Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: f4BHLPtyCHbC8Y20jOC9WC8V87Cdyd3Ue3kZBE1UTqk=
Subject key identifier: D3:91:D0:13:DA:B9:3F:46:11:77:4C:C7:35:C8:CD:75:8F:42:61:7F
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 74B1FC0C32A525EF326A6F5BB5A1141D015FAA2A
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Thu 26 Jun 2025 08:11:57 +0000
ROA not before: Thu 26 Jun 2025 08:06:57 +0000
ROA not after: Thu 25 Jun 2026 08:11:57 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
62.182.32.0/22 maxlen: 22
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
139.28.48.0/24 maxlen: 24
139.28.49.0/24 maxlen: 24
139.28.50.0/24 maxlen: 24
139.28.51.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
212.115.100.0/22 maxlen: 22
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:b1:fc:0c:32:a5:25:ef:32:6a:6f:5b:b5:a1:14:1d:01:5f:aa:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 26 08:06:57 2025 GMT
Not After : Jun 25 08:11:57 2026 GMT
Subject: CN=D391D013DAB93F4611774CC735C8CD758F42617F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:45:e1:a6:34:0a:9f:85:0f:d3:63:b6:96:64:
a8:c9:e4:20:b9:b4:12:8d:b3:aa:12:05:ca:ae:99:
35:33:61:ff:ac:29:dc:89:8e:fd:1d:30:a9:b0:f9:
15:3d:05:1e:98:8f:b4:47:8f:47:10:0b:75:28:59:
91:a1:26:7a:8a:0f:f7:25:bc:11:11:c4:86:d3:6c:
f9:6c:2b:43:d0:22:29:8d:07:f9:c3:40:93:06:cc:
91:87:f9:4f:c7:ef:f5:4f:bb:86:e4:46:a9:68:95:
c1:45:65:12:0b:15:ab:54:a4:2a:10:01:a1:d9:2e:
b0:6e:15:50:8a:25:3c:0e:e7:64:e1:fc:3e:ea:64:
ab:ed:cd:a5:6f:75:6e:ff:60:ae:92:0a:02:4c:41:
55:58:cd:49:e5:8d:23:a5:f7:0e:c2:5f:cb:5e:e2:
c1:e9:36:00:97:10:0e:d4:a7:f4:73:fe:3e:3e:45:
99:63:69:ac:46:96:4b:d1:52:34:c0:a6:e0:b4:1b:
7e:7e:f7:dc:3f:f6:5e:b0:a0:08:b5:d6:3d:3e:2a:
02:8d:c7:08:34:5b:6e:cc:b8:32:60:03:3c:48:0c:
ef:94:f1:f3:48:21:d2:2e:15:a7:87:fc:99:75:48:
58:df:18:36:bb:6f:a3:88:e7:06:56:8b:7b:77:19:
7b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:91:D0:13:DA:B9:3F:46:11:77:4C:C7:35:C8:CD:75:8F:42:61:7F
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.204.0/23
37.221.76.0/23
62.182.32.0/22
85.235.72.0-85.235.74.255
92.249.62.0/23
139.28.48.0/22
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
212.115.100.0/22
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
03:5e:3d:5d:86:15:5a:55:ef:a0:d9:f1:6a:d5:f6:6b:d5:0d:
32:9e:06:63:bf:c7:d2:bf:c3:a4:d2:62:e5:d4:6b:b9:19:22:
5d:04:d0:ca:1c:20:c2:6b:d7:1b:42:36:96:0e:82:1f:4a:8b:
b9:93:35:f7:b3:64:a2:ad:a3:14:b4:a8:bd:07:e8:8d:ae:3e:
db:e1:34:8f:84:80:38:26:6a:4d:1e:d5:9b:32:03:34:c7:76:
18:d9:6a:2c:48:c0:e8:d8:29:ba:36:5f:ae:7e:18:4a:45:0c:
a8:12:e1:80:46:a5:dd:df:42:ca:c5:b7:02:ff:c0:33:f0:84:
34:19:23:7c:b5:e3:9c:86:61:68:bb:f3:3d:90:75:7f:94:37:
1c:b8:9e:34:bb:90:c7:d2:78:35:96:7b:bb:e4:e3:34:07:e8:
23:d8:44:bc:56:9f:f7:bb:d9:72:5e:67:66:4c:21:ae:25:1a:
71:63:52:a9:57:28:4e:43:10:77:be:72:24:32:f3:2b:ad:3b:
53:06:06:c2:9c:32:e4:b9:21:43:17:a0:9d:52:f0:bd:61:26:
5e:d9:44:fb:4f:b4:e6:3e:48:70:f7:4c:e9:dd:e5:55:50:d0:
e9:10:ce:bf:eb:5f:6d:4c:f4:2f:7d:64:c3:31:e8:ba:7e:e5:
78:dc:f0:ea
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgIUdLH8DDKlJe8yam9btaEUHQFfqiowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MjYwODA2NTdaFw0yNjA2MjUwODExNTdaMDMxMTAvBgNV
BAMTKEQzOTFEMDEzREFCOTNGNDYxMTc3NENDNzM1QzhDRDc1OEY0MjYxN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIReGmNAqfhQ/TY7aWZKjJ5CC5
tBKNs6oSBcqumTUzYf+sKdyJjv0dMKmw+RU9BR6Yj7RHj0cQC3UoWZGhJnqKD/cl
vBERxIbTbPlsK0PQIimNB/nDQJMGzJGH+U/H7/VPu4bkRqlolcFFZRILFatUpCoQ
AaHZLrBuFVCKJTwO52Th/D7qZKvtzaVvdW7/YK6SCgJMQVVYzUnljSOl9w7CX8te
4sHpNgCXEA7Up/Rz/j4+RZljaaxGlkvRUjTApuC0G35+99w/9l6woAi11j0+KgKN
xwg0W27MuDJgAzxIDO+U8fNIIdIuFaeH/Jl1SFjfGDa7b6OI5wZWi3t3GXuXAgMB
AAGjggJ/MIICezAdBgNVHQ4EFgQU05HQE9q5P0YRd0zHNcjNdY9CYX8wHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQA
BYVlAwQBHyjEAwQBHyjMAwQBJd1MAwQCPrYgMAwDBANV60gDBABV60oDBAFc+T4D
BAKLHDAwDAMEB7BggAMEALBgggMEALnn4QMEAMFvTAMEAMFvTzAMAwQA1FfFAwQD
1FfAAwQC1HNkAwQA2RLQAwQA2RLTMA0GCSqGSIb3DQEBCwUAA4IBAQADXj1dhhVa
Ve+g2fFq1fZr1Q0yngZjv8fSv8Ok0mLl1Gu5GSJdBNDKHCDCa9cbQjaWDoIfSou5
kzX3s2SiraMUtKi9B+iNrj7b4TSPhIA4JmpNHtWbMgM0x3YY2WosSMDo2Cm6Nl+u
fhhKRQyoEuGARqXd30LKxbcC/8Az8IQ0GSN8teOchmFou/M9kHV/lDccuJ40u5DH
0ng1lnu75OM0B+gj2ES8Vp/3u9lyXmdmTCGuJRpxY1KpVyhOQxB3vnIkMvMrrTtT
BgbCnDLkuSFDF6CdUvC9YSZe2UT7T7TmPkhw90zp3eVVUNDpEM6/619tTPQvfWTD
Mei6fuV43PDq
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:58:32 2025 by rpki-client