Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: 4Tfd7sz7xsz+v/Wg919UWOYZzROp3mtCtFwGDN/WvEU=
Subject key identifier: 48:F8:CB:A1:F4:12:5A:1B:52:8C:53:59:3E:DF:F1:84:11:59:49:F9
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 30A3A33680BA92BDA47BC6BD36DB30F9190E446B
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Wed 11 Jun 2025 07:48:30 +0000
ROA not before: Wed 11 Jun 2025 07:43:30 +0000
ROA not after: Wed 10 Jun 2026 07:48:30 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.196.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.204.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
37.221.77.0/24 maxlen: 24
85.235.72.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
92.249.62.0/24 maxlen: 24
92.249.63.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
176.96.129.0/24 maxlen: 24
176.96.130.0/24 maxlen: 24
185.231.225.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
212.87.197.0/24 maxlen: 24
212.87.198.0/24 maxlen: 24
212.87.199.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
217.18.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:a3:a3:36:80:ba:92:bd:a4:7b:c6:bd:36:db:30:f9:19:0e:44:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Jun 11 07:43:30 2025 GMT
Not After : Jun 10 07:48:30 2026 GMT
Subject: CN=48F8CBA1F4125A1B528C53593EDFF184115949F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:45:eb:ff:64:45:16:c7:dd:92:09:42:83:
4e:39:4a:78:55:6a:98:37:30:d0:ac:b0:36:68:c9:
c8:20:41:08:49:3f:20:87:05:c4:89:f7:25:9f:0d:
c2:9b:c0:c0:5d:ce:c0:ff:59:f2:2e:cc:b4:94:ad:
52:b1:43:0a:56:a8:e3:76:3d:81:09:d3:0e:cd:8d:
53:05:69:86:87:3c:3a:76:76:01:d5:73:e5:81:f8:
bd:b0:8d:2f:1e:52:fb:3d:53:85:b3:1b:9c:d5:f9:
7d:62:5a:a0:3b:98:6d:16:46:0e:34:e0:d6:1b:27:
29:2e:ba:8e:ba:b5:40:7a:d5:f9:ce:05:2c:b8:ef:
65:a4:7f:1d:76:d9:44:b2:85:e0:dd:b0:7f:1b:02:
87:6b:94:b6:8c:fc:49:89:7d:6c:00:4e:f7:02:0a:
6c:79:5b:01:9c:8c:16:0b:93:6a:c1:46:57:9e:64:
7c:0f:fd:1f:d2:c7:ec:a1:55:a3:f5:86:57:30:40:
8e:72:d5:2a:e8:a6:91:d5:78:44:f1:60:fa:67:83:
d9:35:82:de:38:e3:57:b9:19:9f:b8:39:97:47:34:
55:24:dd:7b:df:7e:74:90:5d:1a:da:fc:96:2b:68:
d0:02:6c:96:8a:5f:ae:2e:b2:a8:6c:b7:a1:b3:66:
e4:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F8:CB:A1:F4:12:5A:1B:52:8C:53:59:3E:DF:F1:84:11:59:49:F9
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.196.0/23
31.40.204.0/23
37.221.77.0/24
85.235.72.0-85.235.74.255
92.249.62.0/23
176.96.128.0-176.96.130.255
185.231.225.0/24
193.111.76.0/24
193.111.79.0/24
212.87.197.0-212.87.199.255
217.18.208.0/24
217.18.211.0/24
Signature Algorithm: sha256WithRSAEncryption
96:59:9d:94:2b:ec:72:7c:82:62:a5:7f:aa:a3:e1:b9:7d:a2:
36:e2:83:6c:9c:a5:ce:f3:fe:98:d0:20:14:c1:e8:5e:83:d7:
7e:cb:f0:66:21:06:49:b9:12:ab:cd:aa:16:27:02:f8:7e:5e:
dd:18:ef:d5:b3:59:3f:53:57:13:3d:f7:90:d4:50:f8:0d:02:
ec:ea:b8:44:d6:78:e3:7c:65:f9:7b:0c:f6:cb:da:ba:ba:e9:
9e:2b:1d:84:25:d3:1f:fa:0a:26:dd:d5:61:6b:c3:9c:1a:ed:
37:04:3b:de:72:80:6f:aa:50:d5:0f:e6:2f:e2:03:f8:ed:e7:
a8:da:3c:38:31:33:95:3e:f3:c5:49:a3:8b:05:a7:0d:51:47:
d6:84:d1:dc:58:4c:70:95:18:02:a9:c0:4d:3f:25:af:d0:23:
2d:68:9c:be:eb:82:40:11:2f:1c:a8:eb:ce:35:db:54:d6:c8:
fc:2b:d5:fa:ec:e0:7a:36:23:ea:ee:70:44:78:c1:9d:a1:4d:
42:fd:25:3c:2d:4b:dc:5f:9d:a1:73:7a:2e:98:30:71:a0:ce:
6b:d0:6b:0a:6e:ba:8e:fd:3a:00:f8:35:c7:57:78:88:39:ce:
a6:c6:f2:ab:c4:92:59:33:37:44:50:d1:af:d1:09:89:4b:f2:
75:e5:67:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMKOjNoC6kr2ke8a9Ntsw+RkORGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA2MTEwNzQzMzBaFw0yNjA2MTAwNzQ4MzBaMDMxMTAvBgNV
BAMTKDQ4RjhDQkExRjQxMjVBMUI1MjhDNTM1OTNFREZGMTg0MTE1OTQ5RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwhUXr/2RFFsfdkglCg045SnhV
apg3MNCssDZoycggQQhJPyCHBcSJ9yWfDcKbwMBdzsD/WfIuzLSUrVKxQwpWqON2
PYEJ0w7NjVMFaYaHPDp2dgHVc+WB+L2wjS8eUvs9U4WzG5zV+X1iWqA7mG0WRg40
4NYbJykuuo66tUB61fnOBSy472Wkfx122USyheDdsH8bAodrlLaM/EmJfWwATvcC
Cmx5WwGcjBYLk2rBRleeZHwP/R/Sx+yhVaP1hlcwQI5y1SroppHVeETxYPpng9k1
gt4441e5GZ+4OZdHNFUk3XvffnSQXRra/JYraNACbJaKX64usqhst6GzZuRrAgMB
AAGjggJqMIICZjAdBgNVHQ4EFgQUSPjLofQSWhtSjFNZPt/xhBFZSfkwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQABYVl
AwQBHyjEAwQBHyjMAwQAJd1NMAwDBANV60gDBABV60oDBAFc+T4wDAMEB7BggAME
ALBgggMEALnn4QMEAMFvTAMEAMFvTzAMAwQA1FfFAwQD1FfAAwQA2RLQAwQA2RLT
MA0GCSqGSIb3DQEBCwUAA4IBAQCWWZ2UK+xyfIJipX+qo+G5faI24oNsnKXO8/6Y
0CAUweheg9d+y/BmIQZJuRKrzaoWJwL4fl7dGO/Vs1k/U1cTPfeQ1FD4DQLs6rhE
1njjfGX5ewz2y9q6uumeKx2EJdMf+gom3dVha8OcGu03BDvecoBvqlDVD+Yv4gP4
7eeo2jw4MTOVPvPFSaOLBacNUUfWhNHcWExwlRgCqcBNPyWv0CMtaJy+64JAES8c
qOvONdtU1sj8K9X67OB6NiPq7nBEeMGdoU1C/SU8LUvcX52hc3oumDBxoM5r0GsK
brqO/ToA+DXHV3iIOc6mxvKrxJJZMzdEUNGv0QmJS/J15WeW
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:36:04 2025 by rpki-client