Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: VqAN0u5lBIuIzW9W3rd1Jl4IXmQ+t46+djo1rExbkJE=
Subject key identifier: F6:7B:72:61:4E:21:BC:82:89:2E:8D:9F:2B:E5:57:A8:EB:F7:17:F7
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 441C88FF3E06402B984B7FBF5F7C7ADA0A0C3C3D
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Mon 14 Apr 2025 05:38:25 +0000
ROA not before: Mon 14 Apr 2025 05:33:25 +0000
ROA not after: Mon 13 Apr 2026 05:38:25 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.9.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:1c:88:ff:3e:06:40:2b:98:4b:7f:bf:5f:7c:7a:da:0a:0c:3c:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 14 05:33:25 2025 GMT
Not After : Apr 13 05:38:25 2026 GMT
Subject: CN=F67B72614E21BC82892E8D9F2BE557A8EBF717F7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a0:4e:f1:f3:4e:05:12:4f:21:56:e4:c8:d0:
f3:db:4a:3d:84:41:84:58:b1:45:68:16:f2:8a:1b:
7e:46:34:1e:8e:1b:a1:cb:cf:ff:51:e9:27:0d:db:
f8:db:f3:7c:a2:c1:90:85:fe:9e:c8:46:9a:bf:e1:
ca:aa:72:d6:98:76:bb:f2:d5:b6:02:17:c6:0a:fe:
e3:d6:0d:9f:8b:37:ab:ab:71:29:16:75:15:d5:bf:
24:5b:72:2f:43:50:e4:7f:3c:64:e0:46:e7:74:60:
b1:d4:f5:d5:ca:b1:4f:5d:41:67:1e:62:9f:5d:f1:
1e:18:33:14:aa:08:75:1e:0f:1c:06:d0:91:e0:98:
a4:68:39:fb:1f:c0:d1:9b:d7:0c:18:3c:c7:21:63:
24:d5:e5:d7:42:b7:e4:05:f8:56:7c:e8:c9:22:da:
09:a9:94:08:f2:83:0c:5e:0b:6a:1c:d4:af:2d:3a:
5a:40:26:15:78:e4:28:d7:23:17:b2:3d:ca:4b:e6:
3f:6d:df:60:0b:1f:06:c7:e6:f2:ed:84:ff:a4:79:
01:7c:71:f4:5b:a5:f6:e1:c4:39:18:e3:01:11:4c:
39:3c:52:ab:dc:af:58:fe:e8:9c:44:d1:37:af:26:
91:7d:ec:ce:3e:47:c0:00:bc:12:dd:77:4d:56:e6:
9c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7B:72:61:4E:21:BC:82:89:2E:8D:9F:2B:E5:57:A8:EB:F7:17:F7
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.220.0/24
92.112.2.0/23
92.112.9.0/24
92.112.72.0/23
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d8:96:1e:97:13:00:40:09:d2:81:b5:fb:e9:7c:98:37:42:
9c:86:62:75:0d:81:8d:c2:9f:40:1f:04:96:13:06:96:03:5b:
44:b4:72:5e:8e:b3:32:6c:27:0e:8b:ed:8b:20:bb:57:47:b7:
3b:09:01:57:1f:1c:21:5b:34:f2:5f:10:f9:5f:a8:7d:dd:09:
59:14:13:55:55:27:ea:50:d0:cf:ac:63:87:67:6c:56:8f:f2:
04:09:02:2b:22:08:16:c7:12:f3:5e:63:b1:42:da:3b:6a:90:
0a:84:6a:b4:86:08:f1:89:ab:b4:ba:bf:28:ce:cc:1b:f6:cd:
80:12:4d:a9:6f:5a:01:0c:72:fc:a1:f6:d6:3b:fc:af:d7:f7:
e7:ef:3e:b0:76:22:40:16:01:73:9f:62:95:67:47:7f:aa:50:
24:32:75:0a:f9:df:72:18:e9:8e:20:7e:46:47:cf:23:fa:87:
4c:1c:15:3f:21:0a:13:08:a4:12:a8:fc:27:90:9f:3e:96:24:
8a:51:07:80:79:d5:c7:3c:81:8b:bd:4c:be:0a:39:66:78:47:
14:15:39:f9:ba:84:ce:f8:1a:8d:78:29:21:9d:56:4c:c0:81:
14:ac:fc:ca:df:fc:e3:a3:11:7f:b6:e1:86:52:34:f6:38:e8:
03:9b:dc:11
-----BEGIN CERTIFICATE-----
MIIGfjCCBWagAwIBAgIURByI/z4GQCuYS3+/X3x62goMPD0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MTQwNTMzMjVaFw0yNjA0MTMwNTM4MjVaMDMxMTAvBgNV
BAMTKEY2N0I3MjYxNEUyMUJDODI4OTJFOEQ5RjJCRTU1N0E4RUJGNzE3RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFoE7x804FEk8hVuTI0PPbSj2E
QYRYsUVoFvKKG35GNB6OG6HLz/9R6ScN2/jb83yiwZCF/p7IRpq/4cqqctaYdrvy
1bYCF8YK/uPWDZ+LN6urcSkWdRXVvyRbci9DUOR/PGTgRud0YLHU9dXKsU9dQWce
Yp9d8R4YMxSqCHUeDxwG0JHgmKRoOfsfwNGb1wwYPMchYyTV5ddCt+QF+FZ86Mki
2gmplAjygwxeC2oc1K8tOlpAJhV45CjXIxeyPcpL5j9t32ALHwbH5vLthP+keQF8
cfRbpfbhxDkY4wERTDk8Uqvcr1j+6JxE0TevJpF97M4+R8AAvBLdd01W5pzjAgMB
AAGjggOIMIIDhDAdBgNVHQ4EFgQU9ntyYU4hvIKJLo2fK+VXqOv3F/cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZ0GCCsGAQUFBwEHAQH/BIIBjDCCAYgwggGEBAIAATCC
AXwDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt83AMEAVxwAgMEAFxwCQMEAVxwSAMEAlxwZAME
AlxweAMEAVxw1jAMAwQBXHDaAwQBXHDcMAwDBABccN8DBABccOIwDAMEAFxw5QME
AFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDtMAwDBAFccV4DBAJccWADBAJccWwDBAJc
cXgDBAFccYIDBAJfhggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJf
hpADBAJfhrwDBAJfhtADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABf
h9EwDAMEAF+H2QMEAF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+DAN
BgkqhkiG9w0BAQsFAAOCAQEAK9iWHpcTAEAJ0oG1++l8mDdCnIZidQ2BjcKfQB8E
lhMGlgNbRLRyXo6zMmwnDovtiyC7V0e3OwkBVx8cIVs08l8Q+V+ofd0JWRQTVVUn
6lDQz6xjh2dsVo/yBAkCKyIIFscS815jsULaO2qQCoRqtIYI8YmrtLq/KM7MG/bN
gBJNqW9aAQxy/KH21jv8r9f35+8+sHYiQBYBc59ilWdHf6pQJDJ1CvnfchjpjiB+
RkfPI/qHTBwVPyEKEwikEqj8J5CfPpYkilEHgHnVxzyBi71Mvgo5ZnhHFBU5+bqE
zvgajXgpIZ1WTMCBFKz8yt/846MRf7bhhlI09jjoA5vcEQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:35 2025 by rpki-client