Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: mce1PLIwS0AcJT+/Z5F9kE0ly2TQKAYXl9ReO56lYEg=
Subject key identifier: 57:44:64:63:3B:6A:48:63:FE:4E:C0:31:2A:E2:EA:8A:1D:D1:A6:DF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 55D7E5EFE0A61D6E902AC280AB7095D8AE229E61
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Fri 25 Apr 2025 14:19:17 +0000
ROA not before: Fri 25 Apr 2025 14:14:17 +0000
ROA not after: Fri 24 Apr 2026 14:19:17 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.150.224.0/22 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
150.241.136.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 08:18:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d7:e5:ef:e0:a6:1d:6e:90:2a:c2:80:ab:70:95:d8:ae:22:9e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 25 14:14:17 2025 GMT
Not After : Apr 24 14:19:17 2026 GMT
Subject: CN=574464633B6A4863FE4EC0312AE2EA8A1DD1A6DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f7:7f:f8:da:5f:c1:30:12:5a:c4:99:5d:f0:
ec:1a:9b:8f:c5:7e:b8:9a:6c:f2:d3:97:0a:83:93:
e9:c3:a8:11:87:8c:64:6d:d0:10:de:9b:5b:da:a0:
d2:35:ef:a6:a2:61:be:a8:51:de:f0:5f:9e:f0:4a:
10:98:38:e5:cf:bd:c1:05:aa:f9:d3:e5:75:14:4b:
a6:c6:73:ad:62:31:a8:fe:cc:63:af:b6:5c:09:73:
ce:af:94:d3:6e:f1:a6:64:44:f2:1f:7f:9d:31:81:
e6:f8:1c:8b:8b:1c:fc:bb:11:4c:c2:96:1a:c7:dd:
f4:ca:31:72:18:49:47:31:32:2e:1a:1e:de:0d:49:
1d:34:ad:9c:b1:84:5f:db:e8:f9:d3:63:81:61:4a:
f6:5d:e0:78:07:28:fc:eb:9c:68:ff:5f:a7:e7:0e:
f7:bb:6c:fa:9e:42:78:fa:43:01:65:2f:d2:a4:b9:
40:b9:a0:ee:31:ae:37:40:c4:a2:f1:8f:11:1f:b9:
fe:0a:79:c5:2b:ad:69:79:fe:ee:39:4a:2e:16:33:
c0:75:41:f7:68:f8:9a:be:a8:79:cc:f6:1d:ba:30:
68:fe:df:bf:63:95:ec:d8:d7:eb:96:90:ca:fe:b4:
05:6d:2c:9f:ff:e3:0a:b4:2d:4d:03:33:36:55:81:
86:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:44:64:63:3B:6A:48:63:FE:4E:C0:31:2A:E2:EA:8A:1D:D1:A6:DF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.150.224.0/22
140.233.160.0/22
140.233.180.0/22
150.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
81:bb:73:11:a8:2b:c7:f0:4b:9c:58:db:3e:60:f7:e7:99:b9:
9d:e2:c7:2c:99:16:7a:d8:0c:8e:24:1a:27:6d:ab:d0:4b:24:
89:fc:06:0c:11:5f:c0:a3:02:d1:6b:c1:c4:bd:f0:dd:3d:ac:
82:d9:bd:5e:ab:ea:d2:8d:c2:41:5c:cc:43:f8:f9:2d:b2:36:
ac:04:e2:f7:2c:15:81:83:ed:79:85:3c:1a:c2:62:47:a9:a7:
d0:f0:7d:a5:fb:6d:90:2c:31:9c:a0:26:71:15:6c:07:a2:94:
cc:60:58:c1:58:3d:4d:71:16:85:84:33:b0:91:f3:30:c6:ed:
b6:54:1e:43:9d:54:94:b1:cc:9e:74:12:4e:41:78:d3:da:df:
28:aa:69:00:2f:82:e5:8b:39:03:1e:e7:b1:26:db:a2:e8:f9:
da:56:2d:9d:18:ab:37:ab:b4:54:d3:e4:ae:14:0f:a1:fa:f8:
3f:d7:84:1a:d7:f3:cd:6a:ce:5c:98:23:4a:fe:ea:d2:81:1b:
5a:a8:05:86:95:e2:bb:6c:77:60:7e:fd:6a:eb:b0:b1:c3:91:
83:44:3f:8b:3a:50:05:21:e4:b8:6f:e8:3d:a9:72:61:f6:7a:
c7:9c:0a:9f:8f:3e:0c:d2:e9:8a:94:4c:63:eb:ee:7f:2f:32:
b5:eb:77:d8
-----BEGIN CERTIFICATE-----
MIIGDTCCBPWgAwIBAgIUVdfl7+CmHW6QKsKAq3CV2K4inmEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MjUxNDE0MTdaFw0yNjA0MjQxNDE5MTdaMDMxMTAvBgNV
BAMTKDU3NDQ2NDYzM0I2QTQ4NjNGRTRFQzAzMTJBRTJFQThBMUREMUE2REYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg93/42l/BMBJaxJld8Owam4/F
friabPLTlwqDk+nDqBGHjGRt0BDem1vaoNI176aiYb6oUd7wX57wShCYOOXPvcEF
qvnT5XUUS6bGc61iMaj+zGOvtlwJc86vlNNu8aZkRPIff50xgeb4HIuLHPy7EUzC
lhrH3fTKMXIYSUcxMi4aHt4NSR00rZyxhF/b6PnTY4FhSvZd4HgHKPzrnGj/X6fn
Dve7bPqeQnj6QwFlL9KkuUC5oO4xrjdAxKLxjxEfuf4KecUrrWl5/u45Si4WM8B1
Qfdo+Jq+qHnM9h26MGj+379jlezY1+uWkMr+tAVtLJ//4wq0LU0DMzZVgYbXAgMB
AAGjggMXMIIDEzAdBgNVHQ4EFgQUV0RkYztqSGP+TsAxKuLqih3Rpt8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLQYIKwYBBQUHAQcBAf8EggEcMIIBGDCCARQEAgABMIIB
DDAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKMluADBAKM6aADBAKM6bQDBAOW8YgwDQYJKoZIhvcNAQELBQADggEB
AIG7cxGoK8fwS5xY2z5g9+eZuZ3ixyyZFnrYDI4kGidtq9BLJIn8BgwRX8CjAtFr
wcS98N09rILZvV6r6tKNwkFczEP4+S2yNqwE4vcsFYGD7XmFPBrCYkepp9DwfaX7
bZAsMZygJnEVbAeilMxgWMFYPU1xFoWEM7CR8zDG7bZUHkOdVJSxzJ50Ek5BeNPa
3yiqaQAvguWLOQMe57Em26Lo+dpWLZ0YqzertFTT5K4UD6H6+D/XhBrX881qzlyY
I0r+6tKBG1qoBYaV4rtsd2B+/WrrsLHDkYNEP4s6UAUh5Lhv6D2pcmH2esecCp+P
PgzS6YqUTGPr7n8vMrXrd9g=
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:15:42 2025 by rpki-client