Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: r3Vg61jef3UEIwAi1J6GKqEpX6KsAZuj2h4xnMCal+4=
Subject key identifier: 27:F8:1F:C0:17:B8:77:A4:52:F4:8C:C0:23:8A:5C:E9:15:86:1D:80
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 7EA5E9449A56EFF764198F29789F84C520A9E081
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
Signing time: Wed 20 Aug 2025 00:01:13 +0000
ROA not before: Tue 19 Aug 2025 23:56:13 +0000
ROA not after: Wed 19 Aug 2026 00:01:13 +0000
asID: 174
IP address blocks: 96.62.32.0/24 maxlen: 24
96.62.33.0/24 maxlen: 24
96.62.34.0/24 maxlen: 24
96.62.35.0/24 maxlen: 24
96.62.36.0/24 maxlen: 24
96.62.38.0/24 maxlen: 24
96.62.39.0/24 maxlen: 24
96.62.40.0/24 maxlen: 24
96.62.41.0/24 maxlen: 24
96.62.42.0/24 maxlen: 24
96.62.43.0/24 maxlen: 24
96.62.44.0/24 maxlen: 24
96.62.46.0/24 maxlen: 24
96.62.64.0/24 maxlen: 24
96.62.65.0/24 maxlen: 24
96.62.66.0/24 maxlen: 24
96.62.67.0/24 maxlen: 24
96.62.68.0/24 maxlen: 24
96.62.70.0/24 maxlen: 24
96.62.102.0/24 maxlen: 24
96.62.104.0/24 maxlen: 24
96.62.106.0/24 maxlen: 24
96.62.107.0/24 maxlen: 24
96.62.108.0/24 maxlen: 24
96.62.109.0/24 maxlen: 24
96.62.110.0/24 maxlen: 24
96.62.112.0/24 maxlen: 24
96.62.113.0/24 maxlen: 24
96.62.116.0/24 maxlen: 24
96.62.117.0/24 maxlen: 24
96.62.118.0/24 maxlen: 24
96.62.119.0/24 maxlen: 24
96.62.120.0/24 maxlen: 24
96.62.121.0/24 maxlen: 24
96.62.122.0/24 maxlen: 24
96.62.123.0/24 maxlen: 24
96.62.124.0/24 maxlen: 24
96.62.125.0/24 maxlen: 24
96.62.126.0/24 maxlen: 24
96.62.132.0/24 maxlen: 24
96.62.133.0/24 maxlen: 24
96.62.134.0/24 maxlen: 24
96.62.136.0/24 maxlen: 24
96.62.137.0/24 maxlen: 24
96.62.138.0/24 maxlen: 24
96.62.139.0/24 maxlen: 24
96.62.141.0/24 maxlen: 24
96.62.142.0/24 maxlen: 24
96.62.143.0/24 maxlen: 24
96.62.146.0/24 maxlen: 24
96.62.147.0/24 maxlen: 24
96.62.160.0/24 maxlen: 24
96.62.161.0/24 maxlen: 24
96.62.162.0/24 maxlen: 24
96.62.163.0/24 maxlen: 24
96.62.164.0/24 maxlen: 24
96.62.165.0/24 maxlen: 24
96.62.166.0/24 maxlen: 24
96.62.167.0/24 maxlen: 24
96.62.168.0/24 maxlen: 24
96.62.169.0/24 maxlen: 24
96.62.170.0/24 maxlen: 24
96.62.171.0/24 maxlen: 24
96.62.172.0/24 maxlen: 24
96.62.173.0/24 maxlen: 24
96.62.174.0/24 maxlen: 24
96.62.175.0/24 maxlen: 24
96.62.177.0/24 maxlen: 24
96.62.178.0/24 maxlen: 24
96.62.179.0/24 maxlen: 24
96.62.188.0/24 maxlen: 24
96.62.189.0/24 maxlen: 24
96.62.196.0/24 maxlen: 24
96.62.198.0/24 maxlen: 24
96.62.199.0/24 maxlen: 24
96.62.212.0/24 maxlen: 24
96.62.213.0/24 maxlen: 24
96.62.215.0/24 maxlen: 24
96.62.225.0/24 maxlen: 24
96.62.226.0/24 maxlen: 24
96.62.230.0/24 maxlen: 24
96.62.236.0/24 maxlen: 24
96.62.237.0/24 maxlen: 24
96.62.238.0/24 maxlen: 24
96.62.239.0/24 maxlen: 24
96.62.240.0/24 maxlen: 24
96.62.241.0/24 maxlen: 24
96.62.245.0/24 maxlen: 24
96.62.246.0/24 maxlen: 24
96.62.252.0/24 maxlen: 24
140.233.160.0/22 maxlen: 22
140.233.180.0/22 maxlen: 22
143.14.146.0/24 maxlen: 24
143.14.148.0/24 maxlen: 24
143.14.153.0/24 maxlen: 24
143.14.155.0/24 maxlen: 24
143.14.195.0/24 maxlen: 24
143.14.197.0/24 maxlen: 24
150.241.136.0/21 maxlen: 24
162.141.37.0/24 maxlen: 24
162.141.38.0/24 maxlen: 24
162.141.51.0/24 maxlen: 24
162.141.54.0/24 maxlen: 24
162.141.103.0/24 maxlen: 24
162.141.118.0/24 maxlen: 24
162.141.128.0/24 maxlen: 24
162.141.129.0/24 maxlen: 24
162.141.155.0/24 maxlen: 24
162.141.164.0/24 maxlen: 24
167.148.135.0/24 maxlen: 24
167.148.138.0/24 maxlen: 24
167.148.147.0/24 maxlen: 24
167.148.148.0/24 maxlen: 24
167.148.150.0/24 maxlen: 24
167.148.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:a5:e9:44:9a:56:ef:f7:64:19:8f:29:78:9f:84:c5:20:a9:e0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Aug 19 23:56:13 2025 GMT
Not After : Aug 19 00:01:13 2026 GMT
Subject: CN=27F81FC017B877A452F48CC0238A5CE915861D80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:76:4f:54:0b:08:77:35:ee:80:e6:dc:ec:40:
49:65:2e:9e:7d:12:76:4d:8c:46:e8:77:dc:f1:10:
87:82:a6:88:ed:78:6a:18:a9:5b:66:94:90:01:8c:
2d:a5:9a:8f:a1:8a:11:01:dd:f8:71:cd:c9:93:09:
8a:97:d3:fb:af:0d:19:54:1e:4f:cd:c5:09:e4:0d:
38:82:17:c1:8a:9d:aa:f2:bb:a2:fb:61:a3:8b:a7:
d0:0a:8b:50:bc:aa:61:07:63:bf:0e:1d:3b:36:45:
e2:56:93:59:89:8e:dd:2a:72:90:66:62:ba:c6:8d:
d3:9c:5d:6d:99:0e:cb:bf:f1:29:bd:5a:a4:12:de:
6c:4f:31:e7:09:37:83:de:d8:77:1d:48:ed:0c:4f:
87:75:30:bf:0d:8c:85:5d:d2:be:13:91:78:6b:a1:
c7:a0:56:10:02:06:a5:72:a8:7a:43:34:19:1e:97:
b5:89:f4:46:86:7e:b1:3d:c2:d4:61:12:4e:f3:69:
a9:f5:df:d3:b3:14:7b:a2:85:32:de:d0:05:41:d3:
64:66:a6:b5:c0:e5:a6:5d:ce:17:59:aa:78:ec:10:
c4:c5:89:b9:ec:c4:9a:1c:34:db:4f:67:b3:8d:d9:
20:9d:1a:4d:4e:66:70:80:d0:3d:38:f2:c1:6e:e3:
53:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:F8:1F:C0:17:B8:77:A4:52:F4:8C:C0:23:8A:5C:E9:15:86:1D:80
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.32.0-96.62.36.255
96.62.38.0-96.62.44.255
96.62.46.0/24
96.62.64.0-96.62.68.255
96.62.70.0/24
96.62.102.0/24
96.62.104.0/24
96.62.106.0-96.62.110.255
96.62.112.0/23
96.62.116.0-96.62.126.255
96.62.132.0-96.62.134.255
96.62.136.0/22
96.62.141.0-96.62.143.255
96.62.146.0/23
96.62.160.0/20
96.62.177.0-96.62.179.255
96.62.188.0/23
96.62.196.0/24
96.62.198.0/23
96.62.212.0/23
96.62.215.0/24
96.62.225.0-96.62.226.255
96.62.230.0/24
96.62.236.0-96.62.241.255
96.62.245.0-96.62.246.255
96.62.252.0/24
140.233.160.0/22
140.233.180.0/22
143.14.146.0/24
143.14.148.0/24
143.14.153.0/24
143.14.155.0/24
143.14.195.0/24
143.14.197.0/24
150.241.136.0/21
162.141.37.0-162.141.38.255
162.141.51.0/24
162.141.54.0/24
162.141.103.0/24
162.141.118.0/24
162.141.128.0/23
162.141.155.0/24
162.141.164.0/24
167.148.135.0/24
167.148.138.0/24
167.148.147.0-167.148.148.255
167.148.150.0/24
167.148.153.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:70:28:47:53:e0:13:75:b4:80:10:c5:17:62:46:dd:25:d9:
02:de:5f:c2:ff:91:e3:a1:7a:94:d6:25:9f:9d:4b:3f:0e:50:
7e:12:f5:67:5f:0e:67:35:f3:a7:5f:3c:31:48:7a:16:3d:01:
11:70:7b:c7:c9:3d:e5:91:cb:92:c7:51:f6:31:bb:09:3b:0c:
21:95:be:b8:c4:07:e6:d4:f4:8c:ff:e5:3d:e0:9c:39:a8:a6:
0e:dc:62:cb:5b:61:cb:9d:6c:4c:42:ef:f8:4f:3e:17:a3:95:
07:ba:39:e6:49:4b:12:ea:fc:9b:7f:a0:69:76:ff:99:73:46:
4f:68:43:b9:87:43:46:c1:43:72:f2:17:16:b6:8b:a2:68:da:
3b:67:d9:d5:47:72:8b:58:3c:a8:6e:f1:20:03:df:fd:0b:cb:
a5:78:2b:02:ae:26:d0:97:0a:03:5a:c9:7e:58:ec:92:10:d4:
eb:4b:a0:92:fd:b7:09:38:c0:0d:81:a1:9b:ba:ed:e1:fb:47:
13:c6:98:2a:ba:e7:4c:e4:4e:ce:15:7b:30:e7:62:20:95:bf:
6a:5b:bf:54:d9:48:8c:6e:c5:54:f1:0d:5b:80:4e:af:ef:da:
1c:ff:2b:4f:e2:d0:ea:67:52:22:a9:2c:21:5d:2c:a0:80:0b:
d2:bc:21:ee
-----BEGIN CERTIFICATE-----
MIIGiTCCBXGgAwIBAgIUfqXpRJpW7/dkGY8peJ+ExSCp4IEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA4MTkyMzU2MTNaFw0yNjA4MTkwMDAxMTNaMDMxMTAvBgNV
BAMTKDI3RjgxRkMwMTdCODc3QTQ1MkY0OENDMDIzOEE1Q0U5MTU4NjFEODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjdk9UCwh3Ne6A5tzsQEllLp59
EnZNjEbod9zxEIeCpojteGoYqVtmlJABjC2lmo+hihEB3fhxzcmTCYqX0/uvDRlU
Hk/NxQnkDTiCF8GKnaryu6L7YaOLp9AKi1C8qmEHY78OHTs2ReJWk1mJjt0qcpBm
YrrGjdOcXW2ZDsu/8Sm9WqQS3mxPMecJN4Pe2HcdSO0MT4d1ML8NjIVd0r4TkXhr
ocegVhACBqVyqHpDNBkel7WJ9EaGfrE9wtRhEk7zaan139OzFHuihTLe0AVB02Rm
prXA5aZdzhdZqnjsEMTFibnsxJocNNtPZ7ON2SCdGk1OZnCA0D048sFu41NrAgMB
AAGjggOTMIIDjzAdBgNVHQ4EFgQUJ/gfwBe4d6RS9IzAI4pc6RWGHYAwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBqQYIKwYBBQUHAQcBAf8EggGYMIIBlDCCAZAEAgABMIIB
iDAMAwQFYD4gAwQAYD4kMAwDBAFgPiYDBABgPiwDBABgPi4wDAMEBmA+QAMEAGA+
RAMEAGA+RgMEAGA+ZgMEAGA+aDAMAwQBYD5qAwQAYD5uAwQBYD5wMAwDBAJgPnQD
BABgPn4wDAMEAmA+hAMEAGA+hgMEAmA+iDAMAwQAYD6NAwQEYD6AAwQBYD6SAwQE
YD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABgPtcw
DAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABgPvYD
BABgPvwDBAKM6aADBAKM6bQDBACPDpIDBACPDpQDBACPDpkDBACPDpsDBACPDsMD
BACPDsUDBAOW8YgwDAMEAKKNJQMEAKKNJgMEAKKNMwMEAKKNNgMEAKKNZwMEAKKN
dgMEAaKNgAMEAKKNmwMEAKKNpAMEAKeUhwMEAKeUijAMAwQAp5STAwQAp5SUAwQA
p5SWAwQAp5SZMA0GCSqGSIb3DQEBCwUAA4IBAQBscChHU+ATdbSAEMUXYkbdJdkC
3l/C/5HjoXqU1iWfnUs/DlB+EvVnXw5nNfOnXzwxSHoWPQERcHvHyT3lkcuSx1H2
MbsJOwwhlb64xAfm1PSM/+U94Jw5qKYO3GLLW2HLnWxMQu/4Tz4Xo5UHujnmSUsS
6vybf6Bpdv+Zc0ZPaEO5h0NGwUNy8hcWtouiaNo7Z9nVR3KLWDyobvEgA9/9C8ul
eCsCribQlwoDWsl+WOySENTrS6CS/bcJOMANgaGbuu3h+0cTxpgquudM5E7OFXsw
52Iglb9qW79U2UiMbsVU8Q1bgE6v79oc/ytP4tDqZ1IiqSwhXSyggAvSvCHu
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:37:25 2025 by rpki-client