Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: 5gu6Gm2M1+TGnUquWT+7DPj3tk+mdlTipzZRenZesFo=
Subject key identifier: 27:98:34:EC:7E:BC:FE:18:CD:C8:69:E9:0D:6F:5D:97:9F:5F:78:4F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 497AA8DF62102C3B35EC20545A681340EE843A8E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Wed 01 Apr 2026 00:26:19 +0000
ROA not before: Wed 01 Apr 2026 00:21:19 +0000
ROA not after: Wed 31 Mar 2027 00:26:19 +0000
asID: 9009
IP address blocks: 2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.41.205.0/24 maxlen: 24
181.41.216.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.65.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.115.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.150.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.135.156.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.35.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.159.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
194.110.242.0/24 maxlen: 24
213.109.168.0/24 maxlen: 24
2a00:d1a0::/48 maxlen: 48
2a00:d1a0:1::/48 maxlen: 48
2a00:d1a0:2::/48 maxlen: 48
2a00:d1a0:3::/48 maxlen: 48
2a00:d1a0:4::/48 maxlen: 48
2a00:d1a0:5::/48 maxlen: 48
2a00:d1a0:6::/48 maxlen: 48
2a00:d1a0:7::/48 maxlen: 48
2a00:d1a0:8::/48 maxlen: 48
2a00:d1a0:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 15:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:7a:a8:df:62:10:2c:3b:35:ec:20:54:5a:68:13:40:ee:84:3a:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Apr 1 00:21:19 2026 GMT
Not After : Mar 31 00:26:19 2027 GMT
Subject: CN=279834EC7EBCFE18CDC869E90D6F5D979F5F784F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:89:41:66:e5:4b:2f:e6:0a:85:e4:0b:7f:c2:
ba:dc:81:7f:6f:c1:30:c6:64:1a:b8:22:43:bc:aa:
f8:da:d4:7e:33:90:c5:19:ae:13:e6:f9:4c:3e:e3:
a6:89:79:aa:66:8e:e6:3e:ca:ec:96:f3:b2:db:44:
7b:21:14:d7:cb:30:ab:1a:ea:ba:54:a8:9c:98:0a:
f6:21:48:ff:6d:80:a2:a1:36:8d:0e:79:8a:de:53:
d7:1a:f9:21:2e:78:f0:c8:92:dd:dd:f1:52:15:7a:
eb:8b:33:29:c8:0c:08:3c:99:69:ad:fc:3e:02:6b:
d4:f1:25:e0:1c:e8:aa:85:f4:22:51:bb:3c:c0:40:
79:3f:f5:95:25:b8:6b:33:b8:0e:45:44:4f:a2:d5:
0b:08:db:53:71:6f:a3:06:be:94:b3:29:c2:97:e0:
b8:6b:56:d6:8e:14:91:30:c2:f1:a4:d3:8c:cb:6b:
56:e9:0e:8c:22:bd:8d:8e:98:ac:65:4f:12:b9:b6:
39:9b:b8:c8:d3:02:7f:98:79:c2:11:4f:86:f5:b6:
b6:a9:d4:dc:c3:0a:23:3f:06:28:77:76:dd:2e:da:
fe:4d:a2:46:56:dd:f2:aa:f5:04:85:9e:ae:8a:d9:
46:60:1c:cd:7a:98:f9:09:e3:78:14:c0:dc:00:df:
6b:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:98:34:EC:7E:BC:FE:18:CD:C8:69:E9:0D:6F:5D:97:9F:5F:78:4F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
5.45.38.0/24
5.181.127.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
179.61.131.0/24
179.61.133.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.41.205.0/24
181.41.216.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.65.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.115.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.150.0/23
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.135.156.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
191.96.23.0/24
191.96.35.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.159.0/24
191.101.226.0/24
193.58.107.0/24
194.110.15.0/24
194.110.242.0/24
213.109.168.0/24
IPv6:
2a00:d1a0::-2a00:d1a0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
58:ad:67:94:b4:87:e1:8c:f0:55:bc:a1:31:23:98:e8:23:f2:
c9:99:18:fb:d9:15:6e:b3:1c:12:ef:18:3b:5f:61:74:b9:3f:
9d:c0:99:51:99:93:73:b7:35:eb:fc:66:8a:78:db:56:25:a2:
4b:d4:45:ff:8b:33:ff:e5:2b:de:bc:3e:6c:4f:09:17:a4:cb:
26:30:e2:87:da:40:ff:58:f0:31:94:81:98:32:20:57:3d:14:
4c:0c:61:46:95:d0:6a:b6:59:6f:e7:5b:3e:91:76:81:b1:dd:
27:ee:f0:cd:4a:8d:76:ef:59:01:d0:5f:e0:ef:25:58:27:1d:
42:ff:f7:26:d1:32:15:c8:84:1d:d2:d9:fc:c0:37:36:00:e1:
d4:dc:d7:b5:c4:86:51:1d:23:f6:c1:d5:01:fd:c6:11:cb:6d:
d6:39:3b:d0:0c:74:13:99:28:61:5d:a6:e5:23:65:d6:7d:d0:
71:46:57:4a:3f:ba:7b:43:43:c1:43:45:86:b7:f6:f1:80:41:
ff:92:db:fe:bb:a6:8a:77:b8:0f:88:39:6e:4d:15:af:9f:a1:
e3:b6:8d:cb:84:88:18:be:a7:3a:9f:84:87:28:dd:b0:07:5a:
b2:3f:8c:30:53:d1:d2:29:c0:f0:2a:6c:88:30:e0:52:1b:d1:
6a:21:05:c5
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUSXqo32IQLDs17CBUWmgTQO6EOo4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA0MDEwMDIxMTlaFw0yNzAzMzEwMDI2MTlaMDMxMTAvBgNV
BAMTKDI3OTgzNEVDN0VCQ0ZFMThDREM4NjlFOTBENkY1RDk3OUY1Rjc4NEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRiUFm5Usv5gqF5At/wrrcgX9v
wTDGZBq4IkO8qvja1H4zkMUZrhPm+Uw+46aJeapmjuY+yuyW87LbRHshFNfLMKsa
6rpUqJyYCvYhSP9tgKKhNo0OeYreU9ca+SEuePDIkt3d8VIVeuuLMynIDAg8mWmt
/D4Ca9TxJeAc6KqF9CJRuzzAQHk/9ZUluGszuA5FRE+i1QsI21Nxb6MGvpSzKcKX
4LhrVtaOFJEwwvGk04zLa1bpDowivY2OmKxlTxK5tjmbuMjTAn+YecIRT4b1trap
1NzDCiM/Bih3dt0u2v5NokZW3fKq9QSFnq6K2UZgHM16mPkJ43gUwNwA32u3AgMB
AAGjggQWMIIEEjAdBgNVHQ4EFgQUJ5g07H68/hjNyGnpDW9dl59feE8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAisGCCsGAQUFBwEHAQH/BIICGjCCAhYwggH4BAIAATCC
AfADBAACOqwDBAAFLSYDBAAFtX8DBAAljzwDBAAtXw4DBAAtXyUDBAAtha8DBAIt
iYQDBABc8rkDBACzPYMDBACzPYUDBACzPaUDBACzPasDBACzPbcDBACzPboDBACz
PckDBAC1Kc0DBAC1KdgDBAC11gUDBAC11hsDBAC11i0DBAC11jcDBAC11kEwDAME
ALXWRwMEALXWSAMEALXWXAMEALXWcwMEALXWfwMEALXWqgMEALXWrwMEALXWzAME
ALXWzwMEALXW+wMEALXXawMEALXXdAMEALXXdwMEALXXfAMEALXXggMEALXXhAME
ALXXiQMEAbXXlgMEALXXnQMEALXXwAMEALXXxwMEALXX0QMEALXX5AMEALXX6wME
ALXX+wMEALmHnAMEALmP5wMEALmRJAMEALmRJwMEAbmXOAMEALmsQgMEAL9gFwME
AL9gIwMEAL9gkwMEAL9grAMEAL9gwwMEAL9g0gMEAL9g1QMEAL9g1wMEAL9g6AME
AL9lBgMEAL9lFwMEAL9lSAMEAb9lSgMEAL9lTQMEAL9lWgMEAL9lYgMEAL9laTAM
AwQAv2VrAwQAv2VsAwQAv2VzAwQAv2V1AwQAv2WcAwQAv2WfAwQAv2XiAwQAwTpr
AwQAwm4PAwQAwm7yAwQA1W2oMBgEAgACMBIwEAMFBSoA0aADBwEqANGgAAgwDQYJ
KoZIhvcNAQELBQADggEBAFitZ5S0h+GM8FW8oTEjmOgj8smZGPvZFW6zHBLvGDtf
YXS5P53AmVGZk3O3Nev8Zop421YlokvURf+LM//lK968PmxPCRekyyYw4ofaQP9Y
8DGUgZgyIFc9FEwMYUaV0Gq2WW/nWz6RdoGx3Sfu8M1KjXbvWQHQX+DvJVgnHUL/
9ybRMhXIhB3S2fzANzYA4dTc17XEhlEdI/bB1QH9xhHLbdY5O9AMdBOZKGFdpuUj
ZdZ90HFGV0o/untDQ8FDRYa39vGAQf+S2/67pop3uA+IOW5NFa+foeO2jcuEiBi+
pzqfhIco3bAHWrI/jDBT0dIpwPAqbIgw4FIb0WohBcU=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:58:45 2026 by rpki-client