Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: 4ez0bJhk5Bbg6h2Kpxj/OD6bFx21XjdcJBhtyVs2iHE=
Subject key identifier: D7:87:BA:37:B5:16:E9:F5:48:E5:3E:28:AF:39:ED:B3:98:EF:0D:0B
Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Certificate serial: 1943DB0E6A968EC5252F150D9ABD2EE669EC7810
Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
Signing time: Sat 18 Apr 2026 11:54:10 +0000
ROA not before: Sat 18 Apr 2026 11:49:10 +0000
ROA not after: Sat 17 Apr 2027 11:54:10 +0000
asID: 209737
IP address blocks: 31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:43:db:0e:6a:96:8e:c5:25:2f:15:0d:9a:bd:2e:e6:69:ec:78:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c
Validity
Not Before: Apr 18 11:49:10 2026 GMT
Not After : Apr 17 11:54:10 2027 GMT
Subject: CN=D787BA37B516E9F548E53E28AF39EDB398EF0D0B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8a:16:8e:69:7c:ab:c1:19:60:0e:b8:98:6d:
1d:bc:72:f0:b2:4e:30:8e:c2:c9:2f:e3:9e:28:ae:
99:0a:fb:ae:d6:77:7a:66:e2:ff:9e:76:bc:59:0c:
8e:e9:ef:3c:82:da:d3:cb:76:1b:b6:53:44:d6:99:
3c:ef:4b:d9:28:f6:18:1e:8b:da:45:09:2b:ce:02:
bf:16:9a:c5:10:89:69:d7:ec:09:41:d3:d9:59:a1:
f4:62:92:3e:95:34:b6:81:e9:01:60:5a:70:27:2d:
dd:af:95:6a:05:f4:9e:8f:29:1c:a9:c3:99:4d:06:
2f:18:d4:a9:f7:a0:7b:d6:38:d6:89:aa:fa:95:72:
96:fe:ba:00:e3:ea:2a:99:61:d8:60:5c:03:85:6a:
67:f9:f0:8b:19:4d:82:12:67:4b:ba:58:32:f2:11:
5e:29:99:e1:49:50:28:bb:c3:13:7c:38:a4:51:d9:
bf:6a:e4:b3:cb:3a:06:93:24:f1:b4:9c:d1:86:5c:
45:5f:b1:04:c0:64:9d:82:cf:19:a6:b6:04:f2:00:
dd:78:cf:69:25:3b:d3:8d:4c:06:b2:08:78:f1:29:
31:32:c0:57:19:e8:f2:e2:03:8f:b7:87:30:fc:5f:
f3:e8:38:3c:ff:8f:38:d4:48:92:8c:01:20:82:ce:
66:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:87:BA:37:B5:16:E9:F5:48:E5:3E:28:AF:39:ED:B3:98:EF:0D:0B
X509v3 Authority Key Identifier:
keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.205.0/24
85.235.73.0-85.235.74.255
176.96.128.0/24
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
79:28:12:1a:ef:22:78:6d:cc:ee:2b:3e:8b:58:b9:fc:39:e6:
6f:96:16:3f:72:83:f0:df:5f:d1:cf:2e:ff:b8:4c:53:af:0a:
5a:d1:0f:ea:f9:98:47:90:4b:8c:96:7b:dd:ac:5d:cf:00:23:
d1:51:5a:cd:50:b0:6b:c2:1e:62:be:ff:3a:17:b8:b9:a4:75:
23:1a:72:7a:30:d1:3b:b6:e1:59:97:0b:78:ab:9c:49:10:f3:
6e:ec:6b:4c:12:66:e1:2d:bb:57:b6:c1:95:62:49:6a:bf:61:
c4:ba:b1:fb:8a:c6:01:c9:b1:41:4a:aa:9c:63:15:04:47:d1:
d5:7c:4d:e3:47:c8:7c:fd:c0:8c:67:92:4a:d8:85:96:d4:a5:
b2:29:25:48:1e:12:03:d0:e9:7c:ff:52:d4:da:5b:07:65:00:
76:8c:8f:bc:d2:f6:eb:59:6c:f3:86:d6:4d:26:bb:08:f7:aa:
a0:94:02:7b:de:8e:06:2e:e6:ef:90:69:24:7a:91:a2:61:53:
ed:a7:27:a5:c9:f6:e3:79:92:53:15:68:3d:a6:46:8b:53:44:
da:9b:87:56:a2:e4:b6:a9:99:81:a4:60:93:7a:39:8d:dd:3d:
6a:31:5e:82:04:8d:cf:3f:e3:5f:96:ae:3b:6b:f9:3c:94:32:
93:9f:7e:e4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIUGUPbDmqWjsUlLxUNmr0u5mnseBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0
MDg0ZDIwYzAeFw0yNjA0MTgxMTQ5MTBaFw0yNzA0MTcxMTU0MTBaMDMxMTAvBgNV
BAMTKEQ3ODdCQTM3QjUxNkU5RjU0OEU1M0UyOEFGMzlFREIzOThFRjBEMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqihaOaXyrwRlgDriYbR28cvCy
TjCOwskv454orpkK+67Wd3pm4v+edrxZDI7p7zyC2tPLdhu2U0TWmTzvS9ko9hge
i9pFCSvOAr8WmsUQiWnX7AlB09lZofRikj6VNLaB6QFgWnAnLd2vlWoF9J6PKRyp
w5lNBi8Y1Kn3oHvWONaJqvqVcpb+ugDj6iqZYdhgXAOFamf58IsZTYISZ0u6WDLy
EV4pmeFJUCi7wxN8OKRR2b9q5LPLOgaTJPG0nNGGXEVfsQTAZJ2CzxmmtgTyAN14
z2klO9ONTAayCHjxKTEywFcZ6PLiA4+3hzD8X/PoODz/jzjUSJKMASCCzmaFAgMB
AAGjggIqMIICJjAdBgNVHQ4EFgQU14e6N7UW6fVI5T4orznts5jvDQswHwYDVR0j
BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm
YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD
RTBndy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt
NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAHyjN
MAwDBABV60kDBABV60oDBACwYIADBADBb08DBADZEtAwDQYJKoZIhvcNAQELBQAD
ggEBAHkoEhrvInhtzO4rPotYufw55m+WFj9yg/DfX9HPLv+4TFOvClrRD+r5mEeQ
S4yWe92sXc8AI9FRWs1QsGvCHmK+/zoXuLmkdSMacnow0Tu24VmXC3irnEkQ827s
a0wSZuEtu1e2wZViSWq/YcS6sfuKxgHJsUFKqpxjFQRH0dV8TeNHyHz9wIxnkkrY
hZbUpbIpJUgeEgPQ6Xz/UtTaWwdlAHaMj7zS9utZbPOG1k0muwj3qqCUAnvejgYu
5u+QaSR6kaJhU+2nJ6XJ9uN5klMVaD2mRotTRNqbh1ai5LapmYGkYJN6OY3dPWox
XoIEjc8/41+Wrjtr+TyUMpOffuQ=
-----END CERTIFICATE-----
Generated at Sun Apr 19 09:22:42 2026 by rpki-client