This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa File: AS209737.roa (raw, json) Hash identifier: 4uNecrrm1OkeQHcZgjVmihPcXmKl2lDQffUpUjmP770= Subject key identifier: 3E:2E:31:9E:BC:4C:B3:0C:C3:52:9F:5D:42:F2:B3:55:E0:F8:54:87 Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 4DCFFE4D34ADA4D3053E12F8E5357772C738BC2C Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa Signing time: Sun 07 Dec 2025 13:17:18 +0000 ROA not before: Sun 07 Dec 2025 13:12:18 +0000 ROA not after: Sun 06 Dec 2026 13:17:18 +0000 asID: 209737 IP address blocks: 5.133.101.0/24 maxlen: 24 31.40.197.0/24 maxlen: 24 31.40.205.0/24 maxlen: 24 85.235.74.0/24 maxlen: 24 176.96.128.0/24 maxlen: 24 193.111.76.0/24 maxlen: 24 193.111.79.0/24 maxlen: 24 217.18.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 00:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:cf:fe:4d:34:ad:a4:d3:05:3e:12:f8:e5:35:77:72:c7:38:bc:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Dec 7 13:12:18 2025 GMT Not After : Dec 6 13:17:18 2026 GMT Subject: CN=3E2E319EBC4CB30CC3529F5D42F2B355E0F85487 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:14:c1:9d:8d:d6:d8:bb:9b:fe:3c:7e:19:fc: 70:47:47:71:73:4a:23:f9:d5:dc:5a:94:2b:34:13: 93:cc:1b:1b:58:29:e5:02:b8:ac:32:2c:8a:ab:b2: db:f5:e7:6b:73:3e:49:5f:77:57:fb:92:65:60:43: 3e:7f:f1:61:ee:b8:a9:68:79:38:cf:e4:f5:1f:72: d9:ca:60:74:90:4f:91:18:b1:69:73:d7:37:00:fb: 6d:e5:bc:51:11:5e:8d:28:fc:b5:41:eb:1b:de:7b: cf:e0:15:b0:0e:90:9f:fe:33:18:07:35:4b:a5:08: 8a:26:1d:a2:05:97:b1:85:26:d7:c8:ce:30:06:03: 8d:5e:5b:ed:03:37:27:8d:e7:86:f3:17:fc:c4:2e: 1f:86:4e:d0:f5:1d:b4:b8:fb:98:26:0f:88:44:40: a7:fb:63:ff:c3:a7:92:77:e2:16:c2:e9:fc:ea:61: 32:32:a0:e1:fe:e1:de:db:4f:28:6f:a8:ed:25:f0: de:e3:be:f3:a0:0e:55:fb:73:e8:30:33:54:48:5b: 13:cc:9c:61:2b:ad:89:98:85:24:98:2d:c7:06:8e: 32:98:e4:e2:2c:4f:6a:ce:04:4c:ce:6a:18:d1:ac: 87:02:19:b7:1e:f7:cb:a4:8f:f3:00:a7:4d:91:f0: d7:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:2E:31:9E:BC:4C:B3:0C:C3:52:9F:5D:42:F2:B3:55:E0:F8:54:87 X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.101.0/24 31.40.197.0/24 31.40.205.0/24 85.235.74.0/24 176.96.128.0/24 193.111.76.0/24 193.111.79.0/24 217.18.208.0/24 Signature Algorithm: sha256WithRSAEncryption 96:a5:8b:2b:d4:e7:b9:6d:b2:1c:84:cf:b4:ed:b3:9e:92:4b: b5:2b:4a:67:ff:af:de:57:bc:e5:5f:f9:9e:db:ab:08:cf:fa: 67:ba:10:b4:10:ce:a6:57:17:b1:bf:3d:ea:32:4f:98:bf:1d: 6e:e3:0a:30:01:9c:32:e5:54:bb:5b:3f:9e:a8:01:54:e4:7f: 26:00:d1:58:52:b9:67:b5:37:a1:40:22:d9:85:63:21:2d:e7: c1:b9:78:4e:d8:d3:5c:9d:14:59:7c:c9:86:32:21:67:2f:f4: bf:0f:93:ec:ac:0a:1b:63:26:67:20:de:4a:3a:84:77:8b:ab: 64:52:93:ba:01:99:ce:13:ec:19:86:9f:5c:d2:22:a7:f1:c6: 04:64:af:a8:f8:a4:cf:c6:7f:0e:1e:96:20:94:4d:88:b9:e2: c1:35:49:68:8d:80:a0:74:f9:2f:34:b5:db:3e:e6:45:fc:84: 63:12:e0:16:fe:b5:8b:3f:cf:b2:1b:72:69:62:e2:cf:95:7f: 21:e3:c0:cd:83:fd:98:81:64:58:68:aa:61:d8:34:94:fe:c1: b1:d7:50:b7:d4:5e:71:7a:e6:f4:de:50:eb:d3:32:ad:35:2e: 03:a6:69:ee:81:40:b1:de:1b:8b:95:52:76:8a:7c:7d:85:e7: 57:32:6d:22 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUTc/+TTStpNMFPhL45TV3csc4vCwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNTEyMDcxMzEyMThaFw0yNjEyMDYxMzE3MThaMDMxMTAvBgNV BAMTKDNFMkUzMTlFQkM0Q0IzMENDMzUyOUY1RDQyRjJCMzU1RTBGODU0ODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdFMGdjdbYu5v+PH4Z/HBHR3Fz SiP51dxalCs0E5PMGxtYKeUCuKwyLIqrstv152tzPklfd1f7kmVgQz5/8WHuuKlo eTjP5PUfctnKYHSQT5EYsWlz1zcA+23lvFERXo0o/LVB6xvee8/gFbAOkJ/+MxgH NUulCIomHaIFl7GFJtfIzjAGA41eW+0DNyeN54bzF/zELh+GTtD1HbS4+5gmD4hE QKf7Y//Dp5J34hbC6fzqYTIyoOH+4d7bTyhvqO0l8N7jvvOgDlX7c+gwM1RIWxPM nGErrYmYhSSYLccGjjKY5OIsT2rOBEzOahjRrIcCGbce98ukj/MAp02R8NczAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUPi4xnrxMswzDUp9dQvKzVeD4VIcwHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABYVl AwQAHyjFAwQAHyjNAwQAVetKAwQAsGCAAwQAwW9MAwQAwW9PAwQA2RLQMA0GCSqG SIb3DQEBCwUAA4IBAQCWpYsr1Oe5bbIchM+07bOekku1K0pn/6/eV7zlX/me26sI z/pnuhC0EM6mVxexvz3qMk+Yvx1u4wowAZwy5VS7Wz+eqAFU5H8mANFYUrlntTeh QCLZhWMhLefBuXhO2NNcnRRZfMmGMiFnL/S/D5PsrAobYyZnIN5KOoR3i6tkUpO6 AZnOE+wZhp9c0iKn8cYEZK+o+KTPxn8OHpYglE2IueLBNUlojYCgdPkvNLXbPuZF /IRjEuAW/rWLP8+yG3JpYuLPlX8h48DNg/2YgWRYaKph2DSU/sGx11C31F5xeub0 3lDr0zKtNS4DpmnugUCx3huLlVJ2inx9hedXMm0i -----END CERTIFICATE-----Generated at Tue Dec 16 07:04:13 2025 by rpki-client