Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: HIDWp7tXFkJ4tPlbngwukSwvCvWUhkNehUbfcgEs5T0=
Subject key identifier: 20:02:62:C6:99:F7:5C:0E:20:8D:FA:CD:5B:38:C5:00:0A:20:63:49
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 6CA94CB91A5BEE6442511AF095449CBC1B8A601C
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Wed 30 Apr 2025 08:15:12 +0000
ROA not before: Wed 30 Apr 2025 08:10:12 +0000
ROA not after: Wed 29 Apr 2026 08:15:12 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.150.224.0/22 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
150.241.136.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:a9:4c:b9:1a:5b:ee:64:42:51:1a:f0:95:44:9c:bc:1b:8a:60:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Apr 30 08:10:12 2025 GMT
Not After : Apr 29 08:15:12 2026 GMT
Subject: CN=200262C699F75C0E208DFACD5B38C5000A206349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:bd:8a:29:d5:56:9e:1b:9f:c9:1c:f5:9f:51:
47:ad:90:23:d4:46:7f:15:e1:56:94:28:9e:b4:10:
08:39:61:c1:66:1a:31:c6:7f:1b:11:63:d4:f4:5f:
fa:30:82:d8:60:81:7f:79:51:5b:47:08:47:b3:a0:
f4:ac:79:45:39:4c:d1:83:1a:0e:b5:34:d6:47:f2:
86:84:0c:be:a1:5a:a2:84:62:8f:93:ad:e1:3a:11:
0b:b8:ab:22:c0:12:f0:bc:36:4f:8b:58:9c:7b:ad:
c7:64:68:fe:e1:94:8f:7b:70:59:04:1a:a7:28:90:
70:42:8a:5d:97:e1:89:a7:9c:b1:4d:ea:c6:64:52:
4e:b0:3c:8e:76:c2:ef:2c:47:bb:89:47:e5:d1:18:
87:3c:e0:e5:0e:a0:5f:77:5d:3d:70:5e:02:64:f8:
f6:1b:ad:ff:49:f9:5c:c9:58:53:93:a1:9d:72:fc:
d4:78:08:89:4a:78:38:9c:44:a7:51:f3:0e:f6:e1:
e4:bc:5f:c8:ad:78:f4:36:cd:fd:ad:21:41:96:a3:
72:04:b1:a0:bb:3d:93:9a:34:1c:03:e3:39:ba:74:
ec:a5:2f:b1:bd:6e:5c:32:ec:6d:fe:45:be:60:d6:
b2:b9:38:80:47:d5:4c:9f:a6:b4:5d:81:23:b0:94:
94:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:02:62:C6:99:F7:5C:0E:20:8D:FA:CD:5B:38:C5:00:0A:20:63:49
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.150.224.0/22
140.233.160.0/22
140.233.180.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
150.241.136.0/21
Signature Algorithm: sha256WithRSAEncryption
3a:95:56:0d:32:65:c0:1e:96:36:5c:bc:c3:4a:de:64:2e:c3:
ee:70:ec:29:72:d7:a7:45:50:1d:6d:fa:c9:64:54:a5:26:29:
91:f7:e7:9f:09:e2:85:b5:61:67:d7:df:f8:3a:2b:58:d1:6f:
25:27:1b:a5:e0:1e:e3:8e:18:4e:37:98:81:97:ea:99:21:29:
67:d0:87:9e:64:76:98:ef:17:db:20:ed:2a:2f:4a:45:c0:3a:
12:65:56:44:e6:e8:bb:24:59:6c:b9:a8:01:c7:15:b4:97:54:
77:4c:f3:7c:9b:b6:7f:81:e3:6c:3b:5c:ab:de:36:41:1e:96:
ec:7c:01:0a:b3:9a:96:90:a6:69:6a:8a:e6:f0:7c:60:97:29:
de:0b:35:8d:91:31:b1:14:d1:12:35:8b:54:43:6f:5d:53:bb:
cd:b6:8c:7d:d9:09:85:1e:c2:d7:29:1c:74:de:d5:08:1e:ee:
b5:93:50:36:a3:58:28:de:6e:cf:e9:7d:7f:0d:f7:1e:28:f1:
ec:a0:be:a6:c4:64:57:3c:6d:b8:94:ab:a3:d7:70:c3:e8:24:
e7:81:5e:c0:eb:8d:d2:f1:dd:c2:5f:d0:54:9c:66:61:31:9d:
7c:d9:d4:93:cc:32:01:6d:b8:38:e1:2c:48:77:0f:aa:1c:9d:
8e:46:33:0c
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgIUbKlMuRpb7mRCURrwlUScvBuKYBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA0MzAwODEwMTJaFw0yNjA0MjkwODE1MTJaMDMxMTAvBgNV
BAMTKDIwMDI2MkM2OTlGNzVDMEUyMDhERkFDRDVCMzhDNTAwMEEyMDYzNDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCovYop1VaeG5/JHPWfUUetkCPU
Rn8V4VaUKJ60EAg5YcFmGjHGfxsRY9T0X/owgthggX95UVtHCEezoPSseUU5TNGD
Gg61NNZH8oaEDL6hWqKEYo+TreE6EQu4qyLAEvC8Nk+LWJx7rcdkaP7hlI97cFkE
GqcokHBCil2X4YmnnLFN6sZkUk6wPI52wu8sR7uJR+XRGIc84OUOoF93XT1wXgJk
+PYbrf9J+VzJWFOToZ1y/NR4CIlKeDicRKdR8w724eS8X8itePQ2zf2tIUGWo3IE
saC7PZOaNBwD4zm6dOylL7G9blwy7G3+Rb5g1rK5OIBH1UyfprRdgSOwlJTVAgMB
AAGjggM7MIIDNzAdBgNVHQ4EFgQUIAJixpn3XA4gjfrNWzjFAAogY0kwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDCCATgEAgABMIIB
MDAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKMluADBAKM6aADBAKM6bQDBACPDpIDBACPDpQDBACPDpkDBACPDpsD
BACPDsMDBACPDsUDBAOW8YgwDQYJKoZIhvcNAQELBQADggEBADqVVg0yZcAeljZc
vMNK3mQuw+5w7Cly16dFUB1t+slkVKUmKZH3558J4oW1YWfX3/g6K1jRbyUnG6Xg
HuOOGE43mIGX6pkhKWfQh55kdpjvF9sg7SovSkXAOhJlVkTm6LskWWy5qAHHFbSX
VHdM83ybtn+B42w7XKveNkEelux8AQqzmpaQpmlqiubwfGCXKd4LNY2RMbEU0RI1
i1RDb11Tu822jH3ZCYUewtcpHHTe1Qge7rWTUDajWCjebs/pfX8N9x4o8eygvqbE
ZFc8bbiUq6PXcMPoJOeBXsDrjdLx3cJf0FScZmExnXzZ1JPMMgFtuDjhLEh3D6oc
nY5GMww=
-----END CERTIFICATE-----
Generated at Tue May 6 09:50:59 2025 by rpki-client