This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa File: AS209737.roa (raw, json) Hash identifier: WWwu/KDBQyC51N6aOs2YFHErE9Q4sXKveGSWQyjozZg= Subject key identifier: 1B:45:9B:83:5D:7D:17:3E:65:7B:3A:8F:96:E4:83:1E:40:3B:83:29 Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 706451BE4B3C64697EA7DBA4E060988ABEAD8BF7 Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa Signing time: Mon 19 Jan 2026 10:57:56 +0000 ROA not before: Mon 19 Jan 2026 10:52:56 +0000 ROA not after: Mon 18 Jan 2027 10:57:56 +0000 asID: 209737 IP address blocks: 5.133.101.0/24 maxlen: 24 31.40.197.0/24 maxlen: 24 31.40.205.0/24 maxlen: 24 85.235.73.0/24 maxlen: 24 85.235.74.0/24 maxlen: 24 176.96.128.0/24 maxlen: 24 193.32.185.0/24 maxlen: 24 193.111.76.0/24 maxlen: 24 193.111.79.0/24 maxlen: 24 217.18.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:64:51:be:4b:3c:64:69:7e:a7:db:a4:e0:60:98:8a:be:ad:8b:f7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Jan 19 10:52:56 2026 GMT Not After : Jan 18 10:57:56 2027 GMT Subject: CN=1B459B835D7D173E657B3A8F96E4831E403B8329 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:32:bb:ca:53:77:cd:09:a4:81:dd:4d:83:34: 94:9a:8f:d2:08:49:46:e3:e7:b8:90:e2:82:66:be: 25:49:65:b9:e6:70:5d:a6:3d:7d:08:af:f9:32:33: 2f:e8:06:fe:03:2e:05:17:eb:d0:fc:a0:98:1a:b2: e1:b1:a0:4c:0e:20:d2:51:91:5a:71:ea:9e:d8:e7: bb:8b:1a:64:87:c0:07:df:70:a3:b7:18:0c:0d:c0: 16:a6:c8:09:11:a0:ec:59:93:e6:75:a5:14:2d:b4: 3f:62:ac:63:0c:37:2b:28:3a:6e:c8:be:8c:dd:c0: 9f:6a:7f:e3:05:d3:46:0a:70:27:76:a4:9e:f1:c4: 11:51:03:dc:e8:c8:08:db:8b:71:ba:cb:a6:f6:7a: 48:c5:91:30:5f:09:4a:07:d0:37:55:ad:2a:dd:ee: 8c:93:7e:f8:f2:22:f9:bb:bc:f3:b7:4e:0d:34:3d: f9:17:62:30:7a:37:5f:7d:0e:29:b9:89:95:01:25: 0c:f0:36:5a:87:86:ab:00:7f:a9:08:3d:67:e1:45: 0c:d9:01:99:eb:d2:f3:7a:ee:97:23:5b:6b:c9:17: eb:ae:76:f4:dc:bd:91:70:99:92:31:8c:82:19:f3: 66:bd:ed:09:ff:19:b7:77:49:91:ce:e4:08:c2:b5: 45:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:45:9B:83:5D:7D:17:3E:65:7B:3A:8F:96:E4:83:1E:40:3B:83:29 X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.101.0/24 31.40.197.0/24 31.40.205.0/24 85.235.73.0-85.235.74.255 176.96.128.0/24 193.32.185.0/24 193.111.76.0/24 193.111.79.0/24 217.18.208.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:4b:13:55:8b:c9:ba:fd:8c:27:d7:58:26:45:1a:a9:73:7c: a5:ed:45:0e:8b:a9:a8:93:69:54:98:8f:a6:09:35:88:cc:0f: b4:a4:53:14:d8:f5:76:df:21:4b:01:b1:39:e7:f3:b8:bd:53: 0a:13:38:24:d3:2b:7c:eb:c1:e6:f2:06:1c:eb:e2:62:7e:68: 33:62:00:88:53:7f:33:53:c1:b3:35:4c:b6:c3:96:e6:e0:5a: 24:14:c9:51:b7:df:69:a7:60:87:02:d0:0a:6d:ca:8f:91:e8: 0e:4f:4b:91:64:b2:dd:94:4c:e9:93:fb:12:7d:99:c9:e8:ce: 49:92:16:6e:91:52:4d:e1:1f:5e:b0:c9:c8:6d:65:96:d9:b2: a9:7e:c2:09:e9:73:e3:b9:24:b5:ac:bf:bb:a9:db:09:ac:fc: ac:d9:c0:bb:68:b4:af:44:8b:40:b9:c1:6c:44:96:1e:95:e4: 14:7d:e7:47:34:6d:55:87:3c:97:80:b6:a7:fb:a5:11:2d:3d: 93:3e:59:5d:7d:09:49:18:12:9e:78:83:80:0a:87:42:e1:56: b1:4a:51:76:26:ee:03:72:0e:4a:25:d0:70:9b:6d:d1:8f:7a: 0b:b6:0e:e8:7a:84:a4:c9:05:56:51:b8:5d:fe:5d:aa:94:8d: a5:ab:91:38 -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgIUcGRRvks8ZGl+p9uk4GCYir6ti/cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNjAxMTkxMDUyNTZaFw0yNzAxMTgxMDU3NTZaMDMxMTAvBgNV BAMTKDFCNDU5QjgzNUQ3RDE3M0U2NTdCM0E4Rjk2RTQ4MzFFNDAzQjgzMjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUMrvKU3fNCaSB3U2DNJSaj9II SUbj57iQ4oJmviVJZbnmcF2mPX0Ir/kyMy/oBv4DLgUX69D8oJgasuGxoEwOINJR kVpx6p7Y57uLGmSHwAffcKO3GAwNwBamyAkRoOxZk+Z1pRQttD9irGMMNysoOm7I vozdwJ9qf+MF00YKcCd2pJ7xxBFRA9zoyAjbi3G6y6b2ekjFkTBfCUoH0DdVrSrd 7oyTfvjyIvm7vPO3Tg00PfkXYjB6N199Dim5iZUBJQzwNlqHhqsAf6kIPWfhRQzZ AZnr0vN67pcjW2vJF+uudvTcvZFwmZIxjIIZ82a97Qn/Gbd3SZHO5AjCtUVTAgMB AAGjggJCMIICPjAdBgNVHQ4EFgQUG0Wbg119Fz5lezqPluSDHkA7gykwHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQABYVl AwQAHyjFAwQAHyjNMAwDBABV60kDBABV60oDBACwYIADBADBILkDBADBb0wDBADB b08DBADZEtAwDQYJKoZIhvcNAQELBQADggEBAD5LE1WLybr9jCfXWCZFGqlzfKXt RQ6LqaiTaVSYj6YJNYjMD7SkUxTY9XbfIUsBsTnn87i9UwoTOCTTK3zrwebyBhzr 4mJ+aDNiAIhTfzNTwbM1TLbDlubgWiQUyVG332mnYIcC0Aptyo+R6A5PS5Fkst2U TOmT+xJ9mcnozkmSFm6RUk3hH16wychtZZbZsql+wgnpc+O5JLWsv7up2wms/KzZ wLtotK9Ei0C5wWxElh6V5BR950c0bVWHPJeAtqf7pREtPZM+WV19CUkYEp54g4AK h0LhVrFKUXYm7gNyDkol0HCbbdGPegu2Duh6hKTJBVZRuF3+XaqUjaWrkTg= -----END CERTIFICATE-----Generated at Wed Jan 21 17:01:11 2026 by rpki-client