Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: k+BKWtAn6NU5cthUVxu+copnpfPJUGxoN395K9dkVgA=
Subject key identifier: 07:71:79:08:DD:53:E8:C8:FF:E7:BD:E9:2F:69:11:D7:E9:E7:7F:FB
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 21D9235B0B2DB324F50DE9E7D6CF2F8E57012D0C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Fri 19 Apr 2024 10:20:05 +0000
ROA not before: Fri 19 Apr 2024 10:15:05 +0000
ROA not after: Fri 18 Apr 2025 10:20:05 +0000
asID: 174
IP address blocks: 140.233.160.0/22 maxlen: 22
140.233.168.0/22 maxlen: 22
140.233.172.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
146.103.0.0/22 maxlen: 22
146.103.4.0/22 maxlen: 22
146.103.12.0/22 maxlen: 22
147.79.16.0/22 maxlen: 22
147.79.24.0/22 maxlen: 22
147.79.48.0/22 maxlen: 22
147.79.60.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:d9:23:5b:0b:2d:b3:24:f5:0d:e9:e7:d6:cf:2f:8e:57:01:2d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 19 10:15:05 2024 GMT
Not After : Apr 18 10:20:05 2025 GMT
Subject: CN=07717908DD53E8C8FFE7BDE92F6911D7E9E77FFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:17:d4:74:d1:24:15:19:f0:23:32:2c:5a:99:
c2:2b:99:47:35:6a:6a:92:5b:8b:d2:fc:5d:e2:69:
52:72:35:d6:41:45:4b:41:2e:a7:39:77:22:c0:95:
55:52:7d:2e:a6:65:f4:6a:49:7a:47:17:e1:06:ee:
cb:b7:c3:54:31:23:55:da:25:d4:c3:00:92:b1:28:
27:46:7a:2d:ab:ed:c1:86:54:1c:d4:da:44:02:24:
99:b5:8b:7a:a2:13:2f:68:b6:91:40:c4:8b:cc:45:
c0:5e:fd:72:27:bb:d7:41:f9:80:8c:76:20:f9:88:
d5:88:96:45:61:62:09:27:cd:45:66:84:d5:bc:9f:
67:1a:0d:e4:fa:5f:80:de:da:0d:07:2a:9d:b2:85:
bf:07:d3:c9:51:21:b1:59:89:90:2c:94:cb:32:76:
b2:db:33:fe:29:30:16:5d:82:fc:00:6a:0c:ed:73:
6d:93:2e:69:cf:f2:25:b7:35:27:40:5d:66:65:f7:
22:13:0d:d6:3f:ef:47:85:1f:0a:77:70:52:75:ad:
bc:80:a7:40:6f:53:a5:66:9f:49:6b:bb:85:32:8f:
58:af:e1:ac:fe:c2:a8:29:53:62:1b:4b:66:28:f3:
0c:94:bc:2a:ca:74:fb:7c:48:2f:8f:aa:c3:9d:5a:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:71:79:08:DD:53:E8:C8:FF:E7:BD:E9:2F:69:11:D7:E9:E7:7F:FB
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.233.160.0/22
140.233.168.0/21
140.233.180.0/22
146.103.0.0/21
146.103.12.0/22
147.79.16.0/22
147.79.24.0/22
147.79.48.0/22
147.79.60.0/22
Signature Algorithm: sha256WithRSAEncryption
85:b5:b0:f4:98:5f:01:24:31:59:92:e7:50:1d:83:cd:02:8d:
69:60:e1:f3:42:d2:17:08:77:d2:20:f3:a6:c8:33:fb:a2:39:
b2:36:4b:f7:f7:f4:d5:e5:70:76:5d:2e:e2:38:a5:8f:ae:23:
04:a4:d3:56:89:14:6a:c1:54:79:42:86:35:7d:66:51:6e:8a:
f5:00:4c:0c:e2:ad:da:9f:1f:cf:6e:3e:3e:c3:8e:fd:71:1b:
29:c3:2c:95:7d:d3:2a:d6:77:60:7f:17:a6:a2:05:27:67:36:
bf:32:57:05:75:eb:0e:2c:ed:50:3e:81:9d:02:65:34:ef:85:
a0:48:d4:c9:11:a0:50:db:dc:9a:d1:2c:5a:8f:94:78:ae:b1:
cd:14:10:7e:0c:b5:4b:93:f3:18:29:a4:95:2c:b9:80:7c:e4:
37:1d:48:01:03:ca:dd:38:39:c6:44:29:64:3a:b7:f2:d4:1e:
a1:a1:df:2b:b5:e5:9a:1f:72:94:da:95:47:1e:60:7e:b5:ac:
2d:d5:ed:bb:0b:62:7d:2b:20:e8:f5:ce:dd:c8:c5:3c:ba:4e:
ec:eb:71:07:22:36:9a:9e:cf:08:b2:08:2d:5f:8b:27:f1:df:
f2:bf:c0:aa:8c:20:39:7d:53:63:86:0a:de:03:5c:28:84:c6:
89:e8:d4:6f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIUIdkjWwstsyT1Denn1s8vjlcBLQwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDA0MTkxMDE1MDVaFw0yNTA0MTgxMDIwMDVaMDMxMTAvBgNV
BAMTKDA3NzE3OTA4REQ1M0U4QzhGRkU3QkRFOTJGNjkxMUQ3RTlFNzdGRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRF9R00SQVGfAjMixamcIrmUc1
amqSW4vS/F3iaVJyNdZBRUtBLqc5dyLAlVVSfS6mZfRqSXpHF+EG7su3w1QxI1Xa
JdTDAJKxKCdGei2r7cGGVBzU2kQCJJm1i3qiEy9otpFAxIvMRcBe/XInu9dB+YCM
diD5iNWIlkVhYgknzUVmhNW8n2caDeT6X4De2g0HKp2yhb8H08lRIbFZiZAslMsy
drLbM/4pMBZdgvwAagztc22TLmnP8iW3NSdAXWZl9yITDdY/70eFHwp3cFJ1rbyA
p0BvU6Vmn0lru4Uyj1iv4az+wqgpU2IbS2Yo8wyUvCrKdPt8SC+PqsOdWj1TAgMB
AAGjggI3MIICMzAdBgNVHQ4EFgQUB3F5CN1T6Mj/573pL2kR1+nnf/swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCjOmgAwQD
jOmoAwQCjOm0AwQDkmcAAwQCkmcMAwQCk08QAwQCk08YAwQCk08wAwQCk088MA0G
CSqGSIb3DQEBCwUAA4IBAQCFtbD0mF8BJDFZkudQHYPNAo1pYOHzQtIXCHfSIPOm
yDP7ojmyNkv39/TV5XB2XS7iOKWPriMEpNNWiRRqwVR5QoY1fWZRbor1AEwM4q3a
nx/Pbj4+w479cRspwyyVfdMq1ndgfxemogUnZza/MlcFdesOLO1QPoGdAmU074Wg
SNTJEaBQ29ya0Sxaj5R4rrHNFBB+DLVLk/MYKaSVLLmAfOQ3HUgBA8rdODnGRClk
Orfy1B6hod8rteWaH3KU2pVHHmB+tawt1e27C2J9KyDo9c7dyMU8uk7s63EHIjaa
ns8IsggtX4sn8d/yv8CqjCA5fVNjhgreA1wohMaJ6NRv
-----END CERTIFICATE-----
Generated at Thu May 2 16:20:40 2024 by rpki-client on console-ams.rpki-client.org