Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: 3cln9ZVfegDAwXzP0Er6Wx+wzEEIfCIE7KdzC8rT26k=
Subject key identifier: 3A:92:A2:CB:65:60:EA:1F:A2:9F:55:8D:66:19:E0:31:0B:9A:E1:14
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 33D9DB78CC68F004632FD7055F62D37FE8FC67B5
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Thu 28 Aug 2025 13:47:22 +0000
ROA not before: Thu 28 Aug 2025 13:42:22 +0000
ROA not after: Thu 27 Aug 2026 13:47:22 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d9:db:78:cc:68:f0:04:63:2f:d7:05:5f:62:d3:7f:e8:fc:67:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 28 13:42:22 2025 GMT
Not After : Aug 27 13:47:22 2026 GMT
Subject: CN=3A92A2CB6560EA1FA29F558D6619E0310B9AE114
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a9:0e:8e:c1:50:e7:3f:50:61:18:ab:fe:44:
1d:fd:d1:af:ff:89:cb:7a:ef:20:c7:46:02:e1:86:
2d:9e:9a:86:99:68:43:5c:bf:ce:ff:ec:55:31:dc:
02:bd:10:3d:07:12:cd:7f:f6:8e:ef:4a:8e:f4:90:
67:cf:2e:70:3e:19:fd:68:cb:e7:0e:2b:32:b5:21:
12:00:22:4a:01:33:65:a4:00:af:5d:b1:cb:43:48:
0b:10:66:ef:cb:a2:70:ef:a8:4b:1a:99:52:75:60:
5d:99:d1:c8:9c:43:2e:fe:6c:b3:63:f2:50:36:16:
81:4e:8e:73:b4:e8:4b:6b:41:f2:95:c8:cd:e5:10:
e2:06:d6:be:ed:e3:6b:2f:d9:e0:9b:1b:25:bc:14:
4c:f6:1b:ee:c0:bf:6b:a9:6f:07:7c:a2:3b:31:5b:
90:bf:2a:9a:a1:7d:a6:b0:ad:1a:53:99:a8:98:30:
9e:bf:d4:c6:ba:54:bf:d0:de:d0:3e:cf:6e:68:b9:
fd:9d:55:b0:7e:18:3f:37:da:57:d0:77:f4:11:af:
c2:3b:62:44:8e:ae:c5:6e:9f:f2:2d:21:32:73:cc:
5a:23:58:9a:2f:b0:15:8b:3d:8d:73:16:2f:af:07:
ff:1c:f6:47:47:b8:87:22:66:1c:f5:b1:09:8e:3d:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:92:A2:CB:65:60:EA:1F:A2:9F:55:8D:66:19:E0:31:0B:9A:E1:14
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.205.0/24
37.221.76.0/23
37.221.79.0/24
85.235.72.0/24
85.235.74.0/24
92.249.63.0/24
176.96.128.0/23
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:cd:b8:0f:a8:c0:e8:e4:c5:c3:b9:0b:8f:f9:c6:2b:72:a9:
2d:20:53:2f:a2:c2:fb:5d:3d:90:46:d5:8e:9b:7f:9e:5b:36:
56:17:37:ac:9f:8e:86:26:2a:38:b8:cf:46:f9:27:76:40:85:
2a:15:f5:a2:55:ec:14:e7:9a:8f:a2:ee:d6:8f:b9:56:ad:82:
fd:5e:a3:ef:0e:45:b2:f6:36:36:5a:6f:4e:c7:30:df:9a:69:
9c:58:c1:6d:e9:73:3d:16:a2:80:60:b4:13:21:10:10:46:ef:
29:3e:fa:b7:d5:63:cb:e2:02:1f:5c:fd:23:f7:9e:fb:e0:22:
34:7f:85:80:bf:6b:e9:0c:0a:f0:af:71:bf:72:2a:a5:ab:60:
a7:e2:c3:99:27:91:ee:10:3a:24:77:bc:cb:4f:6f:54:2d:97:
f9:e5:3e:2d:80:31:93:f1:98:ce:6a:42:f6:55:36:dd:6a:ef:
5f:7b:bf:21:a9:09:aa:eb:44:6d:1b:f9:bf:ed:74:95:57:59:
be:a0:bd:6e:f8:f7:bd:f3:42:eb:9f:cd:46:1d:4d:dc:1f:e3:
81:c4:c0:0b:48:e9:12:f7:6b:b4:2b:17:58:3a:59:df:47:22:
96:18:11:b3:37:09:a2:d3:25:6b:07:93:a6:ba:2d:c8:b0:1b:
92:ee:6e:35
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUM9nbeMxo8ARjL9cFX2LTf+j8Z7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjgxMzQyMjJaFw0yNjA4MjcxMzQ3MjJaMDMxMTAvBgNV
BAMTKDNBOTJBMkNCNjU2MEVBMUZBMjlGNTU4RDY2MTlFMDMxMEI5QUUxMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+qQ6OwVDnP1BhGKv+RB390a//
ict67yDHRgLhhi2emoaZaENcv87/7FUx3AK9ED0HEs1/9o7vSo70kGfPLnA+Gf1o
y+cOKzK1IRIAIkoBM2WkAK9dsctDSAsQZu/LonDvqEsamVJ1YF2Z0cicQy7+bLNj
8lA2FoFOjnO06EtrQfKVyM3lEOIG1r7t42sv2eCbGyW8FEz2G+7Av2upbwd8ojsx
W5C/KpqhfaawrRpTmaiYMJ6/1Ma6VL/Q3tA+z25ouf2dVbB+GD832lfQd/QRr8I7
YkSOrsVun/ItITJzzFojWJovsBWLPY1zFi+vB/8c9kdHuIciZhz1sQmOPbGVAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUOpKiy2Vg6h+in1WNZhngMQua4RQwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQABYVl
AwQAHyjFAwQAHyjNAwQBJd1MAwQAJd1PAwQAVetIAwQAVetKAwQAXPk/AwQBsGCA
AwQAuefhAwQAwW9MAwQAwW9PMAwDBADUV8UDBAPUV8ADBADZEtAwDQYJKoZIhvcN
AQELBQADggEBABrNuA+owOjkxcO5C4/5xityqS0gUy+iwvtdPZBG1Y6bf55bNlYX
N6yfjoYmKji4z0b5J3ZAhSoV9aJV7BTnmo+i7taPuVatgv1eo+8ORbL2NjZab07H
MN+aaZxYwW3pcz0WooBgtBMhEBBG7yk++rfVY8viAh9c/SP3nvvgIjR/hYC/a+kM
CvCvcb9yKqWrYKfiw5knke4QOiR3vMtPb1Qtl/nlPi2AMZPxmM5qQvZVNt1q7197
vyGpCarrRG0b+b/tdJVXWb6gvW74973zQuufzUYdTdwf44HEwAtI6RL3a7QrF1g6
Wd9HIpYYEbM3CaLTJWsHk6a6LciwG5LubjU=
-----END CERTIFICATE-----
Generated at Sat Sep 6 11:59:15 2025 by rpki-client