Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: WrHrz9jILBdfG6m5uvWorhjOpk6ioBDU93/eb0PfP1o=
Subject key identifier: 9E:8B:47:03:CE:C1:EC:F4:13:7E:CC:A3:25:D8:A7:11:BC:CA:94:16
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 79A4095F731A9ACBE945452091A5F3D3BAC98FC2
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Fri 30 May 2025 07:44:31 +0000
ROA not before: Fri 30 May 2025 07:39:31 +0000
ROA not after: Fri 29 May 2026 07:44:31 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 05:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:a4:09:5f:73:1a:9a:cb:e9:45:45:20:91:a5:f3:d3:ba:c9:8f:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: May 30 07:39:31 2025 GMT
Not After : May 29 07:44:31 2026 GMT
Subject: CN=9E8B4703CEC1ECF4137ECCA325D8A711BCCA9416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:99:c3:91:bf:ae:d5:10:8a:e7:cf:c2:6b:74:
cc:82:e6:ad:7f:cf:a9:18:d8:21:60:bb:f7:8a:60:
cb:22:f2:f1:c3:e4:16:53:9f:57:00:9e:5e:ba:43:
1a:06:30:30:e7:9b:73:bc:41:28:a0:8e:ee:9c:cb:
c1:05:43:42:ae:ea:2f:3b:49:f3:e0:88:59:d5:39:
ec:ef:77:94:56:63:20:80:48:eb:e8:15:da:d5:60:
12:8d:d1:55:30:0f:7b:f3:31:c8:9c:31:c7:59:7c:
33:d8:d1:0b:0c:5c:12:fe:11:e5:2e:8b:3b:8f:e3:
34:c0:5a:62:5b:81:95:b6:74:b1:f8:6a:7d:4e:c0:
11:58:93:a5:54:c9:23:7e:b1:b2:36:4c:03:8f:3e:
2c:fa:83:c2:6b:9c:88:62:f1:53:40:38:45:bc:11:
44:f4:fe:d1:82:17:4d:6b:c3:ed:2b:ab:40:bc:cb:
02:bb:37:31:80:ff:7e:b3:21:1c:39:96:62:ae:eb:
c7:e9:a9:1e:21:4a:82:ea:a7:24:6e:56:01:41:f4:
1e:84:bc:01:e5:18:24:0d:63:5d:e7:13:e5:6f:42:
9a:9a:da:e8:13:34:3f:1f:36:c8:ee:59:70:33:ed:
a0:14:e3:55:5c:f5:55:ac:af:03:66:40:69:39:6e:
fb:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:8B:47:03:CE:C1:EC:F4:13:7E:CC:A3:25:D8:A7:11:BC:CA:94:16
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/24
31.40.205.0/24
85.235.72.0-85.235.74.255
92.249.62.0/24
176.96.128.0/23
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
97:8b:f3:7a:6d:c6:4c:88:a3:05:74:d6:ed:e2:12:f0:f9:9a:
0b:ef:68:cf:97:fc:9e:a5:10:38:e5:63:cd:57:b5:3d:5a:d0:
87:0e:e1:8a:95:2c:45:e7:2d:fb:b2:2d:02:61:20:bc:04:a3:
9f:49:47:8a:ec:1a:9c:28:2a:85:89:b6:12:6e:ed:61:d9:a8:
bf:0e:e6:b4:7a:b8:52:04:ab:c5:da:9e:a8:43:bd:0c:41:d6:
36:f6:f3:0b:06:b1:5b:fe:5c:b6:bf:e3:20:2c:b5:5f:8b:f0:
d6:86:8e:17:7e:3a:01:f4:5c:c3:94:70:96:f9:24:d3:e9:ee:
1b:4f:77:32:f0:06:40:93:69:b5:a9:c0:ca:89:0a:c3:e1:21:
46:39:ef:d4:41:71:9d:45:11:25:0f:b5:cf:be:9b:ba:8f:b8:
09:74:9a:91:27:62:50:8a:12:47:43:4e:2c:3c:a5:a1:c4:13:
07:5b:1d:f5:04:4d:80:c1:a4:13:79:c2:05:ae:df:04:a9:11:
1f:54:a1:54:71:23:25:fc:fe:9a:bb:71:d0:1b:cf:09:0f:eb:
72:18:5a:20:59:4e:98:37:aa:a6:0d:fc:95:8a:ca:be:dd:ee:
8a:39:b7:e8:5c:bc:d3:23:9b:3f:16:15:4d:95:34:79:87:48:
d4:4b:1e:15
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUeaQJX3MamsvpRUUgkaXz07rJj8IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA1MzAwNzM5MzFaFw0yNjA1MjkwNzQ0MzFaMDMxMTAvBgNV
BAMTKDlFOEI0NzAzQ0VDMUVDRjQxMzdFQ0NBMzI1RDhBNzExQkNDQTk0MTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpmcORv67VEIrnz8JrdMyC5q1/
z6kY2CFgu/eKYMsi8vHD5BZTn1cAnl66QxoGMDDnm3O8QSigju6cy8EFQ0Ku6i87
SfPgiFnVOezvd5RWYyCASOvoFdrVYBKN0VUwD3vzMcicMcdZfDPY0QsMXBL+EeUu
izuP4zTAWmJbgZW2dLH4an1OwBFYk6VUySN+sbI2TAOPPiz6g8JrnIhi8VNAOEW8
EUT0/tGCF01rw+0rq0C8ywK7NzGA/36zIRw5lmKu68fpqR4hSoLqpyRuVgFB9B6E
vAHlGCQNY13nE+VvQpqa2ugTND8fNsjuWXAz7aAU41Vc9VWsrwNmQGk5bvu7AgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQUnotHA87B7PQTfsyjJdinEbzKlBYwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQABYVl
AwQAHyjEAwQAHyjNMAwDBANV60gDBABV60oDBABc+T4DBAGwYIADBAC55+EDBADB
b0wDBADBb08wDAMEANRXxQMEA9RXwAMEANkS0AMEANkS0zANBgkqhkiG9w0BAQsF
AAOCAQEAl4vzem3GTIijBXTW7eIS8PmaC+9oz5f8nqUQOOVjzVe1PVrQhw7hipUs
Rect+7ItAmEgvASjn0lHiuwanCgqhYm2Em7tYdmovw7mtHq4UgSrxdqeqEO9DEHW
NvbzCwaxW/5ctr/jICy1X4vw1oaOF346AfRcw5Rwlvkk0+nuG093MvAGQJNptanA
yokKw+EhRjnv1EFxnUURJQ+1z76buo+4CXSakSdiUIoSR0NOLDylocQTB1sd9QRN
gMGkE3nCBa7fBKkRH1ShVHEjJfz+mrtx0BvPCQ/rchhaIFlOmDeqpg38lYrKvt3u
ijm36Fy80yObPxYVTZU0eYdI1EseFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:12:12 2025 by rpki-client