Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: VJk81JB0avfEvMn4kd4UIbMnQxNs74YhrV7QKFrSjtU=
Subject key identifier: BB:D9:0C:37:5F:D1:1B:2E:B9:F5:81:C0:B6:65:8B:6E:58:BF:DC:26
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 0E6C70D3D86496DCDDB68D5972004AB4F5F7FA90
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Mon 07 Apr 2025 09:48:20 +0000
ROA not before: Mon 07 Apr 2025 09:43:20 +0000
ROA not after: Mon 06 Apr 2026 09:48:20 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 01:19:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:6c:70:d3:d8:64:96:dc:dd:b6:8d:59:72:00:4a:b4:f5:f7:fa:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 7 09:43:20 2025 GMT
Not After : Apr 6 09:48:20 2026 GMT
Subject: CN=BBD90C375FD11B2EB9F581C0B6658B6E58BFDC26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:34:57:92:ed:21:6e:15:02:09:ed:0c:c6:
b9:6a:85:94:6d:bb:69:79:2e:bf:72:c9:a5:ce:3f:
a7:06:b4:bb:ac:49:f2:b7:17:23:2c:c2:0a:6f:b9:
cf:5d:8d:3e:15:39:17:2c:44:53:8a:cf:9e:18:2c:
7a:ea:07:bb:8b:f0:48:48:e7:d5:42:93:c2:fe:a1:
30:0b:06:48:e8:af:ec:30:1e:3d:99:23:1a:52:08:
01:d5:cb:4d:69:29:ed:5d:17:6e:b7:1c:d2:37:3f:
ff:1a:a3:82:10:51:0c:8e:4d:34:7a:0b:6a:f4:b4:
40:d8:a0:1c:8a:cd:1b:dd:77:ee:07:ae:9b:3e:34:
f7:c8:37:48:6c:be:e5:66:9a:2a:0c:8c:98:66:00:
cf:f9:c4:d9:da:b8:28:f7:fe:62:84:43:2d:63:1f:
b0:d0:5f:b8:be:4a:5c:67:ab:ad:70:ed:a3:80:c8:
47:1e:22:45:41:a6:8d:23:f1:6b:41:07:f8:b6:b9:
73:88:57:af:a2:a6:2e:d5:1f:1e:87:07:2a:b8:77:
8e:bf:f4:24:0e:08:60:7b:8e:db:e1:16:12:3b:7f:
62:df:60:8a:19:77:50:6e:78:ae:91:22:7b:0c:c2:
0f:87:1e:b6:ca:17:60:8e:7f:7e:fe:5c:a0:dc:16:
56:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D9:0C:37:5F:D1:1B:2E:B9:F5:81:C0:B6:65:8B:6E:58:BF:DC:26
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.204.0/23
31.40.207.0/24
37.221.76.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0/24
176.96.130.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:25:2f:64:1a:97:20:02:04:41:c6:3e:02:2d:f1:fe:e3:a5:
23:af:5a:65:cd:65:ce:5d:68:ea:c6:45:f9:93:e9:b6:b5:90:
c2:8e:c2:99:5d:b5:e1:1c:98:6d:f1:66:12:a2:a7:b3:8d:97:
19:36:c0:95:a9:a4:56:e1:0a:41:2d:68:6b:93:82:6e:8b:f0:
a4:79:75:b7:42:b9:61:63:02:1d:71:e3:00:4a:d0:3d:3d:da:
4d:fb:29:24:04:06:3d:b8:4c:dd:27:aa:24:c5:ab:16:75:35:
ad:1e:9a:ab:e3:03:b9:26:0a:ef:71:b4:bd:ea:88:43:e2:d4:
42:ef:4a:72:2c:84:b3:6e:89:b5:b3:46:72:77:47:0a:c8:98:
d9:67:f2:27:bf:81:b2:ee:9c:24:c0:7a:e2:3a:f3:b9:d4:ca:
f9:44:45:5f:5c:89:77:ec:bb:59:e2:26:c0:9e:b6:9a:ac:9a:
0a:22:9c:32:a0:df:d9:24:47:8d:50:f5:7a:a2:0d:b0:9d:c7:
fc:2c:17:6f:32:31:15:07:1e:e9:05:ad:26:c1:8c:18:70:c9:
1d:d9:89:9a:96:61:27:e6:1b:0b:6f:de:13:30:8d:13:58:87:
7b:ab:0e:f6:37:7a:98:58:5f:33:ac:fa:60:fa:89:60:93:77:
99:94:57:7f
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUDmxw09hkltzdto1ZcgBKtPX3+pAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MDcwOTQzMjBaFw0yNjA0MDYwOTQ4MjBaMDMxMTAvBgNV
BAMTKEJCRDkwQzM3NUZEMTFCMkVCOUY1ODFDMEI2NjU4QjZFNThCRkRDMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCziTRXku0hbhUCCe0MxrlqhZRt
u2l5Lr9yyaXOP6cGtLusSfK3FyMswgpvuc9djT4VORcsRFOKz54YLHrqB7uL8EhI
59VCk8L+oTALBkjor+wwHj2ZIxpSCAHVy01pKe1dF263HNI3P/8ao4IQUQyOTTR6
C2r0tEDYoByKzRvdd+4Hrps+NPfIN0hsvuVmmioMjJhmAM/5xNnauCj3/mKEQy1j
H7DQX7i+Slxnq61w7aOAyEceIkVBpo0j8WtBB/i2uXOIV6+ipi7VHx6HByq4d46/
9CQOCGB7jtvhFhI7f2LfYIoZd1BueK6RInsMwg+HHrbKF2COf37+XKDcFlb/AgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUu9kMN1/RGy659YHAtmWLbli/3CYwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQABYVl
AwQBHyjEAwQBHyjMAwQAHyjPAwQAJd1MMAwDBANV60gDBABV60oDBAFc+T4DBACw
YIADBACwYIIDBADBb0wDBADBb08DBADZEtADBADZEtMwDQYJKoZIhvcNAQELBQAD
ggEBAA8lL2QalyACBEHGPgIt8f7jpSOvWmXNZc5daOrGRfmT6ba1kMKOwpldteEc
mG3xZhKip7ONlxk2wJWppFbhCkEtaGuTgm6L8KR5dbdCuWFjAh1x4wBK0D092k37
KSQEBj24TN0nqiTFqxZ1Na0emqvjA7kmCu9xtL3qiEPi1ELvSnIshLNuibWzRnJ3
RwrImNln8ie/gbLunCTAeuI687nUyvlERV9ciXfsu1niJsCetpqsmgoinDKg39kk
R41Q9XqiDbCdx/wsF28yMRUHHukFrSbBjBhwyR3ZiZqWYSfmGwtv3hMwjRNYh3ur
DvY3ephYXzOs+mD6iWCTd5mUV38=
-----END CERTIFICATE-----
Generated at Tue Apr 15 09:36:23 2025 by rpki-client