Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: prnZ54BIJMwy9H4z58BFLP8mGm83wFJ7YF7NlwZ2zc0=
Subject key identifier: D3:55:25:49:15:6A:DE:8E:93:AE:6D:24:20:C7:35:DB:2D:2F:DB:7D
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1BDEFD383AA242CC9D63D7C51865BCEB9AA172FE
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
Signing time: Fri 01 Aug 2025 00:00:43 +0000
ROA not before: Thu 31 Jul 2025 23:55:43 +0000
ROA not after: Fri 31 Jul 2026 00:00:43 +0000
asID: 9009
IP address blocks: 96.62.251.0/24 maxlen: 24
96.62.254.0/24 maxlen: 24
136.143.248.0/24 maxlen: 24
136.143.249.0/24 maxlen: 24
143.14.241.0/24 maxlen: 24
143.14.244.0/24 maxlen: 24
143.14.246.0/24 maxlen: 24
145.223.41.0/24 maxlen: 24
145.223.47.0/24 maxlen: 24
147.79.28.0/24 maxlen: 24
148.135.212.0/22 maxlen: 24
148.135.220.0/22 maxlen: 24
148.135.228.0/22 maxlen: 24
148.135.236.0/22 maxlen: 24
148.135.244.0/22 maxlen: 24
150.241.238.0/24 maxlen: 24
150.241.239.0/24 maxlen: 24
158.140.199.0/24 maxlen: 24
158.140.200.0/24 maxlen: 24
158.140.202.0/24 maxlen: 24
158.140.203.0/24 maxlen: 24
162.141.12.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:de:fd:38:3a:a2:42:cc:9d:63:d7:c5:18:65:bc:eb:9a:a1:72:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 31 23:55:43 2025 GMT
Not After : Jul 31 00:00:43 2026 GMT
Subject: CN=D3552549156ADE8E93AE6D2420C735DB2D2FDB7D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:18:b9:a7:16:75:18:c3:c2:d4:f1:c0:cf:e8:
90:d8:e8:a3:30:46:7b:68:51:ed:0d:62:09:d5:f2:
b1:4a:8d:f7:a8:fb:c3:72:4e:da:76:a5:f7:bd:37:
e4:e6:5a:a7:6a:d1:19:94:7b:5c:05:78:35:8f:d1:
29:df:8b:68:b0:6d:b3:a4:d6:9c:eb:29:2e:78:7c:
a3:66:b3:5e:2b:a0:d3:90:b2:cd:1f:c7:2d:b0:cd:
4c:d5:b2:93:7b:8d:c3:a7:38:9e:00:73:d3:25:b0:
97:45:ed:3b:32:3e:f3:1f:b6:1a:5e:2b:13:7e:26:
17:53:dc:dd:86:71:de:ae:9d:8d:87:f1:3d:d7:e4:
ae:5b:72:3c:21:47:47:33:10:51:8f:a4:4c:d5:e4:
d0:4c:f0:27:21:81:8e:fd:b0:bd:ac:7f:0e:94:bd:
02:1f:3a:30:15:58:dd:69:5d:22:35:62:d1:a9:fb:
dd:d3:d8:91:f8:3f:72:24:1e:0c:9f:65:4c:96:2c:
6d:ba:c2:bc:9f:3d:f1:54:a9:9d:8a:ab:06:04:f2:
7d:85:0e:2a:37:3e:01:28:02:3e:f0:35:48:b1:34:
95:09:4f:54:4d:b2:d8:05:86:d5:b1:fe:32:9f:ca:
cd:23:c8:c5:ca:67:a6:32:3f:d5:d1:bc:ef:39:40:
f0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:55:25:49:15:6A:DE:8E:93:AE:6D:24:20:C7:35:DB:2D:2F:DB:7D
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.251.0/24
96.62.254.0/24
136.143.248.0/23
143.14.241.0/24
143.14.244.0/24
143.14.246.0/24
145.223.41.0/24
145.223.47.0/24
147.79.28.0/24
148.135.212.0/22
148.135.220.0/22
148.135.228.0/22
148.135.236.0/22
148.135.244.0/22
150.241.238.0/23
158.140.199.0-158.140.200.255
158.140.202.0/23
162.141.12.0/24
Signature Algorithm: sha256WithRSAEncryption
96:cf:43:b9:0b:39:a3:6f:3f:53:b7:bf:6e:09:ae:38:4c:09:
eb:38:13:90:29:23:5a:48:2c:be:33:9a:86:57:21:5c:7d:ab:
86:89:1c:f0:47:ed:1c:9a:8c:3f:53:4a:7b:d8:24:0f:06:fe:
72:ce:dd:bc:d2:c8:94:05:af:79:9f:88:74:25:fc:2a:b2:fa:
eb:16:6e:1a:8f:eb:34:7f:84:85:63:a4:2b:24:3d:f1:65:42:
6f:43:ab:b7:d0:ed:24:f0:c0:33:a4:3c:6b:d3:e9:a6:1c:d9:
69:19:ab:b2:37:6c:74:79:cc:74:d6:66:37:93:71:3b:f3:f0:
b9:06:1d:5b:d6:43:3e:bb:9c:23:3c:33:0f:2f:ab:a0:33:87:
9b:b3:a0:58:a9:0e:fe:10:40:09:49:91:9d:85:d3:24:cc:de:
91:41:72:9c:a1:2c:38:8c:e5:2a:fc:09:3e:10:66:06:f1:38:
1d:bb:0b:7e:b2:0d:3d:a9:6b:03:29:32:55:fd:e1:94:4e:55:
cc:7f:87:61:59:89:62:fd:b2:52:7b:bb:10:1a:17:8d:b7:f3:
01:06:53:ca:42:47:8e:bb:b9:1a:1b:78:1f:f2:aa:7c:9a:db:
89:13:f6:85:a6:ee:ed:f5:ff:1d:7d:fb:e2:ce:3d:3e:23:01:
ee:50:97:af
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgIUG979ODqiQsydY9fFGGW865qhcv4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MzEyMzU1NDNaFw0yNjA3MzEwMDAwNDNaMDMxMTAvBgNV
BAMTKEQzNTUyNTQ5MTU2QURFOEU5M0FFNkQyNDIwQzczNURCMkQyRkRCN0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxGLmnFnUYw8LU8cDP6JDY6KMw
RntoUe0NYgnV8rFKjfeo+8NyTtp2pfe9N+TmWqdq0RmUe1wFeDWP0Snfi2iwbbOk
1pzrKS54fKNms14roNOQss0fxy2wzUzVspN7jcOnOJ4Ac9MlsJdF7TsyPvMfthpe
KxN+JhdT3N2Gcd6unY2H8T3X5K5bcjwhR0czEFGPpEzV5NBM8CchgY79sL2sfw6U
vQIfOjAVWN1pXSI1YtGp+93T2JH4P3IkHgyfZUyWLG26wryfPfFUqZ2KqwYE8n2F
Dio3PgEoAj7wNUixNJUJT1RNstgFhtWx/jKfys0jyMXKZ6YyP9XRvO85QPBlAgMB
AAGjggJ3MIICczAdBgNVHQ4EFgQU01UlSRVq3o6Trm0kIMc12y0v230wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBjQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBABgPvsD
BABgPv4DBAGIj/gDBACPDvEDBACPDvQDBACPDvYDBACR3ykDBACR3y8DBACTTxwD
BAKUh9QDBAKUh9wDBAKUh+QDBAKUh+wDBAKUh/QDBAGW8e4wDAMEAJ6MxwMEAJ6M
yAMEAZ6MygMEAKKNDDANBgkqhkiG9w0BAQsFAAOCAQEAls9DuQs5o28/U7e/bgmu
OEwJ6zgTkCkjWkgsvjOahlchXH2rhokc8EftHJqMP1NKe9gkDwb+cs7dvNLIlAWv
eZ+IdCX8KrL66xZuGo/rNH+EhWOkKyQ98WVCb0Ort9DtJPDAM6Q8a9PpphzZaRmr
sjdsdHnMdNZmN5NxO/PwuQYdW9ZDPrucIzwzDy+roDOHm7OgWKkO/hBACUmRnYXT
JMzekUFynKEsOIzlKvwJPhBmBvE4HbsLfrINPalrAykyVf3hlE5VzH+HYVmJYv2y
Unu7EBoXjbfzAQZTykJHjru5Ght4H/KqfJrbiRP2habu7fX/HX374s49PiMB7lCX
rw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:59 2025 by rpki-client