Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: vhlOpRE6EsoTzzxDG02kqcYAVs+8VrNj/F/z5d8/Pcw=
Subject key identifier: 7D:27:53:8D:89:4E:BF:15:7B:13:3E:81:BF:F3:6B:F2:54:6A:FF:51
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 789CBDD88DFD7FBB06FFC7FB188388A83200CA1A
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Mon 25 May 2026 13:09:31 +0000
ROA not before: Mon 25 May 2026 13:04:31 +0000
ROA not after: Mon 24 May 2027 13:09:31 +0000
asID: 9009
IP address blocks: 46.202.100.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.158.0/24 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.31.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.102.0/24 maxlen: 24
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:9c:bd:d8:8d:fd:7f:bb:06:ff:c7:fb:18:83:88:a8:32:00:ca:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 25 13:04:31 2026 GMT
Not After : May 24 13:09:31 2027 GMT
Subject: CN=7D27538D894EBF157B133E81BFF36BF2546AFF51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:5b:55:1a:3f:09:68:7b:b2:6f:3a:b4:de:df:
71:6d:da:08:f8:f4:bb:98:3f:3f:c1:e1:4e:fb:10:
91:21:e8:11:5b:f1:06:12:ec:d6:f3:72:03:51:70:
37:42:29:d6:b2:8d:68:d1:e3:16:80:ed:cc:04:16:
e2:3a:1a:54:5d:2f:17:ef:db:1b:b9:58:7b:06:88:
fd:37:6f:1b:dc:0f:c6:65:60:09:0e:da:12:08:ac:
cc:cc:91:d8:91:76:b8:a7:8a:f6:6b:79:2a:05:37:
73:5b:1a:3a:ba:b5:c5:80:0e:38:84:3f:74:0b:d2:
a1:bc:19:d1:c9:c8:06:ae:21:0f:7e:29:be:cf:28:
6f:20:1c:0d:c6:6d:57:8a:75:9b:3b:8d:a3:a3:5f:
e9:fa:de:d8:cb:22:6a:8a:d8:91:a2:60:86:34:97:
31:4a:2c:f2:00:42:57:28:38:e3:ba:7a:77:11:aa:
39:fc:0d:53:ad:d6:9c:f8:df:d3:16:e7:11:92:17:
12:ba:dc:f3:e4:b3:b7:44:30:68:d8:57:55:ac:b4:
0f:08:b7:fb:24:77:2a:2d:89:24:dc:4d:21:1e:1d:
d3:a6:3b:a6:fa:4b:30:c3:32:62:bc:45:75:41:13:
ed:26:c6:95:a2:f9:8d:41:db:7b:d3:71:53:11:14:
f8:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:27:53:8D:89:4E:BF:15:7B:13:3E:81:BF:F3:6B:F2:54:6A:FF:51
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.100.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.158.0/24
46.203.162.0/23
46.203.236.0/22
46.203.244.0/22
46.203.252.0/22
91.124.31.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.59.0/24
92.112.72.0/23
92.112.79.0/24
92.112.100.0/22
92.112.120.0/22
92.112.214.0/24
92.112.220.0/23
92.112.226.0/24
92.112.234.0/24
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.102.0/24
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:4e:2b:c8:96:19:a1:bf:bb:f4:f9:0e:95:54:55:1b:c0:4c:
1f:dd:58:e3:a2:b2:e6:90:bf:1e:80:68:05:4a:e8:f3:47:7e:
a4:7c:05:79:fe:01:32:1a:9c:56:df:77:f4:24:35:34:84:45:
bb:60:c2:2d:5b:2d:38:55:36:46:33:4f:40:aa:61:69:fe:b7:
a9:6e:e7:3d:66:98:6e:62:07:09:e6:a1:3c:77:73:b6:ee:9c:
41:a2:a9:7c:a4:04:5d:12:68:5f:61:dd:aa:13:93:6a:09:6c:
b5:56:4e:34:58:89:14:15:fb:de:fd:12:1a:b1:ab:2d:7f:e9:
a7:95:be:6f:69:b0:b0:9b:81:ae:d0:71:d1:b8:31:11:6f:a6:
d1:dd:38:4f:cc:7f:a9:91:67:4b:9f:64:6c:f1:4b:c1:e3:32:
fd:3e:07:77:be:b2:6e:5e:5e:7f:80:39:85:d3:1a:7f:43:67:
f7:6a:60:72:bf:ae:e4:81:fb:32:b2:b4:2c:97:00:35:c3:b0:
19:00:9d:c5:eb:34:5d:98:04:3e:c8:60:ad:ec:da:3b:f7:ca:
7a:10:4e:64:b7:bb:b8:99:85:bc:58:1e:c0:be:71:7b:f3:4f:
7f:b8:6d:b8:e7:d3:a6:09:93:74:2e:01:ed:47:76:73:56:59:
b0:36:90:19
-----BEGIN CERTIFICATE-----
MIIGejCCBWKgAwIBAgIUeJy92I39f7sG/8f7GIOIqDIAyhowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MjUxMzA0MzFaFw0yNzA1MjQxMzA5MzFaMDMxMTAvBgNV
BAMTKDdEMjc1MzhEODk0RUJGMTU3QjEzM0U4MUJGRjM2QkYyNTQ2QUZGNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1W1UaPwloe7JvOrTe33Ft2gj4
9LuYPz/B4U77EJEh6BFb8QYS7NbzcgNRcDdCKdayjWjR4xaA7cwEFuI6GlRdLxfv
2xu5WHsGiP03bxvcD8ZlYAkO2hIIrMzMkdiRdrinivZreSoFN3NbGjq6tcWADjiE
P3QL0qG8GdHJyAauIQ9+Kb7PKG8gHA3GbVeKdZs7jaOjX+n63tjLImqK2JGiYIY0
lzFKLPIAQlcoOOO6encRqjn8DVOt1pz439MW5xGSFxK63PPks7dEMGjYV1WstA8I
t/skdyotiSTcTSEeHdOmO6b6SzDDMmK8RXVBE+0mxpWi+Y1B23vTcVMRFPjJAgMB
AAGjggOEMIIDgDAdBgNVHQ4EFgQUfSdTjYlOvxV7Ez6Bv/Nr8lRq/1EwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZkGCCsGAQUFBwEHAQH/BIIBiDCCAYQwggGABAIAATCC
AXgDBAIuymQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAEuy14DBAEuy2QDBAEu
y3oDBAEuy4QDBAAuy54DBAEuy6IDBAIuy+wDBAIuy/QDBAIuy/wDBABbfB8DBABb
fIwDBABbfNwDBABbfPMDBABbfPwDBAFccAIDBABccDsDBAFccEgDBABccE8DBAJc
cGQDBAJccHgDBABccNYDBAFccNwDBABccOIDBABccOoDBABccO0DBABccQIDBABc
cQUDBABccQgwDAMEAVxxXgMEAlxxYAMEAlxxbAMEAlxxeAMEAVxxggMEAl+GCAME
Al+GGAMEAl+GJAMEAl+GLAMEAl+GOAMEAl+GSAMEAF+GZgMEAl+GkAMEAl+GvAME
Al+G0AMEAl+G2AMEAl+HYAMEAl+HeAMEAF+HiQMEAF+HxQMEAF+H0TAMAwQAX4fZ
AwQAX4faAwQAX4fhAwQAX4flAwQAX4fqAwQAX4ftAwQAX4f4AwQAsl10MA0GCSqG
SIb3DQEBCwUAA4IBAQAbTivIlhmhv7v0+Q6VVFUbwEwf3VjjorLmkL8egGgFSujz
R36kfAV5/gEyGpxW33f0JDU0hEW7YMItWy04VTZGM09AqmFp/repbuc9ZphuYgcJ
5qE8d3O27pxBoql8pARdEmhfYd2qE5NqCWy1Vk40WIkUFfve/RIasastf+mnlb5v
abCwm4Gu0HHRuDERb6bR3ThPzH+pkWdLn2Rs8UvB4zL9Pgd3vrJuXl5/gDmF0xp/
Q2f3amByv67kgfsysrQslwA1w7AZAJ3F6zRdmAQ+yGCt7No798p6EE5kt7u4mYW8
WB7AvnF7809/uG2459OmCZN0LgHtR3ZzVlmwNpAZ
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:03:50 2026 by rpki-client