Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: h1g87IYEs5VsAwzMCDcdi4hLg9KIpHTRGGGngaNso0E=
Subject key identifier: 80:D4:7D:B5:65:60:45:FB:7B:B2:AA:7B:0D:74:F8:3B:71:0B:9A:A8
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 3615863BB6E6CFF246F74405F2FE0E2AE520A5B0
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
Signing time: Sat 27 Jun 2026 07:19:53 +0000
ROA not before: Sat 27 Jun 2026 07:14:53 +0000
ROA not after: Sat 26 Jun 2027 07:19:53 +0000
asID: 209737
IP address blocks: 31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
185.231.226.0/24 maxlen: 24
193.32.184.0/24 maxlen: 24
193.32.185.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Jun 2026 07:25:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:15:86:3b:b6:e6:cf:f2:46:f7:44:05:f2:fe:0e:2a:e5:20:a5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Jun 27 07:14:53 2026 GMT
Not After : Jun 26 07:19:53 2027 GMT
Subject: CN=80D47DB5656045FB7BB2AA7B0D74F83B710B9AA8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5f:7b:bc:bf:25:c8:40:40:b8:69:db:d5:12:
c8:56:e4:d1:1d:ef:68:fc:49:ae:b9:de:b1:96:78:
ec:6f:9c:9a:f5:a3:89:76:10:0f:7a:66:ff:89:a4:
7c:4b:9a:4d:1c:39:2a:52:71:61:69:e9:1e:c1:cf:
fe:97:e0:03:58:90:22:3f:94:ec:e5:81:21:bf:a1:
d0:ee:d6:c6:45:e1:79:0c:7c:67:39:19:98:33:56:
d2:de:86:c1:eb:65:e0:2f:00:3a:19:08:f1:d5:01:
0f:42:f5:3a:bc:9e:43:dc:92:57:4a:0b:5a:c9:e5:
b0:a0:58:00:20:46:52:52:0a:af:7a:54:04:a6:b7:
59:35:67:68:54:eb:77:44:e1:01:a4:da:bd:ab:4b:
be:ff:2b:7e:d6:f3:4e:89:cf:ae:c0:56:52:fd:4c:
dc:35:53:83:c8:3d:8a:2c:36:92:9e:08:e7:c1:8a:
48:76:19:28:90:25:4e:36:e5:36:68:cd:30:a6:b9:
52:76:7a:44:3b:5f:6c:1c:97:91:ff:1c:6a:58:11:
63:b9:28:81:d5:c8:c6:ce:45:43:d9:1e:1a:5a:c5:
29:7a:46:c4:ee:8c:72:99:9e:bb:a0:ff:34:04:5e:
b9:6e:b7:34:69:36:46:69:e4:7c:d1:04:d1:9c:0c:
7b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D4:7D:B5:65:60:45:FB:7B:B2:AA:7B:0D:74:F8:3B:71:0B:9A:A8
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.205.0/24
85.235.73.0-85.235.74.255
176.96.128.0/24
185.231.226.0/24
193.32.184.0/23
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
41:4a:a1:dc:b7:ca:2d:58:9e:4e:90:ca:8a:6b:8d:e0:8e:0c:
d8:e7:cc:60:7f:ca:c1:0c:cd:0f:29:7d:f0:2b:bd:73:b4:45:
2f:46:0f:be:ed:c7:69:31:60:c6:c9:77:1c:3b:98:a7:7a:36:
05:4b:99:2d:5a:27:49:e8:24:f8:a9:39:b4:16:28:de:5a:6f:
e3:6f:51:53:03:79:46:04:47:df:57:b3:8f:5b:03:7d:12:e4:
a7:2b:28:d5:e1:78:22:f0:43:ad:8d:dd:80:cb:23:af:fd:20:
6c:7c:54:d5:ed:5b:33:1c:c0:44:72:68:1e:94:e7:1a:54:13:
4a:2b:5a:3f:d7:5f:c2:55:5b:d3:e1:a2:2d:34:7b:ef:2b:f9:
78:89:9e:5a:2b:48:a7:cf:38:1c:fe:4d:aa:32:4a:a8:d9:96:
88:4f:61:24:99:8e:05:aa:c0:fb:90:48:7d:9b:f9:cc:1b:ee:
15:50:15:31:e9:dc:69:41:50:c0:b6:87:f4:53:b2:61:d9:8f:
ce:38:6b:6c:d1:2e:db:c0:6d:70:c1:a4:3f:f2:ea:2c:8e:8a:
d2:bc:ae:99:87:80:53:78:8b:80:47:80:3d:6d:10:66:93:b9:
ca:ed:15:08:7a:6f:bc:d1:4e:38:96:c9:d7:87:f5:8b:90:3d:
37:92:04:08
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUNhWGO7bmz/JG90QF8v4OKuUgpbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA2MjcwNzE0NTNaFw0yNzA2MjYwNzE5NTNaMDMxMTAvBgNV
BAMTKDgwRDQ3REI1NjU2MDQ1RkI3QkIyQUE3QjBENzRGODNCNzEwQjlBQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChX3u8vyXIQEC4advVEshW5NEd
72j8Sa653rGWeOxvnJr1o4l2EA96Zv+JpHxLmk0cOSpScWFp6R7Bz/6X4ANYkCI/
lOzlgSG/odDu1sZF4XkMfGc5GZgzVtLehsHrZeAvADoZCPHVAQ9C9Tq8nkPckldK
C1rJ5bCgWAAgRlJSCq96VASmt1k1Z2hU63dE4QGk2r2rS77/K37W806Jz67AVlL9
TNw1U4PIPYosNpKeCOfBikh2GSiQJU425TZozTCmuVJ2ekQ7X2wcl5H/HGpYEWO5
KIHVyMbORUPZHhpaxSl6RsTujHKZnrug/zQEXrlutzRpNkZp5HzRBNGcDHsNAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUgNR9tWVgRft7sqp7DXT4O3ELmqgwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAHyjN
MAwDBABV60kDBABV60oDBACwYIADBAC55+IDBAHBILgDBADBb08DBADZEtAwDQYJ
KoZIhvcNAQELBQADggEBAEFKody3yi1Ynk6QyoprjeCODNjnzGB/ysEMzQ8pffAr
vXO0RS9GD77tx2kxYMbJdxw7mKd6NgVLmS1aJ0noJPipObQWKN5ab+NvUVMDeUYE
R99Xs49bA30S5KcrKNXheCLwQ62N3YDLI6/9IGx8VNXtWzMcwERyaB6U5xpUE0or
Wj/XX8JVW9Phoi00e+8r+XiJnlorSKfPOBz+TaoySqjZlohPYSSZjgWqwPuQSH2b
+cwb7hVQFTHp3GlBUMC2h/RTsmHZj844a2zRLtvAbXDBpD/y6iyOitK8rpmHgFN4
i4BHgD1tEGaTucrtFQh6b7zRTjiWydeH9YuQPTeSBAg=
-----END CERTIFICATE-----
Generated at Sat Jun 27 20:33:51 2026 by rpki-client