Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: Fc/gacUgsc1FIj6AdMwGda3cr4VPSq/h7mjSFNTMbKo=
Subject key identifier: 47:C1:F7:8A:1A:5D:69:1C:85:4E:3F:2E:21:5D:9A:02:10:22:E6:51
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 7348AF2A70A0CFD05FB054B5F81914307E35ED79
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Fri 14 Feb 2025 07:06:23 +0000
ROA not before: Fri 14 Feb 2025 07:01:23 +0000
ROA not after: Fri 13 Feb 2026 07:06:23 +0000
asID: 174
IP address blocks: 46.202.32.0/24 maxlen: 24
46.202.36.0/24 maxlen: 24
46.202.41.0/24 maxlen: 24
46.202.46.0/24 maxlen: 24
46.202.85.0/24 maxlen: 24
46.202.86.0/24 maxlen: 24
46.203.18.0/24 maxlen: 24
46.203.31.0/24 maxlen: 24
46.203.33.0/24 maxlen: 24
46.203.35.0/24 maxlen: 24
46.203.46.0/24 maxlen: 24
46.203.55.0/24 maxlen: 24
46.203.57.0/24 maxlen: 24
46.203.61.0/24 maxlen: 24
46.203.72.0/24 maxlen: 24
46.203.75.0/24 maxlen: 24
46.203.77.0/24 maxlen: 24
46.203.78.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
46.203.83.0/24 maxlen: 24
46.203.84.0/24 maxlen: 24
46.203.87.0/24 maxlen: 24
46.203.126.0/24 maxlen: 24
46.203.135.0/24 maxlen: 24
46.203.136.0/24 maxlen: 24
46.203.139.0/24 maxlen: 24
46.203.146.0/24 maxlen: 24
91.124.36.0/24 maxlen: 24
91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.84.0/22 maxlen: 22
91.124.92.0/22 maxlen: 22
91.124.96.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.112.0/22 maxlen: 22
91.124.116.0/22 maxlen: 24
91.124.120.0/22 maxlen: 24
91.124.152.0/22 maxlen: 22
91.124.156.0/22 maxlen: 24
91.124.160.0/24 maxlen: 24
91.124.161.0/24 maxlen: 24
91.124.162.0/24 maxlen: 24
91.124.163.0/24 maxlen: 24
91.124.164.0/22 maxlen: 22
91.124.168.0/22 maxlen: 22
91.124.176.0/24 maxlen: 24
91.124.180.0/22 maxlen: 22
91.124.188.0/22 maxlen: 22
91.124.196.0/24 maxlen: 24
91.124.197.0/24 maxlen: 24
91.124.198.0/24 maxlen: 24
91.124.204.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
91.124.206.0/24 maxlen: 24
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
91.124.228.0/22 maxlen: 22
91.124.232.0/22 maxlen: 22
92.112.5.0/24 maxlen: 24
92.112.9.0/24 maxlen: 24
92.112.65.0/24 maxlen: 24
92.112.66.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
92.112.104.0/24 maxlen: 24
92.112.105.0/24 maxlen: 24
92.112.108.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.113.70.0/24 maxlen: 24
92.113.71.0/24 maxlen: 24
92.113.72.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.127.0/24 maxlen: 24
92.113.128.0/24 maxlen: 24
92.113.158.0/24 maxlen: 24
92.113.159.0/24 maxlen: 24
92.113.160.0/24 maxlen: 24
92.113.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 05:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:48:af:2a:70:a0:cf:d0:5f:b0:54:b5:f8:19:14:30:7e:35:ed:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Feb 14 07:01:23 2025 GMT
Not After : Feb 13 07:06:23 2026 GMT
Subject: CN=47C1F78A1A5D691C854E3F2E215D9A021022E651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7c:d6:4e:1f:53:95:57:98:e6:3b:7c:a7:52:
14:c5:27:73:17:81:09:72:d5:8c:ba:7b:30:d0:01:
51:19:e3:6a:c5:95:16:c9:9b:55:f5:fd:8d:3c:46:
6c:bb:40:60:1d:0b:78:f8:4d:52:24:56:64:38:13:
07:cb:04:61:dc:b2:88:1f:90:09:0e:1f:fe:ab:77:
00:cb:d5:b1:fc:b0:5f:ae:9e:7a:88:27:9a:e7:02:
a6:0d:10:89:58:db:9f:8c:f8:e8:31:f4:b4:2d:c8:
1a:6e:23:d7:6d:72:67:29:a0:2b:70:ca:e9:3c:5b:
84:f8:1a:9c:e4:96:b8:db:4a:95:90:cf:e0:88:2c:
5b:5d:6e:19:3a:b6:98:b7:a2:16:4d:bf:e3:48:59:
31:13:fc:e4:0c:5b:c4:de:68:2f:a8:38:f8:33:b5:
74:ff:51:4f:e1:a8:13:cf:31:4f:72:0f:c2:15:25:
3b:78:e6:7e:4e:ec:50:ee:30:4e:f3:0f:63:93:2d:
4e:d8:0b:00:70:81:cf:be:a3:c6:56:71:e3:e8:65:
e1:11:e8:50:81:e9:e7:8e:7d:b8:f4:52:24:b7:01:
c2:20:8a:f9:54:20:bd:9e:bc:fa:69:35:90:16:a1:
d1:1c:3f:6f:0d:2d:64:49:6b:df:42:34:4b:47:b4:
69:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:C1:F7:8A:1A:5D:69:1C:85:4E:3F:2E:21:5D:9A:02:10:22:E6:51
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.32.0/24
46.202.36.0/24
46.202.41.0/24
46.202.46.0/24
46.202.85.0-46.202.86.255
46.203.18.0/24
46.203.31.0/24
46.203.33.0/24
46.203.35.0/24
46.203.46.0/24
46.203.55.0/24
46.203.57.0/24
46.203.61.0/24
46.203.72.0/24
46.203.75.0/24
46.203.77.0-46.203.78.255
46.203.81.0/24
46.203.83.0-46.203.84.255
46.203.87.0/24
46.203.126.0/24
46.203.135.0-46.203.136.255
46.203.139.0/24
46.203.146.0/24
91.124.36.0/24
91.124.68.0-91.124.79.255
91.124.84.0/22
91.124.92.0-91.124.123.255
91.124.152.0-91.124.171.255
91.124.176.0/24
91.124.180.0/22
91.124.188.0/22
91.124.196.0-91.124.198.255
91.124.204.0-91.124.206.255
91.124.212.0/22
91.124.224.0-91.124.235.255
92.112.5.0/24
92.112.9.0/24
92.112.65.0-92.112.66.255
92.112.71.0/24
92.112.104.0/23
92.112.108.0/23
92.113.70.0-92.113.73.255
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.127.0-92.113.128.255
92.113.158.0-92.113.161.255
Signature Algorithm: sha256WithRSAEncryption
4b:c3:f2:7e:83:97:15:cb:4a:62:b0:36:87:73:b3:45:97:9b:
b8:f4:0e:31:0c:71:48:25:f3:d6:c6:e5:f7:25:a0:45:e0:e0:
c0:69:01:9a:78:f3:44:38:38:51:01:eb:6c:ab:6d:2c:41:80:
c9:52:cf:f4:e2:2b:b0:d1:a3:0c:4c:77:5a:e8:dc:da:88:30:
e6:36:af:e7:7b:8b:26:f6:dc:6b:8d:cb:4e:0f:f9:c1:37:d5:
5a:f1:7c:a1:b2:12:86:9d:74:fe:42:0b:00:51:e0:a1:40:29:
91:27:99:19:b1:37:8b:f9:89:c6:c1:f2:b4:ca:0d:d3:b7:f2:
df:46:bd:9a:c4:59:63:99:f5:d4:97:34:fc:3c:a2:c6:0f:30:
be:2d:a2:3c:5a:d2:56:1a:e3:ef:c4:5e:16:d9:dc:4a:6e:45:
8b:ed:4b:61:86:cc:82:a0:e8:fd:ba:70:87:63:5b:c5:16:02:
aa:f8:7f:af:c6:01:c1:f6:23:ab:de:50:02:72:93:f0:35:d1:
d9:da:35:d3:d4:65:f9:70:4a:09:a4:99:42:85:f2:c6:40:c5:
25:de:8f:b4:05:29:9d:10:43:20:b4:ad:3b:fd:3e:03:c4:46:
ea:81:ca:a8:fa:f5:d4:ba:31:10:69:8d:3a:d0:3b:89:44:ec:
be:cf:82:2e
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgIUc0ivKnCgz9BfsFS1+BkUMH417XkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTAyMTQwNzAxMjNaFw0yNjAyMTMwNzA2MjNaMDMxMTAvBgNV
BAMTKDQ3QzFGNzhBMUE1RDY5MUM4NTRFM0YyRTIxNUQ5QTAyMTAyMkU2NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtfNZOH1OVV5jmO3ynUhTFJ3MX
gQly1Yy6ezDQAVEZ42rFlRbJm1X1/Y08Rmy7QGAdC3j4TVIkVmQ4EwfLBGHcsogf
kAkOH/6rdwDL1bH8sF+unnqIJ5rnAqYNEIlY25+M+Ogx9LQtyBpuI9dtcmcpoCtw
yuk8W4T4GpzklrjbSpWQz+CILFtdbhk6tpi3ohZNv+NIWTET/OQMW8TeaC+oOPgz
tXT/UU/hqBPPMU9yD8IVJTt45n5O7FDuME7zD2OTLU7YCwBwgc++o8ZWcePoZeER
6FCB6eeOfbj0UiS3AcIgivlUIL2evPppNZAWodEcP28NLWRJa99CNEtHtGlJAgMB
AAGjggOXMIIDkzAdBgNVHQ4EFgQUR8H3ihpdaRyFTj8uIV2aAhAi5lEwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrQYIKwYBBQUHAQcBAf8EggGcMIIBmDCCAZQEAgABMIIB
jAMEAC7KIAMEAC7KJAMEAC7KKQMEAC7KLjAMAwQALspVAwQALspWAwQALssSAwQA
LssfAwQALsshAwQALssjAwQALssuAwQALss3AwQALss5AwQALss9AwQALstIAwQA
LstLMAwDBAAuy00DBAAuy04DBAAuy1EwDAMEAC7LUwMEAC7LVAMEAC7LVwMEAC7L
fjAMAwQALsuHAwQALsuIAwQALsuLAwQALsuSAwQAW3wkMAwDBAJbfEQDBARbfEAD
BAJbfFQwDAMEAlt8XAMEAlt8eDAMAwQDW3yYAwQCW3yoAwQAW3ywAwQCW3y0AwQC
W3y8MAwDBAJbfMQDBABbfMYwDAMEAlt8zAMEAFt8zgMEAlt81DAMAwQFW3zgAwQC
W3zoAwQAXHAFAwQAXHAJMAwDBABccEEDBABccEIDBABccEcDBAFccGgDBAFccGww
DAMEAVxxRgMEAVxxSDAMAwQAXHFlAwQAXHFmAwQBXHFoMAwDBABccX8DBABccYAw
DAMEAVxxngMEAVxxoDANBgkqhkiG9w0BAQsFAAOCAQEAS8PyfoOXFctKYrA2h3Oz
RZebuPQOMQxxSCXz1sbl9yWgReDgwGkBmnjzRDg4UQHrbKttLEGAyVLP9OIrsNGj
DEx3Wujc2ogw5jav53uLJvbca43LTg/5wTfVWvF8obIShp10/kILAFHgoUApkSeZ
GbE3i/mJxsHytMoN07fy30a9msRZY5n11Jc0/Dyixg8wvi2iPFrSVhrj78ReFtnc
Sm5Fi+1LYYbMgqDo/bpwh2NbxRYCqvh/r8YBwfYjq95QAnKT8DXR2do109Rl+XBK
CaSZQoXyxkDFJd6PtAUpnRBDILStO/0+A8RG6oHKqPr11LoxEGmNOtA7iUTsvs+C
Lg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:08:56 2025 by rpki-client