Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: PWdviK+GDdSZ9zeepv/FUUKkXBn9t6cW/8TuCGrJy4M=
Subject key identifier: 8A:E4:23:CD:6E:51:98:05:D3:5A:F9:54:C3:FF:66:6D:DB:38:13:03
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 3894AE5473DC407CE7B4862CD9A440A38A0AEB5E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Tue 02 Jun 2026 12:17:43 +0000
ROA not before: Tue 02 Jun 2026 12:12:43 +0000
ROA not after: Tue 01 Jun 2027 12:17:43 +0000
asID: 174
IP address blocks: 46.202.35.0/24 maxlen: 24
46.202.85.0/24 maxlen: 24
46.202.86.0/24 maxlen: 24
46.203.148.0/24 maxlen: 24
46.203.178.0/24 maxlen: 24
91.124.17.0/24 maxlen: 24
91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
92.113.70.0/24 maxlen: 24
92.113.71.0/24 maxlen: 24
92.113.72.0/24 maxlen: 24
92.113.160.0/24 maxlen: 24
95.134.12.0/24 maxlen: 24
95.134.13.0/24 maxlen: 24
95.134.14.0/24 maxlen: 24
95.134.15.0/24 maxlen: 24
95.134.79.0/24 maxlen: 24
95.134.80.0/24 maxlen: 24
95.134.88.0/24 maxlen: 24
95.134.95.0/24 maxlen: 24
95.134.128.0/24 maxlen: 24
95.134.134.0/24 maxlen: 24
95.134.151.0/24 maxlen: 24
95.135.104.0/24 maxlen: 24
95.135.154.0/24 maxlen: 24
95.135.155.0/24 maxlen: 24
95.135.168.0/24 maxlen: 24
95.135.232.0/24 maxlen: 24
95.135.238.0/24 maxlen: 24
95.135.242.0/24 maxlen: 24
178.92.45.0/24 maxlen: 24
178.94.127.0/24 maxlen: 24
178.94.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:94:ae:54:73:dc:40:7c:e7:b4:86:2c:d9:a4:40:a3:8a:0a:eb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 2 12:12:43 2026 GMT
Not After : Jun 1 12:17:43 2027 GMT
Subject: CN=8AE423CD6E519805D35AF954C3FF666DDB381303
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:57:2a:d2:7e:2c:40:54:f6:32:2e:fc:eb:da:
78:29:a2:f0:17:2b:03:a5:ff:f4:aa:78:df:7a:33:
8a:d5:45:a8:8e:7a:d2:cf:3f:66:7f:17:0a:fe:86:
db:4b:f2:cf:86:35:0f:9f:b8:6f:6b:6d:7d:62:37:
6a:ca:2e:5f:3b:9e:15:cb:28:86:7e:c9:c7:21:4e:
d2:d4:bc:7f:cc:4e:46:35:1e:28:88:d1:17:05:6b:
11:08:ff:ac:74:56:4b:de:be:73:ec:ea:36:fd:4f:
9d:d7:58:23:4e:eb:0d:90:60:ec:49:44:4f:b6:01:
64:71:7b:02:55:0f:83:ae:00:7d:ed:89:90:25:08:
72:b7:68:11:76:11:6f:44:10:bc:49:08:f8:08:26:
70:be:86:bd:bd:2f:a9:4d:c5:94:56:6e:6b:bf:c7:
72:ac:54:6c:9d:1c:57:71:4e:f1:48:17:0f:41:9c:
8b:2b:19:c1:82:0f:f6:ce:ce:58:8c:93:80:a9:b7:
d8:38:51:3e:84:c9:ab:25:ec:b1:d8:41:2f:04:a5:
6c:79:ce:77:5b:c3:7d:70:81:84:83:18:1e:3e:a6:
d2:37:ec:ee:72:89:91:29:c9:98:c8:e4:cd:93:e2:
b9:3d:81:55:ab:dd:cc:09:56:8a:fa:6d:6e:d2:3f:
29:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E4:23:CD:6E:51:98:05:D3:5A:F9:54:C3:FF:66:6D:DB:38:13:03
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.35.0/24
46.202.85.0-46.202.86.255
46.203.148.0/24
46.203.178.0/24
91.124.17.0/24
91.124.68.0-91.124.79.255
91.124.100.0-91.124.111.255
91.124.212.0/22
91.124.224.0/22
92.113.70.0-92.113.72.255
92.113.160.0/24
95.134.12.0/22
95.134.79.0-95.134.80.255
95.134.88.0/24
95.134.95.0/24
95.134.128.0/24
95.134.134.0/24
95.134.151.0/24
95.135.104.0/24
95.135.154.0/23
95.135.168.0/24
95.135.232.0/24
95.135.238.0/24
95.135.242.0/24
178.92.45.0/24
178.94.127.0/24
178.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:e6:5d:af:06:2a:e7:07:75:e9:30:2e:d1:51:69:9f:4b:fe:
93:40:50:5c:9e:cb:11:1c:d7:89:19:5f:d9:0d:a0:b6:2f:92:
25:da:25:2b:aa:e0:c4:8f:c0:ff:df:fe:4f:87:6e:01:29:d2:
22:0e:db:cc:16:f0:af:59:6b:f2:7e:83:e9:9b:ce:37:37:2e:
16:b4:71:cb:dc:83:8a:ef:99:52:a5:72:bc:fe:4d:47:55:3d:
29:53:35:ca:9e:aa:9f:47:87:6a:8e:d8:95:99:69:4c:02:80:
a9:d3:b4:d4:12:c3:23:53:a6:c6:4f:2d:8e:cd:78:2e:c7:c0:
6a:52:26:03:7f:48:30:b1:40:04:b3:8e:42:86:ac:9f:25:5b:
80:df:42:7b:26:25:52:5f:99:70:66:dc:11:0b:b9:27:c4:fa:
cf:97:4f:0d:9e:0f:08:9a:54:64:85:69:b3:8e:0d:f8:91:ac:
d3:a2:4e:a8:39:72:d6:b2:8b:e5:d3:89:e0:2e:42:a6:e5:1b:
17:b0:38:fa:75:86:ec:c5:81:70:d0:de:3b:53:79:29:14:f5:
e8:24:da:15:62:16:97:b1:83:fa:a1:0f:9c:78:ec:2e:07:6c:
5a:6a:80:79:cf:0b:23:0c:02:b3:1d:ca:c6:bc:24:6d:02:f9:
1c:d9:d3:e8
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgIUOJSuVHPcQHzntIYs2aRAo4oK614wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA2MDIxMjEyNDNaFw0yNzA2MDExMjE3NDNaMDMxMTAvBgNV
BAMTKDhBRTQyM0NENkU1MTk4MDVEMzVBRjk1NEMzRkY2NjZEREIzODEzMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoVyrSfixAVPYyLvzr2ngpovAX
KwOl//SqeN96M4rVRaiOetLPP2Z/Fwr+httL8s+GNQ+fuG9rbX1iN2rKLl87nhXL
KIZ+ycchTtLUvH/MTkY1HiiI0RcFaxEI/6x0VkvevnPs6jb9T53XWCNO6w2QYOxJ
RE+2AWRxewJVD4OuAH3tiZAlCHK3aBF2EW9EELxJCPgIJnC+hr29L6lNxZRWbmu/
x3KsVGydHFdxTvFIFw9BnIsrGcGCD/bOzliMk4Cpt9g4UT6Eyasl7LHYQS8EpWx5
zndbw31wgYSDGB4+ptI37O5yiZEpyZjI5M2T4rk9gVWr3cwJVor6bW7SPymZAgMB
AAGjggLQMIICzDAdBgNVHQ4EFgQUiuQjzW5RmAXTWvlUw/9mbds4EwMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAAu
yiMwDAMEAC7KVQMEAC7KVgMEAC7LlAMEAC7LsgMEAFt8ETAMAwQCW3xEAwQEW3xA
MAwDBAJbfGQDBARbfGADBAJbfNQDBAJbfOAwDAMEAVxxRgMEAFxxSAMEAFxxoAME
Al+GDDAMAwQAX4ZPAwQAX4ZQAwQAX4ZYAwQAX4ZfAwQAX4aAAwQAX4aGAwQAX4aX
AwQAX4doAwQBX4eaAwQAX4eoAwQAX4foAwQAX4fuAwQAX4fyAwQAslwtAwQAsl5/
AwQAsl6uMA0GCSqGSIb3DQEBCwUAA4IBAQCn5l2vBirnB3XpMC7RUWmfS/6TQFBc
nssRHNeJGV/ZDaC2L5Il2iUrquDEj8D/3/5Ph24BKdIiDtvMFvCvWWvyfoPpm843
Ny4WtHHL3IOK75lSpXK8/k1HVT0pUzXKnqqfR4dqjtiVmWlMAoCp07TUEsMjU6bG
Ty2OzXgux8BqUiYDf0gwsUAEs45ChqyfJVuA30J7JiVSX5lwZtwRC7knxPrPl08N
ng8ImlRkhWmzjg34kazTok6oOXLWsovl04ngLkKm5RsXsDj6dYbsxYFw0N47U3kp
FPXoJNoVYhaXsYP6oQ+ceOwuB2xaaoB5zwsjDAKzHcrGvCRtAvkc2dPo
-----END CERTIFICATE-----
Generated at Sat Jun 13 06:44:03 2026 by rpki-client