Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: TeLVQ68lcehj38LlgXGeYoJzEcnGzFgmVPyFmql4Auc=
Subject key identifier: F4:EB:0C:21:71:9C:BA:6E:52:F3:B7:23:C0:A0:A8:E6:E1:52:67:6D
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 314FFBADEBFB6984C2701FBB810B39CA49D4B3D8
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Fri 01 Aug 2025 00:00:10 +0000
ROA not before: Thu 31 Jul 2025 23:55:10 +0000
ROA not after: Fri 31 Jul 2026 00:00:10 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:52:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:4f:fb:ad:eb:fb:69:84:c2:70:1f:bb:81:0b:39:ca:49:d4:b3:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 31 23:55:10 2025 GMT
Not After : Jul 31 00:00:10 2026 GMT
Subject: CN=F4EB0C21719CBA6E52F3B723C0A0A8E6E152676D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:d4:20:19:b5:e7:1b:d4:72:4b:04:eb:af:
09:ca:fb:af:d8:95:fc:c6:6e:11:2c:89:41:59:9c:
53:a0:bd:b6:ae:c0:08:90:f8:c3:9b:bb:0f:60:06:
10:3c:cb:b9:2f:24:e9:6a:18:eb:89:dc:cb:0f:48:
7b:a0:49:3f:b9:55:04:85:f9:05:87:0d:12:21:ff:
a1:4b:71:84:c9:c6:16:1e:22:2c:79:b6:e6:87:61:
dc:17:b0:9f:6f:a6:13:c9:63:98:95:7a:ad:15:11:
09:b6:b8:27:ea:d4:10:66:74:fb:ae:e3:5a:e8:31:
9b:36:01:3d:63:cf:ae:e9:fb:7f:2d:02:36:0f:4f:
3c:e1:5b:0c:3f:b3:08:af:d6:a0:5b:de:2e:ea:e7:
e0:18:42:37:15:93:ee:f5:c0:f4:02:21:fe:ba:6d:
e8:fb:20:6f:40:54:25:0f:ab:c8:22:0d:8e:81:5b:
e9:55:38:98:4c:c7:5c:4b:aa:b1:bc:12:2e:94:76:
a9:f2:a7:c5:cd:5e:81:df:1c:ce:0a:e1:27:7f:7f:
98:69:8a:d7:b7:5a:7e:83:64:10:4d:25:07:c8:51:
22:fd:cc:66:09:05:57:c8:c2:30:b6:b8:14:b9:76:
28:4b:71:e2:30:4b:1d:8c:74:70:7a:b8:4d:66:80:
9b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:EB:0C:21:71:9C:BA:6E:52:F3:B7:23:C0:A0:A8:E6:E1:52:67:6D
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.59.0/24
92.112.72.0/23
92.112.79.0/24
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:1c:f3:57:da:6b:fb:da:d2:21:0e:20:7f:da:35:29:5f:f8:
05:42:89:cd:a7:f4:64:84:14:36:4a:d5:25:13:63:68:2c:4d:
b2:55:f8:dd:e9:f0:7e:f0:2c:32:9f:3f:cd:7c:26:de:e4:7e:
99:61:78:bf:e0:c1:9e:3c:3a:da:63:fa:ea:1f:5e:cb:17:db:
fd:8a:e1:c1:05:47:36:1b:16:51:32:36:31:1c:8e:ad:7b:fb:
a3:6e:a9:fb:0b:35:a6:d1:8c:07:4c:b0:e7:9e:e5:0b:91:38:
5d:63:37:fc:8a:ab:1c:52:c3:78:51:43:6e:8d:15:11:73:6d:
64:08:7e:bc:94:cb:ac:ca:38:a2:38:47:db:46:e2:0d:22:5e:
cb:64:09:f1:68:4f:24:e9:11:02:72:6f:c6:5f:95:1b:23:a6:
7f:94:85:21:7e:18:bf:c0:68:be:82:59:92:91:11:73:41:e9:
b3:e8:94:bd:75:fa:94:03:db:50:4e:f0:3e:2b:e5:82:09:36:
20:43:c0:e7:07:3c:47:0b:54:a8:36:03:d8:c9:1a:08:f7:9f:
d7:bc:66:4f:3e:b7:25:65:80:51:1d:55:af:60:4c:97:6d:ba:
47:9e:29:eb:f7:a6:6a:34:32:5c:3e:99:77:8e:ae:57:15:d3:
75:be:93:73
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIUMU/7rev7aYTCcB+7gQs5yknUs9gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MzEyMzU1MTBaFw0yNjA3MzEwMDAwMTBaMDMxMTAvBgNV
BAMTKEY0RUIwQzIxNzE5Q0JBNkU1MkYzQjcyM0MwQTBBOEU2RTE1MjY3NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqOtQgGbXnG9RySwTrrwnK+6/Y
lfzGbhEsiUFZnFOgvbauwAiQ+MObuw9gBhA8y7kvJOlqGOuJ3MsPSHugST+5VQSF
+QWHDRIh/6FLcYTJxhYeIix5tuaHYdwXsJ9vphPJY5iVeq0VEQm2uCfq1BBmdPuu
41roMZs2AT1jz67p+38tAjYPTzzhWww/swiv1qBb3i7q5+AYQjcVk+71wPQCIf66
bej7IG9AVCUPq8giDY6BW+lVOJhMx1xLqrG8Ei6Udqnyp8XNXoHfHM4K4Sd/f5hp
ite3Wn6DZBBNJQfIUSL9zGYJBVfIwjC2uBS5dihLceIwSx2MdHB6uE1mgJuDAgMB
AAGjggO4MIIDtDAdBgNVHQ4EFgQU9OsMIXGcum5S87cjwKCo5uFSZ20wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAc0GCCsGAQUFBwEHAQH/BIIBvDCCAbgwggG0BAIAATCC
AawDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt8jAMEAFt83AMEAFt88wMEAFt8/AMEAVxwAgME
AFxwOwMEAVxwSAMEAFxwTwMEAlxwZAMEAlxweAMEAVxw1jAMAwQBXHDaAwQBXHDc
MAwDBABccN8DBABccOIwDAMEAFxw5QMEAFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDt
AwQAXHECAwQAXHEFAwQAXHEIMAwDBAFccV4DBAJccWADBAJccWwDBAJccXgDBAFc
cYIDBAJfhggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJfhpADBAJf
hrwDBAJfhtADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABfh9EwDAME
AF+H2QMEAF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+AMEALJddDAN
BgkqhkiG9w0BAQsFAAOCAQEAixzzV9pr+9rSIQ4gf9o1KV/4BUKJzaf0ZIQUNkrV
JRNjaCxNslX43enwfvAsMp8/zXwm3uR+mWF4v+DBnjw62mP66h9eyxfb/YrhwQVH
NhsWUTI2MRyOrXv7o26p+ws1ptGMB0yw557lC5E4XWM3/IqrHFLDeFFDbo0VEXNt
ZAh+vJTLrMo4ojhH20biDSJey2QJ8WhPJOkRAnJvxl+VGyOmf5SFIX4Yv8BovoJZ
kpERc0Hps+iUvXX6lAPbUE7wPivlggk2IEPA5wc8RwtUqDYD2MkaCPef17xmTz63
JWWAUR1Vr2BMl226R54p6/emajQyXD6Zd46uVxXTdb6Tcw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:39 2025 by rpki-client