Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: aGMzqbqlUI8nn2BjSn0hnSo/+qyT6jhfRc2oE3/xzN0=
Subject key identifier: 09:21:D1:37:4D:44:72:A7:19:C3:9E:95:C4:E4:84:46:D4:6C:60:16
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7FF866624A95E1C462F007D7C07A006307E98021
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Tue 05 Mar 2024 15:01:09 +0000
ROA not before: Tue 05 Mar 2024 14:56:09 +0000
ROA not after: Tue 04 Mar 2025 15:01:09 +0000
asID: 174
IP address blocks: 5.182.110.0/24 maxlen: 24
45.88.97.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
179.61.239.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.167.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.145.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.190.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:f8:66:62:4a:95:e1:c4:62:f0:07:d7:c0:7a:00:63:07:e9:80:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 5 14:56:09 2024 GMT
Not After : Mar 4 15:01:09 2025 GMT
Subject: CN=0921D1374D4472A719C39E95C4E48446D46C6016
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:34:c9:1a:7a:76:97:a4:91:fd:34:98:84:32:
23:be:60:bd:49:c3:3c:6a:7f:a3:ed:a7:ed:3c:74:
2d:2e:40:bb:26:d8:d3:05:07:e1:d3:aa:b7:76:6a:
0d:ac:8d:06:9c:66:2e:aa:fa:e4:06:0b:11:56:e2:
31:2a:c1:41:8a:31:0e:36:78:31:1a:59:0a:c1:00:
93:22:80:69:87:25:15:92:16:8c:91:8c:28:ff:a5:
93:1a:a7:aa:b5:58:92:94:8e:18:4a:0c:2a:11:57:
a9:24:ad:88:d4:a6:47:01:4d:2a:9f:d5:88:b7:c3:
cb:f9:ad:ab:d1:0d:55:a6:5e:eb:b0:36:35:d5:68:
54:50:48:04:d5:7c:5a:5e:73:12:18:73:bb:c8:6a:
59:76:68:93:fa:ff:da:09:4f:c7:78:76:16:96:fe:
87:78:1d:41:88:fb:e9:8a:42:47:4f:c7:86:1d:96:
93:41:32:5d:3a:c5:f6:a2:44:8e:17:2b:a8:2f:91:
30:a9:88:a3:9e:6b:57:bb:10:08:98:28:fa:58:a7:
35:04:15:55:de:df:19:31:1b:d3:5a:42:08:ad:46:
d2:d2:20:02:bc:31:d5:23:21:76:d7:70:13:37:23:
26:73:e0:1c:40:84:48:b8:9a:ca:39:bd:92:70:c5:
3b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:21:D1:37:4D:44:72:A7:19:C3:9E:95:C4:E4:84:46:D4:6C:60:16
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
45.88.97.0/24
45.133.172.0/23
179.61.197.0/24
179.61.239.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0-181.214.94.255
181.214.153.0/24
181.214.164.0/22
181.214.173.0/24
181.214.218.0/24
181.215.88.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.145.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.190.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:e1:ac:4f:c1:f8:07:b4:d0:4b:e6:22:cf:1d:29:62:b8:40:
10:c4:38:cf:ba:20:de:be:9a:d8:a5:bf:8b:65:8f:91:68:78:
55:63:00:a5:4c:13:52:a5:4b:d0:f9:e4:fa:3a:e0:5a:08:f6:
84:d7:a0:c7:28:d0:d3:fd:f1:3c:5a:2c:81:ce:fc:99:0e:bc:
5c:5b:f7:77:3f:a1:c5:10:fe:4c:df:b7:7a:1d:79:43:0d:b9:
cc:15:3b:6e:2d:c2:f0:91:e7:e1:2b:10:68:62:30:35:99:95:
6b:a5:3d:da:eb:6d:0b:76:9a:c6:46:a5:71:53:1f:df:0a:43:
0a:07:85:59:5a:7b:f7:98:d9:51:37:d1:fe:cf:16:d4:04:62:
d7:0f:fb:35:34:2f:fc:49:58:0f:10:0c:87:73:44:21:30:be:
2c:37:4d:7d:ea:e9:7d:3f:f7:91:c7:b0:49:0b:7a:69:ab:1d:
55:b0:06:1d:fc:8c:0d:a8:f8:50:20:d6:61:48:76:1d:de:3a:
db:ee:a6:43:5a:2d:99:0e:b3:0d:35:f4:eb:32:ac:9f:12:38:
12:d6:cf:77:38:a3:de:d5:60:7e:c7:10:c0:0f:36:f4:33:e6:
52:63:7c:dd:89:9b:3a:3d:50:51:39:de:13:6d:7a:f7:c4:51:
99:d0:e4:17
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgIUf/hmYkqV4cRi8AfXwHoAYwfpgCEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDAzMDUxNDU2MDlaFw0yNTAzMDQxNTAxMDlaMDMxMTAvBgNV
BAMTKDA5MjFEMTM3NEQ0NDcyQTcxOUMzOUU5NUM0RTQ4NDQ2RDQ2QzYwMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6NMkaenaXpJH9NJiEMiO+YL1J
wzxqf6Ptp+08dC0uQLsm2NMFB+HTqrd2ag2sjQacZi6q+uQGCxFW4jEqwUGKMQ42
eDEaWQrBAJMigGmHJRWSFoyRjCj/pZMap6q1WJKUjhhKDCoRV6kkrYjUpkcBTSqf
1Yi3w8v5ravRDVWmXuuwNjXVaFRQSATVfFpecxIYc7vIall2aJP6/9oJT8d4dhaW
/od4HUGI++mKQkdPx4YdlpNBMl06xfaiRI4XK6gvkTCpiKOea1e7EAiYKPpYpzUE
FVXe3xkxG9NaQgitRtLSIAK8MdUjIXbXcBM3IyZz4BxAhEi4mso5vZJwxTu3AgMB
AAGjggLCMIICvjAdBgNVHQ4EFgQUCSHRN01EcqcZw56VxOSERtRsYBYwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBAAF
tm4DBAAtWGEDBAEthawDBACzPcUDBACzPe8DBAC1KcoDBAC1Kc4wDAMEALXWXQME
ALXWXgMEALXWmQMEArXWpAMEALXWrQMEALXW2gMEALXXWAMEALXXsAMEALXXtgME
Ab9gJAMEAL9gZwMEAL9gagMEAL9gkQMEAL9glgMEAL9gqAMEAL9guQMEAL9gvgME
AL9g4wMEAL9g/wMEAL9lHwMEAL9lPQMEAL9lnQMEAL9l2QMEAMJuDTANBgkqhkiG
9w0BAQsFAAOCAQEAKuGsT8H4B7TQS+Yizx0pYrhAEMQ4z7og3r6a2KW/i2WPkWh4
VWMApUwTUqVL0Pnk+jrgWgj2hNegxyjQ0/3xPFosgc78mQ68XFv3dz+hxRD+TN+3
eh15Qw25zBU7bi3C8JHn4SsQaGIwNZmVa6U92uttC3aaxkalcVMf3wpDCgeFWVp7
95jZUTfR/s8W1ARi1w/7NTQv/ElYDxAMh3NEITC+LDdNferpfT/3kcewSQt6aasd
VbAGHfyMDaj4UCDWYUh2Hd462+6mQ1otmQ6zDTX06zKsnxI4EtbPdzij3tVgfscQ
wA829DPmUmN83YmbOj1QUTneE21698RRmdDkFw==
-----END CERTIFICATE-----
Generated at Sat Apr 27 19:18:06 2024 by rpki-client on console-ams.rpki-client.org