Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: TUCH+4bx8LUEjNPsR6d3iRrABplq1pA8sDGnSyL3Zbg=
Subject key identifier: D3:DA:3C:0A:7E:4D:61:94:9E:CF:F8:17:19:E3:1E:AD:92:B7:00:97
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 4E976F5174BB72BAF718E72B6A62D5A54FC9D80B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Mon 27 Apr 2026 18:32:07 +0000
ROA not before: Mon 27 Apr 2026 18:27:07 +0000
ROA not after: Mon 26 Apr 2027 18:32:07 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
155.117.86.0/24 maxlen: 24
155.117.97.0/24 maxlen: 24
155.117.106.0/24 maxlen: 24
155.117.116.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:97:6f:51:74:bb:72:ba:f7:18:e7:2b:6a:62:d5:a5:4f:c9:d8:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 27 18:27:07 2026 GMT
Not After : Apr 26 18:32:07 2027 GMT
Subject: CN=D3DA3C0A7E4D61949ECFF81719E31EAD92B70097
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:45:90:f1:57:c6:f3:87:93:48:84:6b:74:
e0:cb:8e:b6:35:48:f9:0d:59:11:85:88:1f:26:d4:
98:f3:a0:23:04:2c:26:6c:45:d5:f9:e9:a9:3b:51:
14:7b:b5:80:4c:87:98:e0:a5:e4:dc:5b:69:19:f0:
b2:31:36:ae:86:91:f6:e0:c3:d4:6f:e6:4a:35:83:
55:3e:5e:d1:32:5e:51:a1:72:43:4d:92:6a:f0:91:
d3:d3:cb:ea:2f:a1:62:e5:7c:34:b0:5c:b7:fe:fd:
4d:31:34:59:aa:07:61:8c:31:fc:db:4b:b5:62:3e:
7d:a6:e1:9e:b4:da:ca:53:4e:54:6b:79:6c:a4:14:
9a:b5:7c:5e:3c:8c:44:f1:ea:af:0b:38:66:36:6f:
ae:09:c5:7c:fe:33:b1:f5:4a:bc:91:b0:01:b2:5c:
09:65:5e:32:4c:66:e3:21:60:66:e8:a2:78:1b:c4:
e8:e0:9d:e1:cf:05:c0:89:c0:3a:47:97:eb:d6:82:
ea:00:b3:19:4d:6d:09:b4:5c:f0:99:9e:51:ce:bf:
ea:e9:52:b8:a2:eb:5e:da:1d:c7:ec:cb:0a:f3:bf:
91:c1:94:2f:4a:b5:98:aa:10:b6:ae:dc:29:e1:41:
38:65:48:ee:85:29:ed:ec:ab:90:be:50:9a:3a:7e:
5e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DA:3C:0A:7E:4D:61:94:9E:CF:F8:17:19:E3:1E:AD:92:B7:00:97
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
148.135.193.0/24
155.117.86.0/24
155.117.97.0/24
155.117.106.0/24
155.117.116.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/24
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
96:83:b0:f9:a5:7e:03:cd:09:e9:5a:41:88:61:bd:d5:9c:b4:
a0:35:c0:5c:ee:5d:0d:b0:66:3a:34:0d:a4:6e:61:4e:62:b9:
11:2e:1f:c6:2b:eb:05:77:f9:20:9b:0b:b3:9d:32:b2:e4:75:
7f:6e:9d:78:9f:1a:5e:a6:aa:1b:0a:c7:1b:b8:28:ee:c6:b5:
b5:5b:c6:ef:e3:8b:54:85:d0:26:90:7a:8e:cd:1a:1c:39:1a:
c2:27:71:74:4d:a7:6a:41:fe:15:e2:48:79:8f:d1:6e:d3:e9:
8a:d6:b8:87:22:bd:5c:f6:ee:8a:33:7f:4e:f5:f4:c5:ed:74:
0d:c2:8f:1b:8c:00:d2:06:0c:5b:76:7d:48:6d:ba:50:88:8b:
39:3a:29:1f:31:fe:c6:67:37:24:1c:0c:5d:2d:9e:46:3b:24:
fb:27:19:6a:1e:f7:58:ca:a2:b0:79:04:fa:b3:3e:b3:48:96:
60:d7:47:a0:5a:30:89:dd:40:3f:f0:df:ac:f0:91:62:ab:c9:
61:9f:39:5a:78:4a:a2:d2:32:90:c7:3c:4e:5d:e3:ef:da:77:
e4:94:5f:d4:00:66:4d:15:17:1b:55:21:1d:3e:09:b8:80:b2:
3a:16:ad:63:de:69:02:af:2b:e9:c3:91:7c:a6:2e:e8:d5:e1:
96:14:db:0d
-----BEGIN CERTIFICATE-----
MIIGmzCCBYOgAwIBAgIUTpdvUXS7crr3GOcramLVpU/J2AswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjA0MjcxODI3MDdaFw0yNzA0MjYxODMyMDdaMDMxMTAvBgNV
BAMTKEQzREEzQzBBN0U0RDYxOTQ5RUNGRjgxNzE5RTMxRUFEOTJCNzAwOTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1NUWQ8VfG84eTSIRrdODLjrY1
SPkNWRGFiB8m1JjzoCMELCZsRdX56ak7URR7tYBMh5jgpeTcW2kZ8LIxNq6Gkfbg
w9Rv5ko1g1U+XtEyXlGhckNNkmrwkdPTy+ovoWLlfDSwXLf+/U0xNFmqB2GMMfzb
S7ViPn2m4Z602spTTlRreWykFJq1fF48jETx6q8LOGY2b64JxXz+M7H1SryRsAGy
XAllXjJMZuMhYGboongbxOjgneHPBcCJwDpHl+vWguoAsxlNbQm0XPCZnlHOv+rp
Urii617aHcfsywrzv5HBlC9KtZiqELau3CnhQThlSO6FKe3sq5C+UJo6fl5HAgMB
AAGjggOlMIIDoTAdBgNVHQ4EFgQU09o8Cn5NYZSez/gXGeMerZK3AJcwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBuwYIKwYBBQUHAQcBAf8EggGqMIIBpjCCAaIEAgABMIIB
mjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMDBACPDsUD
BACUh8EDBACbdVYDBACbdWEDBACbdWoDBACbdXQwDAMEAKKNJQMEAKKNJgMEAKKN
MwMEAKKNNgMEAKKNZwMEAKKNdgMEAaKNgAMEAKKNmwMEAKKNpAMEAKeUhwMEAKeU
ijAMAwQAp5STAwQAp5SUAwQAp5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUAA4IBAQCW
g7D5pX4DzQnpWkGIYb3VnLSgNcBc7l0NsGY6NA2kbmFOYrkRLh/GK+sFd/kgmwuz
nTKy5HV/bp14nxpepqobCscbuCjuxrW1W8bv44tUhdAmkHqOzRocORrCJ3F0Tadq
Qf4V4kh5j9Fu0+mK1riHIr1c9u6KM39O9fTF7XQNwo8bjADSBgxbdn1IbbpQiIs5
OikfMf7GZzckHAxdLZ5GOyT7JxlqHvdYyqKweQT6sz6zSJZg10egWjCJ3UA/8N+s
8JFiq8lhnzlaeEqi0jKQxzxOXePv2nfklF/UAGZNFRcbVSEdPgm4gLI6Fq1j3mkC
ryvpw5F8pi7o1eGWFNsN
-----END CERTIFICATE-----
Generated at Tue May 12 21:50:05 2026 by rpki-client