This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa File: AS209737.roa (raw, json) Hash identifier: UoY/k3aYToHXCrxm7dlFOwKX9RfEKzNE8cHI0FESzbc= Subject key identifier: A3:99:D9:21:AA:86:4C:D7:19:E9:E4:A2:C9:B0:57:46:6C:7B:3D:BD Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 6B2E8B7943FB46406C83BD0D666D7E884654496D Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa Signing time: Mon 24 Nov 2025 06:27:56 +0000 ROA not before: Mon 24 Nov 2025 06:22:56 +0000 ROA not after: Mon 23 Nov 2026 06:27:56 +0000 asID: 209737 IP address blocks: 5.133.101.0/24 maxlen: 24 31.40.197.0/24 maxlen: 24 31.40.205.0/24 maxlen: 24 85.235.74.0/24 maxlen: 24 92.249.63.0/24 maxlen: 24 176.96.128.0/24 maxlen: 24 193.111.76.0/24 maxlen: 24 193.111.79.0/24 maxlen: 24 217.18.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 10:13:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:2e:8b:79:43:fb:46:40:6c:83:bd:0d:66:6d:7e:88:46:54:49:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Nov 24 06:22:56 2025 GMT Not After : Nov 23 06:27:56 2026 GMT Subject: CN=A399D921AA864CD719E9E4A2C9B057466C7B3DBD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:78:00:da:b6:d8:17:90:34:e9:fc:8a:43:97: 34:d2:ec:07:fd:c1:29:98:27:3c:e4:57:56:e9:46: 1d:2a:d9:ba:57:4f:84:22:7d:ae:10:4f:9f:1b:bd: ec:7d:54:b6:f5:4e:b0:80:72:b2:92:8d:1e:fd:d2: 77:b1:68:d9:12:f1:60:d3:ca:2b:a5:87:ac:fe:79: da:eb:b7:dc:d7:af:55:6b:0f:e5:09:f0:40:7e:48: f8:e6:e8:e0:02:5e:a4:c4:b8:2f:e4:03:6a:28:3f: 82:a9:97:b8:41:e3:df:04:2d:c5:d1:15:db:f7:6c: 7e:72:f0:5c:e9:a1:5b:2c:72:2d:69:94:97:6c:91: 2d:62:7e:b9:55:15:43:cb:b6:ef:21:c7:4c:c7:90: 0e:41:d0:0b:e1:32:80:f2:19:6b:1c:cb:31:69:c1: 0b:c0:5c:dc:f6:74:da:96:90:7b:86:5d:c1:db:d7: c7:d8:f3:9e:dd:03:af:95:cc:ed:29:03:7c:c8:41: 43:81:c4:b5:c9:4a:3f:40:4d:cd:20:4d:04:93:a7: 3e:14:17:0b:c5:68:2a:66:08:03:fd:8d:b9:73:4f: 6f:44:7c:51:e4:10:54:96:82:44:f0:cc:e7:ed:bf: c9:5a:08:5a:e1:af:10:77:24:2a:8c:f7:bc:04:a2: 33:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:99:D9:21:AA:86:4C:D7:19:E9:E4:A2:C9:B0:57:46:6C:7B:3D:BD X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.101.0/24 31.40.197.0/24 31.40.205.0/24 85.235.74.0/24 92.249.63.0/24 176.96.128.0/24 193.111.76.0/24 193.111.79.0/24 217.18.208.0/24 Signature Algorithm: sha256WithRSAEncryption ac:f3:72:eb:41:09:86:d5:ca:22:4b:86:25:0e:74:d5:7f:50: a9:b6:77:da:8b:36:4a:f5:02:46:17:c7:54:30:1f:38:7e:a4: 9b:3c:a3:6c:ce:9d:d2:04:e0:04:0a:b0:eb:71:ff:d2:67:25: ff:9a:c9:ae:d2:07:75:66:db:81:2e:40:17:27:d4:31:1b:32: 11:1b:a4:a8:76:b2:a6:09:3e:34:cc:03:4c:93:30:92:c6:19: a6:ff:11:c9:77:66:b0:11:a7:f3:22:e1:c1:2b:ae:7c:a2:1e: 0f:2f:40:85:9d:0f:e2:07:87:b3:7b:01:9c:4e:ec:be:ea:43: 98:ca:cc:0e:c7:73:98:53:b3:0f:d0:e1:89:95:ff:15:2c:d0: 75:e7:63:0a:53:b9:6b:a3:2b:2a:94:d0:a7:bf:5c:39:eb:56: 72:89:18:95:60:47:9d:b1:9c:47:ba:b0:8b:d9:22:4d:4b:0f: 5d:27:cd:e0:f8:78:bc:c0:f1:a1:15:d4:7a:71:ad:9d:18:46: e8:1e:47:29:cb:87:49:21:40:76:d9:db:f2:7e:fc:65:28:53: 94:2c:1f:f9:7c:d1:6c:33:15:13:3f:75:89:ec:f2:0d:d1:c7: c2:19:4f:06:73:ce:5f:0f:94:5f:aa:ff:54:31:10:5b:cd:ea: 83:ae:4d:ff -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUay6LeUP7RkBsg70NZm1+iEZUSW0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNTExMjQwNjIyNTZaFw0yNjExMjMwNjI3NTZaMDMxMTAvBgNV BAMTKEEzOTlEOTIxQUE4NjRDRDcxOUU5RTRBMkM5QjA1NzQ2NkM3QjNEQkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDheADattgXkDTp/IpDlzTS7Af9 wSmYJzzkV1bpRh0q2bpXT4Qifa4QT58bvex9VLb1TrCAcrKSjR790nexaNkS8WDT yiulh6z+edrrt9zXr1VrD+UJ8EB+SPjm6OACXqTEuC/kA2ooP4Kpl7hB498ELcXR Fdv3bH5y8FzpoVssci1plJdskS1ifrlVFUPLtu8hx0zHkA5B0AvhMoDyGWscyzFp wQvAXNz2dNqWkHuGXcHb18fY857dA6+VzO0pA3zIQUOBxLXJSj9ATc0gTQSTpz4U FwvFaCpmCAP9jblzT29EfFHkEFSWgkTwzOftv8laCFrhrxB3JCqM97wEojNxAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQUo5nZIaqGTNcZ6eSiybBXRmx7Pb0wHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABYVl AwQAHyjFAwQAHyjNAwQAVetKAwQAXPk/AwQAsGCAAwQAwW9MAwQAwW9PAwQA2RLQ MA0GCSqGSIb3DQEBCwUAA4IBAQCs83LrQQmG1coiS4YlDnTVf1CptnfaizZK9QJG F8dUMB84fqSbPKNszp3SBOAECrDrcf/SZyX/msmu0gd1ZtuBLkAXJ9QxGzIRG6So drKmCT40zANMkzCSxhmm/xHJd2awEafzIuHBK658oh4PL0CFnQ/iB4ezewGcTuy+ 6kOYyswOx3OYU7MP0OGJlf8VLNB152MKU7lroysqlNCnv1w561ZyiRiVYEedsZxH urCL2SJNSw9dJ83g+Hi8wPGhFdR6ca2dGEboHkcpy4dJIUB22dvyfvxlKFOULB/5 fNFsMxUTP3WJ7PIN0cfCGU8Gc85fD5Rfqv9UMRBbzeqDrk3/ -----END CERTIFICATE-----Generated at Sun Dec 7 00:11:30 2025 by rpki-client