Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: PtT7qJyRIwTGGzoqURzt0yVdlhZx/HxvG+bfWrbcZuU=
Subject key identifier: 34:4F:84:3D:A7:04:83:2C:E4:AE:0D:AC:A1:54:59:BE:67:55:0A:9B
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1D4BD27D6C3BF219619FFEE201DDCAD8F04105ED
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Sun 20 Apr 2025 00:02:06 +0000
ROA not before: Sat 19 Apr 2025 23:57:06 +0000
ROA not after: Sun 19 Apr 2026 00:02:06 +0000
asID: 174
IP address blocks: 46.202.35.0/24 maxlen: 24
46.202.85.0/24 maxlen: 24
46.202.86.0/24 maxlen: 24
46.203.18.0/24 maxlen: 24
46.203.31.0/24 maxlen: 24
46.203.33.0/24 maxlen: 24
46.203.35.0/24 maxlen: 24
46.203.46.0/24 maxlen: 24
46.203.55.0/24 maxlen: 24
46.203.57.0/24 maxlen: 24
46.203.61.0/24 maxlen: 24
46.203.72.0/24 maxlen: 24
46.203.75.0/24 maxlen: 24
46.203.77.0/24 maxlen: 24
46.203.78.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
46.203.148.0/24 maxlen: 24
46.203.178.0/24 maxlen: 24
91.124.17.0/24 maxlen: 24
91.124.36.0/24 maxlen: 24
91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.84.0/22 maxlen: 22
91.124.92.0/22 maxlen: 22
91.124.96.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.160.0/24 maxlen: 24
91.124.161.0/24 maxlen: 24
91.124.162.0/24 maxlen: 24
91.124.163.0/24 maxlen: 24
91.124.176.0/24 maxlen: 24
91.124.196.0/24 maxlen: 24
91.124.197.0/24 maxlen: 24
91.124.198.0/24 maxlen: 24
91.124.204.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
91.124.206.0/24 maxlen: 24
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
92.112.65.0/24 maxlen: 24
92.112.66.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
92.112.104.0/24 maxlen: 24
92.112.105.0/24 maxlen: 24
92.112.108.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.113.70.0/24 maxlen: 24
92.113.71.0/24 maxlen: 24
92.113.72.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.127.0/24 maxlen: 24
92.113.128.0/24 maxlen: 24
92.113.158.0/24 maxlen: 24
92.113.159.0/24 maxlen: 24
92.113.160.0/24 maxlen: 24
92.113.161.0/24 maxlen: 24
95.134.12.0/24 maxlen: 24
95.134.13.0/24 maxlen: 24
95.134.14.0/24 maxlen: 24
95.134.15.0/24 maxlen: 24
95.134.79.0/24 maxlen: 24
95.134.80.0/24 maxlen: 24
95.134.88.0/24 maxlen: 24
95.134.95.0/24 maxlen: 24
95.134.128.0/24 maxlen: 24
95.134.134.0/24 maxlen: 24
95.134.151.0/24 maxlen: 24
95.135.104.0/24 maxlen: 24
95.135.154.0/24 maxlen: 24
95.135.155.0/24 maxlen: 24
95.135.168.0/24 maxlen: 24
95.135.232.0/24 maxlen: 24
95.135.238.0/24 maxlen: 24
95.135.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:4b:d2:7d:6c:3b:f2:19:61:9f:fe:e2:01:dd:ca:d8:f0:41:05:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 19 23:57:06 2025 GMT
Not After : Apr 19 00:02:06 2026 GMT
Subject: CN=344F843DA704832CE4AE0DACA15459BE67550A9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:09:32:bd:76:b3:f1:db:80:00:b4:e2:a3:
60:11:f2:9b:d6:bb:2d:c6:01:0c:e2:94:1e:b9:62:
ab:63:9c:8e:44:8d:af:49:52:63:ca:d4:c0:16:9f:
44:a6:e9:df:89:9f:c1:3e:dd:22:da:f4:e4:0d:30:
c6:2c:6c:30:1c:88:c8:03:2b:63:ff:4e:ee:3a:8b:
9f:38:3f:35:f2:a9:05:f3:59:c3:c7:2c:43:06:9d:
8e:d9:5c:b1:40:da:3c:06:f8:2d:92:3f:69:c6:9b:
9f:b8:63:56:0c:ba:fd:98:7f:1a:24:cc:b2:cf:7c:
57:4a:b6:c6:bc:c5:11:4c:ea:09:f4:d5:51:cd:f0:
2a:12:53:6c:6d:bc:ab:68:c9:61:3f:67:5e:f7:0e:
a3:76:bf:9b:b1:e2:50:68:b1:b7:04:ea:57:cd:06:
d0:e9:32:a6:21:f1:29:70:c1:ab:7e:b3:39:57:1b:
b2:cf:50:90:cc:5f:09:06:27:c7:ed:ba:da:e7:d9:
5e:56:7e:e3:23:08:aa:42:5a:7d:ff:ec:9f:85:68:
a7:19:c1:05:df:41:0f:fe:c0:72:98:b9:ce:e9:5c:
cc:52:c6:82:24:23:c6:03:97:73:68:3b:99:d0:c0:
4e:3f:57:96:2b:73:52:3b:71:37:32:c2:fb:0f:7c:
5f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:4F:84:3D:A7:04:83:2C:E4:AE:0D:AC:A1:54:59:BE:67:55:0A:9B
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.35.0/24
46.202.85.0-46.202.86.255
46.203.18.0/24
46.203.31.0/24
46.203.33.0/24
46.203.35.0/24
46.203.46.0/24
46.203.55.0/24
46.203.57.0/24
46.203.61.0/24
46.203.72.0/24
46.203.75.0/24
46.203.77.0-46.203.78.255
46.203.81.0/24
46.203.148.0/24
46.203.178.0/24
91.124.17.0/24
91.124.36.0/24
91.124.68.0-91.124.79.255
91.124.84.0/22
91.124.92.0-91.124.111.255
91.124.160.0/22
91.124.176.0/24
91.124.196.0-91.124.198.255
91.124.204.0-91.124.206.255
91.124.212.0/22
91.124.224.0/22
92.112.65.0-92.112.66.255
92.112.71.0/24
92.112.104.0/23
92.112.108.0/23
92.113.70.0-92.113.73.255
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.127.0-92.113.128.255
92.113.158.0-92.113.161.255
95.134.12.0/22
95.134.79.0-95.134.80.255
95.134.88.0/24
95.134.95.0/24
95.134.128.0/24
95.134.134.0/24
95.134.151.0/24
95.135.104.0/24
95.135.154.0/23
95.135.168.0/24
95.135.232.0/24
95.135.238.0/24
95.135.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e0:02:7f:29:4c:3e:5a:91:3d:44:f2:e7:06:9e:c3:0d:fb:
ba:b5:46:c1:e9:1d:78:b6:88:7a:e5:0c:34:63:f1:03:9f:c5:
e8:4f:67:0d:c9:70:e4:b1:65:e6:74:c0:7a:3d:51:4f:39:0d:
98:55:93:d9:a4:05:6a:aa:83:f3:fb:78:14:d7:0e:a1:f8:60:
a1:32:7f:b2:19:b2:82:dc:05:6f:bf:13:d0:cc:05:12:33:70:
74:ca:cf:2a:27:02:15:f6:22:e3:69:de:c7:be:d2:0b:84:20:
9e:02:31:32:ab:a5:82:f8:70:fc:5a:1a:67:96:69:f6:dd:27:
96:53:02:60:10:58:cd:73:6c:16:23:47:a7:55:d0:81:43:79:
4b:41:cd:e4:21:4a:0e:ee:76:6c:43:ad:71:f2:6a:a0:10:b1:
5a:2a:df:8b:90:78:8c:a1:39:0e:df:36:a8:b0:68:10:23:dc:
43:2e:61:0f:66:0c:f9:55:64:13:fb:e6:f2:32:86:a6:cf:73:
d1:99:58:cf:e6:31:92:e9:77:b5:58:c5:1d:de:c1:8c:13:83:
ca:18:70:be:e9:71:d7:58:8e:0e:ca:80:f0:c2:26:59:77:f7:
b3:dd:7b:f1:bd:13:d0:1f:a6:bb:87:76:a6:e5:b9:94:77:d6:
5b:42:08:b1
-----BEGIN CERTIFICATE-----
MIIGhzCCBW+gAwIBAgIUHUvSfWw78hlhn/7iAd3K2PBBBe0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTkyMzU3MDZaFw0yNjA0MTkwMDAyMDZaMDMxMTAvBgNV
BAMTKDM0NEY4NDNEQTcwNDgzMkNFNEFFMERBQ0ExNTQ1OUJFNjc1NTBBOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBkQkyvXaz8duAALTio2AR8pvW
uy3GAQzilB65YqtjnI5Eja9JUmPK1MAWn0Sm6d+Jn8E+3SLa9OQNMMYsbDAciMgD
K2P/Tu46i584PzXyqQXzWcPHLEMGnY7ZXLFA2jwG+C2SP2nGm5+4Y1YMuv2Yfxok
zLLPfFdKtsa8xRFM6gn01VHN8CoSU2xtvKtoyWE/Z173DqN2v5ux4lBosbcE6lfN
BtDpMqYh8Slwwat+szlXG7LPUJDMXwkGJ8ftutrn2V5WfuMjCKpCWn3/7J+FaKcZ
wQXfQQ/+wHKYuc7pXMxSxoIkI8YDl3NoO5nQwE4/V5Yrc1I7cTcywvsPfF/pAgMB
AAGjggORMIIDjTAdBgNVHQ4EFgQUNE+EPacEgyzkrg2soVRZvmdVCpswHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBpwYIKwYBBQUHAQcBAf8EggGWMIIBkjCCAY4EAgABMIIB
hgMEAC7KIzAMAwQALspVAwQALspWAwQALssSAwQALssfAwQALsshAwQALssjAwQA
LssuAwQALss3AwQALss5AwQALss9AwQALstIAwQALstLMAwDBAAuy00DBAAuy04D
BAAuy1EDBAAuy5QDBAAuy7IDBABbfBEDBABbfCQwDAMEAlt8RAMEBFt8QAMEAlt8
VDAMAwQCW3xcAwQEW3xgAwQCW3ygAwQAW3ywMAwDBAJbfMQDBABbfMYwDAMEAlt8
zAMEAFt8zgMEAlt81AMEAlt84DAMAwQAXHBBAwQAXHBCAwQAXHBHAwQBXHBoAwQB
XHBsMAwDBAFccUYDBAFccUgwDAMEAFxxZQMEAFxxZgMEAVxxaDAMAwQAXHF/AwQA
XHGAMAwDBAFccZ4DBAFccaADBAJfhgwwDAMEAF+GTwMEAF+GUAMEAF+GWAMEAF+G
XwMEAF+GgAMEAF+GhgMEAF+GlwMEAF+HaAMEAV+HmgMEAF+HqAMEAF+H6AMEAF+H
7gMEAF+H8jANBgkqhkiG9w0BAQsFAAOCAQEAK+ACfylMPlqRPUTy5waeww37urVG
wekdeLaIeuUMNGPxA5/F6E9nDclw5LFl5nTAej1RTzkNmFWT2aQFaqqD8/t4FNcO
ofhgoTJ/shmygtwFb78T0MwFEjNwdMrPKicCFfYi42nex77SC4QgngIxMqulgvhw
/FoaZ5Zp9t0nllMCYBBYzXNsFiNHp1XQgUN5S0HN5CFKDu52bEOtcfJqoBCxWirf
i5B4jKE5Dt82qLBoECPcQy5hD2YM+VVkE/vm8jKGps9z0ZlYz+Yxkul3tVjFHd7B
jBODyhhwvulx11iODsqA8MImWXf3s9178b0T0B+mu4d2puW5lHfWW0IIsQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:16:11 2025 by rpki-client