Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: B2wCatMVpYpIYlYsVo6VL7SW4WGOhheZcbtimi2IUIQ=
Subject key identifier: 08:15:AB:8F:69:65:ED:97:5B:40:07:DB:8E:6F:25:BC:31:46:6D:5B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 402411BA10D4777910BCEF81F44C2A35BB953B0D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time: Thu 31 Jul 2025 11:04:17 +0000
ROA not before: Thu 31 Jul 2025 10:59:17 +0000
ROA not after: Thu 30 Jul 2026 11:04:17 +0000
asID: 9009
IP address blocks: 82.21.146.0/24 maxlen: 24
82.21.147.0/24 maxlen: 24
82.21.196.0/24 maxlen: 24
82.21.197.0/24 maxlen: 24
82.21.217.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.23.7.0/24 maxlen: 24
82.23.8.0/24 maxlen: 24
82.23.9.0/24 maxlen: 24
82.23.10.0/24 maxlen: 24
82.23.11.0/24 maxlen: 24
82.23.12.0/24 maxlen: 24
82.23.13.0/24 maxlen: 24
82.23.14.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.24.223.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.25.214.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.26.121.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.26.217.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.29.113.0/24 maxlen: 24
82.29.114.0/24 maxlen: 24
82.29.116.0/24 maxlen: 24
82.29.117.0/24 maxlen: 24
82.29.238.0/24 maxlen: 24
2a13:9500:2::/48 maxlen: 48
2a13:9500:4::/48 maxlen: 48
2a13:9500:5::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:11::/48 maxlen: 48
2a13:9500:12::/48 maxlen: 48
2a13:9500:13::/48 maxlen: 48
2a13:9500:14::/48 maxlen: 48
2a13:9500:15::/48 maxlen: 48
2a13:9500:16::/48 maxlen: 48
2a13:9500:17::/48 maxlen: 48
2a13:9500:18::/48 maxlen: 48
2a13:9500:19::/48 maxlen: 48
2a13:9500:1a::/48 maxlen: 48
2a13:9500:1b::/48 maxlen: 48
2a13:9500:29::/48 maxlen: 48
2a13:9500:2a::/48 maxlen: 48
2a13:9500:2b::/48 maxlen: 48
2a13:9500:2c::/48 maxlen: 48
2a13:9500:2e::/48 maxlen: 48
2a13:9500:2f::/48 maxlen: 48
2a13:9500:30::/48 maxlen: 48
2a13:9500:31::/48 maxlen: 48
2a13:9500:34::/48 maxlen: 48
2a13:9500:35::/48 maxlen: 48
2a13:9500:3b::/48 maxlen: 48
2a13:9500:3c::/48 maxlen: 48
2a13:9500:3d::/48 maxlen: 48
2a13:9500:58::/48 maxlen: 48
2a13:9500:59::/48 maxlen: 48
2a13:9500:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:24:11:ba:10:d4:77:79:10:bc:ef:81:f4:4c:2a:35:bb:95:3b:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 31 10:59:17 2025 GMT
Not After : Jul 30 11:04:17 2026 GMT
Subject: CN=0815AB8F6965ED975B4007DB8E6F25BC31466D5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c2:c2:59:6c:89:e9:d7:c5:5f:36:e4:60:b9:
e4:8e:1c:2c:c2:4a:0f:f5:d5:97:25:81:e0:6f:54:
9d:d1:a3:e8:da:16:7e:b0:d8:be:f5:f8:88:d7:8d:
53:68:18:8c:e0:40:01:3f:39:5a:8f:7d:86:97:0a:
6f:27:12:b5:2b:86:84:32:d0:4d:65:28:59:6b:ef:
85:90:1c:ba:2b:66:ee:13:3e:ed:80:9e:69:ab:ed:
2c:79:22:95:09:4c:8c:a8:8f:13:84:c3:36:52:dc:
05:14:d3:ae:15:04:07:c3:84:7a:49:fd:f8:a1:31:
54:e5:5b:0b:64:30:e8:20:24:19:61:26:3c:1a:2a:
dc:45:d7:cb:f7:f2:c1:fc:62:cf:86:28:d6:ee:6c:
9c:45:cc:65:2d:b6:a7:9e:a1:bd:9b:c5:d7:41:80:
5f:2f:3f:8d:73:c2:f8:76:24:45:ee:68:f6:85:73:
d2:9e:c0:59:0b:b6:dc:00:6c:4d:40:7e:25:97:99:
f9:62:67:af:a8:53:00:a9:7d:89:41:42:6b:61:d8:
a1:d6:6c:4b:22:4f:9f:2d:fd:0b:19:9c:de:4a:ac:
e4:f6:68:3d:27:97:02:60:f1:35:73:ac:f8:d8:8a:
56:c9:e5:a4:e6:45:2d:6d:21:05:ac:2d:13:65:59:
72:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:15:AB:8F:69:65:ED:97:5B:40:07:DB:8E:6F:25:BC:31:46:6D:5B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.146.0/23
82.21.196.0/23
82.21.217.0/24
82.21.240.0/24
82.22.187.0/24
82.23.7.0-82.23.14.255
82.23.216.0/24
82.24.223.0/24
82.24.230.0/24
82.25.214.0/24
82.25.227.0/24
82.26.121.0/24
82.26.198.0/24
82.26.217.0/24
82.27.226.0/24
82.29.113.0-82.29.114.255
82.29.116.0/23
82.29.238.0/24
IPv6:
2a13:9500:2::/48
2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
2a13:9500:34::/47
2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff
2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:3c:90:23:7c:77:7a:73:5a:c6:e8:00:42:54:6c:d7:7b:10:
7b:c1:f7:a7:7a:1f:39:72:d3:88:6e:03:01:9b:12:f2:84:54:
1a:15:56:53:47:9e:ca:d0:7d:f4:46:fb:2f:fc:d5:cf:12:c2:
c4:f6:25:f3:0f:5e:9f:15:26:bd:79:1f:89:d4:91:85:93:7b:
ee:39:f5:5d:67:68:b3:a1:55:c4:94:02:05:d0:dc:3b:44:74:
85:a6:4b:54:d0:47:55:ee:79:4a:13:96:a1:ef:35:cd:54:d8:
60:8c:ce:7d:ae:fb:2c:f8:df:5a:dc:90:f1:b0:0f:75:d6:92:
ff:0a:7e:3e:3e:6d:f3:b1:d0:b0:a3:37:41:48:57:86:ce:76:
4c:08:1e:35:f5:70:33:65:df:3b:8d:91:e7:6b:a6:da:e6:d8:
27:c6:1e:b6:90:b8:b8:7d:77:4b:fe:c1:59:88:e5:a5:1d:1a:
6d:ad:95:67:30:9e:17:91:82:97:39:35:f9:fb:e1:8e:28:ec:
bb:59:b8:5b:6e:b0:9e:50:f4:20:9d:c0:bb:e5:59:6b:df:e3:
e9:30:41:81:5f:c4:3f:a6:36:5a:a1:59:29:46:90:ab:95:c0:
bb:ca:c3:f3:61:11:a3:1b:11:7c:88:f2:af:32:3a:5b:16:1a:
e8:f0:91:ca
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgIUQCQRuhDUd3kQvO+B9EwqNbuVOw0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MzExMDU5MTdaFw0yNjA3MzAxMTA0MTdaMDMxMTAvBgNV
BAMTKDA4MTVBQjhGNjk2NUVEOTc1QjQwMDdEQjhFNkYyNUJDMzE0NjZENUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcwsJZbInp18VfNuRgueSOHCzC
Sg/11ZclgeBvVJ3Ro+jaFn6w2L71+IjXjVNoGIzgQAE/OVqPfYaXCm8nErUrhoQy
0E1lKFlr74WQHLorZu4TPu2Anmmr7Sx5IpUJTIyojxOEwzZS3AUU064VBAfDhHpJ
/fihMVTlWwtkMOggJBlhJjwaKtxF18v38sH8Ys+GKNbubJxFzGUttqeeob2bxddB
gF8vP41zwvh2JEXuaPaFc9KewFkLttwAbE1AfiWXmfliZ6+oUwCpfYlBQmth2KHW
bEsiT58t/QsZnN5KrOT2aD0nlwJg8TVzrPjYilbJ5aTmRS1tIQWsLRNlWXKXAgMB
AAGjggMDMIIC/zAdBgNVHQ4EFgQUCBWrj2ll7ZdbQAfbjm8lvDFGbVswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCARgGCCsGAQUFBwEHAQH/BIIBBzCCAQMwgYIEAgABMHwD
BAFSFZIDBAFSFcQDBABSFdkDBABSFfADBABSFrswDAMEAFIXBwMEAFIXDgMEAFIX
2AMEAFIY3wMEAFIY5gMEAFIZ1gMEAFIZ4wMEAFIaeQMEAFIaxgMEAFIa2QMEAFIb
4jAMAwQAUh1xAwQAUh1yAwQBUh10AwQAUh3uMHwEAgACMHYDBwAqE5UAAAIwEgMH
AioTlQAABAMHAioTlQAAGDASAwcAKhOVAAApAwcAKhOVAAAsMBIDBwEqE5UAAC4D
BwEqE5UAADADBwEqE5UAADQwEgMHACoTlQAAOwMHASoTlQAAPDASAwcDKhOVAABY
AwcAKhOVAABaMA0GCSqGSIb3DQEBCwUAA4IBAQB3PJAjfHd6c1rG6ABCVGzXexB7
wfeneh85ctOIbgMBmxLyhFQaFVZTR57K0H30Rvsv/NXPEsLE9iXzD16fFSa9eR+J
1JGFk3vuOfVdZ2izoVXElAIF0Nw7RHSFpktU0EdV7nlKE5ah7zXNVNhgjM59rvss
+N9a3JDxsA911pL/Cn4+Pm3zsdCwozdBSFeGznZMCB419XAzZd87jZHna6ba5tgn
xh62kLi4fXdL/sFZiOWlHRptrZVnMJ4XkYKXOTX5++GOKOy7WbhbbrCeUPQgncC7
5Vlr3+PpMEGBX8Q/pjZaoVkpRpCrlcC7ysPzYRGjGxF8iPKvMjpbFhro8JHK
-----END CERTIFICATE-----
Generated at Mon Aug 4 10:59:35 2025 by rpki-client