Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: I0Du7fh79KtgdE/4Avi2mlpBAqT65mBJKI8spyfjwm4=
Subject key identifier: 20:0E:80:88:11:AA:7C:AE:2C:F6:D4:F5:17:0A:B1:AA:FE:C9:5B:B0
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 556BF750320CF3CD9747C541FD65295919C288B9
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Fri 31 Jan 2025 14:29:06 +0000
ROA not before: Fri 31 Jan 2025 14:24:06 +0000
ROA not after: Fri 30 Jan 2026 14:29:06 +0000
asID: 209737
IP address blocks: 5.133.103.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:6b:f7:50:32:0c:f3:cd:97:47:c5:41:fd:65:29:59:19:c2:88:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jan 31 14:24:06 2025 GMT
Not After : Jan 30 14:29:06 2026 GMT
Subject: CN=200E808811AA7CAE2CF6D4F5170AB1AAFEC95BB0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:46:81:15:63:86:f2:9a:f8:1a:4a:c0:b3:96:
e2:a8:0f:28:db:56:cc:c9:24:2e:ea:89:ea:6a:0e:
1e:7c:49:6f:5c:39:f7:04:05:2b:2b:e2:34:97:b2:
8a:4c:e4:9e:e3:73:19:54:39:fa:85:10:15:70:89:
86:2c:32:4b:e3:83:35:07:c0:d0:f0:6c:df:71:99:
20:97:62:99:a2:d5:3e:85:36:f2:0f:ed:ef:91:0f:
b3:07:8d:bc:49:a5:20:a8:0c:81:75:9e:b2:b6:18:
79:35:bf:0e:ac:70:05:98:8b:fd:97:e3:65:a1:7c:
8d:39:85:3e:86:54:6d:4a:f8:b8:50:f3:fc:32:ab:
93:ef:fe:88:19:4a:18:21:5e:91:66:31:f0:8a:f5:
d4:ba:b7:7b:5f:c0:92:54:21:bd:03:ae:a4:eb:4f:
54:6a:77:d4:ed:8a:65:9d:51:dc:3b:b9:64:69:88:
3b:3e:8b:fd:2c:bc:1a:3b:d3:f1:47:e5:12:a5:21:
6d:3d:2b:05:21:88:7c:ee:8b:6a:4a:a7:14:48:27:
50:2e:cf:1d:80:06:8d:53:d2:9b:2c:e4:09:f8:31:
6c:4a:66:d9:81:1e:b4:de:9e:ef:84:42:e9:94:c9:
aa:7a:34:19:70:d7:05:fd:c7:93:5e:91:62:07:ab:
b1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:0E:80:88:11:AA:7C:AE:2C:F6:D4:F5:17:0A:B1:AA:FE:C9:5B:B0
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.103.0/24
37.221.76.0/24
85.235.72.0-85.235.74.255
176.96.130.0/24
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
86:a3:e4:e3:4e:c3:7b:3b:93:3a:80:37:c3:57:67:34:0e:ad:
1d:7d:5b:22:d9:3e:df:e0:e3:d0:7a:40:7b:ba:bd:6e:d1:d5:
7e:3e:19:23:46:fe:3c:8d:d2:33:17:06:71:75:83:d4:92:a8:
99:ce:f8:56:3f:8a:79:24:71:a1:a4:08:5a:6d:4a:62:2b:6a:
cc:b9:7d:0f:f5:8b:bd:7f:39:bc:49:f0:70:11:6c:d0:1f:15:
f9:5b:1a:5a:76:3a:19:dd:33:75:be:d0:6b:14:77:c3:8a:9a:
b0:e1:04:44:88:90:65:bd:f9:ea:fc:e7:e9:c7:9f:90:11:41:
91:1b:b2:bf:83:7f:33:e6:29:7b:ad:45:3d:f0:49:d1:08:96:
fb:69:19:ce:8e:95:e0:26:3d:ca:76:69:e2:1c:1b:e9:5d:db:
d6:b6:01:20:c7:12:4d:5e:6d:b8:d2:a2:f0:da:8d:34:c6:6d:
4c:31:fa:84:ed:6f:4c:9d:77:05:10:bd:29:3e:99:3d:ad:e7:
da:d6:1c:ae:2b:48:3f:e4:f5:5a:d3:3a:d2:a2:90:73:f9:01:
37:c1:65:49:fb:14:ff:2d:fe:1c:6d:f0:bf:75:57:fd:2d:96:
fa:df:70:f0:09:5d:79:f3:ab:59:1d:9a:ba:f5:ff:71:36:f4:
66:da:b7:06
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIUVWv3UDIM882XR8VB/WUpWRnCiLkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTAxMzExNDI0MDZaFw0yNjAxMzAxNDI5MDZaMDMxMTAvBgNV
BAMTKDIwMEU4MDg4MTFBQTdDQUUyQ0Y2RDRGNTE3MEFCMUFBRkVDOTVCQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIRoEVY4bymvgaSsCzluKoDyjb
VszJJC7qiepqDh58SW9cOfcEBSsr4jSXsopM5J7jcxlUOfqFEBVwiYYsMkvjgzUH
wNDwbN9xmSCXYpmi1T6FNvIP7e+RD7MHjbxJpSCoDIF1nrK2GHk1vw6scAWYi/2X
42WhfI05hT6GVG1K+LhQ8/wyq5Pv/ogZShghXpFmMfCK9dS6t3tfwJJUIb0DrqTr
T1Rqd9TtimWdUdw7uWRpiDs+i/0svBo70/FH5RKlIW09KwUhiHzui2pKpxRIJ1Au
zx2ABo1T0pss5An4MWxKZtmBHrTenu+EQumUyap6NBlw1wX9x5NekWIHq7HdAgMB
AAGjggIwMIICLDAdBgNVHQ4EFgQUIA6AiBGqfK4s9tT1Fwqxqv7JW7AwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABYVn
AwQAJd1MMAwDBANV60gDBABV60oDBACwYIIDBADZEtADBADZEtMwDQYJKoZIhvcN
AQELBQADggEBAIaj5ONOw3s7kzqAN8NXZzQOrR19WyLZPt/g49B6QHu6vW7R1X4+
GSNG/jyN0jMXBnF1g9SSqJnO+FY/inkkcaGkCFptSmIrasy5fQ/1i71/ObxJ8HAR
bNAfFflbGlp2OhndM3W+0GsUd8OKmrDhBESIkGW9+er85+nHn5ARQZEbsr+DfzPm
KXutRT3wSdEIlvtpGc6OleAmPcp2aeIcG+ld29a2ASDHEk1ebbjSovDajTTGbUwx
+oTtb0yddwUQvSk+mT2t59rWHK4rSD/k9VrTOtKikHP5ATfBZUn7FP8t/hxt8L91
V/0tlvrfcPAJXXnzq1kdmrr1/3E29GbatwY=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:58:02 2025 by rpki-client