Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: Xxn0juYdrVVEMftElcLpYS/Mamlgc/Btd6mLyDTGHbQ=
Subject key identifier: 07:E0:1E:55:1A:DC:5C:E7:B4:EA:D3:ED:B6:99:4D:BA:65:B0:69:C3
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 210364A96D51CBF9F3F04979F26A8174CD3ACDE1
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Thu 16 Apr 2026 00:13:03 +0000
ROA not before: Thu 16 Apr 2026 00:08:03 +0000
ROA not after: Thu 15 Apr 2027 00:13:03 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
155.117.86.0/24 maxlen: 24
155.117.97.0/24 maxlen: 24
155.117.106.0/24 maxlen: 24
155.117.116.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:03:64:a9:6d:51:cb:f9:f3:f0:49:79:f2:6a:81:74:cd:3a:cd:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 16 00:08:03 2026 GMT
Not After : Apr 15 00:13:03 2027 GMT
Subject: CN=07E01E551ADC5CE7B4EAD3EDB6994DBA65B069C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bc:d5:f2:3b:5c:c0:3e:0f:0c:2c:70:fc:66:
de:be:3b:1c:f7:d4:e5:a1:67:de:b3:9d:90:48:b8:
46:95:89:d1:b2:7a:fc:21:6b:1c:16:40:16:e5:4a:
e9:bf:fc:1f:59:82:a7:4a:bd:7f:3e:33:0b:c1:50:
9f:d4:e0:28:1b:5f:89:ed:92:0f:56:9c:c9:80:6e:
f9:43:02:cc:28:80:e0:82:6d:95:0c:ed:0f:2c:27:
c0:81:3a:d4:36:0e:76:6f:7c:35:4e:8c:30:ad:60:
6f:6a:0b:bb:6a:d1:d4:b8:e1:e4:81:3c:d0:58:c0:
7b:e2:9a:a7:6b:d7:26:29:53:03:45:ba:18:c8:b9:
75:e3:49:08:d4:bf:ad:08:fb:d6:96:8b:d9:7f:62:
80:a1:aa:5e:a2:6e:97:bc:3c:a1:01:42:b6:26:ed:
b3:58:27:b2:17:06:9c:15:46:d8:25:69:e3:d4:80:
e5:0d:ac:f9:71:60:84:31:8c:52:a1:57:bf:61:ee:
08:f2:ef:8d:a8:98:0c:85:36:ca:38:28:7f:41:42:
e8:6b:c4:c0:28:18:17:67:40:97:cf:f7:b7:8d:4b:
b4:da:3d:47:b1:9e:fc:6d:d6:fc:a4:a1:88:d2:7e:
fe:01:4d:df:2b:56:6f:95:a1:eb:61:04:a5:89:1d:
81:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:E0:1E:55:1A:DC:5C:E7:B4:EA:D3:ED:B6:99:4D:BA:65:B0:69:C3
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
148.135.193.0/24
155.117.86.0/24
155.117.97.0/24
155.117.106.0/24
155.117.116.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/23
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:e8:97:12:0b:3e:a5:4f:38:9d:3e:8d:57:89:e4:8c:3f:12:
84:35:21:23:9c:bf:7d:bd:87:ec:d3:50:ce:2a:78:7f:0c:05:
5b:bd:3a:d4:15:2f:fa:2e:d3:9a:73:ec:60:e2:4c:53:a1:da:
a8:28:63:2b:b6:06:2e:dd:b4:ea:47:e1:c9:0c:62:85:38:9e:
45:d2:76:5e:a9:ca:b0:b0:fe:b8:78:f0:08:e9:9a:39:dc:53:
c5:f8:cd:bc:b7:f2:71:b8:d6:bf:b8:14:f5:82:a4:96:46:f1:
50:a0:61:ea:1f:c6:e3:cd:54:f5:ae:90:52:c9:6a:c5:54:12:
de:67:1c:aa:b3:88:9d:ad:a6:d6:ff:1d:34:ed:a5:a8:4a:88:
fd:71:21:2d:71:d4:bb:aa:7a:49:c2:1c:e5:70:7a:4c:52:93:
80:55:fe:3d:7e:56:28:46:99:30:95:31:4e:f7:a3:81:50:e7:
ec:2f:9e:31:95:b2:93:bf:39:eb:f1:8d:ce:ff:93:80:84:24:
21:af:5a:c8:aa:37:bf:9d:3e:99:0b:5b:c4:d1:e8:1e:fa:4b:
59:a5:fe:e3:17:2e:ec:a4:a5:0e:a4:5d:9c:70:57:37:2c:5d:
eb:61:9e:fa:52:1a:db:47:d9:e6:83:92:39:25:6a:79:ee:99:
26:bd:78:4f
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgIUIQNkqW1Ry/nz8El58mqBdM06zeEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MTYwMDA4MDNaFw0yNzA0MTUwMDEzMDNaMDMxMTAvBgNV
BAMTKDA3RTAxRTU1MUFEQzVDRTdCNEVBRDNFREI2OTk0REJBNjVCMDY5QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWvNXyO1zAPg8MLHD8Zt6+Oxz3
1OWhZ96znZBIuEaVidGyevwhaxwWQBblSum//B9ZgqdKvX8+MwvBUJ/U4CgbX4nt
kg9WnMmAbvlDAswogOCCbZUM7Q8sJ8CBOtQ2DnZvfDVOjDCtYG9qC7tq0dS44eSB
PNBYwHvimqdr1yYpUwNFuhjIuXXjSQjUv60I+9aWi9l/YoChql6ibpe8PKEBQrYm
7bNYJ7IXBpwVRtglaePUgOUNrPlxYIQxjFKhV79h7gjy742omAyFNso4KH9BQuhr
xMAoGBdnQJfP97eNS7TaPUexnvxt1vykoYjSfv4BTd8rVm+VoethBKWJHYFvAgMB
AAGjggOlMIIDoTAdBgNVHQ4EFgQUB+AeVRrcXOe06tPttplNumWwacMwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuwYIKwYBBQUHAQcBAf8EggGqMIIBpjCCAaIEAgABMIIB
mjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMDBACPDsUD
BACUh8EDBACbdVYDBACbdWEDBACbdWoDBACbdXQwDAMEAKKNJQMEAKKNJgMEAKKN
MwMEAaKNNgMEAKKNZwMEAKKNdgMEAaKNgAMEAKKNmwMEAKKNpAMEAKeUhwMEAKeU
ijAMAwQAp5STAwQAp5SUAwQAp5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUAA4IBAQAL
6JcSCz6lTzidPo1XieSMPxKENSEjnL99vYfs01DOKnh/DAVbvTrUFS/6LtOac+xg
4kxTodqoKGMrtgYu3bTqR+HJDGKFOJ5F0nZeqcqwsP64ePAI6Zo53FPF+M28t/Jx
uNa/uBT1gqSWRvFQoGHqH8bjzVT1rpBSyWrFVBLeZxyqs4idrabW/x007aWoSoj9
cSEtcdS7qnpJwhzlcHpMUpOAVf49flYoRpkwlTFO96OBUOfsL54xlbKTvznr8Y3O
/5OAhCQhr1rIqje/nT6ZC1vE0ege+ktZpf7jFy7spKUOpF2ccFc3LF3rYZ76Uhrb
R9nmg5I5JWp57pkmvXhP
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:30:23 2026 by rpki-client