Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: jYnJmv2M9VMDMzBMXftoqRTWszMNSFrgTs2DCnLfVC4=
Subject key identifier: 42:59:72:EC:84:22:C2:26:52:5B:24:03:53:08:AB:36:F6:FF:CA:4D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 03ABD2B104A3FFEF03CB1C55F836C65055093531
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
Signing time: Thu 22 May 2025 05:11:45 +0000
ROA not before: Thu 22 May 2025 05:06:45 +0000
ROA not after: Thu 21 May 2026 05:11:45 +0000
asID: 174
IP address blocks: 46.202.35.0/24 maxlen: 24
46.202.85.0/24 maxlen: 24
46.202.86.0/24 maxlen: 24
46.203.18.0/24 maxlen: 24
46.203.31.0/24 maxlen: 24
46.203.33.0/24 maxlen: 24
46.203.35.0/24 maxlen: 24
46.203.46.0/24 maxlen: 24
46.203.55.0/24 maxlen: 24
46.203.57.0/24 maxlen: 24
46.203.61.0/24 maxlen: 24
46.203.72.0/24 maxlen: 24
46.203.75.0/24 maxlen: 24
46.203.78.0/24 maxlen: 24
46.203.81.0/24 maxlen: 24
46.203.148.0/24 maxlen: 24
46.203.178.0/24 maxlen: 24
91.124.17.0/24 maxlen: 24
91.124.36.0/24 maxlen: 24
91.124.68.0/22 maxlen: 22
91.124.72.0/22 maxlen: 22
91.124.76.0/22 maxlen: 22
91.124.84.0/22 maxlen: 22
91.124.92.0/22 maxlen: 22
91.124.96.0/22 maxlen: 22
91.124.100.0/22 maxlen: 22
91.124.104.0/22 maxlen: 22
91.124.108.0/22 maxlen: 22
91.124.160.0/24 maxlen: 24
91.124.161.0/24 maxlen: 24
91.124.162.0/24 maxlen: 24
91.124.163.0/24 maxlen: 24
91.124.176.0/24 maxlen: 24
91.124.196.0/24 maxlen: 24
91.124.197.0/24 maxlen: 24
91.124.198.0/24 maxlen: 24
91.124.204.0/24 maxlen: 24
91.124.205.0/24 maxlen: 24
91.124.206.0/24 maxlen: 24
91.124.212.0/22 maxlen: 22
91.124.224.0/22 maxlen: 22
92.112.65.0/24 maxlen: 24
92.112.66.0/24 maxlen: 24
92.112.71.0/24 maxlen: 24
92.112.104.0/24 maxlen: 24
92.112.105.0/24 maxlen: 24
92.112.108.0/24 maxlen: 24
92.112.109.0/24 maxlen: 24
92.113.70.0/24 maxlen: 24
92.113.71.0/24 maxlen: 24
92.113.72.0/24 maxlen: 24
92.113.73.0/24 maxlen: 24
92.113.101.0/24 maxlen: 24
92.113.102.0/24 maxlen: 24
92.113.104.0/24 maxlen: 24
92.113.105.0/24 maxlen: 24
92.113.127.0/24 maxlen: 24
92.113.128.0/24 maxlen: 24
92.113.158.0/24 maxlen: 24
92.113.159.0/24 maxlen: 24
92.113.160.0/24 maxlen: 24
92.113.161.0/24 maxlen: 24
95.134.12.0/24 maxlen: 24
95.134.13.0/24 maxlen: 24
95.134.14.0/24 maxlen: 24
95.134.15.0/24 maxlen: 24
95.134.79.0/24 maxlen: 24
95.134.80.0/24 maxlen: 24
95.134.88.0/24 maxlen: 24
95.134.95.0/24 maxlen: 24
95.134.128.0/24 maxlen: 24
95.134.134.0/24 maxlen: 24
95.134.151.0/24 maxlen: 24
95.135.104.0/24 maxlen: 24
95.135.154.0/24 maxlen: 24
95.135.155.0/24 maxlen: 24
95.135.168.0/24 maxlen: 24
95.135.232.0/24 maxlen: 24
95.135.238.0/24 maxlen: 24
95.135.242.0/24 maxlen: 24
178.92.45.0/24 maxlen: 24
178.94.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 20:17:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ab:d2:b1:04:a3:ff:ef:03:cb:1c:55:f8:36:c6:50:55:09:35:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 22 05:06:45 2025 GMT
Not After : May 21 05:11:45 2026 GMT
Subject: CN=425972EC8422C226525B24035308AB36F6FFCA4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ea:5e:73:d8:cb:0d:9a:fc:3f:a6:d4:04:37:
3e:cf:53:0e:fb:10:ca:9e:8e:f3:ce:37:14:18:e3:
f2:bd:be:a5:3b:a5:21:49:ce:42:b8:4e:fe:a6:f9:
93:40:12:aa:c6:7a:3a:93:58:9d:a8:19:70:46:46:
93:21:06:da:67:38:d0:c7:76:fd:c1:95:9e:cf:9b:
ea:91:7b:c4:31:54:bb:4c:c4:12:95:de:db:90:82:
2e:f3:30:ac:8c:78:b2:47:32:62:ce:3f:ee:fc:ec:
87:ce:60:d8:c8:08:f4:91:d4:3b:b3:ca:f2:80:b0:
2b:70:17:3e:4d:6e:f6:94:2d:71:a5:12:04:de:c5:
39:d7:c4:5d:d7:46:3a:4c:77:74:48:97:ae:75:06:
d1:81:df:47:3b:3c:39:d5:8f:6e:23:32:da:2d:29:
09:10:51:82:ae:26:46:95:19:5f:e0:d8:7b:5f:f4:
a6:9c:e1:3a:34:5e:ec:ce:b7:d4:b7:f4:1d:58:1a:
ca:0e:91:fb:f7:b7:70:65:6a:e1:97:4e:8b:4f:65:
cb:0a:d9:db:8a:0a:b1:94:39:49:41:64:86:f8:17:
21:bb:14:9c:53:bc:a9:90:3a:6b:99:09:b8:64:e4:
6e:25:2a:83:77:68:a8:79:ff:ed:ed:46:ba:7a:94:
5e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:59:72:EC:84:22:C2:26:52:5B:24:03:53:08:AB:36:F6:FF:CA:4D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.35.0/24
46.202.85.0-46.202.86.255
46.203.18.0/24
46.203.31.0/24
46.203.33.0/24
46.203.35.0/24
46.203.46.0/24
46.203.55.0/24
46.203.57.0/24
46.203.61.0/24
46.203.72.0/24
46.203.75.0/24
46.203.78.0/24
46.203.81.0/24
46.203.148.0/24
46.203.178.0/24
91.124.17.0/24
91.124.36.0/24
91.124.68.0-91.124.79.255
91.124.84.0/22
91.124.92.0-91.124.111.255
91.124.160.0/22
91.124.176.0/24
91.124.196.0-91.124.198.255
91.124.204.0-91.124.206.255
91.124.212.0/22
91.124.224.0/22
92.112.65.0-92.112.66.255
92.112.71.0/24
92.112.104.0/23
92.112.108.0/23
92.113.70.0-92.113.73.255
92.113.101.0-92.113.102.255
92.113.104.0/23
92.113.127.0-92.113.128.255
92.113.158.0-92.113.161.255
95.134.12.0/22
95.134.79.0-95.134.80.255
95.134.88.0/24
95.134.95.0/24
95.134.128.0/24
95.134.134.0/24
95.134.151.0/24
95.135.104.0/24
95.135.154.0/23
95.135.168.0/24
95.135.232.0/24
95.135.238.0/24
95.135.242.0/24
178.92.45.0/24
178.94.174.0/24
Signature Algorithm: sha256WithRSAEncryption
03:37:17:ca:54:c3:af:0c:6a:5a:f1:9d:8e:51:54:84:7c:98:
57:bb:9c:66:57:0e:06:10:6f:3f:a8:8c:36:ca:38:9d:6c:bf:
b6:27:cd:46:1c:27:96:b6:0d:37:0c:ea:32:d5:23:8e:6c:1a:
92:18:90:85:35:49:02:98:a5:52:92:d2:e4:70:42:5c:e0:e4:
01:03:5c:92:4e:45:7c:6f:e2:23:fc:0a:40:70:f5:83:5e:36:
5b:52:0b:e2:04:9f:51:bf:66:94:94:81:77:71:a2:82:91:2c:
ed:23:92:02:83:ae:e8:12:35:50:27:57:a0:cd:34:ba:93:be:
65:21:c8:89:c3:b3:28:c1:c7:72:1d:a1:a0:51:a3:36:90:35:
dc:e3:94:2c:94:2c:bb:03:bd:90:e3:91:9c:67:e0:c6:12:49:
97:47:c1:5f:95:0a:15:67:f7:3a:66:7f:55:47:15:9a:a3:b7:
5d:55:23:db:88:2a:0f:58:7c:4a:12:b0:8f:cd:3a:c5:18:03:
d7:3f:a0:95:dc:af:ea:33:10:e8:0e:35:ac:8a:32:fb:0d:3f:
54:27:4f:c1:bf:fa:3a:ce:68:39:29:a9:1b:72:69:1c:fd:26:
13:9d:a8:8d:c1:5b:d4:b2:03:8a:e7:e7:71:89:3f:cc:f1:99:
c4:33:64:bc
-----BEGIN CERTIFICATE-----
MIIGizCCBXOgAwIBAgIUA6vSsQSj/+8DyxxV+DbGUFUJNTEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA1MjIwNTA2NDVaFw0yNjA1MjEwNTExNDVaMDMxMTAvBgNV
BAMTKDQyNTk3MkVDODQyMkMyMjY1MjVCMjQwMzUzMDhBQjM2RjZGRkNBNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS6l5z2MsNmvw/ptQENz7PUw77
EMqejvPONxQY4/K9vqU7pSFJzkK4Tv6m+ZNAEqrGejqTWJ2oGXBGRpMhBtpnONDH
dv3BlZ7Pm+qRe8QxVLtMxBKV3tuQgi7zMKyMeLJHMmLOP+787IfOYNjICPSR1Duz
yvKAsCtwFz5NbvaULXGlEgTexTnXxF3XRjpMd3RIl651BtGB30c7PDnVj24jMtot
KQkQUYKuJkaVGV/g2Htf9Kac4To0XuzOt9S39B1YGsoOkfv3t3BlauGXTotPZcsK
2duKCrGUOUlBZIb4FyG7FJxTvKmQOmuZCbhk5G4lKoN3aKh5/+3tRrp6lF7LAgMB
AAGjggOVMIIDkTAdBgNVHQ4EFgQUQlly7IQiwiZSWyQDUwirNvb/yk0wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqwYIKwYBBQUHAQcBAf8EggGaMIIBljCCAZIEAgABMIIB
igMEAC7KIzAMAwQALspVAwQALspWAwQALssSAwQALssfAwQALsshAwQALssjAwQA
LssuAwQALss3AwQALss5AwQALss9AwQALstIAwQALstLAwQALstOAwQALstRAwQA
LsuUAwQALsuyAwQAW3wRAwQAW3wkMAwDBAJbfEQDBARbfEADBAJbfFQwDAMEAlt8
XAMEBFt8YAMEAlt8oAMEAFt8sDAMAwQCW3zEAwQAW3zGMAwDBAJbfMwDBABbfM4D
BAJbfNQDBAJbfOAwDAMEAFxwQQMEAFxwQgMEAFxwRwMEAVxwaAMEAVxwbDAMAwQB
XHFGAwQBXHFIMAwDBABccWUDBABccWYDBAFccWgwDAMEAFxxfwMEAFxxgDAMAwQB
XHGeAwQBXHGgAwQCX4YMMAwDBABfhk8DBABfhlADBABfhlgDBABfhl8DBABfhoAD
BABfhoYDBABfhpcDBABfh2gDBAFfh5oDBABfh6gDBABfh+gDBABfh+4DBABfh/ID
BACyXC0DBACyXq4wDQYJKoZIhvcNAQELBQADggEBAAM3F8pUw68MalrxnY5RVIR8
mFe7nGZXDgYQbz+ojDbKOJ1sv7YnzUYcJ5a2DTcM6jLVI45sGpIYkIU1SQKYpVKS
0uRwQlzg5AEDXJJORXxv4iP8CkBw9YNeNltSC+IEn1G/ZpSUgXdxooKRLO0jkgKD
rugSNVAnV6DNNLqTvmUhyInDsyjBx3IdoaBRozaQNdzjlCyULLsDvZDjkZxn4MYS
SZdHwV+VChVn9zpmf1VHFZqjt11VI9uIKg9YfEoSsI/NOsUYA9c/oJXcr+ozEOgO
NayKMvsNP1QnT8G/+jrOaDkpqRtyaRz9JhOdqI3BW9SyA4rn53GJP8zxmcQzZLw=
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:13:08 2025 by rpki-client