Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: v6UZZLJn8xkTsouHj4aJDqKzjNchT0A8AgHhEqKADlw=
Subject key identifier: D0:69:0D:D3:A8:35:61:3F:24:EE:AC:7C:6A:D9:FA:71:1F:8D:2C:2B
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 7E42D4A83A01B9533729797B293B62F01BD9E62A
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
Signing time: Tue 12 May 2026 13:57:48 +0000
ROA not before: Tue 12 May 2026 13:52:48 +0000
ROA not after: Tue 11 May 2027 13:57:48 +0000
asID: 209737
IP address blocks: 31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.60.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
185.231.227.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:42:d4:a8:3a:01:b9:53:37:29:79:7b:29:3b:62:f0:1b:d9:e6:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: May 12 13:52:48 2026 GMT
Not After : May 11 13:57:48 2027 GMT
Subject: CN=D0690DD3A835613F24EEAC7C6AD9FA711F8D2C2B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:f8:66:41:69:3b:87:f0:81:90:99:69:7f:d1:
bf:12:13:d1:f1:80:31:67:91:1c:66:27:8a:a6:56:
a8:0d:1e:90:fa:8d:3e:91:88:3b:c8:79:f6:ba:64:
dd:8d:c3:82:9a:78:76:e4:1b:fb:19:d4:c5:fe:b3:
e4:5a:f5:02:ab:6a:a1:cb:43:8b:c7:d1:eb:87:d8:
b3:02:41:03:c5:0a:ac:60:a7:7f:10:2f:b2:8e:3e:
19:36:11:d2:a8:29:11:6b:5b:1b:e7:6b:42:75:5a:
99:f6:de:68:da:72:b5:01:7a:ad:59:f4:73:08:74:
69:63:ec:0d:55:4c:d2:42:e3:66:38:03:6d:53:ca:
ad:ba:46:be:5a:3d:d0:2e:87:59:3c:dc:b9:1b:5f:
d5:b3:63:bd:fa:5b:23:48:b7:9d:22:9d:9c:23:8f:
9a:f5:8d:2d:28:ea:21:5f:ee:8d:c7:23:04:da:4d:
a3:fd:c8:0c:71:62:d2:33:eb:52:61:3d:60:84:5c:
82:2b:6d:ec:58:2c:f7:b5:a0:b6:da:50:3c:e3:05:
6b:44:13:4b:65:f7:35:92:f9:1c:c4:be:61:79:d6:
93:bb:41:e3:3f:ab:9c:a6:3f:dd:15:e8:93:6f:ca:
b1:bb:1d:dc:a5:2a:58:86:35:9d:e4:c3:06:20:3f:
dd:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:69:0D:D3:A8:35:61:3F:24:EE:AC:7C:6A:D9:FA:71:1F:8D:2C:2B
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.205.0/24
85.235.73.0-85.235.74.255
92.249.60.0/24
176.96.128.0/24
185.231.225.0/24
185.231.227.0/24
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:9e:99:75:78:b1:05:69:70:a6:cd:23:d8:3d:92:91:85:66:
6b:ff:b5:9b:21:1d:78:27:5d:70:37:08:32:48:30:f9:99:13:
21:6d:1a:b6:a8:6d:5d:7d:d1:f1:9e:50:ca:92:4c:88:b4:0a:
fd:65:a1:2d:69:0f:68:9e:06:13:fa:80:2f:47:54:65:0b:c1:
ec:5b:ee:67:66:94:36:44:6f:4b:1e:2e:33:4f:ae:43:61:76:
b6:69:23:a5:7f:95:fd:38:0f:9f:f7:57:ac:8c:59:f6:fd:55:
c0:a5:b4:84:f8:cf:07:66:7b:c9:4c:11:8f:5c:e4:83:46:40:
77:b1:26:f5:87:10:cd:e4:71:12:62:91:39:be:70:da:1d:90:
ec:1c:2f:63:f6:10:8d:6a:20:11:65:78:68:cf:6f:b3:0a:82:
43:bd:7d:46:fe:94:08:97:41:5c:a1:56:1d:a3:98:a5:5f:83:
12:6f:78:a5:4c:e3:07:6f:a3:43:4d:17:83:53:5e:28:b0:8e:
30:89:b9:a3:b5:7a:17:d2:0e:eb:ca:99:35:bf:85:08:e8:6b:
24:cd:17:f5:31:e3:9d:f3:cc:72:c2:4f:b3:7b:30:8a:21:fe:
9f:d8:9d:4e:ec:a0:77:a5:f3:bc:58:41:d5:23:87:a1:eb:70:
e0:38:f1:ca
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUfkLUqDoBuVM3KXl7KTti8BvZ5iowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA1MTIxMzUyNDhaFw0yNzA1MTExMzU3NDhaMDMxMTAvBgNV
BAMTKEQwNjkwREQzQTgzNTYxM0YyNEVFQUM3QzZBRDlGQTcxMUY4RDJDMkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCE+GZBaTuH8IGQmWl/0b8SE9Hx
gDFnkRxmJ4qmVqgNHpD6jT6RiDvIefa6ZN2Nw4KaeHbkG/sZ1MX+s+Ra9QKraqHL
Q4vH0euH2LMCQQPFCqxgp38QL7KOPhk2EdKoKRFrWxvna0J1Wpn23mjacrUBeq1Z
9HMIdGlj7A1VTNJC42Y4A21Tyq26Rr5aPdAuh1k83LkbX9WzY736WyNIt50inZwj
j5r1jS0o6iFf7o3HIwTaTaP9yAxxYtIz61JhPWCEXIIrbexYLPe1oLbaUDzjBWtE
E0tl9zWS+RzEvmF51pO7QeM/q5ymP90V6JNvyrG7HdylKliGNZ3kwwYgP91tAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQU0GkN06g1YT8k7qx8atn6cR+NLCswHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAHyjN
MAwDBABV60kDBABV60oDBABc+TwDBACwYIADBAC55+EDBAC55+MDBADBb08DBADZ
EtAwDQYJKoZIhvcNAQELBQADggEBAEyemXV4sQVpcKbNI9g9kpGFZmv/tZshHXgn
XXA3CDJIMPmZEyFtGraobV190fGeUMqSTIi0Cv1loS1pD2ieBhP6gC9HVGULwexb
7mdmlDZEb0seLjNPrkNhdrZpI6V/lf04D5/3V6yMWfb9VcCltIT4zwdme8lMEY9c
5INGQHexJvWHEM3kcRJikTm+cNodkOwcL2P2EI1qIBFleGjPb7MKgkO9fUb+lAiX
QVyhVh2jmKVfgxJveKVM4wdvo0NNF4NTXiiwjjCJuaO1ehfSDuvKmTW/hQjoayTN
F/Ux453zzHLCT7N7MIoh/p/YnU7soHel87xYQdUjh6HrcOA48co=
-----END CERTIFICATE-----
Generated at Tue May 12 23:35:32 2026 by rpki-client