Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: Te11JSR9i+JqvU4SGvKABkGFXLYD+D/aqpTkieL9V2I=
Subject key identifier: 03:79:82:95:71:81:6C:6E:2F:2B:C2:CD:58:74:60:B5:4A:2B:00:95
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 6309B067C01A76CD2C934C175D1A2040669CC4ED
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Thu 21 Aug 2025 12:59:05 +0000
ROA not before: Thu 21 Aug 2025 12:54:05 +0000
ROA not after: Thu 20 Aug 2026 12:59:05 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
37.221.76.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
37.221.79.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:09:b0:67:c0:1a:76:cd:2c:93:4c:17:5d:1a:20:40:66:9c:c4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 21 12:54:05 2025 GMT
Not After : Aug 20 12:59:05 2026 GMT
Subject: CN=0379829571816C6E2F2BC2CD587460B54A2B0095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ff:2d:a7:c3:78:16:06:b5:26:11:15:e9:49:
76:d9:f3:c5:f4:ac:e7:da:88:8c:29:dd:2e:aa:5f:
fb:69:4b:52:0e:41:83:56:08:7c:76:c6:4f:90:27:
2c:ca:b0:4a:3e:6d:61:89:8e:d7:0c:ef:13:7d:45:
a7:36:7c:aa:c5:6d:7d:f8:0d:e1:31:8a:b4:86:41:
99:b3:c5:d3:26:08:6f:2d:89:fc:05:b2:38:96:fe:
80:07:99:75:b6:10:f8:4f:d1:74:cf:90:08:fb:13:
80:45:a6:cd:4d:3f:69:80:cc:1f:92:d8:0f:cb:22:
43:61:fa:38:a2:c0:0e:e0:d5:2a:05:69:50:1e:4b:
d0:71:a1:f0:48:b5:53:ef:af:e3:0c:97:4b:0a:47:
d7:b2:91:fd:a9:fe:fe:bd:4a:96:1f:a1:7d:29:3e:
fc:a8:41:d3:d2:48:89:b2:ef:67:4d:fc:13:88:46:
f4:b8:0b:52:47:91:e2:f1:39:cd:40:87:c9:56:53:
06:36:48:e5:ea:04:65:63:6f:b2:93:5a:b5:d4:d2:
cc:97:18:e1:bb:92:3c:d9:86:f1:99:1a:16:43:94:
65:77:a6:0d:30:dd:71:ea:a5:b4:cc:1b:ad:33:c8:
54:58:30:96:1c:b8:23:58:ad:86:5d:aa:b7:8a:24:
fc:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:79:82:95:71:81:6C:6E:2F:2B:C2:CD:58:74:60:B5:4A:2B:00:95
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.205.0/24
37.221.76.0/23
37.221.79.0/24
85.235.72.0/24
85.235.74.0/24
92.249.63.0/24
176.96.128.0/23
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
71:34:f2:84:3c:a1:54:08:18:e5:0f:5f:7c:6a:17:30:4b:47:
48:72:f8:19:0c:34:c8:38:25:d9:86:72:f9:cd:4f:cb:f6:15:
83:6a:df:a0:da:cc:8e:ec:66:31:62:69:ae:3b:12:da:d1:31:
d6:e9:50:16:70:71:9d:0e:e4:38:f9:00:38:60:3f:3a:52:6b:
28:c6:e1:4f:4b:a7:90:60:4e:33:61:74:68:92:d7:03:7c:b1:
80:94:91:56:02:14:cc:ae:42:3a:9b:48:9a:c7:c0:a0:3a:39:
51:a4:2f:e1:08:02:9e:cd:15:3e:2c:ee:73:cd:74:68:ca:b7:
48:d7:d2:ef:dc:6a:4d:a5:14:96:81:ce:61:b4:41:38:b8:6d:
ae:bd:c6:ee:3f:f0:ef:54:2c:33:86:13:ec:d4:39:bb:4f:a9:
ed:d0:bd:0d:42:9a:d2:94:12:e6:33:a9:75:04:2e:eb:d6:1b:
ad:0d:45:44:d8:27:3c:cb:78:66:17:53:9c:6b:6b:81:8c:17:
97:74:c3:ea:d1:ba:13:b0:50:65:3a:e3:6b:6d:3f:60:5a:e7:
70:a7:ba:d9:20:d2:71:7e:38:e5:79:e6:a7:09:0f:78:03:43:
eb:7f:a8:13:d1:b4:6c:57:66:73:4a:95:d0:5a:93:2a:49:17:
38:21:ce:5e
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgIUYwmwZ8Aads0sk0wXXRogQGacxO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MjExMjU0MDVaFw0yNjA4MjAxMjU5MDVaMDMxMTAvBgNV
BAMTKDAzNzk4Mjk1NzE4MTZDNkUyRjJCQzJDRDU4NzQ2MEI1NEEyQjAwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj/y2nw3gWBrUmERXpSXbZ88X0
rOfaiIwp3S6qX/tpS1IOQYNWCHx2xk+QJyzKsEo+bWGJjtcM7xN9Rac2fKrFbX34
DeExirSGQZmzxdMmCG8tifwFsjiW/oAHmXW2EPhP0XTPkAj7E4BFps1NP2mAzB+S
2A/LIkNh+jiiwA7g1SoFaVAeS9BxofBItVPvr+MMl0sKR9eykf2p/v69SpYfoX0p
PvyoQdPSSImy72dN/BOIRvS4C1JHkeLxOc1Ah8lWUwY2SOXqBGVjb7KTWrXU0syX
GOG7kjzZhvGZGhZDlGV3pg0w3XHqpbTMG60zyFRYMJYcuCNYrYZdqreKJPxDAgMB
AAGjggJmMIICYjAdBgNVHQ4EFgQUA3mClXGBbG4vK8LNWHRgtUorAJUwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQABYVl
AwQAHyjFAwQAHyjNAwQBJd1MAwQAJd1PAwQAVetIAwQAVetKAwQAXPk/AwQBsGCA
AwQAuefhAwQAwW9MAwQAwW9PMAwDBADUV8UDBAPUV8ADBADZEtADBADZEtMwDQYJ
KoZIhvcNAQELBQADggEBAHE08oQ8oVQIGOUPX3xqFzBLR0hy+BkMNMg4JdmGcvnN
T8v2FYNq36DazI7sZjFiaa47EtrRMdbpUBZwcZ0O5Dj5ADhgPzpSayjG4U9Lp5Bg
TjNhdGiS1wN8sYCUkVYCFMyuQjqbSJrHwKA6OVGkL+EIAp7NFT4s7nPNdGjKt0jX
0u/cak2lFJaBzmG0QTi4ba69xu4/8O9ULDOGE+zUObtPqe3QvQ1CmtKUEuYzqXUE
LuvWG60NRUTYJzzLeGYXU5xra4GMF5d0w+rRuhOwUGU642ttP2Ba53Cnutkg0nF+
OOV55qcJD3gDQ+t/qBPRtGxXZnNKldBakypJFzghzl4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:36:33 2025 by rpki-client