Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: S/t0if/B0MKZJBewYVu4Dok0We9U7UbkaZPeVTu9Bfw=
Subject key identifier: AC:2C:92:5D:20:8C:1F:20:22:66:4F:23:91:6C:ED:9D:A3:4E:6E:DA
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 243C4D9BAE3E78D319166B88BC0EAF45C419A5D5
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
Signing time: Mon 16 Mar 2026 09:50:34 +0000
ROA not before: Mon 16 Mar 2026 09:45:34 +0000
ROA not after: Mon 15 Mar 2027 09:50:34 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:3c:4d:9b:ae:3e:78:d3:19:16:6b:88:bc:0e:af:45:c4:19:a5:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Mar 16 09:45:34 2026 GMT
Not After : Mar 15 09:50:34 2027 GMT
Subject: CN=AC2C925D208C1F2022664F23916CED9DA34E6EDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:e5:82:39:24:be:32:13:8e:e6:b1:35:e9:
ea:69:15:ae:b3:a8:3b:8e:58:ab:91:d1:0e:5e:89:
28:bb:51:06:3e:18:de:89:aa:ba:dd:17:8f:58:1f:
9e:86:d8:d3:cb:54:9c:d9:5c:72:ca:bf:99:9b:23:
3d:ff:76:e2:88:74:26:82:3c:7a:cd:d7:60:13:43:
66:5d:d8:9d:23:17:01:8b:da:ed:97:44:f1:a9:7e:
c2:d5:ce:d6:6e:db:71:9d:1b:10:4d:30:5b:5c:c0:
50:b7:75:dd:81:1a:f8:78:aa:63:35:b6:b8:07:03:
50:28:ca:ab:a4:01:06:b6:ad:f4:4c:c3:2d:cf:01:
be:97:cc:1a:13:2c:4a:7e:98:c7:01:bb:ee:e7:36:
64:84:59:bb:63:3b:de:4d:04:43:71:df:39:e1:db:
83:d8:db:d1:b7:a8:61:32:f2:04:97:9c:54:4e:49:
74:32:d6:63:1a:31:6e:cc:cc:9d:9a:43:fa:90:30:
66:c5:19:c4:74:e7:2f:a0:fa:f2:6e:a9:9e:cb:1f:
84:76:54:6f:63:8d:a6:bf:9c:86:2e:4b:1c:45:9d:
63:d8:be:93:99:7f:9b:b8:0d:22:ac:df:11:cb:9b:
e4:88:52:09:4d:0b:d9:7f:e5:74:a6:63:4b:e1:f7:
b5:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:2C:92:5D:20:8C:1F:20:22:66:4F:23:91:6C:ED:9D:A3:4E:6E:DA
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.205.0/24
85.235.73.0-85.235.74.255
176.96.128.0/24
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:6e:2a:8e:02:d7:02:75:35:7c:c6:31:07:9e:05:a0:ea:86:
f5:6e:6a:a4:01:95:a0:4f:76:69:61:33:de:22:75:e0:53:7c:
8c:77:5a:6a:5b:49:90:c2:a1:9e:4d:0c:cf:b3:d9:8d:4f:b9:
0b:39:18:c7:35:8c:c0:cf:a2:38:da:d2:33:ce:34:73:ad:29:
cd:a4:57:51:e4:16:cd:48:43:35:85:c2:f6:a9:8d:64:98:7d:
98:b4:9d:14:6b:70:03:07:25:ce:cb:a0:38:84:65:fc:62:87:
c3:08:9a:d1:4b:b5:5a:02:44:b5:a6:59:65:cc:d5:7f:26:5a:
a7:49:df:e8:19:ad:64:1d:bf:f1:d4:e6:f6:33:be:76:b7:8e:
d9:d2:31:7c:ec:25:63:c0:3d:20:32:0f:53:9f:e3:50:c3:ea:
d2:82:70:5b:d4:ae:e3:96:11:7b:f4:90:bd:5d:9e:ee:84:72:
b4:8a:f7:af:e9:26:a4:32:48:4a:ef:2a:f3:52:61:e9:1a:1a:
a1:3c:83:fb:6f:38:7b:b4:25:be:03:b7:5c:35:c1:27:3d:33:
b6:2a:da:93:55:b3:82:54:98:2a:47:a1:6b:c4:34:21:54:b8:
00:4b:5e:71:d1:a8:b0:6c:9b:d4:98:ae:8c:a3:ef:8a:3e:70:
a9:9f:50:02
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgIUJDxNm64+eNMZFmuIvA6vRcQZpdUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjAzMTYwOTQ1MzRaFw0yNzAzMTUwOTUwMzRaMDMxMTAvBgNV
BAMTKEFDMkM5MjVEMjA4QzFGMjAyMjY2NEYyMzkxNkNFRDlEQTM0RTZFREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWE+WCOSS+MhOO5rE16eppFa6z
qDuOWKuR0Q5eiSi7UQY+GN6JqrrdF49YH56G2NPLVJzZXHLKv5mbIz3/duKIdCaC
PHrN12ATQ2Zd2J0jFwGL2u2XRPGpfsLVztZu23GdGxBNMFtcwFC3dd2BGvh4qmM1
trgHA1AoyqukAQa2rfRMwy3PAb6XzBoTLEp+mMcBu+7nNmSEWbtjO95NBENx3znh
24PY29G3qGEy8gSXnFROSXQy1mMaMW7MzJ2aQ/qQMGbFGcR05y+g+vJuqZ7LH4R2
VG9jjaa/nIYuSxxFnWPYvpOZf5u4DSKs3xHLm+SIUglNC9l/5XSmY0vh97VzAgMB
AAGjggI2MIICMjAdBgNVHQ4EFgQUrCySXSCMHyAiZk8jkWztnaNObtowHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABYVl
AwQAHyjFAwQAHyjNMAwDBABV60kDBABV60oDBACwYIADBADBb08DBADZEtAwDQYJ
KoZIhvcNAQELBQADggEBAMluKo4C1wJ1NXzGMQeeBaDqhvVuaqQBlaBPdmlhM94i
deBTfIx3WmpbSZDCoZ5NDM+z2Y1PuQs5GMc1jMDPojja0jPONHOtKc2kV1HkFs1I
QzWFwvapjWSYfZi0nRRrcAMHJc7LoDiEZfxih8MImtFLtVoCRLWmWWXM1X8mWqdJ
3+gZrWQdv/HU5vYzvna3jtnSMXzsJWPAPSAyD1Of41DD6tKCcFvUruOWEXv0kL1d
nu6EcrSK96/pJqQySErvKvNSYekaGqE8g/tvOHu0Jb4Dt1w1wSc9M7Yq2pNVs4JU
mCpHoWvENCFUuABLXnHRqLBsm9SYroyj74o+cKmfUAI=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:07:43 2026 by rpki-client