
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
File: AS209735.roa (raw, json)
Hash identifier: 4c7bFt3n0UrQGqpyzSRU7SOlySjwZH8PdvgO7Y007HI=
Subject key identifier: A3:C6:FF:05:C5:6F:9C:E0:4B:DA:81:CA:E4:28:62:A8:6B:06:B1:BD
Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Certificate serial: 734AFCF434CE6B8E4DF47D6A7B1677717B5DE499
Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
Signing time: Fri 25 Jul 2025 08:07:37 +0000
ROA not before: Fri 25 Jul 2025 08:02:37 +0000
ROA not after: Fri 24 Jul 2026 08:07:37 +0000
asID: 209735
IP address blocks: 2a0f:85c1:80::/44 maxlen: 44
2a0f:85c1:80::/44 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft
rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:4a:fc:f4:34:ce:6b:8e:4d:f4:7d:6a:7b:16:77:71:7b:5d:e4:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c
Validity
Not Before: Jul 25 08:02:37 2025 GMT
Not After : Jul 24 08:07:37 2026 GMT
Subject: CN=A3C6FF05C56F9CE04BDA81CAE42862A86B06B1BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:2d:3d:b9:9f:37:f0:87:fd:b3:83:b7:05:
41:cf:10:42:a2:65:e9:26:e0:ec:ef:d2:a0:20:38:
9c:8d:88:18:1e:38:40:88:43:aa:c6:49:01:7f:cc:
0b:a6:c2:34:b7:07:f3:26:67:34:2f:87:f2:ce:72:
ec:c3:e8:e8:42:e6:47:91:bb:be:9c:78:05:87:c4:
ba:e3:a7:ea:d2:5c:24:ee:b5:07:d9:f5:1a:16:03:
c7:da:3b:9f:a7:36:0e:f1:77:ef:5d:00:b9:5f:2a:
06:d7:e1:46:35:92:db:a6:dc:9a:09:fc:17:a4:5f:
1a:cc:4e:df:b2:dc:7c:5c:f4:23:ac:b9:15:48:3a:
f2:6d:df:c4:01:9d:c8:25:42:fe:71:a4:8a:0d:43:
36:11:08:10:5f:8d:81:9c:ff:1e:18:8c:0b:90:ee:
49:4e:f8:cd:30:57:0a:69:c9:34:37:ba:d4:1f:b0:
b0:37:ee:10:07:04:2d:9b:88:a9:72:5b:0e:14:59:
d8:2b:7d:3f:1f:ec:9f:22:df:c6:e9:04:30:c5:c3:
71:0d:a3:96:b0:70:27:97:08:a4:71:16:75:b9:1a:
59:0a:67:e5:77:5e:61:e0:81:20:1d:4c:80:98:75:
02:02:4c:26:ce:72:c5:db:8f:40:da:66:dd:c1:71:
f0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C6:FF:05:C5:6F:9C:E0:4B:DA:81:CA:E4:28:62:A8:6B:06:B1:BD
X509v3 Authority Key Identifier:
keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS209735.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:85c1:80::/44
Signature Algorithm: sha256WithRSAEncryption
7e:08:48:26:17:09:0a:34:17:7f:47:0d:3f:ba:7c:97:a7:d5:
0c:6f:fe:cb:49:6b:12:f8:17:4f:40:e3:5e:f3:16:5b:47:c8:
77:cc:74:67:8c:bb:17:0a:6c:18:91:a8:29:2b:d7:81:56:a1:
aa:99:63:bf:e5:f8:de:fc:f9:d5:1f:88:04:d9:91:96:1b:13:
09:cf:b7:75:f9:bf:34:3d:99:5c:4e:9f:67:fd:fc:bf:11:91:
53:85:bd:b1:6c:7b:13:32:8f:eb:59:fc:7d:93:01:2a:6d:35:
15:11:3f:79:5d:20:9a:90:1f:7f:de:b3:3a:26:f5:4b:b9:fc:
bd:8e:57:5a:b3:1f:73:84:29:b6:87:b0:ab:69:a8:32:03:7f:
80:4f:c2:8e:88:31:14:a4:87:39:f6:6f:85:c9:df:7d:96:af:
74:a0:aa:02:55:81:14:90:f3:fc:26:78:88:d3:2e:6b:6e:df:
9e:41:75:dd:b9:ef:8d:2b:32:42:92:1d:01:b0:c6:8a:d1:2d:
69:c2:ab:73:29:65:9d:22:c7:47:20:6e:12:78:08:70:e7:82:
8c:ac:a4:6a:23:63:b8:a9:de:cf:f1:f4:a5:4a:d1:35:8b:f6:
cb:7d:a1:29:7f:14:1f:91:a7:aa:be:4c:25:dd:92:e0:d0:8b:
0f:8d:70:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIUc0r89DTOa45N9H1qexZ3cXtd5JkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy
MjgzNGIxYzAeFw0yNTA3MjUwODAyMzdaFw0yNjA3MjQwODA3MzdaMDMxMTAvBgNV
BAMTKEEzQzZGRjA1QzU2RjlDRTA0QkRBODFDQUU0Mjg2MkE4NkIwNkIxQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgZC09uZ838If9s4O3BUHPEEKi
Zekm4Ozv0qAgOJyNiBgeOECIQ6rGSQF/zAumwjS3B/MmZzQvh/LOcuzD6OhC5keR
u76ceAWHxLrjp+rSXCTutQfZ9RoWA8faO5+nNg7xd+9dALlfKgbX4UY1ktum3JoJ
/BekXxrMTt+y3Hxc9COsuRVIOvJt38QBncglQv5xpIoNQzYRCBBfjYGc/x4YjAuQ
7klO+M0wVwppyTQ3utQfsLA37hAHBC2biKlyWw4UWdgrfT8f7J8i38bpBDDFw3EN
o5awcCeXCKRxFnW5GlkKZ+V3XmHggSAdTICYdQICTCbOcsXbj0DaZt3BcfD/AgMB
AAGjggINMIICCTAdBgNVHQ4EFgQUo8b/BcVvnOBL2oHK5ChiqGsGsb0wHwYDVR0j
BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2
NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL
RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct
NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA5NzM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F
wQCAMA0GCSqGSIb3DQEBCwUAA4IBAQB+CEgmFwkKNBd/Rw0/unyXp9UMb/7LSWsS
+BdPQONe8xZbR8h3zHRnjLsXCmwYkagpK9eBVqGqmWO/5fje/PnVH4gE2ZGWGxMJ
z7d1+b80PZlcTp9n/fy/EZFThb2xbHsTMo/rWfx9kwEqbTUVET95XSCakB9/3rM6
JvVLufy9jldasx9zhCm2h7CraagyA3+AT8KOiDEUpIc59m+Fyd99lq90oKoCVYEU
kPP8JniI0y5rbt+eQXXdue+NKzJCkh0BsMaK0S1pwqtzKWWdIsdHIG4SeAhw54KM
rKRqI2O4qd7P8fSlStE1i/bLfaEpfxQfkaeqvkwl3ZLg0IsPjXBI
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:16:09 2025 by rpki-client