
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: +r9jc3qijOKA00axiSJ88BXMj2STHL5NQ3+wxHvetcI=
Subject key identifier: 5A:4B:8F:0F:C2:78:7D:14:C2:B2:8F:73:D8:37:58:3A:92:9A:22:21
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 095909E0A796CD890D9969B82C070DF1ED71E3C5
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Sun 12 Oct 2025 09:51:24 +0000
ROA not before: Sun 12 Oct 2025 09:46:24 +0000
ROA not after: Sun 11 Oct 2026 09:51:24 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:59:09:e0:a7:96:cd:89:0d:99:69:b8:2c:07:0d:f1:ed:71:e3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Oct 12 09:46:24 2025 GMT
Not After : Oct 11 09:51:24 2026 GMT
Subject: CN=5A4B8F0FC2787D14C2B28F73D837583A929A2221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f2:79:35:06:1f:ea:f1:9f:d1:26:21:b6:ee:
22:ad:69:fd:be:62:be:34:0a:da:cf:c6:1b:be:9f:
72:b5:09:c3:bc:72:58:25:93:1a:9c:19:ac:8e:02:
2f:2d:2a:e2:62:e1:f2:67:86:37:90:89:5a:1f:b2:
86:93:af:89:80:dc:16:c3:0a:d4:0d:b7:70:0c:45:
25:9d:1d:79:80:91:6b:4b:be:ec:be:7f:fd:da:66:
b6:b7:eb:59:4e:af:5c:ef:7a:7e:3f:81:f1:c0:ff:
42:c7:23:a7:c8:aa:63:5d:ec:4d:1b:2d:67:0c:ed:
15:d1:60:03:1d:65:35:f3:b1:40:98:c7:1d:4e:f3:
eb:ea:c4:4d:b2:4e:e8:13:9b:07:b7:3c:7a:87:ef:
5e:b4:3a:30:4e:52:97:93:58:2a:0a:c8:62:67:e7:
f3:a3:13:b4:20:1f:2e:5e:33:88:92:aa:9b:9a:13:
93:44:22:86:29:f6:04:77:89:e0:94:27:bc:e6:74:
a6:ef:e2:85:47:bf:57:80:3e:d6:32:a1:bd:82:b4:
93:fe:0f:04:93:77:3b:4a:af:c6:29:ff:e1:4a:fb:
1d:25:47:5e:b6:54:1b:79:9b:16:d8:03:fb:a3:61:
5b:1f:82:ea:30:a1:86:d6:0e:e2:1b:49:b3:27:13:
b4:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4B:8F:0F:C2:78:7D:14:C2:B2:8F:73:D8:37:58:3A:92:9A:22:21
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.205.0/24
85.235.74.0/24
176.96.128.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
76:b5:23:62:d2:dc:82:10:0b:47:d6:98:64:a0:c7:2e:cc:62:
bc:d9:b2:99:c3:40:ac:e1:e9:e1:1a:fb:c9:31:f4:da:ed:04:
b5:29:af:88:70:01:4d:8e:6a:29:8d:bf:c4:04:61:90:a1:1c:
e4:cb:01:6e:0c:f0:0a:a9:a5:9f:94:89:47:b1:bd:0e:cd:c7:
48:7a:da:21:1a:98:c7:fb:e6:8b:c3:29:66:27:61:db:48:7c:
6d:cb:e1:bc:04:32:25:3c:a8:0f:d4:27:bc:ec:ec:e3:26:50:
07:f1:22:b3:d8:19:5a:08:69:bf:eb:e4:85:50:2a:fe:24:3a:
12:fe:8d:51:2a:f1:83:38:08:9a:59:ed:3d:44:18:dc:f8:e2:
80:3e:3e:15:0e:e7:87:c6:38:a1:75:2c:e1:79:d8:b6:bc:e0:
e1:04:ca:39:5b:c9:03:b9:87:1d:88:ea:44:e7:4b:5a:4b:0c:
eb:c7:1e:89:ce:b7:93:05:54:38:ac:e1:7a:0c:24:f6:97:de:
14:42:4d:39:92:8c:a2:fb:c0:2f:73:1e:11:0a:bc:1d:c8:91:
6f:c3:65:d8:44:9a:f0:c5:aa:7c:99:a1:0a:d1:54:fa:35:dc:
ed:25:8a:a3:43:3a:62:5d:16:10:81:24:12:6d:f4:35:d4:6a:
ee:b8:a5:b2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgIUCVkJ4KeWzYkNmWm4LAcN8e1x48UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTEwMTIwOTQ2MjRaFw0yNjEwMTEwOTUxMjRaMDMxMTAvBgNV
BAMTKDVBNEI4RjBGQzI3ODdEMTRDMkIyOEY3M0Q4Mzc1ODNBOTI5QTIyMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg8nk1Bh/q8Z/RJiG27iKtaf2+
Yr40CtrPxhu+n3K1CcO8clglkxqcGayOAi8tKuJi4fJnhjeQiVofsoaTr4mA3BbD
CtQNt3AMRSWdHXmAkWtLvuy+f/3aZra361lOr1zven4/gfHA/0LHI6fIqmNd7E0b
LWcM7RXRYAMdZTXzsUCYxx1O8+vqxE2yTugTmwe3PHqH7160OjBOUpeTWCoKyGJn
5/OjE7QgHy5eM4iSqpuaE5NEIoYp9gR3ieCUJ7zmdKbv4oVHv1eAPtYyob2CtJP+
DwSTdztKr8Yp/+FK+x0lR162VBt5mxbYA/ujYVsfguowoYbWDuIbSbMnE7R5AgMB
AAGjggI0MIICMDAdBgNVHQ4EFgQUWkuPD8J4fRTCso9z2DdYOpKaIiEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABYVl
AwQAHyjFAwQAHyjNAwQAVetKAwQAsGCAAwQAwW9MAwQAwW9PAwQA2RLQMA0GCSqG
SIb3DQEBCwUAA4IBAQB2tSNi0tyCEAtH1phkoMcuzGK82bKZw0Cs4enhGvvJMfTa
7QS1Ka+IcAFNjmopjb/EBGGQoRzkywFuDPAKqaWflIlHsb0OzcdIetohGpjH++aL
wylmJ2HbSHxty+G8BDIlPKgP1Ce87OzjJlAH8SKz2BlaCGm/6+SFUCr+JDoS/o1R
KvGDOAiaWe09RBjc+OKAPj4VDueHxjihdSzhedi2vODhBMo5W8kDuYcdiOpE50ta
Swzrxx6JzreTBVQ4rOF6DCT2l94UQk05koyi+8Avcx4RCrwdyJFvw2XYRJrwxap8
maEK0VT6NdztJYqjQzpiXRYQgSQSbfQ11GruuKWy
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:43:33 2025 by rpki-client