This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa File: AS209737.roa (raw, json) Hash identifier: Wa32YWU6DlC/QFJO1P5P4PYMtLGr/bhfxuVB6WJpmv4= Subject key identifier: 19:C7:8E:2B:04:AA:0E:AB:ED:A0:CC:3A:8E:98:BF:60:EA:B1:C3:FE Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 7212832C6DAF5A17BA394A5869F872F4E00B7F8E Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa Signing time: Thu 18 Dec 2025 08:26:27 +0000 ROA not before: Thu 18 Dec 2025 08:21:27 +0000 ROA not after: Thu 17 Dec 2026 08:26:27 +0000 asID: 209737 IP address blocks: 5.133.101.0/24 maxlen: 24 31.40.197.0/24 maxlen: 24 31.40.205.0/24 maxlen: 24 85.235.74.0/24 maxlen: 24 141.98.48.0/24 maxlen: 24 141.98.49.0/24 maxlen: 24 141.98.51.0/24 maxlen: 24 176.96.128.0/24 maxlen: 24 193.111.76.0/24 maxlen: 24 193.111.79.0/24 maxlen: 24 217.18.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:12:83:2c:6d:af:5a:17:ba:39:4a:58:69:f8:72:f4:e0:0b:7f:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Dec 18 08:21:27 2025 GMT Not After : Dec 17 08:26:27 2026 GMT Subject: CN=19C78E2B04AA0EABEDA0CC3A8E98BF60EAB1C3FE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:d5:91:a6:29:d2:61:ab:9a:98:10:95:77:65: c4:e8:4a:f6:f1:d9:5b:0c:88:02:b7:90:72:5e:a9: b6:20:59:c2:8d:26:d0:1f:17:82:8f:2f:50:07:d3: 49:f0:bd:ce:80:cb:1e:63:8c:30:fa:1a:4d:1a:9b: 7f:59:ac:97:c3:6a:8d:8a:e8:e5:a1:e9:68:10:7b: 20:7d:98:31:60:fb:2b:7b:d3:e2:da:ef:1b:19:57: 33:b7:bb:fc:02:7d:3b:e9:0e:93:4e:93:1e:12:32: 14:4c:82:76:af:e6:43:d8:85:8c:47:4d:20:e6:15: 8c:19:fe:e5:c6:b8:42:a3:d8:ca:fc:47:9e:ca:f9: 41:dc:54:e4:97:e1:4a:4a:af:82:49:35:34:29:27: b1:40:c1:20:15:e2:6c:3b:80:8b:23:eb:31:95:34: f4:e3:92:e3:fe:67:b0:e3:49:95:81:13:75:fc:2a: 84:43:c3:4b:43:39:6f:d7:47:cb:63:1c:e9:e4:c3: 46:2e:1c:34:b7:7e:71:52:17:9f:ff:f4:6d:b7:5e: c5:a9:8b:0e:b1:8c:74:a7:28:4a:8b:d6:09:42:7e: 9b:2f:0d:06:16:c6:fe:ae:22:df:61:9c:c9:cd:27: 44:e6:87:54:3f:cf:45:4e:4c:ba:fc:2a:b2:e8:c5: 82:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:C7:8E:2B:04:AA:0E:AB:ED:A0:CC:3A:8E:98:BF:60:EA:B1:C3:FE X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.133.101.0/24 31.40.197.0/24 31.40.205.0/24 85.235.74.0/24 141.98.48.0/23 141.98.51.0/24 176.96.128.0/24 193.111.76.0/24 193.111.79.0/24 217.18.208.0/24 Signature Algorithm: sha256WithRSAEncryption 45:ac:e9:8f:a0:e4:ce:b5:25:36:b8:5d:fd:ad:ac:8a:29:07: ad:d0:6b:5c:37:49:62:aa:be:51:d5:5a:a3:11:b8:f8:e3:65: b8:13:7f:c1:6d:6c:8f:57:0c:d2:19:4c:70:e1:18:87:88:2a: 14:a0:c1:15:05:b8:54:ea:f0:ee:38:04:15:db:92:71:a1:9e: 3e:5a:4d:3a:5a:99:16:fe:52:82:87:43:3f:f9:e3:c2:4e:56: 67:c7:ad:6d:ab:1f:50:5b:47:f6:1a:49:60:b1:ec:c1:4a:cc: df:18:a8:bf:ab:f8:3e:20:95:14:c5:a6:22:cc:38:e8:b7:61: 2a:da:0e:99:83:39:7f:0f:ae:a2:93:65:4d:a3:69:79:20:d1: f9:a6:85:4c:ac:0b:3d:bf:d3:52:3f:07:72:14:18:fa:e1:fd: d4:1b:7d:04:a0:32:1c:e2:05:8a:77:51:fa:4b:f1:94:6a:37: c8:29:b0:cb:8a:19:30:fe:e0:1f:c0:f9:50:a6:f9:31:ff:9c: 43:0d:da:12:96:b4:d7:7d:85:50:cc:dd:9a:bf:ad:9a:a3:22: 18:71:d4:45:b0:d2:f3:19:65:94:0b:c0:1b:74:75:21:14:f5: d1:ac:97:e4:b1:40:40:41:d9:7b:e8:bb:c2:0f:5c:49:dd:29: 0a:db:74:65 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIUchKDLG2vWhe6OUpYafhy9OALf44wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNTEyMTgwODIxMjdaFw0yNjEyMTcwODI2MjdaMDMxMTAvBgNV BAMTKDE5Qzc4RTJCMDRBQTBFQUJFREEwQ0MzQThFOThCRjYwRUFCMUMzRkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx1ZGmKdJhq5qYEJV3ZcToSvbx 2VsMiAK3kHJeqbYgWcKNJtAfF4KPL1AH00nwvc6Ayx5jjDD6Gk0am39ZrJfDao2K 6OWh6WgQeyB9mDFg+yt70+La7xsZVzO3u/wCfTvpDpNOkx4SMhRMgnav5kPYhYxH TSDmFYwZ/uXGuEKj2Mr8R57K+UHcVOSX4UpKr4JJNTQpJ7FAwSAV4mw7gIsj6zGV NPTjkuP+Z7DjSZWBE3X8KoRDw0tDOW/XR8tjHOnkw0YuHDS3fnFSF5//9G23XsWp iw6xjHSnKEqL1glCfpsvDQYWxv6uIt9hnMnNJ0Tmh1Q/z0VOTLr8KrLoxYI5AgMB AAGjggJAMIICPDAdBgNVHQ4EFgQUGceOKwSqDqvtoMw6jpi/YOqxw/4wHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABYVl AwQAHyjFAwQAHyjNAwQAVetKAwQBjWIwAwQAjWIzAwQAsGCAAwQAwW9MAwQAwW9P AwQA2RLQMA0GCSqGSIb3DQEBCwUAA4IBAQBFrOmPoOTOtSU2uF39rayKKQet0Gtc N0liqr5R1VqjEbj442W4E3/BbWyPVwzSGUxw4RiHiCoUoMEVBbhU6vDuOAQV25Jx oZ4+Wk06WpkW/lKCh0M/+ePCTlZnx61tqx9QW0f2GklgsezBSszfGKi/q/g+IJUU xaYizDjot2Eq2g6Zgzl/D66ik2VNo2l5INH5poVMrAs9v9NSPwdyFBj64f3UG30E oDIc4gWKd1H6S/GUajfIKbDLihkw/uAfwPlQpvkx/5xDDdoSlrTXfYVQzN2av62a oyIYcdRFsNLzGWWUC8AbdHUhFPXRrJfksUBAQdl76LvCD1xJ3SkK23Rl -----END CERTIFICATE-----Generated at Sat Dec 20 08:06:07 2025 by rpki-client