Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: /g3kgzS3BMp/eS1e7/qs3CeLi1ODUoDSx7KYoTP0Nh4=
Subject key identifier: F6:36:EB:7E:AC:92:1D:78:08:08:15:26:77:66:B1:D9:A5:2B:E0:12
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 67F661CE4FD0154F77861B931A625FD83DD23704
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Fri 24 Oct 2025 14:24:05 +0000
ROA not before: Fri 24 Oct 2025 14:19:05 +0000
ROA not after: Fri 23 Oct 2026 14:24:05 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:f6:61:ce:4f:d0:15:4f:77:86:1b:93:1a:62:5f:d8:3d:d2:37:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 24 14:19:05 2025 GMT
Not After : Oct 23 14:24:05 2026 GMT
Subject: CN=F636EB7EAC921D78080815267766B1D9A52BE012
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:57:70:23:fd:db:27:fe:d5:37:d3:05:fe:
12:96:99:ae:a4:2d:ed:12:e5:29:f5:ed:f9:cc:b4:
57:7a:ce:77:c8:d1:8b:1f:a7:fa:2a:92:0a:77:90:
2f:08:f4:1e:29:e2:5f:3c:3f:80:3d:f5:eb:e3:ff:
0a:70:a4:55:e0:59:88:33:37:c5:5b:53:01:0f:5c:
ae:cb:b3:9a:b2:bf:c2:22:01:6b:b1:44:05:75:86:
b9:f1:60:22:4f:5e:9e:48:12:d5:aa:ff:fa:a8:9b:
0f:00:49:d5:8e:80:8a:12:72:b4:7c:f2:93:ea:b7:
e5:22:0f:c7:86:f5:3e:bd:11:a8:48:fb:ce:de:a2:
15:fb:64:de:7b:aa:de:96:1f:61:19:93:02:9a:48:
49:59:e3:5d:82:b7:91:8d:56:ab:27:e5:40:16:82:
8e:52:70:6c:27:df:43:be:51:8e:83:81:03:78:c6:
16:76:c4:e0:3e:ab:57:88:e3:b5:eb:38:fa:50:1a:
9e:d6:cf:48:8b:be:0b:a8:15:32:2a:fc:9d:16:ac:
9a:c6:30:bf:dd:b8:67:b0:8e:93:8d:e4:28:cd:3e:
7f:01:c4:43:94:88:7e:3c:d0:c8:33:cc:4b:5e:46:
8c:78:42:75:30:15:f2:8c:87:6e:8f:6d:4a:21:39:
55:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:36:EB:7E:AC:92:1D:78:08:08:15:26:77:66:B1:D9:A5:2B:E0:12
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.59.0/24
92.112.72.0/23
92.112.79.0/24
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:02:9a:56:7f:16:65:c3:0e:1d:c1:d8:df:b3:c4:01:be:30:
56:04:4e:bb:9c:2a:8a:85:33:25:47:10:ad:2b:67:f0:68:dc:
30:d0:75:10:71:db:e8:a2:ce:93:aa:fe:2d:30:a6:49:ba:dc:
d0:d3:2a:f2:ee:d9:77:c4:4b:ac:dc:39:39:cf:e9:0c:11:dd:
e0:a7:5f:5d:ae:af:49:63:a0:49:80:65:6e:a3:64:0a:ec:30:
9a:78:59:7c:81:95:05:30:2c:2e:b1:eb:95:fd:58:25:f3:28:
d4:7f:83:ef:3b:4a:df:70:a1:a5:06:b0:11:5c:fd:4d:cb:4b:
d9:49:dd:c6:27:a0:29:5f:a6:ba:86:2d:61:d7:6d:0e:a9:84:
e8:9f:04:86:f6:1b:97:81:3d:17:fd:ac:1a:03:e7:bd:9f:24:
f8:6e:04:e6:65:b9:a9:c6:00:b4:cd:49:59:09:b7:68:ca:ec:
26:e1:cb:f7:f9:df:45:83:01:bb:b3:55:86:f5:c8:3e:a1:38:
c0:a1:fe:fb:8f:8a:42:a9:4d:64:e1:d3:ab:6a:ab:2f:be:35:
21:50:5c:b9:32:83:ae:9b:46:9b:37:e6:5f:ff:26:9d:5b:20:
43:47:09:60:74:16:65:96:1d:a6:a7:8b:0e:48:83:0d:be:f7:
e8:c8:9b:69
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIUZ/Zhzk/QFU93hhuTGmJf2D3SNwQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMjQxNDE5MDVaFw0yNjEwMjMxNDI0MDVaMDMxMTAvBgNV
BAMTKEY2MzZFQjdFQUM5MjFENzgwODA4MTUyNjc3NjZCMUQ5QTUyQkUwMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7sFdwI/3bJ/7VN9MF/hKWma6k
Le0S5Sn17fnMtFd6znfI0Ysfp/oqkgp3kC8I9B4p4l88P4A99evj/wpwpFXgWYgz
N8VbUwEPXK7Ls5qyv8IiAWuxRAV1hrnxYCJPXp5IEtWq//qomw8ASdWOgIoScrR8
8pPqt+UiD8eG9T69EahI+87eohX7ZN57qt6WH2EZkwKaSElZ412Ct5GNVqsn5UAW
go5ScGwn30O+UY6DgQN4xhZ2xOA+q1eI47XrOPpQGp7Wz0iLvguoFTIq/J0WrJrG
ML/duGewjpON5CjNPn8BxEOUiH480MgzzEteRox4QnUwFfKMh26PbUohOVWhAgMB
AAGjggO4MIIDtDAdBgNVHQ4EFgQU9jbrfqySHXgICBUmd2ax2aUr4BIwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAc0GCCsGAQUFBwEHAQH/BIIBvDCCAbgwggG0BAIAATCC
AawDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt8jAMEAFt83AMEAFt88wMEAFt8/AMEAVxwAgME
AFxwOwMEAVxwSAMEAFxwTwMEAlxwZAMEAlxweAMEAVxw1jAMAwQBXHDaAwQBXHDc
MAwDBABccN8DBABccOIwDAMEAFxw5QMEAFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDt
AwQAXHECAwQAXHEFAwQAXHEIMAwDBAFccV4DBAJccWADBAJccWwDBAJccXgDBAFc
cYIDBAJfhggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJfhpADBAJf
hrwDBAJfhtADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABfh9EwDAME
AF+H2QMEAF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+AMEALJddDAN
BgkqhkiG9w0BAQsFAAOCAQEATQKaVn8WZcMOHcHY37PEAb4wVgROu5wqioUzJUcQ
rStn8GjcMNB1EHHb6KLOk6r+LTCmSbrc0NMq8u7Zd8RLrNw5Oc/pDBHd4KdfXa6v
SWOgSYBlbqNkCuwwmnhZfIGVBTAsLrHrlf1YJfMo1H+D7ztK33ChpQawEVz9TctL
2UndxiegKV+muoYtYddtDqmE6J8EhvYbl4E9F/2sGgPnvZ8k+G4E5mW5qcYAtM1J
WQm3aMrsJuHL9/nfRYMBu7NVhvXIPqE4wKH++4+KQqlNZOHTq2qrL741IVBcuTKD
rptGmzfmX/8mnVsgQ0cJYHQWZZYdpqeLDkiDDb736MibaQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:36:45 2025 by rpki-client