Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: DIZdid3ogB1BSLU1F4FMynBVJpfKLyv58NeX905PYKw=
Subject key identifier: 82:66:4F:3F:BD:CA:FC:5C:70:03:F0:AE:E5:7E:76:2D:84:7B:83:C9
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 05300449C5139B439E192036BF31BB0326CEF5D7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Mon 27 Oct 2025 18:33:50 +0000
ROA not before: Mon 27 Oct 2025 18:28:50 +0000
ROA not after: Mon 26 Oct 2026 18:33:50 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.120.0/22 maxlen: 22
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:30:04:49:c5:13:9b:43:9e:19:20:36:bf:31:bb:03:26:ce:f5:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 27 18:28:50 2025 GMT
Not After : Oct 26 18:33:50 2026 GMT
Subject: CN=82664F3FBDCAFC5C7003F0AEE57E762D847B83C9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:df:b0:16:c5:7a:f9:43:7f:47:71:2b:f0:a5:
6b:4c:18:68:5e:07:3f:6c:0d:ac:23:1b:d3:08:bc:
cd:29:d2:89:f7:53:01:f2:d7:d6:7d:6b:15:96:59:
6c:5c:82:b4:ff:49:be:a6:5e:29:22:91:05:bd:71:
3a:b3:73:98:0c:a1:7a:04:13:20:65:a3:14:3b:1f:
e9:8b:4f:bf:50:38:55:ef:0f:e0:c4:c6:4c:14:f4:
54:c7:04:1f:95:a0:0e:2c:da:e8:e1:b9:4d:43:28:
66:02:92:04:ed:22:9d:71:84:69:a6:c1:d4:d8:66:
ad:c3:5e:55:dc:60:1c:65:32:1a:b3:94:60:7b:3c:
55:58:76:e7:c8:3c:b6:70:62:39:24:6b:33:af:ce:
fd:3a:ff:19:b7:11:8c:81:05:7f:0d:d0:d3:b1:be:
33:f8:4c:a0:8a:76:b1:15:f9:cd:4b:3d:46:1f:df:
69:b2:8d:5f:a8:46:f2:79:c1:1c:e8:a0:00:22:da:
63:50:1a:09:f7:67:88:20:e8:67:24:c6:c5:ba:b4:
08:1b:dd:af:ac:c6:d2:24:cf:a6:bd:81:9c:f2:40:
4f:24:6c:2d:ca:ef:01:b7:19:42:e0:63:9f:b2:f2:
24:47:17:fb:b6:1e:55:1c:02:c9:55:e2:3e:3e:a5:
6a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:66:4F:3F:BD:CA:FC:5C:70:03:F0:AE:E5:7E:76:2D:84:7B:83:C9
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
140.233.180.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/23
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.153.0/24
162.141.155.0/24
162.141.164.0/24
167.148.120.0/22
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
11:28:d4:a5:33:8e:51:0c:06:9c:92:f1:2d:8f:52:c6:ac:16:
98:63:a7:c7:47:b4:af:2e:bc:1b:f2:84:f4:61:17:ab:16:9d:
27:27:de:5f:a4:d4:51:2c:97:ff:c3:60:13:40:2a:0b:6d:90:
ed:b5:38:22:20:79:d0:4b:b9:87:b1:ed:fe:38:bc:fe:f7:8e:
a5:63:ab:b1:c0:3a:c5:79:10:26:ed:43:f8:1c:b0:c8:7d:d6:
ae:62:be:b0:76:38:e6:16:c6:ef:84:b9:54:92:33:1c:f4:9a:
5a:d7:ea:95:fd:7c:4d:5d:5f:77:56:19:44:6f:af:c1:81:28:
2f:66:e9:97:21:0e:2b:49:43:04:59:9e:15:d6:8d:4b:91:b3:
72:ed:26:13:c5:ac:53:1b:56:f0:a2:95:38:0a:e9:f6:b3:55:
3e:4d:c7:9d:4e:44:f4:81:0d:e9:ac:db:d8:5d:13:42:ea:3d:
85:24:47:2a:e6:b5:57:23:78:e7:51:ad:ac:f4:a4:72:92:96:
bb:b5:1c:bf:5d:4a:43:2b:35:3c:d7:ca:7e:2b:4c:d6:31:20:
35:84:fb:03:98:9c:e4:d7:73:5c:ea:5f:8f:d0:15:b9:97:6b:
6c:fe:9f:aa:c3:17:77:fe:13:b8:c2:aa:b6:01:fc:c2:28:0f:
d0:18:a3:ee
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUBTAEScUTm0OeGSA2vzG7AybO9dcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMjcxODI4NTBaFw0yNjEwMjYxODMzNTBaMDMxMTAvBgNV
BAMTKDgyNjY0RjNGQkRDQUZDNUM3MDAzRjBBRUU1N0U3NjJEODQ3QjgzQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDf37AWxXr5Q39HcSvwpWtMGGhe
Bz9sDawjG9MIvM0p0on3UwHy19Z9axWWWWxcgrT/Sb6mXikikQW9cTqzc5gMoXoE
EyBloxQ7H+mLT79QOFXvD+DExkwU9FTHBB+VoA4s2ujhuU1DKGYCkgTtIp1xhGmm
wdTYZq3DXlXcYBxlMhqzlGB7PFVYdufIPLZwYjkkazOvzv06/xm3EYyBBX8N0NOx
vjP4TKCKdrEV+c1LPUYf32myjV+oRvJ5wRzooAAi2mNQGgn3Z4gg6GckxsW6tAgb
3a+sxtIkz6a9gZzyQE8kbC3K7wG3GULgY5+y8iRHF/u2HlUcAslV4j4+pWrVAgMB
AAGjggOZMIIDlTAdBgNVHQ4EFgQUgmZPP73K/FxwA/Cu5X52LYR7g8kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrwYIKwYBBQUHAQcBAf8EggGeMIIBmjCCAZYEAgABMIIB
jjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBAKM6bQDBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMD
BACPDsUwDAMEAKKNJQMEAKKNJgMEAKKNMwMEAaKNNgMEAKKNZwMEAKKNdgMEAaKN
gAMEAKKNmQMEAKKNmwMEAKKNpAMEAqeUeAMEAKeUhwMEAKeUijAMAwQAp5STAwQA
p5SUAwQAp5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUAA4IBAQARKNSlM45RDAackvEt
j1LGrBaYY6fHR7SvLrwb8oT0YRerFp0nJ95fpNRRLJf/w2ATQCoLbZDttTgiIHnQ
S7mHse3+OLz+946lY6uxwDrFeRAm7UP4HLDIfdauYr6wdjjmFsbvhLlUkjMc9Jpa
1+qV/XxNXV93VhlEb6/BgSgvZumXIQ4rSUMEWZ4V1o1LkbNy7SYTxaxTG1bwopU4
Cun2s1U+TcedTkT0gQ3prNvYXRNC6j2FJEcq5rVXI3jnUa2s9KRykpa7tRy/XUpD
KzU818p+K0zWMSA1hPsDmJzk13Nc6l+P0BW5l2ts/p+qwxd3/hO4wqq2AfzCKA/Q
GKPu
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:57:19 2025 by rpki-client