Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: tdWcpStWbqYFEzqcfWjmBSVDVx6uQr1AwYkau00GPFI=
Subject key identifier: 5D:A8:51:A7:D7:16:84:1C:54:94:D3:CC:30:6C:0B:0B:84:98:98:D4
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 049CD9D657E02561BA863A936A664E5C289DDEEA
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Mon 21 Jul 2025 16:42:04 +0000
ROA not before: Mon 21 Jul 2025 16:37:04 +0000
ROA not after: Mon 20 Jul 2026 16:42:04 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
62.182.32.0/22 maxlen: 22
85.235.72.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
212.115.100.0/22 maxlen: 22
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 14:17:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:9c:d9:d6:57:e0:25:61:ba:86:3a:93:6a:66:4e:5c:28:9d:de:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jul 21 16:37:04 2025 GMT
Not After : Jul 20 16:42:04 2026 GMT
Subject: CN=5DA851A7D716841C5494D3CC306C0B0B849898D4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:88:aa:e0:0e:19:39:ac:45:ae:3b:c3:ec:f0:
63:9a:ca:55:86:76:a8:67:39:df:1e:ca:a9:7a:62:
31:15:19:95:34:10:a4:d5:0d:f0:ba:6f:e6:29:17:
68:c6:e3:b0:59:0c:fc:a1:5a:1f:8f:16:55:0c:4f:
66:c5:33:6d:33:1a:b5:a3:1d:04:86:39:d2:95:6c:
8e:2f:3f:f9:f2:52:ba:dc:e4:9f:0b:57:ec:61:2e:
89:b9:96:60:22:b3:d3:8d:4e:e1:6f:df:91:87:e3:
ef:f7:7f:b7:e4:9e:bb:aa:a1:1c:92:ad:a4:ae:c3:
a1:89:a7:1b:91:a7:21:c4:4e:c6:b4:4f:4d:78:36:
95:51:a6:ba:95:00:e4:2a:fa:ef:23:5c:d4:8c:91:
e2:13:78:66:58:ba:aa:20:0c:99:d2:eb:17:d3:c3:
ec:01:fa:f4:99:ca:37:08:fb:6a:30:0b:e0:59:f4:
c8:d4:68:69:53:21:c2:63:c2:fa:d6:f9:bb:72:06:
35:8d:20:3d:f1:dd:59:d1:6e:45:ef:e3:15:14:12:
36:27:69:99:81:ac:1f:60:4f:49:f9:c3:1d:4d:8d:
d6:b2:ff:2d:3f:84:f6:1a:ab:90:f4:bb:43:f0:d0:
fc:e1:c3:5e:b0:91:b3:93:7f:44:89:d1:98:f4:fc:
64:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A8:51:A7:D7:16:84:1C:54:94:D3:CC:30:6C:0B:0B:84:98:98:D4
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.204.0/23
37.221.76.0/23
37.221.79.0/24
62.182.32.0/22
85.235.72.0/24
85.235.74.0/24
92.249.63.0/24
139.28.48.0/22
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
212.115.100.0/22
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
45:4d:fe:29:68:f4:6b:fa:fb:43:99:16:fd:63:5c:a3:ca:ce:
d9:45:94:b3:14:83:4d:d1:08:a5:07:b6:11:5a:03:82:50:01:
f9:8f:3c:2f:83:ae:98:4d:7a:c8:c8:2d:b9:f1:ad:5e:72:30:
02:a5:d8:c8:dc:25:a7:cf:cb:12:fc:bf:7d:24:bf:31:1d:c8:
0f:fc:2f:be:24:f8:22:70:f2:7d:d3:69:9d:cd:06:2a:22:6e:
6d:d0:65:0a:49:c4:d7:1b:be:97:9f:be:5e:bd:7e:82:e2:fb:
0c:d0:a8:fe:5d:6a:f9:f3:68:3c:c7:e9:64:2f:7c:db:0d:86:
37:6d:7f:65:f4:fe:49:d7:54:47:05:f6:19:3a:f9:34:8e:2c:
0d:4c:12:85:39:2e:8e:10:8b:37:84:d7:c6:67:a7:0a:c7:a8:
b3:a3:79:b9:c5:f0:de:b5:3e:8f:6a:4c:8c:68:12:73:7d:27:
d0:fb:b6:d4:0a:bc:87:56:c0:09:53:0d:83:b0:53:e8:c0:c5:
31:b0:ea:3d:77:f7:8c:73:8c:e1:42:db:21:45:a6:92:f3:75:
b8:b0:3e:80:2a:92:43:2e:ab:f8:ba:52:e8:a4:6f:07:d3:79:
c3:20:c8:f7:f4:26:97:bc:0f:3b:db:4d:ac:7b:72:ae:c0:7e:
65:0f:bb:2b
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgIUBJzZ1lfgJWG6hjqTamZOXCid3uowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA3MjExNjM3MDRaFw0yNjA3MjAxNjQyMDRaMDMxMTAvBgNV
BAMTKDVEQTg1MUE3RDcxNjg0MUM1NDk0RDNDQzMwNkMwQjBCODQ5ODk4RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDliKrgDhk5rEWuO8Ps8GOaylWG
dqhnOd8eyql6YjEVGZU0EKTVDfC6b+YpF2jG47BZDPyhWh+PFlUMT2bFM20zGrWj
HQSGOdKVbI4vP/nyUrrc5J8LV+xhLom5lmAis9ONTuFv35GH4+/3f7fknruqoRyS
raSuw6GJpxuRpyHETsa0T014NpVRprqVAOQq+u8jXNSMkeITeGZYuqogDJnS6xfT
w+wB+vSZyjcI+2owC+BZ9MjUaGlTIcJjwvrW+btyBjWNID3x3VnRbkXv4xUUEjYn
aZmBrB9gT0n5wx1Njday/y0/hPYaq5D0u0Pw0Pzhw16wkbOTf0SJ0Zj0/GQJAgMB
AAGjggKEMIICgDAdBgNVHQ4EFgQUXahRp9cWhBxUlNPMMGwLC4SYmNQwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAME
AAWFZQMEAR8oxAMEAR8ozAMEASXdTAMEACXdTwMEAj62IAMEAFXrSAMEAFXrSgME
AFz5PwMEAoscMDAMAwQHsGCAAwQAsGCCAwQAuefhAwQAwW9MAwQAwW9PMAwDBADU
V8UDBAPUV8ADBALUc2QDBADZEtADBADZEtMwDQYJKoZIhvcNAQELBQADggEBAEVN
/ilo9Gv6+0OZFv1jXKPKztlFlLMUg03RCKUHthFaA4JQAfmPPC+DrphNesjILbnx
rV5yMAKl2MjcJafPyxL8v30kvzEdyA/8L74k+CJw8n3TaZ3NBioibm3QZQpJxNcb
vpefvl69foLi+wzQqP5davnzaDzH6WQvfNsNhjdtf2X0/knXVEcF9hk6+TSOLA1M
EoU5Lo4QizeE18ZnpwrHqLOjebnF8N61Po9qTIxoEnN9J9D7ttQKvIdWwAlTDYOw
U+jAxTGw6j1394xzjOFC2yFFppLzdbiwPoAqkkMuq/i6UuikbwfTecMgyPf0Jpe8
DzvbTax7cq7AfmUPuys=
-----END CERTIFICATE-----
Generated at Mon Jul 21 23:17:26 2025 by rpki-client