Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: 4z4qaYkZxGCD/nQ4uIH8cVqmivPq57UvoawopchQ1CM=
Subject key identifier: 38:72:A3:BF:EA:11:28:39:8C:1B:7B:11:55:D1:52:D6:88:B9:1D:4F
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7FBDFBED1D293E79D12147CCFF2CD589B3152040
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Mon 23 Mar 2026 15:24:38 +0000
ROA not before: Mon 23 Mar 2026 15:19:38 +0000
ROA not after: Mon 22 Mar 2027 15:24:38 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
148.135.193.0/24 maxlen: 24
155.117.23.0/24 maxlen: 24
155.117.86.0/24 maxlen: 24
155.117.97.0/24 maxlen: 24
155.117.106.0/24 maxlen: 24
155.117.116.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:bd:fb:ed:1d:29:3e:79:d1:21:47:cc:ff:2c:d5:89:b3:15:20:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 23 15:19:38 2026 GMT
Not After : Mar 22 15:24:38 2027 GMT
Subject: CN=3872A3BFEA1128398C1B7B1155D152D688B91D4F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b4:d1:78:98:e5:8a:4b:2c:25:fa:60:ec:40:
bd:31:91:bb:12:df:15:31:5f:5e:aa:dc:59:bd:3f:
96:7d:61:b7:b3:4f:c7:95:47:67:3d:70:0e:0d:09:
48:6d:75:32:39:94:6d:b6:72:48:59:58:cb:9f:3c:
8c:79:a5:e4:54:e5:32:5e:d6:50:8e:7b:4d:e7:3b:
83:2c:53:58:c8:b6:07:72:f9:ba:c5:42:54:ba:61:
c4:35:6a:21:0a:df:b0:34:35:8d:fa:54:56:e4:e3:
7f:ca:43:48:7c:ce:3b:1e:f0:7c:7d:48:fc:4a:34:
d3:bf:a2:29:f1:c1:f7:cf:29:06:3f:26:b1:bd:9b:
ad:98:2c:ff:e2:ee:ae:f2:8a:a7:99:33:ae:e5:30:
10:13:10:f0:f9:62:65:d0:aa:8b:3e:e4:f0:ce:e8:
7c:80:03:c4:d4:0b:8c:f4:b8:6d:84:7b:6a:46:97:
18:e5:22:5e:d4:29:59:8b:23:19:59:22:cc:35:ad:
a9:fc:42:85:0b:ab:95:4e:5b:ab:21:05:3b:a1:18:
0d:5d:65:3e:fe:6c:af:f7:45:f9:0b:1d:ea:ba:33:
19:2a:48:21:dd:8c:79:16:b5:2a:d4:04:2a:0f:ee:
fd:17:24:cd:2f:58:2c:c5:4b:79:44:62:60:54:67:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:72:A3:BF:EA:11:28:39:8C:1B:7B:11:55:D1:52:D6:88:B9:1D:4F
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
148.135.193.0/24
155.117.23.0/24
155.117.86.0/24
155.117.97.0/24
155.117.106.0/24
155.117.116.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/23
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c3:90:d5:0d:e8:54:dd:6e:e8:43:f0:5c:4e:7e:96:2b:a4:
60:b2:56:e7:b9:97:2c:25:82:4e:22:37:6b:c4:9b:8d:45:49:
4a:4c:56:b4:35:f2:23:77:94:9c:ae:5b:6e:2b:96:93:53:60:
26:5f:e7:6b:e0:06:77:7d:bd:ca:8d:51:08:7b:2a:a7:fe:c0:
2f:89:92:47:1b:b1:86:00:f9:2b:0f:f7:a7:83:53:01:a6:20:
69:e7:b2:ef:cc:8d:ef:ae:b1:fc:91:fe:67:b9:19:02:ce:28:
1d:3a:4e:08:b1:da:24:ef:f7:65:d1:e2:7c:28:6a:fe:2a:74:
af:81:24:fb:4c:66:fb:6a:e0:07:25:c7:d7:fc:c0:7f:de:1f:
7c:81:9c:19:eb:8f:bd:1e:50:18:27:8e:74:60:e9:d8:72:fd:
71:bd:20:56:70:c7:84:16:df:f0:d7:38:da:f7:1d:f3:31:94:
75:35:63:ad:f4:ca:c5:08:37:29:15:02:fb:3d:46:5f:ba:fd:
43:0d:8d:ee:db:d2:46:01:a9:32:e7:f2:f0:3f:6d:71:4c:8f:
a8:eb:1a:28:90:60:4d:c4:b5:d5:bb:d6:b2:bc:9c:d5:80:3d:
44:e9:fe:e3:ae:e5:63:81:ca:74:73:13:86:e9:60:46:72:18:
9b:1f:13:86
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgIUf7377R0pPnnRIUfM/yzVibMVIEAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMjMxNTE5MzhaFw0yNzAzMjIxNTI0MzhaMDMxMTAvBgNV
BAMTKDM4NzJBM0JGRUExMTI4Mzk4QzFCN0IxMTU1RDE1MkQ2ODhCOTFENEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvtNF4mOWKSywl+mDsQL0xkbsS
3xUxX16q3Fm9P5Z9YbezT8eVR2c9cA4NCUhtdTI5lG22ckhZWMufPIx5peRU5TJe
1lCOe03nO4MsU1jItgdy+brFQlS6YcQ1aiEK37A0NY36VFbk43/KQ0h8zjse8Hx9
SPxKNNO/oinxwffPKQY/JrG9m62YLP/i7q7yiqeZM67lMBATEPD5YmXQqos+5PDO
6HyAA8TUC4z0uG2Ee2pGlxjlIl7UKVmLIxlZIsw1ran8QoULq5VOW6shBTuhGA1d
ZT7+bK/3RfkLHeq6MxkqSCHdjHkWtSrUBCoP7v0XJM0vWCzFS3lEYmBUZ/GrAgMB
AAGjggOrMIIDpzAdBgNVHQ4EFgQUOHKjv+oRKDmMG3sRVdFS1oi5HU8wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwQYIKwYBBQUHAQcBAf8EggGwMIIBrDCCAagEAgABMIIB
oDAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMDBACPDsUD
BACUh8EDBACbdRcDBACbdVYDBACbdWEDBACbdWoDBACbdXQwDAMEAKKNJQMEAKKN
JgMEAKKNMwMEAaKNNgMEAKKNZwMEAKKNdgMEAaKNgAMEAKKNmwMEAKKNpAMEAKeU
hwMEAKeUijAMAwQAp5STAwQAp5SUAwQAp5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUA
A4IBAQCBw5DVDehU3W7oQ/BcTn6WK6RgslbnuZcsJYJOIjdrxJuNRUlKTFa0NfIj
d5ScrltuK5aTU2AmX+dr4AZ3fb3KjVEIeyqn/sAviZJHG7GGAPkrD/eng1MBpiBp
57LvzI3vrrH8kf5nuRkCzigdOk4Isdok7/dl0eJ8KGr+KnSvgST7TGb7auAHJcfX
/MB/3h98gZwZ64+9HlAYJ450YOnYcv1xvSBWcMeEFt/w1zja9x3zMZR1NWOt9MrF
CDcpFQL7PUZfuv1DDY3u29JGAaky5/LwP21xTI+o6xookGBNxLXVu9ayvJzVgD1E
6f7jruVjgcp0cxOG6WBGchibHxOG
-----END CERTIFICATE-----
Generated at Thu Mar 26 03:18:17 2026 by rpki-client