Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: jE9lfuH3sef9zlP8GTqDDxxpaVPBsHV67/Ra0dLuQsc=
Subject key identifier: 51:4C:CD:FE:04:89:C9:3B:AA:86:33:C2:B8:28:EC:9A:8D:60:69:B1
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 1A87B876DBA8B2A435107371F659A41168C2D7BE
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Tue 22 Apr 2025 08:00:06 +0000
ROA not before: Tue 22 Apr 2025 07:55:06 +0000
ROA not after: Tue 21 Apr 2026 08:00:06 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
31.40.207.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 16:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:87:b8:76:db:a8:b2:a4:35:10:73:71:f6:59:a4:11:68:c2:d7:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Apr 22 07:55:06 2025 GMT
Not After : Apr 21 08:00:06 2026 GMT
Subject: CN=514CCDFE0489C93BAA8633C2B828EC9A8D6069B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:db:74:4b:49:09:a2:a7:b0:a6:fc:02:6c:47:
86:eb:45:86:30:a4:90:69:e2:f5:fa:4e:0f:0a:44:
a3:2b:08:74:ee:b2:8c:be:bd:ac:4b:0c:07:da:fe:
48:fc:13:f9:db:54:7b:43:12:98:13:48:bf:b8:a0:
c1:43:98:69:53:25:29:da:b9:81:ee:19:64:b4:ad:
02:d8:83:65:03:dc:4b:f0:52:0b:22:da:f7:8b:ad:
73:f0:4e:8f:4e:40:9d:1a:17:d4:2f:c7:27:e1:3f:
af:22:d4:72:b6:b1:e3:db:6d:7e:49:71:51:a3:f9:
5d:00:d0:40:cf:ed:58:cd:2c:be:75:49:83:21:b7:
70:a2:91:bc:31:28:9c:e2:e4:fb:5a:c1:fd:b1:91:
aa:fa:ed:93:07:e4:98:8c:bc:29:c0:bc:ee:01:2d:
bb:15:7c:27:ef:34:4b:65:a4:1a:b8:b6:aa:6f:5b:
ad:38:20:e1:e1:de:b8:17:29:b3:1b:8e:f0:57:dd:
7a:00:0d:e3:06:84:df:bc:bf:89:db:4f:0b:61:0e:
3f:82:2d:7a:65:db:51:87:9f:bd:f6:39:6a:b5:13:
bb:fa:dc:8b:69:9c:19:9e:93:1d:14:c9:5f:99:86:
2d:76:4e:d3:1a:54:dc:1b:fa:b0:67:b6:19:8f:10:
d0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:4C:CD:FE:04:89:C9:3B:AA:86:33:C2:B8:28:EC:9A:8D:60:69:B1
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.204.0/23
31.40.207.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0/24
176.96.130.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:bf:97:22:90:6c:f5:49:69:73:ad:7e:6c:e3:0e:43:eb:45:
52:70:72:69:09:35:16:ae:2d:20:09:5e:c6:a9:f6:28:3a:d5:
d4:2a:df:2f:37:88:5b:6e:80:f2:3c:fa:26:2c:12:71:d8:2a:
f0:f8:58:7f:c6:83:9b:73:b9:dc:f9:6c:eb:d5:a3:b3:d0:f0:
94:bb:6d:ac:df:76:5f:e3:9a:13:81:44:42:1c:2e:53:f0:c6:
69:a4:61:f4:aa:c1:91:ce:91:be:c1:b3:c1:48:72:d1:82:47:
5b:db:1e:10:f2:3b:e6:bf:02:51:c6:ed:9c:3f:ee:cf:8d:a5:
a3:98:0c:5a:cd:b0:58:1d:0f:3e:ac:cb:a9:48:db:2c:2e:f2:
f5:3e:7c:fb:6e:c1:48:75:ce:f0:2d:82:58:9e:41:86:5f:33:
d0:94:b2:a1:1e:e9:8a:f4:f1:20:43:a4:30:7f:c7:c3:8c:52:
d3:f2:5f:73:58:84:2d:10:c6:d2:e8:03:c5:3a:ae:d7:92:c8:
6f:2c:c6:51:fd:87:91:de:15:99:1c:2f:85:d7:6b:ef:45:21:
a3:6e:b9:ec:1f:9d:2e:f0:6d:89:86:cc:9b:d3:80:a2:28:a0:
83:27:cb:9d:3d:55:2f:c9:d0:ee:c9:33:02:41:a1:28:bf:19:
4c:75:1f:50
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUGoe4dtuosqQ1EHNx9lmkEWjC174wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA0MjIwNzU1MDZaFw0yNjA0MjEwODAwMDZaMDMxMTAvBgNV
BAMTKDUxNENDREZFMDQ4OUM5M0JBQTg2MzNDMkI4MjhFQzlBOEQ2MDY5QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD23RLSQmip7Cm/AJsR4brRYYw
pJBp4vX6Tg8KRKMrCHTusoy+vaxLDAfa/kj8E/nbVHtDEpgTSL+4oMFDmGlTJSna
uYHuGWS0rQLYg2UD3EvwUgsi2veLrXPwTo9OQJ0aF9QvxyfhP68i1HK2sePbbX5J
cVGj+V0A0EDP7VjNLL51SYMht3CikbwxKJzi5Ptawf2xkar67ZMH5JiMvCnAvO4B
LbsVfCfvNEtlpBq4tqpvW604IOHh3rgXKbMbjvBX3XoADeMGhN+8v4nbTwthDj+C
LXpl21GHn732OWq1E7v63ItpnBmekx0UyV+Zhi12TtMaVNwb+rBnthmPENA7AgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQUUUzN/gSJyTuqhjPCuCjsmo1gabEwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABYVl
AwQBHyjEAwQBHyjMAwQAHyjPMAwDBANV60gDBABV60oDBAFc+T4DBACwYIADBACw
YIIDBADBb0wDBADBb08DBADZEtADBADZEtMwDQYJKoZIhvcNAQELBQADggEBAC2/
lyKQbPVJaXOtfmzjDkPrRVJwcmkJNRauLSAJXsap9ig61dQq3y83iFtugPI8+iYs
EnHYKvD4WH/Gg5tzudz5bOvVo7PQ8JS7bazfdl/jmhOBREIcLlPwxmmkYfSqwZHO
kb7Bs8FIctGCR1vbHhDyO+a/AlHG7Zw/7s+NpaOYDFrNsFgdDz6sy6lI2ywu8vU+
fPtuwUh1zvAtglieQYZfM9CUsqEe6Yr08SBDpDB/x8OMUtPyX3NYhC0QxtLoA8U6
rteSyG8sxlH9h5HeFZkcL4XXa+9FIaNuuewfnS7wbYmGzJvTgKIooIMny509VS/J
0O7JMwJBoSi/GUx1H1A=
-----END CERTIFICATE-----
Generated at Sun Apr 27 08:43:37 2025 by rpki-client