Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209557.roa
File: AS209557.roa (raw, json)
Hash identifier: SuK2ESMhDX3wjft6t3pxxPJJKEokZgUAD9jnDcS4QFI=
Subject key identifier: AC:5B:D9:64:DE:88:6C:08:AE:E0:47:2E:77:53:4C:18:6F:F2:62:B4
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 395335F0F13EA96B0FAED0842F217569A00D81FB
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209557.roa
Signing time: Tue 19 May 2026 11:32:19 +0000
ROA not before: Tue 19 May 2026 11:27:19 +0000
ROA not after: Tue 18 May 2027 11:32:19 +0000
asID: 209557
IP address blocks: 46.202.50.0/24 maxlen: 24
46.203.39.0/24 maxlen: 24
92.112.22.0/24 maxlen: 24
178.94.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 20 May 2026 07:48:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:53:35:f0:f1:3e:a9:6b:0f:ae:d0:84:2f:21:75:69:a0:0d:81:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 19 11:27:19 2026 GMT
Not After : May 18 11:32:19 2027 GMT
Subject: CN=AC5BD964DE886C08AEE0472E77534C186FF262B4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:0f:3d:75:12:0d:d1:c4:bb:44:6a:e1:f8:e0:
b8:8a:d1:c4:1c:70:6d:8e:42:5e:fd:54:04:94:13:
12:e7:66:ab:f0:39:07:37:0b:4e:0f:be:84:49:7f:
9d:68:29:22:8a:19:5e:e1:27:e8:ea:6d:1c:df:07:
b1:e3:55:ad:15:51:ac:21:2c:83:39:ee:7b:c1:77:
a4:ef:17:7f:6b:42:14:5e:a1:d3:f2:74:db:dd:44:
f8:25:eb:4f:34:7f:c6:0d:0d:88:d6:94:10:18:2d:
75:21:5b:f8:06:67:38:c2:ae:a5:6c:89:ab:b4:ce:
fd:ca:a1:5f:dc:e1:bc:52:b9:d5:7c:b6:56:bf:5b:
e5:78:16:ab:48:ee:08:dc:e2:a7:56:2c:51:68:d6:
b5:ec:f0:d2:ff:e6:9c:65:a2:d9:59:5f:32:17:39:
6f:c1:69:ed:bb:fe:62:ab:53:bc:ee:30:62:b0:c7:
98:fd:07:28:75:a8:8e:20:7e:db:89:74:28:95:4b:
e7:8b:65:73:b0:93:e4:79:fe:5b:63:5c:1f:e1:fa:
65:b4:b3:16:9c:db:2b:fa:d0:be:bc:2d:e2:4a:d5:
c4:56:9b:c3:3e:d5:28:cb:3a:44:f0:d2:50:20:da:
dc:1f:f0:8f:00:a4:8f:2b:8b:2d:94:35:71:34:3b:
09:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:5B:D9:64:DE:88:6C:08:AE:E0:47:2E:77:53:4C:18:6F:F2:62:B4
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS209557.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.50.0/24
46.203.39.0/24
92.112.22.0/24
178.94.182.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:1b:d2:6b:fa:20:a3:f9:dc:0c:12:64:90:aa:71:2c:47:04:
c2:bb:ac:f7:ed:3c:95:30:76:98:34:f8:0e:c7:14:e9:4f:38:
d4:c7:b1:90:7c:ba:bc:3a:7d:a7:7b:d6:98:44:d1:8b:4f:87:
a4:e1:9b:21:e0:98:f2:21:fc:c4:20:c8:9f:c7:9d:5a:12:41:
2e:a9:83:e3:18:d5:b0:38:b1:c5:7f:48:7f:5e:1c:ee:44:14:
ba:04:7a:5a:69:e0:cb:26:17:58:0f:f6:1b:b2:fa:0f:9b:80:
10:0c:7b:68:05:d3:9c:fa:15:70:33:ac:cc:ff:4b:3c:8f:f4:
14:55:f0:71:d3:ea:84:42:78:8d:69:5d:18:c7:6c:3f:56:b4:
8a:94:a1:35:88:a7:65:cc:aa:3d:6e:60:36:38:27:0f:7d:7a:
8d:41:38:21:3f:ec:01:ba:c0:31:99:20:e4:af:a0:59:42:b9:
3f:a6:ee:3d:6a:c3:63:a6:99:b3:5f:2c:ea:7b:e2:c6:73:8f:
82:cc:bc:39:1d:50:c1:a6:29:26:e1:1a:dd:97:e6:c5:3d:ec:
45:76:5c:77:b8:4c:1f:64:f6:b0:ec:fa:82:4f:2a:79:1b:ff:
29:02:79:39:2f:7f:5f:50:7f:3a:f0:05:4e:b6:eb:b2:32:63:
73:57:1c:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUOVM18PE+qWsPrtCELyF1aaANgfswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MTkxMTI3MTlaFw0yNzA1MTgxMTMyMTlaMDMxMTAvBgNV
BAMTKEFDNUJEOTY0REU4ODZDMDhBRUUwNDcyRTc3NTM0QzE4NkZGMjYyQjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqDz11Eg3RxLtEauH44LiK0cQc
cG2OQl79VASUExLnZqvwOQc3C04PvoRJf51oKSKKGV7hJ+jqbRzfB7HjVa0VUawh
LIM57nvBd6TvF39rQhReodPydNvdRPgl6080f8YNDYjWlBAYLXUhW/gGZzjCrqVs
iau0zv3KoV/c4bxSudV8tla/W+V4FqtI7gjc4qdWLFFo1rXs8NL/5pxlotlZXzIX
OW/Bae27/mKrU7zuMGKwx5j9Byh1qI4gftuJdCiVS+eLZXOwk+R5/ltjXB/h+mW0
sxac2yv60L68LeJK1cRWm8M+1SjLOkTw0lAg2twf8I8ApI8riy2UNXE0OwlDAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUrFvZZN6IbAiu4Ecud1NMGG/yYrQwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA5NTU3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALsoy
AwQALssnAwQAXHAWAwQAsl62MA0GCSqGSIb3DQEBCwUAA4IBAQCkG9Jr+iCj+dwM
EmSQqnEsRwTCu6z37TyVMHaYNPgOxxTpTzjUx7GQfLq8On2ne9aYRNGLT4ek4Zsh
4JjyIfzEIMifx51aEkEuqYPjGNWwOLHFf0h/XhzuRBS6BHpaaeDLJhdYD/YbsvoP
m4AQDHtoBdOc+hVwM6zM/0s8j/QUVfBx0+qEQniNaV0Yx2w/VrSKlKE1iKdlzKo9
bmA2OCcPfXqNQTghP+wBusAxmSDkr6BZQrk/pu49asNjppmzXyzqe+LGc4+CzLw5
HVDBpikm4Rrdl+bFPexFdlx3uEwfZPaw7PqCTyp5G/8pAnk5L39fUH868AVOtuuy
MmNzVxwi
-----END CERTIFICATE-----
Generated at Tue May 19 16:27:30 2026 by rpki-client