Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: 7b71JxxZHDAQu5gSLsoeIxEvAU7VE1ApJReavk4HZ4Q=
Subject key identifier: BC:D0:0D:F9:64:15:4F:92:AB:CC:52:0E:8C:18:6C:9F:FA:7B:30:08
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 1D399B740E52FA59FA83AD87BF36D4F24D4AE838
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Thu 05 Jun 2025 07:07:03 +0000
ROA not before: Thu 05 Jun 2025 07:02:03 +0000
ROA not after: Thu 04 Jun 2026 07:07:03 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.9.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:39:9b:74:0e:52:fa:59:fa:83:ad:87:bf:36:d4:f2:4d:4a:e8:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 5 07:02:03 2025 GMT
Not After : Jun 4 07:07:03 2026 GMT
Subject: CN=BCD00DF964154F92ABCC520E8C186C9FFA7B3008
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:33:c2:8a:87:85:bd:b0:35:2a:52:31:e9:df:
4c:dd:68:7b:f5:e3:33:3b:fd:c4:44:1c:64:c8:c4:
c7:76:82:47:c7:de:49:ab:80:3f:d1:5f:15:26:47:
29:90:a4:93:0b:a9:5c:f4:45:05:ed:48:10:2d:5d:
7b:e3:a2:38:f4:7d:41:02:b6:63:9d:44:40:34:58:
6a:ab:96:74:49:7f:34:88:28:08:e8:3d:55:9d:01:
ad:6b:08:83:0c:99:c1:fc:52:9c:44:61:0e:c6:e1:
ae:c4:c8:78:db:c4:b0:be:55:6b:1f:cf:e7:04:44:
38:e6:b0:88:46:a2:2c:f7:0d:c8:2a:f5:96:72:59:
f3:34:e4:64:3b:00:9b:bc:38:e9:50:75:0d:05:78:
b9:74:93:a6:42:97:32:e8:9d:d9:60:20:46:47:4e:
05:0b:0d:42:b4:89:b2:a4:ab:60:c8:79:bf:2e:1f:
2f:bf:48:ce:d4:b7:3a:63:4d:05:39:e5:64:64:9e:
78:9c:0e:6f:06:61:5b:fb:e4:c5:3b:3b:c6:04:07:
4c:f3:99:45:ba:2c:41:1f:bd:aa:14:9e:f2:6e:3a:
1c:69:dc:c9:11:b8:b9:dc:5f:66:bb:bd:de:36:11:
22:57:f7:83:8b:6c:12:2d:3d:ad:da:01:45:40:5a:
b6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:D0:0D:F9:64:15:4F:92:AB:CC:52:0E:8C:18:6C:9F:FA:7B:30:08
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.9.0/24
92.112.72.0/23
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
21:19:a3:73:13:c1:46:10:69:1a:c9:9b:88:bb:bf:de:70:6b:
b2:e3:34:0c:1f:3f:73:04:ba:85:31:99:1d:f4:15:3e:1b:e3:
55:59:ef:20:b3:1d:99:1e:9f:c7:98:a2:a9:2b:f9:74:25:db:
af:c1:30:8d:42:ea:30:8e:ef:3f:e7:90:ed:49:85:88:8f:4a:
05:ce:54:53:96:ac:b5:0d:fd:13:3a:22:68:5c:d2:b6:90:63:
32:c0:ce:2b:fc:21:9d:92:9e:a6:88:49:58:db:3b:8d:7b:91:
cf:b5:c9:c4:7d:95:e8:00:28:96:68:5e:a6:2d:f6:26:4b:18:
46:e2:fe:02:c8:7d:84:fe:ae:2d:05:a4:2f:e0:f3:54:24:62:
d7:c2:a6:b3:e8:09:83:83:ae:19:31:c2:c3:d0:13:36:dd:45:
3b:4c:bc:eb:a7:e6:fb:92:3b:dc:b1:fd:e5:c1:b7:9c:12:6b:
0f:56:17:b5:a8:d4:54:7b:ea:28:d2:20:6f:dd:03:0d:8c:05:
5f:8c:9c:b6:0b:ab:4a:7e:be:64:36:0e:f2:78:14:15:d2:ab:
1a:b0:3b:2c:36:c0:9b:36:ef:89:f0:58:15:a8:51:f5:af:4d:
4e:7e:9f:05:6c:e6:29:b6:ed:48:9b:af:ab:a5:13:66:81:b0:
e2:23:c2:03
-----BEGIN CERTIFICATE-----
MIIGqDCCBZCgAwIBAgIUHTmbdA5S+ln6g62HvzbU8k1K6DgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MDUwNzAyMDNaFw0yNjA2MDQwNzA3MDNaMDMxMTAvBgNV
BAMTKEJDRDAwREY5NjQxNTRGOTJBQkNDNTIwRThDMTg2QzlGRkE3QjMwMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5M8KKh4W9sDUqUjHp30zdaHv1
4zM7/cREHGTIxMd2gkfH3kmrgD/RXxUmRymQpJMLqVz0RQXtSBAtXXvjojj0fUEC
tmOdREA0WGqrlnRJfzSIKAjoPVWdAa1rCIMMmcH8UpxEYQ7G4a7EyHjbxLC+VWsf
z+cERDjmsIhGoiz3Dcgq9ZZyWfM05GQ7AJu8OOlQdQ0FeLl0k6ZClzLondlgIEZH
TgULDUK0ibKkq2DIeb8uHy+/SM7UtzpjTQU55WRknnicDm8GYVv75MU7O8YEB0zz
mUW6LEEfvaoUnvJuOhxp3MkRuLncX2a7vd42ESJX94OLbBItPa3aAUVAWrZjAgMB
AAGjggOyMIIDrjAdBgNVHQ4EFgQUvNAN+WQVT5KrzFIOjBhsn/p7MAgwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAccGCCsGAQUFBwEHAQH/BIIBtjCCAbIwggGuBAIAATCC
AaYDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt8jAMEAFt83AMEAFt88wMEAFt8/AMEAVxwAgME
AFxwCQMEAVxwSAMEAlxwZAMEAlxweAMEAVxw1jAMAwQBXHDaAwQBXHDcMAwDBABc
cN8DBABccOIwDAMEAFxw5QMEAFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDtAwQAXHEC
AwQAXHEFAwQAXHEIMAwDBAFccV4DBAJccWADBAJccWwDBAJccXgDBAFccYIDBAJf
hggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJfhpADBAJfhrwDBAJf
htADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABfh9EwDAMEAF+H2QME
AF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+AMEALJddDANBgkqhkiG
9w0BAQsFAAOCAQEAIRmjcxPBRhBpGsmbiLu/3nBrsuM0DB8/cwS6hTGZHfQVPhvj
VVnvILMdmR6fx5iiqSv5dCXbr8EwjULqMI7vP+eQ7UmFiI9KBc5UU5astQ39Ezoi
aFzStpBjMsDOK/whnZKepohJWNs7jXuRz7XJxH2V6AAolmhepi32JksYRuL+Ash9
hP6uLQWkL+DzVCRi18Kms+gJg4OuGTHCw9ATNt1FO0y866fm+5I73LH95cG3nBJr
D1YXtajUVHvqKNIgb90DDYwFX4yctgurSn6+ZDYO8ngUFdKrGrA7LDbAmzbvifBY
FahR9a9NTn6fBWzmKbbtSJuvq6UTZoGw4iPCAw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:59:14 2025 by rpki-client