Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: pWtOlu8Jt0NKudejCiGeUUIEvVKmZpt2K2Mnm0HAoh0=
Subject key identifier: 74:6F:A5:F5:35:96:4F:D2:2E:E3:C0:5D:42:D3:26:4B:0A:F7:FF:64
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4F316E153F5E90F5C2CD60F8E4AB5EBE89FA9052
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Mon 10 Nov 2025 12:23:05 +0000
ROA not before: Mon 10 Nov 2025 12:18:05 +0000
ROA not after: Mon 09 Nov 2026 12:23:05 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.66.0/24 maxlen: 24
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
155.117.218.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.108.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.121.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.120.0/22 maxlen: 22
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
167.148.171.0/24 maxlen: 24
167.148.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Nov 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:31:6e:15:3f:5e:90:f5:c2:cd:60:f8:e4:ab:5e:be:89:fa:90:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 10 12:18:05 2025 GMT
Not After : Nov 9 12:23:05 2026 GMT
Subject: CN=746FA5F535964FD22EE3C05D42D3264B0AF7FF64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:94:d6:dc:c4:fb:f8:6c:f9:1e:74:58:a9:d3:
21:4f:e7:d8:b7:9b:63:aa:c3:8b:c3:0b:96:a0:ec:
37:53:c5:0a:22:59:94:bb:e0:1d:15:9a:4d:83:07:
13:65:0e:27:c3:05:70:52:b1:d7:8c:40:06:96:0b:
50:3f:6a:ba:5d:6f:9f:eb:db:e6:a8:81:be:58:2e:
5c:75:16:ab:e3:a3:31:63:b0:dd:7b:cd:a3:fc:04:
7f:88:3a:45:e4:a6:a5:c9:c1:6a:b1:3b:e2:43:1d:
24:b8:d2:0c:1e:b0:53:7f:97:a2:d8:27:cc:1b:ae:
07:ff:dd:d4:7e:92:3d:cc:71:d8:31:6d:6e:ff:49:
e5:9b:a9:92:a2:97:f7:38:1f:ea:ac:27:f4:b6:8f:
7a:78:3c:5b:89:52:82:fd:21:80:ac:ca:0d:cb:4d:
c5:08:57:a4:75:14:a0:68:4e:c8:02:b1:06:3a:4d:
32:12:bc:a8:4a:85:c6:4e:43:06:a2:7c:39:bc:4f:
0e:46:be:49:24:cd:0d:15:7e:5e:75:1e:c0:a0:77:
48:e4:f2:7a:93:19:c3:5a:88:cb:88:66:13:ed:6d:
e4:41:66:e4:a9:1d:95:fb:76:25:fc:29:7d:bf:76:
e9:d3:aa:b5:32:3d:ae:3d:95:94:88:e0:0b:07:d6:
42:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:6F:A5:F5:35:96:4F:D2:2E:E3:C0:5D:42:D3:26:4B:0A:F7:FF:64
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
140.233.180.0/22
143.14.66.0/24
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
143.14.245.0/24
155.117.218.0/24
162.141.21.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/23
162.141.103.0/24
162.141.108.0/24
162.141.118.0/24
162.141.121.0/24
162.141.128.0/23
162.141.153.0/24
162.141.155.0/24
162.141.164.0/24
167.148.120.0/22
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
167.148.170.0/23
167.148.201.0/24
Signature Algorithm: sha256WithRSAEncryption
00:57:f0:63:9b:3f:39:67:66:40:b5:90:af:17:1d:24:fe:a7:
6d:02:d7:25:b4:d9:1d:7a:79:e1:b8:c3:d1:61:53:c8:e9:d0:
b1:6f:65:9f:cd:2a:24:9e:99:77:f4:28:5d:8c:f4:50:1e:38:
7c:80:51:83:9d:c5:c2:a5:d1:fb:51:cc:bc:9e:a7:c5:bd:e3:
08:53:07:e3:ee:65:ec:9d:c3:61:31:58:31:d0:47:58:19:b1:
ff:e5:a6:7d:71:95:09:97:4b:78:e4:a6:38:30:b4:4f:7c:3b:
b5:27:21:8f:b6:50:66:5b:45:f5:54:59:71:1d:b8:d3:d0:82:
25:69:7b:57:bf:ff:2b:8d:28:ec:29:3f:6e:44:bd:7b:dc:e8:
6e:64:a4:4e:83:c0:a5:fe:89:13:18:d3:e2:d9:84:94:97:fb:
b8:8f:55:55:f8:b9:1b:6c:d5:9d:d4:5a:ea:ff:20:53:bf:30:
5b:1e:f3:53:c7:59:1b:22:cd:6f:d6:e5:57:58:b3:83:2b:d2:
76:eb:b5:fa:5b:44:de:4a:e5:0d:dd:68:ea:93:8d:f8:7c:c3:
dd:1c:97:d0:86:b0:20:ff:5b:a3:02:4b:b5:d7:63:53:c4:b5:
45:63:5d:d3:5a:e3:ea:6d:8f:25:b2:28:8f:d8:0b:5e:47:a7:
a3:bf:75:98
-----BEGIN CERTIFICATE-----
MIIGvzCCBaegAwIBAgIUTzFuFT9ekPXCzWD45Ktevon6kFIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMTAxMjE4MDVaFw0yNjExMDkxMjIzMDVaMDMxMTAvBgNV
BAMTKDc0NkZBNUY1MzU5NjRGRDIyRUUzQzA1RDQyRDMyNjRCMEFGN0ZGNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2lNbcxPv4bPkedFip0yFP59i3
m2Oqw4vDC5ag7DdTxQoiWZS74B0Vmk2DBxNlDifDBXBSsdeMQAaWC1A/arpdb5/r
2+aogb5YLlx1FqvjozFjsN17zaP8BH+IOkXkpqXJwWqxO+JDHSS40gwesFN/l6LY
J8wbrgf/3dR+kj3McdgxbW7/SeWbqZKil/c4H+qsJ/S2j3p4PFuJUoL9IYCsyg3L
TcUIV6R1FKBoTsgCsQY6TTISvKhKhcZOQwaifDm8Tw5GvkkkzQ0Vfl51HsCgd0jk
8nqTGcNaiMuIZhPtbeRBZuSpHZX7diX8KX2/dunTqrUyPa49lZSI4AsH1kIJAgMB
AAGjggPJMIIDxTAdBgNVHQ4EFgQUdG+l9TWWT9Iu48BdQtMmSwr3/2QwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB3wYIKwYBBQUHAQcBAf8EggHOMIIByjCCAcYEAgABMIIB
vjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBAKM6bQDBACPDkIDBACPDpIDBACPDpQDBACPDpkDBACPDpsD
BACPDsMDBACPDsUDBACPDvUDBACbddoDBACijRUwDAMEAKKNJQMEAKKNJgMEAKKN
MwMEAaKNNgMEAKKNZwMEAKKNbAMEAKKNdgMEAKKNeQMEAaKNgAMEAKKNmQMEAKKN
mwMEAKKNpAMEAqeUeAMEAKeUhwMEAKeUijAMAwQAp5STAwQAp5SUAwQAp5SWAwQA
p5SZAwQBp5SqAwQAp5TJMA0GCSqGSIb3DQEBCwUAA4IBAQAAV/Bjmz85Z2ZAtZCv
Fx0k/qdtAtcltNkdennhuMPRYVPI6dCxb2WfzSoknpl39ChdjPRQHjh8gFGDncXC
pdH7Ucy8nqfFveMIUwfj7mXsncNhMVgx0EdYGbH/5aZ9cZUJl0t45KY4MLRPfDu1
JyGPtlBmW0X1VFlxHbjT0IIlaXtXv/8rjSjsKT9uRL173OhuZKROg8Cl/okTGNPi
2YSUl/u4j1VV+LkbbNWd1Frq/yBTvzBbHvNTx1kbIs1v1uVXWLODK9J267X6W0Te
SuUN3Wjqk434fMPdHJfQhrAg/1ujAku112NTxLVFY13TWuPqbY8lsiiP2AteR6ej
v3WY
-----END CERTIFICATE-----
Generated at Mon Nov 17 04:22:00 2025 by rpki-client