Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
File: AS209737.roa (raw, json)
Hash identifier: XehzxYKPMsWqX+djyVMDPihdbBJD6OJwgpiGjt7aalE=
Subject key identifier: CF:08:5A:D7:F3:F4:01:CE:CA:17:52:B2:C1:E3:06:51:EE:65:0B:3C
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 09575CC29037321668F8F5416D6C254253662BF3
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
Signing time: Tue 03 Feb 2026 08:04:21 +0000
ROA not before: Tue 03 Feb 2026 07:59:21 +0000
ROA not after: Tue 02 Feb 2027 08:04:21 +0000
asID: 209737
IP address blocks: 5.133.101.0/24 maxlen: 24
31.40.197.0/24 maxlen: 24
31.40.205.0/24 maxlen: 24
85.235.73.0/24 maxlen: 24
85.235.74.0/24 maxlen: 24
176.96.128.0/24 maxlen: 24
193.111.76.0/24 maxlen: 24
193.111.79.0/24 maxlen: 24
217.18.208.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:57:5c:c2:90:37:32:16:68:f8:f5:41:6d:6c:25:42:53:66:2b:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Feb 3 07:59:21 2026 GMT
Not After : Feb 2 08:04:21 2027 GMT
Subject: CN=CF085AD7F3F401CECA1752B2C1E30651EE650B3C
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:95:1d:91:f9:39:87:0f:dd:aa:fc:d8:0d:14:
e8:95:e3:18:c4:e3:08:ea:9b:74:8e:de:8e:b0:62:
12:f7:42:aa:24:2b:3f:ed:e3:58:af:b2:c9:34:8a:
4f:41:eb:a6:ef:53:8d:6e:ae:6e:bd:c2:42:e1:f9:
6b:ad:8c:51:b2:65:68:8d:5b:58:61:4c:10:90:c6:
45:51:e2:a3:16:a1:8d:4a:f8:4c:af:70:06:98:37:
c6:cd:19:3e:68:47:6b:9d:d8:60:37:e8:23:98:38:
04:15:68:54:93:b2:66:9d:ce:b0:c1:11:70:be:19:
d7:7a:68:62:c6:7b:0b:aa:3a:ae:82:2e:ca:d6:2c:
5e:39:a3:a2:74:3d:31:8f:e6:1e:7e:03:49:fc:6a:
06:98:64:bb:76:70:27:ab:86:9b:67:47:9f:b8:37:
77:dd:35:d5:ed:ed:22:8f:e8:98:6e:b6:da:2f:e8:
ef:cd:fd:80:14:d1:33:77:02:e8:f7:ab:e9:e8:f2:
84:ce:2f:8d:2e:80:bd:93:ea:94:9d:d5:00:c1:f7:
8d:6d:9f:6e:8b:3a:d0:0f:f9:ff:75:19:17:09:a5:
37:67:f6:e2:56:c2:d2:eb:9b:3a:7c:00:39:1b:af:
37:84:12:01:87:f5:b5:ca:5e:be:9e:dd:63:d4:b4:
85:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:08:5A:D7:F3:F4:01:CE:CA:17:52:B2:C1:E3:06:51:EE:65:0B:3C
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS209737.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.101.0/24
31.40.197.0/24
31.40.205.0/24
85.235.73.0-85.235.74.255
176.96.128.0/24
193.111.76.0/24
193.111.79.0/24
217.18.208.0/24
Signature Algorithm: sha256WithRSAEncryption
84:83:d7:9d:66:87:47:1a:b9:76:96:1e:e1:14:f8:2f:df:8d:
a5:67:a1:77:f1:c4:02:5a:4f:fc:1c:d8:9f:4a:cb:1f:f8:7d:
e9:c9:19:a0:ef:51:38:2f:d7:be:44:36:96:25:2a:cb:ef:11:
bb:a0:99:d9:2c:02:a8:9d:5b:4e:98:6b:bd:f9:f5:30:13:3c:
02:12:00:52:db:d7:82:87:4a:31:a7:58:95:70:e1:a6:04:1b:
dc:38:d9:40:b5:ca:6d:5f:1e:49:53:f0:01:e7:9e:f0:95:53:
5a:a3:fc:ba:12:81:f9:7f:d4:9b:6d:06:23:d0:9e:c9:f3:f7:
56:b3:4d:8e:0e:66:e0:a1:4e:d5:b4:09:30:9c:45:fe:d3:88:
8d:02:bc:60:aa:7e:0a:8b:90:88:b6:b1:a1:f5:70:f3:de:b0:
37:7a:03:54:87:53:52:6f:b4:34:f9:7a:08:3e:cd:7f:a6:24:
f1:33:ad:95:f0:04:65:06:d0:20:48:16:16:de:9d:85:a0:d1:
4c:f3:65:8e:71:34:0e:fa:c6:de:19:16:ca:71:68:51:2c:ca:
80:5a:6d:ec:09:5f:43:2b:9f:38:c6:f8:cb:c9:ac:26:2d:f4:
3f:9a:26:70:0a:55:75:b3:94:78:fc:44:62:7a:56:34:a9:65:
74:e3:77:a7
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgIUCVdcwpA3MhZo+PVBbWwlQlNmK/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNjAyMDMwNzU5MjFaFw0yNzAyMDIwODA0MjFaMDMxMTAvBgNV
BAMTKENGMDg1QUQ3RjNGNDAxQ0VDQTE3NTJCMkMxRTMwNjUxRUU2NTBCM0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAlR2R+TmHD92q/NgNFOiV4xjE
4wjqm3SO3o6wYhL3QqokKz/t41ivssk0ik9B66bvU41urm69wkLh+WutjFGyZWiN
W1hhTBCQxkVR4qMWoY1K+EyvcAaYN8bNGT5oR2ud2GA36COYOAQVaFSTsmadzrDB
EXC+Gdd6aGLGewuqOq6CLsrWLF45o6J0PTGP5h5+A0n8agaYZLt2cCerhptnR5+4
N3fdNdXt7SKP6Jhuttov6O/N/YAU0TN3Auj3q+no8oTOL40ugL2T6pSd1QDB941t
n26LOtAP+f91GRcJpTdn9uJWwtLrmzp8ADkbrzeEEgGH9bXKXr6e3WPUtIVVAgMB
AAGjggI8MIICODAdBgNVHQ4EFgQUzwha1/P0Ac7KF1KyweMGUe5lCzwwHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjA5NzM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABYVl
AwQAHyjFAwQAHyjNMAwDBABV60kDBABV60oDBACwYIADBADBb0wDBADBb08DBADZ
EtAwDQYJKoZIhvcNAQELBQADggEBAISD151mh0cauXaWHuEU+C/fjaVnoXfxxAJa
T/wc2J9Kyx/4fenJGaDvUTgv175ENpYlKsvvEbugmdksAqidW06Ya7359TATPAIS
AFLb14KHSjGnWJVw4aYEG9w42UC1ym1fHklT8AHnnvCVU1qj/LoSgfl/1JttBiPQ
nsnz91azTY4OZuChTtW0CTCcRf7TiI0CvGCqfgqLkIi2saH1cPPesDd6A1SHU1Jv
tDT5egg+zX+mJPEzrZXwBGUG0CBIFhbenYWg0UzzZY5xNA76xt4ZFspxaFEsyoBa
bewJX0MrnzjG+MvJrCYt9D+aJnAKVXWzlHj8RGJ6VjSpZXTjd6c=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:00:37 2026 by rpki-client