Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: cturOdRtT8Hy2MENfkW1KmjTR03zer7S3Ar+1K9Aw8E=
Subject key identifier: AD:43:F5:E2:23:BE:6B:24:D1:D0:DD:B7:C9:6B:59:03:A3:B4:74:F5
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1D4112C00A137151C77BA95E46AFEF451F23C6B7
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Thu 13 Feb 2025 08:06:36 +0000
ROA not before: Thu 13 Feb 2025 08:01:36 +0000
ROA not after: Thu 12 Feb 2026 08:06:36 +0000
asID: 174
IP address blocks: 96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
140.150.224.0/22 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.168.0/22 maxlen: 22
140.233.172.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
147.79.16.0/22 maxlen: 22
147.79.24.0/22 maxlen: 22
147.79.48.0/22 maxlen: 22
147.79.60.0/22 maxlen: 22
150.241.136.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 02:59:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:41:12:c0:0a:13:71:51:c7:7b:a9:5e:46:af:ef:45:1f:23:c6:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 13 08:01:36 2025 GMT
Not After : Feb 12 08:06:36 2026 GMT
Subject: CN=AD43F5E223BE6B24D1D0DDB7C96B5903A3B474F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:29:67:a4:69:ce:c6:f4:9d:46:a3:6b:8c:e6:
21:d3:d5:5e:47:e3:87:e9:c7:de:c8:da:43:be:aa:
36:9d:4e:16:aa:d1:26:5e:d2:b8:64:99:27:bd:9d:
ec:41:2a:e5:d5:81:ad:01:9a:08:5c:81:b7:97:89:
87:32:e8:0e:f3:3d:5a:db:32:3c:39:0d:59:6a:b4:
85:48:7a:d7:be:c0:2d:87:2d:a7:59:d7:b6:63:13:
a8:60:7a:49:ff:c4:dd:7a:18:41:97:60:19:33:56:
d8:3d:aa:0d:26:21:c0:34:d4:30:b7:a4:00:58:d9:
dc:88:8d:ce:ca:5d:cf:44:5f:9c:eb:e2:aa:1c:79:
51:e1:d0:34:50:0d:ec:df:3f:9f:1c:bd:5d:ff:52:
f1:83:72:42:67:ed:2b:89:7f:ff:e6:33:5f:6b:7f:
81:09:d9:7c:0e:d9:ae:78:0e:f7:61:31:f5:8b:24:
f3:8e:8e:ac:8e:61:55:22:a0:a9:0b:3c:28:24:1a:
d5:7e:a0:72:9d:15:68:6d:9f:dd:c8:3f:76:d4:ca:
a8:c2:ce:ad:f5:f2:65:6e:5a:3e:a4:60:02:ac:03:
ff:7b:13:dd:66:d6:9c:66:71:2c:59:f9:b5:ae:46:
94:59:8b:7d:6b:db:a5:55:2a:61:a4:2a:95:b7:fe:
12:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:43:F5:E2:23:BE:6B:24:D1:D0:DD:B7:C9:6B:59:03:A3:B4:74:F5
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.33.0-96.62.36.255
96.62.64.0-96.62.68.255
96.62.136.0/24
96.62.171.0-96.62.174.255
96.62.178.0/24
96.62.188.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
140.150.224.0/22
140.233.160.0/22
140.233.168.0/21
140.233.180.0/22
147.79.16.0/22
147.79.24.0/22
147.79.48.0/22
147.79.60.0/22
150.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3b:5d:ec:76:84:36:f7:ec:ad:c4:98:9d:8d:40:b1:63:d7:59:
af:c1:ba:c4:c7:fc:f4:41:12:e4:e4:40:dc:8a:22:27:53:f1:
45:d6:02:7e:13:88:d8:65:56:67:1f:f6:5e:92:64:f7:35:29:
50:4b:d9:6d:d4:25:0a:41:1f:da:b3:e0:7f:4d:06:5e:4c:bb:
58:8b:9e:e9:71:48:dd:d3:8e:2b:cd:86:0d:85:3f:5f:5c:68:
77:f4:41:46:69:62:f9:ae:0c:7b:0c:f5:b5:91:a8:2a:d8:3a:
b1:96:4d:50:d4:98:cd:25:2b:9c:c1:3a:2e:3d:6b:8a:fc:07:
68:74:81:ad:27:f8:55:cc:88:c5:e0:1d:bd:f0:f9:88:1f:2f:
aa:fa:e4:71:50:1c:bf:54:eb:0f:dd:c8:db:f4:60:2a:16:73:
45:a1:2b:e6:e0:05:05:65:7c:78:e5:86:2b:59:9c:f4:dc:57:
e1:1f:ec:0d:2a:58:bd:92:88:e6:2d:0e:e8:4d:1b:38:91:9f:
28:cc:a1:24:c8:eb:93:db:d9:45:40:4f:f6:15:0c:a3:81:da:
3e:70:57:d3:05:e1:f2:a3:7d:9e:1b:50:6f:19:b3:dd:38:42:
dc:6b:7e:3f:24:cd:8a:c4:b2:d3:8d:3e:0d:5e:78:5a:f8:70:
42:55:95:9f
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIUHUESwAoTcVHHe6leRq/vRR8jxrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTAyMTMwODAxMzZaFw0yNjAyMTIwODA2MzZaMDMxMTAvBgNV
BAMTKEFENDNGNUUyMjNCRTZCMjREMUQwRERCN0M5NkI1OTAzQTNCNDc0RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdKWekac7G9J1Go2uM5iHT1V5H
44fpx97I2kO+qjadThaq0SZe0rhkmSe9nexBKuXVga0BmghcgbeXiYcy6A7zPVrb
Mjw5DVlqtIVIete+wC2HLadZ17ZjE6hgekn/xN16GEGXYBkzVtg9qg0mIcA01DC3
pABY2dyIjc7KXc9EX5zr4qoceVHh0DRQDezfP58cvV3/UvGDckJn7SuJf//mM19r
f4EJ2XwO2a54DvdhMfWLJPOOjqyOYVUioKkLPCgkGtV+oHKdFWhtn93IP3bUyqjC
zq318mVuWj6kYAKsA/97E91m1pxmcSxZ+bWuRpRZi31r26VVKmGkKpW3/hJjAgMB
AAGjggKMMIICiDAdBgNVHQ4EFgQUrUP14iO+ayTR0N23yWtZA6O0dPUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
AGA+IQMEAGA+JDAMAwQGYD5AAwQAYD5EAwQAYD6IMAwDBABgPqsDBABgPq4DBABg
PrIDBABgPrwwDAMEAGA+4QMEAGA+4gMEAGA+5gMEAoyW4AMEAozpoAMEA4zpqAME
AozptAMEApNPEAMEApNPGAMEApNPMAMEApNPPAMEA5bxiDANBgkqhkiG9w0BAQsF
AAOCAQEAO13sdoQ29+ytxJidjUCxY9dZr8G6xMf89EES5ORA3IoiJ1PxRdYCfhOI
2GVWZx/2XpJk9zUpUEvZbdQlCkEf2rPgf00GXky7WIue6XFI3dOOK82GDYU/X1xo
d/RBRmli+a4Mewz1tZGoKtg6sZZNUNSYzSUrnME6Lj1rivwHaHSBrSf4VcyIxeAd
vfD5iB8vqvrkcVAcv1TrD93I2/RgKhZzRaEr5uAFBWV8eOWGK1mc9NxX4R/sDSpY
vZKI5i0O6E0bOJGfKMyhJMjrk9vZRUBP9hUMo4HaPnBX0wXh8qN9nhtQbxmz3ThC
3Gt+PyTNisSy040+DV54WvhwQlWVnw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:37 2025 by rpki-client