Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: 7JEBTGRA/wdGSdehshFA+o7MZ2BfVo+owoII0d+OSiE=
Subject key identifier: 34:15:15:4C:AA:30:5E:7A:03:17:DE:6A:FC:8D:89:A7:CE:BF:37:D1
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 3AB13395C1ADDE41C7C1D2D7D565276721B9B695
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
Signing time: Fri 12 Jun 2026 07:51:11 +0000
ROA not before: Fri 12 Jun 2026 07:46:11 +0000
ROA not after: Fri 11 Jun 2027 07:51:11 +0000
asID: 209737
IP address blocks: 31.40.196.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
185.231.226.0/24 maxlen: 24
185.231.227.0/24 maxlen: 24
193.32.184.0/24 maxlen: 24
193.32.185.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:b1:33:95:c1:ad:de:41:c7:c1:d2:d7:d5:65:27:67:21:b9:b6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Jun 12 07:46:11 2026 GMT
Not After : Jun 11 07:51:11 2027 GMT
Subject: CN=3415154CAA305E7A0317DE6AFC8D89A7CEBF37D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:33:bf:14:5e:bc:95:da:86:0b:8b:c2:ed:b1:
9d:93:95:25:6d:e0:f9:2b:41:b1:17:d3:9b:3e:99:
3e:e6:43:17:ee:ea:bd:91:70:22:9f:4c:a8:4d:ac:
b1:14:df:f5:df:3d:17:66:d4:92:af:49:95:e2:19:
9a:a3:d5:dc:4f:3a:a1:7a:17:cc:1d:83:41:07:69:
f6:02:02:96:b8:75:b4:ec:80:2f:c2:ff:9d:4e:25:
83:aa:4d:a6:ce:12:a3:e3:a4:5d:d4:60:9f:25:43:
aa:b4:50:4a:5d:fb:29:d2:54:d4:d7:81:54:8f:a9:
51:61:63:b9:ee:cd:a9:8f:63:82:b1:2f:4b:45:c6:
87:04:31:b3:3e:f2:ee:aa:42:4b:5a:cf:4f:cc:79:
b4:c8:68:b5:22:d9:53:76:98:e1:d1:fd:03:dd:91:
93:ca:37:49:88:3e:94:58:3e:41:55:57:80:12:a7:
0d:a1:b1:8a:63:a3:56:d7:45:27:d7:20:d9:68:0f:
46:e2:e5:e0:69:fa:38:69:e3:c5:85:97:97:92:23:
25:49:57:7e:75:92:a1:29:d7:ec:5f:40:9c:53:dd:
08:29:50:88:9c:b2:ec:90:7f:d5:95:6f:f7:3c:17:
19:36:b9:4f:f6:ff:91:61:61:d1:77:48:ba:71:6f:
33:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:15:15:4C:AA:30:5E:7A:03:17:DE:6A:FC:8D:89:A7:CE:BF:37:D1
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.196.0/24
31.40.205.0/24
85.235.73.0-85.235.74.255
176.96.128.0/24
185.231.225.0-185.231.227.255
193.32.184.0/23
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
41:fe:4f:e6:be:c7:e0:27:19:b9:9a:7f:d3:1a:21:f2:9f:95:
5a:3b:98:5a:1d:c2:3b:b7:f2:25:a2:f7:13:ee:89:30:46:03:
e9:28:dc:23:1a:df:3f:9f:b6:14:73:50:8e:3a:34:3c:83:45:
d9:cc:35:85:7e:c0:3e:7b:13:39:76:22:c9:79:84:e2:d9:e6:
3b:5e:b9:eb:b8:4c:bc:73:0d:92:e7:97:96:7e:aa:b9:f0:38:
e9:9a:0d:d4:8e:57:a1:14:d0:1c:f6:34:45:17:a7:3c:01:92:
d7:8a:ff:54:4d:df:2f:db:40:21:97:a5:45:96:97:62:ab:ed:
2d:3c:e1:25:de:9c:e7:4e:4a:b3:34:d2:0b:32:27:b1:dd:e6:
79:d7:3e:7f:9a:73:ae:18:73:16:4e:a3:fc:36:0b:b6:5c:ba:
98:99:7b:c0:24:b9:9e:d9:50:c2:3d:08:37:2f:26:76:47:53:
a1:1d:c4:1f:5f:3d:4f:dc:17:f9:73:c9:44:6d:af:7d:3e:21:
71:09:ed:81:8d:76:bd:14:4e:9c:ab:ca:87:2a:88:a9:6c:ec:
e2:39:dd:c1:4f:55:47:5a:d2:88:07:8a:63:4a:66:9a:24:83:
81:fe:1a:35:49:86:ac:a3:18:55:c5:79:60:13:68:ee:3b:d7:
ca:40:f0:ab
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUOrEzlcGt3kHHwdLX1WUnZyG5tpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA2MTIwNzQ2MTFaFw0yNzA2MTEwNzUxMTFaMDMxMTAvBgNV
BAMTKDM0MTUxNTRDQUEzMDVFN0EwMzE3REU2QUZDOEQ4OUE3Q0VCRjM3RDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4M78UXryV2oYLi8LtsZ2TlSVt
4PkrQbEX05s+mT7mQxfu6r2RcCKfTKhNrLEU3/XfPRdm1JKvSZXiGZqj1dxPOqF6
F8wdg0EHafYCApa4dbTsgC/C/51OJYOqTabOEqPjpF3UYJ8lQ6q0UEpd+ynSVNTX
gVSPqVFhY7nuzamPY4KxL0tFxocEMbM+8u6qQktaz0/MebTIaLUi2VN2mOHR/QPd
kZPKN0mIPpRYPkFVV4ASpw2hsYpjo1bXRSfXINloD0bi5eBp+jhp48WFl5eSIyVJ
V351kqEp1+xfQJxT3QgpUIicsuyQf9WVb/c8Fxk2uU/2/5FhYdF3SLpxbzNPAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUNBUVTKowXnoDF95q/I2Jp86/N9EwHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAHyjE
AwQAHyjNMAwDBABV60kDBABV60oDBACwYIAwDAMEALnn4QMEArnn4AMEAcEguAME
AMFvTwMEANkS0DANBgkqhkiG9w0BAQsFAAOCAQEAQf5P5r7H4CcZuZp/0xoh8p+V
WjuYWh3CO7fyJaL3E+6JMEYD6SjcIxrfP5+2FHNQjjo0PINF2cw1hX7APnsTOXYi
yXmE4tnmO16567hMvHMNkueXln6qufA46ZoN1I5XoRTQHPY0RRenPAGS14r/VE3f
L9tAIZelRZaXYqvtLTzhJd6c505KszTSCzInsd3medc+f5pzrhhzFk6j/DYLtly6
mJl7wCS5ntlQwj0INy8mdkdToR3EH189T9wX+XPJRG2vfT4hcQntgY12vRROnKvK
hyqIqWzs4jndwU9VR1rSiAeKY0pmmiSDgf4aNUmGrKMYVcV5YBNo7jvXykDwqw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:43:57 2026 by rpki-client