:97:25:3f:9a:08:1c:fe:59:a5:e2:
45:45:9e:2e:67:75:97:0d:d3:83:dc:ec:d7:2f:c0:
5e:59:98:de:bb:62:ea:90:94:c7:bb:76:87:1b:fe:
55:dc:28:ae:ab:0d:56:30:4e:83:7d:1c:d1:73:6b:
a2:75:0a:15:4a:96:1a:33:a6:86:67:6a:1b:b1:5e:
27:84:92:ee:53:39:17:37:52:d2:c4:d2:36:4b:64:
9d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:5B:2E:A5:5B:98:14:E1:C4:BE:52:47:20:CE:62:BE:CB:70:58:4A
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.34.0/23
143.20.80.0/23
143.20.108.0/22
143.20.132.0/23
143.20.158.0/23
143.20.162.0/23
143.20.166.0/23
143.20.176.0/23
143.20.186.0/23
143.20.192.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:82:2c:3e:6c:8a:9d:27:85:a3:bf:2a:83:8e:a4:dd:18:65:
37:68:dc:3d:d0:36:e7:dd:e8:5d:ef:bb:5a:df:c9:b7:74:55:
b8:8b:96:ba:32:8b:f6:3f:f7:11:71:60:a0:78:b2:43:03:a1:
90:94:d7:a9:d5:10:74:ef:44:98:bd:d8:0e:a8:09:8f:3c:8e:
9b:c2:31:58:e8:f7:32:a5:75:92:39:57:0d:d5:8d:a5:f6:d4:
53:eb:d1:c7:11:59:9e:d5:92:4c:84:19:db:d0:54:b0:59:62:
ef:6d:c9:b4:e9:0c:f3:a6:34:b3:3b:b0:f9:51:7f:f9:c9:70:
83:46:e7:20:0f:71:75:8c:92:03:59:21:1f:5e:0a:ba:2b:bd:
84:63:bc:66:fd:b1:dd:cd:49:cf:3a:a1:83:c6:02:41:1c:8e:
5b:cb:d4:d2:ab:d3:cf:e8:7a:99:e5:b3:e1:68:45:e1:4a:5f:
e0:c2:a9:c2:09:ee:16:0f:91:76:dc:98:1d:c7:3a:28:5a:df:
56:fa:8d:2a:d7:74:71:e0:ac:4d:64:81:dd:57:fd:32:6a:72:
06:8d:c3:0e:09:4c:c0:c3:5b:9f:35:8a:a1:5a:94:93:f0:9c:
10:95:88:1e:35:03:37:9d:c4:2e:8f:d0:ec:b6:75:4e:a1:c1:
03:96:8b:d1
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWzhuJn+Qy7gRc468RzmXkK4azLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTA3MTcxMjI0NDRaFw0yNjA3MTYxMjI5NDRaMDMxMTAvBgNV
BAMTKDI5NUIyRUE1NUI5ODE0RTFDNEJFNTI0NzIwQ0U2MkJFQ0I3MDU4NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxFW0ZeD8iVS0r3ESWCVsKORkO
6LZuu8P2cbbHVj/8gyz67wJP4dvWWPlxTvl7yQt/QbhGPuP8BDGFenJlShsmUhNG
UxY8ZZRoCnRJQORBPbeRvsiKNXLR6rNVNefLQoxdXLV90bxw3pMauzCgjtelJ0gA
r51njuWRJbXE8aTeXbj8AgP+jam+3xoKl0SNA7oKqqZsxtuaKUVKnm528ZqYtoHs
G1y8/3uHlyU/mggc/lml4kVFni5ndZcN04Pc7NcvwF5ZmN67YuqQlMe7docb/lXc
KK6rDVYwToN9HNFza6J1ChVKlhozpoZnahuxXieEku5TORc3UtLE0jZLZJ33AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUKVsupVuYFOHEvlJHIM5ivstwWEowHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBjxQiAwQB
jxRQAwQCjxRsAwQBjxSEAwQBjxSeAwQBjxSiAwQBjxSmAwQBjxSwAwQBjxS6AwQB
jxTAMA0GCSqGSIb3DQEBCwUAA4IBAQA9giw+bIqdJ4WjvyqDjqTdGGU3aNw90Dbn
3ehd77ta38m3dFW4i5a6Mov2P/cRcWCgeLJDA6GQlNep1RB070SYvdgOqAmPPI6b
wjFY6PcypXWSOVcN1Y2l9tRT69HHEVme1ZJMhBnb0FSwWWLvbcm06QzzpjSzO7D5
UX/5yXCDRucgD3F1jJIDWSEfXgq6K72EY7xm/bHdzUnPOqGDxgJBHI5by9TSq9PP
6HqZ5bPhaEXhSl/gwqnCCe4WD5F23JgdxzooWt9W+o0q13Rx4KxNZIHdV/0yanIG
jcMOCUzAw1ufNYqhWpST8JwQlYgeNQM3ncQuj9DstnVOocEDlovR
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:38:23 2025 by rpki-client