Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS209888.roa
File: AS209888.roa (raw, json)
Hash identifier: oL135XVWKiCNmxuDm/5ZMJhYRpAHweXkYKwpb7TAQbM=
Subject key identifier: 2F:D2:6F:42:3C:8F:19:AE:BF:46:C9:27:42:4C:B6:D1:0E:8E:92:1A
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 242D7E34E0B0D062B07275AFA7218D38A4DD505F
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS209888.roa
Signing time: Tue 05 May 2026 18:31:50 +0000
ROA not before: Tue 05 May 2026 18:26:50 +0000
ROA not after: Tue 04 May 2027 18:31:50 +0000
asID: 209888
IP address blocks: 51.194.166.0/24 maxlen: 24
51.194.214.0/24 maxlen: 24
51.194.220.0/24 maxlen: 24
51.194.236.0/24 maxlen: 24
51.194.252.0/24 maxlen: 24
78.105.198.0/24 maxlen: 24
78.105.199.0/24 maxlen: 24
78.105.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 May 2026 18:48:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:2d:7e:34:e0:b0:d0:62:b0:72:75:af:a7:21:8d:38:a4:dd:50:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: May 5 18:26:50 2026 GMT
Not After : May 4 18:31:50 2027 GMT
Subject: CN=2FD26F423C8F19AEBF46C927424CB6D10E8E921A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:1c:5a:12:aa:64:6e:6a:22:f8:0b:c5:55:ff:
3c:f0:5e:ae:08:65:aa:25:a6:c5:b8:fe:71:b7:13:
58:0d:d6:f4:f0:66:af:17:15:cd:47:35:e4:c2:8b:
19:11:6b:1a:0d:a3:1b:b0:12:c3:d3:c7:0b:3b:8f:
f8:3a:d7:50:47:15:c0:92:10:cd:93:3c:b8:27:63:
55:72:b1:06:6b:0d:c6:13:a0:04:59:f5:92:b8:31:
0e:69:23:c2:ec:1d:62:03:ee:52:6f:d5:69:1d:8d:
71:f4:ef:df:7c:31:93:5b:e1:a2:a1:7d:15:81:5a:
fb:cd:ef:ca:be:45:fe:2c:6c:d9:6e:92:a4:c9:6d:
05:91:a4:9a:6c:31:86:4f:b3:c6:12:8e:fc:05:04:
e1:ae:ce:21:d3:8b:fe:b1:71:0c:7b:ce:60:17:f1:
14:05:06:af:1e:6b:e7:95:ce:70:0b:c1:9a:3b:78:
ca:b0:28:36:f4:e7:86:c9:06:48:4e:b3:ed:c8:9d:
e7:ed:37:5f:1d:d6:35:e5:7c:b3:93:89:0d:84:87:
93:86:d0:e6:66:a5:eb:64:7e:0b:5a:9e:e8:0b:20:
fb:96:29:5d:db:e2:39:d5:45:5c:b1:ab:0d:5b:dd:
83:9c:1e:d4:bd:34:c9:fb:a4:a4:53:4c:7e:7d:14:
df:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:6F:42:3C:8F:19:AE:BF:46:C9:27:42:4C:B6:D1:0E:8E:92:1A
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS209888.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.194.166.0/24
51.194.214.0/24
51.194.220.0/24
51.194.236.0/24
51.194.252.0/24
78.105.198.0/23
78.105.223.0/24
Signature Algorithm: sha256WithRSAEncryption
53:02:ba:66:b3:b5:50:60:fa:03:d1:4d:c0:37:d4:d8:1c:17:
21:33:c3:6a:24:30:d9:bc:f3:56:0d:fb:27:24:85:b6:e9:e6:
b8:96:55:f3:7e:af:85:91:f4:57:2b:33:b8:ee:11:2e:06:91:
aa:da:6d:59:aa:9c:7b:ce:3f:04:21:d2:53:98:36:cf:2c:1a:
e5:91:34:e1:48:a6:d2:6c:94:9e:6d:0b:1c:95:84:4e:ab:c3:
b5:f6:6f:90:8b:22:5c:a5:33:b9:e2:aa:1d:45:85:07:aa:bc:
27:fe:13:c7:0e:61:b2:21:5c:3a:43:50:e7:8f:96:d6:28:be:
d9:10:91:01:44:5c:06:b9:f2:0e:47:27:b8:80:5e:a3:6e:a4:
3f:3f:0f:f3:4a:a4:7b:2c:ff:ec:68:e1:65:70:ba:10:b2:54:
eb:cd:be:90:9a:62:aa:af:10:45:23:88:cb:05:d8:b9:5b:13:
fc:e9:fa:2e:f0:cf:c6:d1:70:01:84:4e:a2:b1:3e:be:c4:59:
6e:99:8b:87:f8:cf:ef:ff:da:b9:bf:ac:b3:65:cc:fc:5a:65:
df:1f:27:d2:7d:1b:b9:5f:c9:6a:aa:39:b8:ce:f3:60:d8:83:
f2:31:7f:65:12:59:1d:f5:06:e1:b5:95:c3:24:28:7e:75:a8:
e7:9c:3a:39
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIUJC1+NOCw0GKwcnWvpyGNOKTdUF8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA1MDUxODI2NTBaFw0yNzA1MDQxODMxNTBaMDMxMTAvBgNV
BAMTKDJGRDI2RjQyM0M4RjE5QUVCRjQ2QzkyNzQyNENCNkQxMEU4RTkyMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTHFoSqmRuaiL4C8VV/zzwXq4I
ZaolpsW4/nG3E1gN1vTwZq8XFc1HNeTCixkRaxoNoxuwEsPTxws7j/g611BHFcCS
EM2TPLgnY1VysQZrDcYToARZ9ZK4MQ5pI8LsHWID7lJv1WkdjXH07998MZNb4aKh
fRWBWvvN78q+Rf4sbNlukqTJbQWRpJpsMYZPs8YSjvwFBOGuziHTi/6xcQx7zmAX
8RQFBq8ea+eVznALwZo7eMqwKDb054bJBkhOs+3IneftN18d1jXlfLOTiQ2Eh5OG
0OZmpetkfgtanugLIPuWKV3b4jnVRVyxqw1b3YOcHtS9NMn7pKRTTH59FN8vAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQUL9JvQjyPGa6/RsknQky20Q6OkhowHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTMjA5ODg4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAM8Km
AwQAM8LWAwQAM8LcAwQAM8LsAwQAM8L8AwQBTmnGAwQATmnfMA0GCSqGSIb3DQEB
CwUAA4IBAQBTArpms7VQYPoD0U3AN9TYHBchM8NqJDDZvPNWDfsnJIW26ea4llXz
fq+FkfRXKzO47hEuBpGq2m1Zqpx7zj8EIdJTmDbPLBrlkTThSKbSbJSebQsclYRO
q8O19m+QiyJcpTO54qodRYUHqrwn/hPHDmGyIVw6Q1Dnj5bWKL7ZEJEBRFwGufIO
Rye4gF6jbqQ/Pw/zSqR7LP/saOFlcLoQslTrzb6QmmKqrxBFI4jLBdi5WxP86fou
8M/G0XABhE6isT6+xFlumYuH+M/v/9q5v6yzZcz8WmXfHyfSfRu5X8lqqjm4zvNg
2IPyMX9lElkd9QbhtZXDJCh+dajnnDo5
-----END CERTIFICATE-----
Generated at Wed May 6 02:40:20 2026 by rpki-client