Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: xOiaM5etOK+ds0GikZd6ftuLd2z1LkriJjLIR97bB4M=
Subject key identifier: 05:F4:1B:76:68:A0:37:E3:96:8E:E3:38:7F:93:6B:59:DF:54:21:F9
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5797864C94DBCB7AA9285ADE3302C13F9B5A767E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Wed 16 Apr 2025 07:37:26 +0000
ROA not before: Wed 16 Apr 2025 07:32:26 +0000
ROA not after: Wed 15 Apr 2026 07:37:26 +0000
asID: 174
IP address blocks: 46.202.35.0/24 maxlen: 24
46.202.62.0/24 maxlen: 24
46.202.85.0/24 maxlen: 24
46.202.86.0/24 maxlen: 24
46.203.18.0/24 maxlen: 24
46.203.31.0/24 maxlen: 24
46.203.33.0/24 maxlen: 24
46.203.35.0/24 maxlen: 24
46.203.46.0/24 maxlen: 24
46.203.55.0/24 maxlen: 24
46.203.57.0/24 maxlen: 24
46.203.61.0/24 maxlen: 24
46.203.72.0/24 maxlen: 24
46.203.75.0/24 maxlen: 24
46.203.77.0/24 maxlen: 24
46.203.78.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
46.203.148.0/24 maxlen: 24
46.203.178.0/24 maxlen: 24
91.124.17.0/24 maxlen: 24
91.124.36.0/24 maxlen: 24
91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.84.0/22 maxlen: 22
91.124.92.0/22 maxlen: 22
91.124.96.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.160.0/24 maxlen: 24
91.124.161.0/24 maxlen: 24
91.124.162.0/24 maxlen: 24
91.124.163.0/24 maxlen: 24
91.124.176.0/24 maxlen: 24
91.124.180.0/22 maxlen: 22
91.124.188.0/22 maxlen: 22
91.124.196.0/24 maxlen: 24
91.124.197.0/24 maxlen: 24
91.124.198.0/24 maxlen: 24
91.124.204.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
91.124.206.0/24 maxlen: 24
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
91.124.228.0/22 maxlen: 22
91.124.232.0/22 maxlen: 22
92.112.65.0/24 maxlen: 24
92.112.66.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
92.112.104.0/24 maxlen: 24
92.112.105.0/24 maxlen: 24
92.112.108.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.113.70.0/24 maxlen: 24
92.113.71.0/24 maxlen: 24
92.113.72.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.127.0/24 maxlen: 24
92.113.128.0/24 maxlen: 24
92.113.158.0/24 maxlen: 24
92.113.159.0/24 maxlen: 24
92.113.160.0/24 maxlen: 24
92.113.161.0/24 maxlen: 24
95.134.12.0/24 maxlen: 24
95.134.13.0/24 maxlen: 24
95.134.14.0/24 maxlen: 24
95.134.15.0/24 maxlen: 24
95.134.79.0/24 maxlen: 24
95.134.80.0/24 maxlen: 24
95.134.88.0/24 maxlen: 24
95.134.95.0/24 maxlen: 24
95.134.128.0/24 maxlen: 24
95.134.134.0/24 maxlen: 24
95.134.151.0/24 maxlen: 24
95.135.104.0/24 maxlen: 24
95.135.154.0/24 maxlen: 24
95.135.155.0/24 maxlen: 24
95.135.168.0/24 maxlen: 24
95.135.232.0/24 maxlen: 24
95.135.238.0/24 maxlen: 24
95.135.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:97:86:4c:94:db:cb:7a:a9:28:5a:de:33:02:c1:3f:9b:5a:76:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 16 07:32:26 2025 GMT
Not After : Apr 15 07:37:26 2026 GMT
Subject: CN=05F41B7668A037E3968EE3387F936B59DF5421F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:62:b3:27:2f:34:65:15:52:7f:c9:23:9a:61:
49:7a:b1:01:bf:2e:3d:b9:63:07:cd:45:ff:60:96:
37:bb:97:17:a1:f9:45:5f:7f:bd:38:db:d2:02:eb:
97:7c:0d:5f:6b:53:31:d3:28:fc:f0:3e:08:51:b7:
eb:0d:78:ed:40:fa:11:fe:c5:bb:99:29:7b:72:7f:
e4:60:38:20:37:c1:02:8d:4f:a3:0e:23:f8:90:a4:
6f:97:b8:1d:8a:24:c7:0a:33:27:63:55:98:85:3f:
a0:9e:4c:2e:e4:36:a9:34:d2:3d:14:55:32:3f:75:
67:26:23:c1:3a:5e:0a:1d:a6:3e:f9:b6:a4:93:4f:
6f:c6:55:e3:b6:91:e5:87:1e:72:76:db:63:44:29:
22:4b:5e:24:d1:9c:41:7d:d4:e7:70:8a:33:70:73:
ad:ff:47:68:9f:00:80:bd:3d:45:cd:c3:49:4f:b2:
4b:84:dc:9b:4e:35:4c:83:b8:66:a8:94:93:af:d3:
c8:db:3f:16:7f:79:8b:ed:92:4a:cd:56:e1:78:8e:
9c:66:9f:12:06:19:41:4a:91:3e:e0:1d:48:ba:58:
4e:e2:b8:68:ae:b2:90:37:e6:b7:51:2e:83:2a:9c:
52:1b:fc:e4:ae:ae:41:ec:c3:7a:82:46:9a:5e:9e:
68:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F4:1B:76:68:A0:37:E3:96:8E:E3:38:7F:93:6B:59:DF:54:21:F9
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.35.0/24
46.202.62.0/24
46.202.85.0-46.202.86.255
46.203.18.0/24
46.203.31.0/24
46.203.33.0/24
46.203.35.0/24
46.203.46.0/24
46.203.55.0/24
46.203.57.0/24
46.203.61.0/24
46.203.72.0/24
46.203.75.0/24
46.203.77.0-46.203.78.255
46.203.81.0/24
46.203.148.0/24
46.203.178.0/24
91.124.17.0/24
91.124.36.0/24
91.124.68.0-91.124.79.255
91.124.84.0/22
91.124.92.0-91.124.111.255
91.124.160.0/22
91.124.176.0/24
91.124.180.0/22
91.124.188.0/22
91.124.196.0-91.124.198.255
91.124.204.0-91.124.206.255
91.124.212.0/22
91.124.224.0-91.124.235.255
92.112.65.0-92.112.66.255
92.112.71.0/24
92.112.104.0/23
92.112.108.0/23
92.113.70.0-92.113.73.255
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.127.0-92.113.128.255
92.113.158.0-92.113.161.255
95.134.12.0/22
95.134.79.0-95.134.80.255
95.134.88.0/24
95.134.95.0/24
95.134.128.0/24
95.134.134.0/24
95.134.151.0/24
95.135.104.0/24
95.135.154.0/23
95.135.168.0/24
95.135.232.0/24
95.135.238.0/24
95.135.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:48:cd:25:af:47:ce:b1:5f:8a:1b:7a:5b:cb:e7:b4:6c:2b:
dd:8f:7a:d6:28:f5:f1:61:56:bc:5f:2c:3a:72:79:be:63:d9:
73:f9:f0:3a:92:35:3e:f5:a9:ae:dd:de:35:ff:49:b2:b2:af:
03:6e:ac:b4:00:38:b4:4e:d3:45:c1:8f:5e:7e:f5:4b:c7:29:
d8:07:08:cf:cc:38:e0:95:ba:38:ac:1c:14:ea:9c:90:06:a9:
fa:af:56:bb:8f:86:ab:02:d5:78:15:c2:c7:fa:ed:47:89:9e:
33:2d:c0:88:a9:b8:4a:83:db:08:99:13:9a:7c:d9:7c:c7:67:
a2:ef:0c:54:ca:5b:72:a0:56:64:b4:4c:71:8c:fe:3f:78:4b:
d5:50:1f:e2:0c:39:da:83:d0:d2:80:cf:21:6f:db:28:16:18:
52:c7:ba:a6:01:c5:ab:2c:e4:ed:dd:29:58:59:a4:64:55:c3:
bb:68:c6:b2:56:0d:26:0f:9e:c3:d8:64:30:14:1a:eb:ae:50:
81:9b:a6:15:23:74:1c:68:5b:ec:b7:6c:ea:18:7c:35:7f:c0:
3e:d4:e2:fb:46:61:97:2e:c9:58:a1:3e:87:37:d6:fa:8e:c2:
ab:f5:11:4a:a3:b6:3d:61:ca:53:2a:69:3f:67:1e:2b:b7:b4:
7d:77:fd:3f
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgIUV5eGTJTby3qpKFreMwLBP5tadn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTYwNzMyMjZaFw0yNjA0MTUwNzM3MjZaMDMxMTAvBgNV
BAMTKDA1RjQxQjc2NjhBMDM3RTM5NjhFRTMzODdGOTM2QjU5REY1NDIxRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+YrMnLzRlFVJ/ySOaYUl6sQG/
Lj25YwfNRf9glje7lxeh+UVff70429IC65d8DV9rUzHTKPzwPghRt+sNeO1A+hH+
xbuZKXtyf+RgOCA3wQKNT6MOI/iQpG+XuB2KJMcKMydjVZiFP6CeTC7kNqk00j0U
VTI/dWcmI8E6Xgodpj75tqSTT2/GVeO2keWHHnJ222NEKSJLXiTRnEF91OdwijNw
c63/R2ifAIC9PUXNw0lPskuE3JtONUyDuGaolJOv08jbPxZ/eYvtkkrNVuF4jpxm
nxIGGUFKkT7gHUi6WE7iuGiuspA35rdRLoMqnFIb/OSurkHsw3qCRppenmjVAgMB
AAGjggOrMIIDpzAdBgNVHQ4EFgQUBfQbdmigN+OWjuM4f5NrWd9UIfkwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwQYIKwYBBQUHAQcBAf8EggGwMIIBrDCCAagEAgABMIIB
oAMEAC7KIwMEAC7KPjAMAwQALspVAwQALspWAwQALssSAwQALssfAwQALsshAwQA
LssjAwQALssuAwQALss3AwQALss5AwQALss9AwQALstIAwQALstLMAwDBAAuy00D
BAAuy04DBAAuy1EDBAAuy5QDBAAuy7IDBABbfBEDBABbfCQwDAMEAlt8RAMEBFt8
QAMEAlt8VDAMAwQCW3xcAwQEW3xgAwQCW3ygAwQAW3ywAwQCW3y0AwQCW3y8MAwD
BAJbfMQDBABbfMYwDAMEAlt8zAMEAFt8zgMEAlt81DAMAwQFW3zgAwQCW3zoMAwD
BABccEEDBABccEIDBABccEcDBAFccGgDBAFccGwwDAMEAVxxRgMEAVxxSDAMAwQA
XHFlAwQAXHFmAwQBXHFoMAwDBABccX8DBABccYAwDAMEAVxxngMEAVxxoAMEAl+G
DDAMAwQAX4ZPAwQAX4ZQAwQAX4ZYAwQAX4ZfAwQAX4aAAwQAX4aGAwQAX4aXAwQA
X4doAwQBX4eaAwQAX4eoAwQAX4foAwQAX4fuAwQAX4fyMA0GCSqGSIb3DQEBCwUA
A4IBAQArSM0lr0fOsV+KG3pby+e0bCvdj3rWKPXxYVa8Xyw6cnm+Y9lz+fA6kjU+
9amu3d41/0mysq8Dbqy0ADi0TtNFwY9efvVLxynYBwjPzDjglbo4rBwU6pyQBqn6
r1a7j4arAtV4FcLH+u1HiZ4zLcCIqbhKg9sImROafNl8x2ei7wxUyltyoFZktExx
jP4/eEvVUB/iDDnag9DSgM8hb9soFhhSx7qmAcWrLOTt3SlYWaRkVcO7aMayVg0m
D57D2GQwFBrrrlCBm6YVI3QcaFvst2zqGHw1f8A+1OL7RmGXLslYoT6HN9b6jsKr
9RFKo7Y9YcpTKmk/Zx4rt7R9d/0/
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:58 2025 by rpki-client