Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: jI9VZcfZC11VjyOcMwezDq0iXrYcLmLKoU0WgIXaeys=
Subject key identifier: E6:06:E7:4F:6A:2A:52:58:BA:27:44:CD:3A:8D:2F:CD:B6:04:8B:D8
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 44EB8D98AEF35166FD05CC19B0F77CE84FE738F3
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Thu 29 May 2025 07:08:29 +0000
ROA not before: Thu 29 May 2025 07:03:29 +0000
ROA not after: Thu 28 May 2026 07:08:29 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.150.224.0/22 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
150.241.136.0/21 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 05:53:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:eb:8d:98:ae:f3:51:66:fd:05:cc:19:b0:f7:7c:e8:4f:e7:38:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 29 07:03:29 2025 GMT
Not After : May 28 07:08:29 2026 GMT
Subject: CN=E606E74F6A2A5258BA2744CD3A8D2FCDB6048BD8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f0:a4:cb:0b:5d:c7:28:02:01:1d:8c:d6:60:
1c:ce:ea:2a:81:c1:75:ef:ac:b9:65:58:75:e3:ef:
2c:af:25:0b:e2:56:cd:7c:6a:ba:08:6c:17:60:16:
1b:6c:1f:a9:97:31:56:77:17:d8:a0:cc:be:78:b0:
a9:7b:3a:48:cd:ac:5f:f9:33:70:34:89:ea:de:33:
0e:9a:0d:6e:31:73:9b:a9:eb:01:a0:68:b5:a6:a0:
79:f9:2a:e6:47:fa:81:f5:5a:36:7c:bd:39:81:c0:
4a:5b:09:75:6b:e3:45:a6:45:78:71:a2:a2:da:c1:
7a:1e:fe:91:e9:c0:8f:4d:d7:b4:b9:c3:8a:c5:70:
f1:13:37:d8:a0:aa:58:85:e5:b3:c0:18:6a:fb:9a:
08:35:cc:46:bf:91:70:57:98:08:40:16:c2:ad:44:
19:77:e4:53:74:1c:57:fd:1e:4c:cf:95:a7:6f:28:
55:d2:d5:fe:3c:5a:fe:70:cc:98:29:96:e5:7c:fc:
f3:8e:3a:b3:53:9c:49:f1:e7:7d:a0:bb:ea:27:5d:
79:2d:03:42:05:ab:f5:bb:b2:55:97:e6:95:b2:b7:
5b:69:2b:d8:8a:bc:27:f7:67:4d:7a:bb:44:0a:8b:
5b:dc:03:88:98:ce:0b:24:69:26:16:95:e4:8e:a1:
d2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:06:E7:4F:6A:2A:52:58:BA:27:44:CD:3A:8D:2F:CD:B6:04:8B:D8
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.150.224.0/22
140.233.160.0/22
140.233.180.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
150.241.136.0/21
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/24
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:2b:20:e1:5b:49:63:1f:97:bf:1f:59:df:c6:33:81:07:7a:
92:c4:38:ca:bb:72:33:fe:15:fc:2d:f9:43:09:23:b6:ab:94:
2c:10:1f:e4:99:d3:09:3a:5d:6b:a7:b8:ef:de:70:2e:e0:0f:
21:9a:e6:f4:be:53:b7:50:10:95:59:b3:4b:07:60:a4:f0:57:
a0:c0:7c:45:d7:bc:b1:46:e1:38:a1:07:78:50:65:75:1f:5b:
b7:5a:db:13:9d:31:ba:0b:0d:0b:51:15:dc:ca:7e:2d:6c:41:
d0:b5:e5:04:0d:c5:70:76:dd:45:46:c7:ad:76:fc:f3:e0:ad:
73:f9:33:ff:96:92:0a:e5:e8:67:54:17:05:ba:da:ea:8f:2a:
14:80:21:43:c9:2e:97:e0:c7:ce:66:10:f0:3f:8d:49:00:1e:
69:bd:cf:4f:fc:0b:dd:62:45:af:f5:cf:41:af:ac:9a:3b:94:
0f:58:4f:6d:43:7a:14:75:18:e9:65:b6:ae:e1:77:33:af:e1:
bc:a4:e7:b3:54:12:6d:3a:74:77:36:49:23:91:c3:5b:6d:66:
fb:e6:57:60:b7:ce:54:24:09:6f:48:32:15:5d:60:52:d1:aa:
71:26:4a:03:e5:48:02:26:0e:fd:2a:0f:d2:d3:29:e8:e1:8b:
12:3d:03:f7
-----BEGIN CERTIFICATE-----
MIIGjzCCBXegAwIBAgIUROuNmK7zUWb9BcwZsPd86E/nOPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MjkwNzAzMjlaFw0yNjA1MjgwNzA4MjlaMDMxMTAvBgNV
BAMTKEU2MDZFNzRGNkEyQTUyNThCQTI3NDRDRDNBOEQyRkNEQjYwNDhCRDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC78KTLC13HKAIBHYzWYBzO6iqB
wXXvrLllWHXj7yyvJQviVs18aroIbBdgFhtsH6mXMVZ3F9igzL54sKl7OkjNrF/5
M3A0iereMw6aDW4xc5up6wGgaLWmoHn5KuZH+oH1WjZ8vTmBwEpbCXVr40WmRXhx
oqLawXoe/pHpwI9N17S5w4rFcPETN9igqliF5bPAGGr7mgg1zEa/kXBXmAhAFsKt
RBl35FN0HFf9HkzPladvKFXS1f48Wv5wzJgpluV8/POOOrNTnEnx532gu+onXXkt
A0IFq/W7slWX5pWyt1tpK9iKvCf3Z016u0QKi1vcA4iYzgskaSYWleSOodJZAgMB
AAGjggOZMIIDlTAdBgNVHQ4EFgQU5gbnT2oqUli6J0TNOo0vzbYEi9gwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrwYIKwYBBQUHAQcBAf8EggGeMIIBmjCCAZYEAgABMIIB
jjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKMluADBAKM6aADBAKM6bQDBACPDpIDBACPDpQDBACPDpkDBACPDpsD
BACPDsMDBACPDsUDBAOW8YgwDAMEAKKNJQMEAKKNJgMEAKKNMwMEAKKNNgMEAKKN
ZwMEAKKNdgMEAaKNgAMEAKKNmwMEAKKNpAMEAKeUhwMEAKeUijAMAwQAp5STAwQA
p5SUAwQAp5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUAA4IBAQCbKyDhW0ljH5e/H1nf
xjOBB3qSxDjKu3Iz/hX8LflDCSO2q5QsEB/kmdMJOl1rp7jv3nAu4A8hmub0vlO3
UBCVWbNLB2Ck8FegwHxF17yxRuE4oQd4UGV1H1u3WtsTnTG6Cw0LURXcyn4tbEHQ
teUEDcVwdt1FRsetdvzz4K1z+TP/lpIK5ehnVBcFutrqjyoUgCFDyS6X4MfOZhDw
P41JAB5pvc9P/AvdYkWv9c9Br6yaO5QPWE9tQ3oUdRjpZbau4Xczr+G8pOezVBJt
OnR3NkkjkcNbbWb75ldgt85UJAlvSDIVXWBS0apxJkoD5UgCJg79Kg/S0yno4YsS
PQP3
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:48:50 2025 by rpki-client