Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
File: AS174.roa (raw, json)
Hash identifier: L8OTKdSb2HSV+mR6fxSXKbjE0ZuhLzBjZOPpaDJLH9s=
Subject key identifier: 9C:60:3F:F0:8A:77:8C:9A:F1:00:E1:4E:C0:9F:27:2A:F3:D7:FF:2A
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 27584C4AB8CB0E695511291A6281A322784CC60E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
Signing time: Thu 01 May 2025 00:00:24 +0000
ROA not before: Wed 30 Apr 2025 23:55:24 +0000
ROA not after: Thu 30 Apr 2026 00:00:24 +0000
asID: 174
IP address blocks: 5.182.110.0/24 maxlen: 24
45.88.97.0/24 maxlen: 24
45.89.249.0/24 maxlen: 24
45.133.172.0/24 maxlen: 24
45.133.173.0/24 maxlen: 24
179.61.197.0/24 maxlen: 24
179.61.239.0/24 maxlen: 24
181.41.202.0/24 maxlen: 24
181.41.206.0/24 maxlen: 24
181.214.93.0/24 maxlen: 24
181.214.153.0/24 maxlen: 24
181.214.164.0/24 maxlen: 24
181.214.165.0/24 maxlen: 24
181.214.166.0/24 maxlen: 24
181.214.167.0/24 maxlen: 24
181.214.173.0/24 maxlen: 24
181.214.218.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.176.0/24 maxlen: 24
181.215.182.0/24 maxlen: 24
191.96.36.0/24 maxlen: 24
191.96.37.0/24 maxlen: 24
191.96.103.0/24 maxlen: 24
191.96.106.0/24 maxlen: 24
191.96.150.0/24 maxlen: 24
191.96.168.0/24 maxlen: 24
191.96.185.0/24 maxlen: 24
191.96.227.0/24 maxlen: 24
191.96.255.0/24 maxlen: 24
191.101.31.0/24 maxlen: 24
191.101.61.0/24 maxlen: 24
191.101.157.0/24 maxlen: 24
191.101.217.0/24 maxlen: 24
194.110.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:58:4c:4a:b8:cb:0e:69:55:11:29:1a:62:81:a3:22:78:4c:c6:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 30 23:55:24 2025 GMT
Not After : Apr 30 00:00:24 2026 GMT
Subject: CN=9C603FF08A778C9AF100E14EC09F272AF3D7FF2A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:66:42:d5:b5:37:a2:59:ca:8c:b8:78:89:bd:
23:6f:b0:5e:83:58:b9:9e:d1:b7:a9:bd:aa:90:49:
d4:4b:33:4e:bc:ad:1a:c9:06:74:36:fc:1a:74:1a:
0f:e2:33:f2:6f:b8:44:af:dc:89:22:03:cb:b2:d3:
0a:5b:ce:0d:91:ac:d9:15:15:50:77:3c:bc:4c:2b:
d2:5d:7f:bb:5f:1d:a0:8e:9d:d3:d1:62:a1:ac:30:
5b:48:62:35:50:95:65:ae:3e:95:fe:17:3e:fc:59:
27:26:a5:76:02:b3:3c:72:7a:c3:4d:a2:7b:d8:72:
c7:a0:ea:ef:be:ae:6f:a0:f5:40:ff:10:b5:23:1b:
dd:2e:12:55:95:d7:9e:97:18:0c:81:42:e5:fd:93:
43:ae:8b:fd:61:d9:9f:6d:be:49:ad:fd:6f:f5:b7:
de:a9:45:93:45:80:d0:d7:d2:f1:0d:9d:6b:ba:8e:
aa:a3:61:e2:9e:4c:1d:b6:93:6c:51:c1:c0:d0:56:
99:7f:0a:56:91:4a:f7:6b:da:1b:46:f4:fe:42:4b:
d7:6b:a9:57:5b:a9:d1:9e:d2:8c:07:29:39:ff:21:
08:d2:8f:44:0d:f0:32:a9:1a:32:d1:55:f6:02:db:
15:54:c4:48:13:6b:68:57:00:76:50:80:0e:6e:57:
d5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:60:3F:F0:8A:77:8C:9A:F1:00:E1:4E:C0:9F:27:2A:F3:D7:FF:2A
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS174.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
45.88.97.0/24
45.89.249.0/24
45.133.172.0/23
179.61.197.0/24
179.61.239.0/24
181.41.202.0/24
181.41.206.0/24
181.214.93.0/24
181.214.153.0/24
181.214.164.0/22
181.214.173.0/24
181.214.218.0/24
181.215.88.0/24
181.215.176.0/24
181.215.182.0/24
191.96.36.0/23
191.96.103.0/24
191.96.106.0/24
191.96.150.0/24
191.96.168.0/24
191.96.185.0/24
191.96.227.0/24
191.96.255.0/24
191.101.31.0/24
191.101.61.0/24
191.101.157.0/24
191.101.217.0/24
194.110.13.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:2b:8f:77:01:81:5c:e8:4e:4a:f9:87:b5:e7:33:98:db:44:
8c:91:53:79:2e:6b:79:1c:20:fb:99:e5:bb:05:38:98:9e:16:
1a:59:c0:60:70:ad:0c:5b:e6:c0:2c:f5:9f:9a:b1:ea:dd:2a:
38:82:8d:e3:2c:95:7e:48:bb:8d:dc:41:0d:22:ea:84:34:9f:
b7:c3:c7:44:99:50:c9:c7:85:9e:2f:07:c0:4d:3d:d4:a5:20:
be:24:65:3b:5f:ee:88:96:71:89:6d:1e:bd:a8:5f:30:39:77:
42:47:10:be:2e:4e:b1:14:e9:36:ec:f8:01:e0:b2:e7:76:fe:
2a:73:a8:4b:af:15:54:9d:43:af:f8:08:a1:83:19:b2:3f:1e:
a4:21:d8:c8:57:29:b2:54:84:07:43:82:10:10:e5:52:93:1d:
86:d5:09:e4:f6:a3:7e:1a:52:37:62:98:65:b0:18:9b:7b:e1:
f0:7c:35:b0:62:16:7a:2b:ac:b6:fa:df:a5:4f:6f:d8:85:a4:
b4:68:f9:0e:dd:19:91:f5:a0:e6:52:3b:f1:38:32:ee:e9:46:
70:88:82:eb:01:56:dd:4c:c4:8d:f2:b7:00:ee:bd:9e:f3:cb:
0b:42:10:78:44:5e:b4:3d:b3:73:d8:1f:e9:3e:c2:ef:c8:d1:
c1:f3:af:b2
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgIUJ1hMSrjLDmlVESkaYoGjInhMxg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA0MzAyMzU1MjRaFw0yNjA0MzAwMDAwMjRaMDMxMTAvBgNV
BAMTKDlDNjAzRkYwOEE3NzhDOUFGMTAwRTE0RUMwOUYyNzJBRjNEN0ZGMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8ZkLVtTeiWcqMuHiJvSNvsF6D
WLme0bepvaqQSdRLM068rRrJBnQ2/Bp0Gg/iM/JvuESv3IkiA8uy0wpbzg2RrNkV
FVB3PLxMK9Jdf7tfHaCOndPRYqGsMFtIYjVQlWWuPpX+Fz78WScmpXYCszxyesNN
onvYcseg6u++rm+g9UD/ELUjG90uElWV156XGAyBQuX9k0Oui/1h2Z9tvkmt/W/1
t96pRZNFgNDX0vENnWu6jqqjYeKeTB22k2xRwcDQVpl/ClaRSvdr2htG9P5CS9dr
qVdbqdGe0owHKTn/IQjSj0QN8DKpGjLRVfYC2xVUxEgTa2hXAHZQgA5uV9V5AgMB
AAGjggK0MIICsDAdBgNVHQ4EFgQUnGA/8Ip3jJrxAOFOwJ8nKvPX/yowHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTc0LnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBAAF
tm4DBAAtWGEDBAAtWfkDBAEthawDBACzPcUDBACzPe8DBAC1KcoDBAC1Kc4DBAC1
1l0DBAC11pkDBAK11qQDBAC11q0DBAC11toDBAC111gDBAC117ADBAC117YDBAG/
YCQDBAC/YGcDBAC/YGoDBAC/YJYDBAC/YKgDBAC/YLkDBAC/YOMDBAC/YP8DBAC/
ZR8DBAC/ZT0DBAC/ZZ0DBAC/ZdkDBADCbg0wDQYJKoZIhvcNAQELBQADggEBAJ4r
j3cBgVzoTkr5h7XnM5jbRIyRU3kua3kcIPuZ5bsFOJieFhpZwGBwrQxb5sAs9Z+a
serdKjiCjeMslX5Iu43cQQ0i6oQ0n7fDx0SZUMnHhZ4vB8BNPdSlIL4kZTtf7oiW
cYltHr2oXzA5d0JHEL4uTrEU6Tbs+AHgsud2/ipzqEuvFVSdQ6/4CKGDGbI/HqQh
2MhXKbJUhAdDghAQ5VKTHYbVCeT2o34aUjdimGWwGJt74fB8NbBiFnorrLb636VP
b9iFpLRo+Q7dGZH1oOZSO/E4Mu7pRnCIgusBVt1MxI3ytwDuvZ7zywtCEHhEXrQ9
s3PYH+k+wu/I0cHzr7I=
-----END CERTIFICATE-----
Generated at Tue May 6 00:25:49 2025 by rpki-client