Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: wf/Y3DhjbZY2pc3XWN5wKZgb4vYTT4owPIyOzfi4UKE=
Subject key identifier: 28:B6:1F:54:16:55:45:D0:AC:A7:18:18:90:DB:F9:0E:21:03:FC:F1
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 0D83C4960ABC475CD577CEA4D4F6BFD321722B33
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Wed 01 Oct 2025 00:20:53 +0000
ROA not before: Wed 01 Oct 2025 00:15:53 +0000
ROA not after: Wed 30 Sep 2026 00:20:53 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:83:c4:96:0a:bc:47:5c:d5:77:ce:a4:d4:f6:bf:d3:21:72:2b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Oct 1 00:15:53 2025 GMT
Not After : Sep 30 00:20:53 2026 GMT
Subject: CN=28B61F54165545D0ACA7181890DBF90E2103FCF1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6d:ad:46:98:2f:13:51:82:53:37:4f:ec:b7:
b1:dc:0e:99:a3:e3:ed:07:4b:bc:cc:e5:1b:99:80:
cc:ab:ff:fa:9b:8c:43:b6:cd:cb:7a:33:a8:a6:0f:
93:a0:21:ef:44:5b:d6:8a:af:f3:56:5b:7f:84:65:
cb:5c:b4:02:94:d1:78:97:41:86:99:73:2a:53:0c:
14:a9:94:81:dc:de:71:75:6b:d5:8e:25:74:e0:a6:
29:f5:37:89:c6:9e:f5:33:67:a5:74:77:36:da:ed:
f8:0b:ab:6c:c8:b1:54:a5:64:b9:56:32:24:10:59:
f3:4e:ee:ef:f7:58:0a:d2:b7:e1:2c:be:6f:34:f7:
a7:93:b8:0b:54:45:8e:8d:a2:09:2c:92:6d:19:06:
34:f5:5e:56:a1:cd:1b:5b:40:41:d1:95:34:0e:05:
f0:fe:77:90:97:fa:cc:e0:87:71:27:b1:e3:70:bf:
74:87:66:79:f0:b7:36:20:6c:e1:ff:98:5d:e5:3a:
88:7e:18:8f:28:6f:93:7f:e4:85:5b:1e:22:eb:74:
5f:b3:70:24:ee:06:7a:3c:53:06:bf:fa:d1:ea:0a:
53:fd:71:84:f7:0a:dd:6c:be:92:e4:5b:1d:91:f7:
c7:95:0e:92:0b:c7:ce:15:9e:f8:d3:69:60:bd:b9:
98:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:B6:1F:54:16:55:45:D0:AC:A7:18:18:90:DB:F9:0E:21:03:FC:F1
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
140.233.180.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/24
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
74:65:e9:26:28:cf:d0:23:1a:4a:3e:e5:d5:5b:5d:ba:eb:12:
b4:44:cb:5c:a6:d3:3a:17:d5:f1:16:5e:5b:06:3f:ac:6f:70:
fc:de:6c:8f:9e:65:21:ce:ef:98:d2:4d:05:15:66:d1:b4:c9:
bb:22:fb:be:41:63:20:75:0e:cf:39:73:91:84:a3:4b:9d:f0:
da:1b:75:aa:f1:92:80:6e:0c:b5:0a:b6:36:fa:2f:b7:c1:ae:
60:49:20:c5:1c:c4:a9:8d:a4:fa:59:05:39:b1:02:ca:d9:25:
ea:ea:30:67:5c:f5:b4:3b:0c:b0:21:2a:c3:ab:f3:df:98:26:
29:3e:85:fb:eb:43:7d:81:85:3b:6d:cc:9a:92:4f:bb:12:77:
83:d6:45:56:65:ee:a5:45:75:52:94:cc:73:e5:00:f4:ce:38:
40:0e:47:eb:d3:3c:3b:73:0d:25:b2:52:d6:40:8a:f3:1d:e7:
6d:34:40:b8:2a:89:e6:70:00:da:ca:84:98:77:11:6d:d4:51:
aa:ab:b8:dc:32:2e:3d:32:1c:25:f8:1c:75:48:42:20:90:a0:
c9:77:1f:06:56:e0:2b:60:a8:1c:00:96:c7:3d:5c:f9:14:19:
39:1a:70:e0:89:b2:99:71:22:d1:61:52:a7:da:26:52:f6:c5:
a8:f3:20:40
-----BEGIN CERTIFICATE-----
MIIGgzCCBWugAwIBAgIUDYPElgq8R1zVd86k1Pa/0yFyKzMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTEwMDEwMDE1NTNaFw0yNjA5MzAwMDIwNTNaMDMxMTAvBgNV
BAMTKDI4QjYxRjU0MTY1NTQ1RDBBQ0E3MTgxODkwREJGOTBFMjEwM0ZDRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWba1GmC8TUYJTN0/st7HcDpmj
4+0HS7zM5RuZgMyr//qbjEO2zct6M6imD5OgIe9EW9aKr/NWW3+EZctctAKU0XiX
QYaZcypTDBSplIHc3nF1a9WOJXTgpin1N4nGnvUzZ6V0dzba7fgLq2zIsVSlZLlW
MiQQWfNO7u/3WArSt+Esvm8096eTuAtURY6Nogkskm0ZBjT1XlahzRtbQEHRlTQO
BfD+d5CX+szgh3EnseNwv3SHZnnwtzYgbOH/mF3lOoh+GI8ob5N/5IVbHiLrdF+z
cCTuBno8Uwa/+tHqClP9cYT3Ct1svpLkWx2R98eVDpILx84VnvjTaWC9uZinAgMB
AAGjggONMIIDiTAdBgNVHQ4EFgQUKLYfVBZVRdCspxgYkNv5DiED/PEwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBowYIKwYBBQUHAQcBAf8EggGSMIIBjjCCAYoEAgABMIIB
gjAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBAKM6bQDBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMD
BACPDsUwDAMEAKKNJQMEAKKNJgMEAKKNMwMEAKKNNgMEAKKNZwMEAKKNdgMEAaKN
gAMEAKKNmwMEAKKNpAMEAKeUhwMEAKeUijAMAwQAp5STAwQAp5SUAwQAp5SWAwQA
p5SZMA0GCSqGSIb3DQEBCwUAA4IBAQB0ZekmKM/QIxpKPuXVW1266xK0RMtcptM6
F9XxFl5bBj+sb3D83myPnmUhzu+Y0k0FFWbRtMm7Ivu+QWMgdQ7POXORhKNLnfDa
G3Wq8ZKAbgy1CrY2+i+3wa5gSSDFHMSpjaT6WQU5sQLK2SXq6jBnXPW0OwywISrD
q/PfmCYpPoX760N9gYU7bcyakk+7EneD1kVWZe6lRXVSlMxz5QD0zjhADkfr0zw7
cw0lslLWQIrzHedtNEC4KonmcADayoSYdxFt1FGqq7jcMi49Mhwl+Bx1SEIgkKDJ
dx8GVuArYKgcAJbHPVz5FBk5GnDgibKZcSLRYVKn2iZS9sWo8yBA
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:15:55 2025 by rpki-client