Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: fCYYl75TJdwQNSpiE4/nBd6AtCxJD6zukA5FXe8sBvk=
Subject key identifier: B0:EC:FC:3E:58:BF:E6:35:B9:7B:F2:19:4D:9C:6F:FE:8C:E7:DF:7D
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3C3EE55AD305F4A1BAC7F0AD8C310C60CF20DF37
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Mon 23 Dec 2024 15:17:39 +0000
ROA not before: Mon 23 Dec 2024 15:12:39 +0000
ROA not after: Mon 22 Dec 2025 15:17:39 +0000
asID: 174
IP address blocks: 5.182.110.0/24 maxlen: 24
45.88.97.0/24 maxlen: 24
45.89.249.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
179.61.239.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.94.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.167.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:3e:e5:5a:d3:05:f4:a1:ba:c7:f0:ad:8c:31:0c:60:cf:20:df:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Dec 23 15:12:39 2024 GMT
Not After : Dec 22 15:17:39 2025 GMT
Subject: CN=B0ECFC3E58BFE635B97BF2194D9C6FFE8CE7DF7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:40:4e:5c:8b:3c:9c:de:47:76:9c:98:e4:8e:
9b:02:a5:c8:d0:df:df:58:81:4b:c8:5e:38:2b:5c:
77:d0:fc:bd:08:fe:dd:aa:ac:ba:0e:bf:b2:a1:4b:
53:46:1a:e1:b6:eb:fd:00:7d:1a:d3:43:1d:e0:e8:
d5:b6:82:aa:c8:12:7b:66:1e:20:a7:14:6c:cc:39:
6c:49:d7:84:95:35:c4:d7:50:33:6d:8c:f6:2f:9b:
4f:ce:90:86:d1:e4:33:04:59:cf:a1:14:e3:8e:78:
ea:d5:2b:9d:a8:35:ea:0f:6e:92:44:70:50:42:48:
e1:1d:f4:6e:ed:6d:04:95:14:ef:fb:ef:bd:2d:b3:
6e:e7:99:95:62:09:f5:e2:de:79:f1:d3:f9:cc:47:
86:45:de:6e:60:d4:78:0c:37:e1:58:a0:62:71:26:
73:4b:04:c9:c4:67:79:38:b8:b6:68:91:fd:1c:2f:
60:0f:95:80:b8:1c:f2:2c:57:b6:f6:1f:ec:f7:a2:
3c:10:4d:b1:df:96:cd:70:d6:ae:29:e0:f4:42:34:
37:c4:d9:3c:4c:4c:d8:02:f5:e7:fe:28:4c:b1:24:
1a:de:93:df:8b:64:8e:68:29:f1:90:34:fc:10:c9:
8f:2a:72:af:d5:42:ed:81:b6:d2:41:ce:18:2c:2f:
6e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:EC:FC:3E:58:BF:E6:35:B9:7B:F2:19:4D:9C:6F:FE:8C:E7:DF:7D
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
45.88.97.0/24
45.89.249.0/24
45.133.172.0/23
179.61.197.0/24
179.61.239.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0-181.214.94.255
181.214.153.0/24
181.214.164.0/22
181.214.173.0/24
181.214.218.0/24
181.215.88.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
85:c7:22:48:4a:fa:f0:a0:e0:90:d0:36:d4:c3:80:62:82:0c:
2d:03:02:7e:f9:32:90:b8:16:98:5f:cf:8d:89:e9:a0:39:60:
c6:a8:ac:96:fa:43:41:47:18:13:9e:c3:3e:97:fc:18:e8:b3:
21:66:1f:03:8f:bd:f2:cf:c7:c7:eb:fa:ca:1f:d3:69:80:5d:
c0:9b:a0:19:c7:de:4d:4c:35:d6:1a:1d:13:8b:06:87:8d:1f:
06:be:90:fc:d5:1c:9d:6d:fe:9b:6f:4e:41:76:8d:3c:d9:15:
d2:3d:49:1d:4a:ed:95:e7:03:e9:3e:f9:1b:e5:57:17:01:c4:
70:05:7f:a4:c6:0a:18:d6:c6:b4:e2:1e:60:13:98:19:18:71:
35:15:1a:c7:c8:9d:14:6e:f3:d3:e2:fb:c1:a1:d8:64:f5:59:
13:f7:73:b7:76:8c:5c:3a:b5:48:07:fb:01:94:c1:38:12:bb:
ef:bc:9e:e3:90:ed:7b:06:95:c0:cd:33:95:97:4e:10:37:cb:
a5:f9:32:44:97:0d:16:fa:6d:58:5d:89:11:63:e3:42:0e:0b:
3c:bc:d6:84:b2:ae:62:d9:25:e9:8e:0b:95:b8:31:bb:aa:52:
22:cc:e5:8d:87:a7:98:c3:64:7c:a6:90:fa:00:e3:eb:fe:50:
af:04:9a:06
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgIUPD7lWtMF9KG6x/CtjDEMYM8g3zcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDEyMjMxNTEyMzlaFw0yNTEyMjIxNTE3MzlaMDMxMTAvBgNV
BAMTKEIwRUNGQzNFNThCRkU2MzVCOTdCRjIxOTREOUM2RkZFOENFN0RGN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdQE5cizyc3kd2nJjkjpsCpcjQ
399YgUvIXjgrXHfQ/L0I/t2qrLoOv7KhS1NGGuG26/0AfRrTQx3g6NW2gqrIEntm
HiCnFGzMOWxJ14SVNcTXUDNtjPYvm0/OkIbR5DMEWc+hFOOOeOrVK52oNeoPbpJE
cFBCSOEd9G7tbQSVFO/7770ts27nmZViCfXi3nnx0/nMR4ZF3m5g1HgMN+FYoGJx
JnNLBMnEZ3k4uLZokf0cL2APlYC4HPIsV7b2H+z3ojwQTbHfls1w1q4p4PRCNDfE
2TxMTNgC9ef+KEyxJBrek9+LZI5oKfGQNPwQyY8qcq/VQu2BttJBzhgsL25XAgMB
AAGjggK8MIICuDAdBgNVHQ4EFgQUsOz8Pli/5jW5e/IZTZxv/ozn330wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAF
tm4DBAAtWGEDBAAtWfkDBAEthawDBACzPcUDBACzPe8DBAC1KcoDBAC1Kc4wDAME
ALXWXQMEALXWXgMEALXWmQMEArXWpAMEALXWrQMEALXW2gMEALXXWAMEALXXsAME
ALXXtgMEAb9gJAMEAL9gZwMEAL9gagMEAL9glgMEAL9gqAMEAL9guQMEAL9g4wME
AL9g/wMEAL9lHwMEAL9lPQMEAL9lnQMEAL9l2QMEAMJuDTANBgkqhkiG9w0BAQsF
AAOCAQEAhcciSEr68KDgkNA21MOAYoIMLQMCfvkykLgWmF/PjYnpoDlgxqislvpD
QUcYE57DPpf8GOizIWYfA4+98s/Hx+v6yh/TaYBdwJugGcfeTUw11hodE4sGh40f
Br6Q/NUcnW3+m29OQXaNPNkV0j1JHUrtlecD6T75G+VXFwHEcAV/pMYKGNbGtOIe
YBOYGRhxNRUax8idFG7z0+L7waHYZPVZE/dzt3aMXDq1SAf7AZTBOBK777ye45Dt
ewaVwM0zlZdOEDfLpfkyRJcNFvptWF2JEWPjQg4LPLzWhLKuYtkl6Y4Llbgxu6pS
IszljYenmMNkfKaQ+gDj6/5QrwSaBg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:35:47 2025 by rpki-client