Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: KeNzDAY0AnxbCudjmXPacPQcsQIjP8XvD1eMApG7eQo=
Subject key identifier: F2:60:80:BA:DF:14:AB:65:3F:AD:81:E2:FE:EE:19:39:7C:DA:1A:8B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 25590F8295C11F3639C25B52FBEE06AC9F224DFA
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Tue 01 Jul 2025 00:02:18 +0000
ROA not before: Mon 30 Jun 2025 23:57:18 +0000
ROA not after: Tue 30 Jun 2026 00:02:18 +0000
asID: 9009
IP address blocks: 2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.125.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
5.182.109.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.41.216.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.115.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.135.156.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
194.110.242.0/24 maxlen: 24
213.109.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:48:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:59:0f:82:95:c1:1f:36:39:c2:5b:52:fb:ee:06:ac:9f:22:4d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jun 30 23:57:18 2025 GMT
Not After : Jun 30 00:02:18 2026 GMT
Subject: CN=F26080BADF14AB653FAD81E2FEEE19397CDA1A8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:a5:81:13:c9:09:44:82:de:95:57:53:99:
da:a4:fb:c4:d7:c3:5c:7d:e0:4b:a9:29:7c:1b:da:
8a:04:8d:99:0f:76:54:97:5f:72:15:66:79:ea:bb:
1c:3f:69:a5:8a:b6:1f:fd:33:d6:5d:d9:38:bd:3a:
69:a4:09:e9:59:4a:76:c0:f4:39:4a:ba:30:c9:b8:
65:8b:d6:c2:06:7e:b5:8c:22:22:31:47:25:d1:2d:
00:c3:0f:78:f0:1d:8b:a1:aa:c5:87:3e:40:fa:8e:
ca:72:f4:97:32:ab:ee:02:52:92:c7:00:a4:03:a2:
91:13:16:9f:a8:dc:0c:f8:4d:46:7e:83:55:44:50:
aa:19:37:ee:2a:af:1a:94:c1:88:c9:e4:31:32:2d:
67:47:5c:ff:15:c8:5f:de:2d:f1:78:fd:aa:ba:4e:
03:1c:7d:c9:85:91:a3:78:13:9b:27:21:a8:27:b6:
58:12:5b:47:a7:47:df:5b:ad:28:02:d5:29:a1:d3:
1e:35:27:c5:9e:be:74:19:84:49:d2:60:af:0e:63:
df:0c:0a:33:9a:2d:e9:14:bd:25:f7:c3:2d:c7:c5:
78:12:0c:f5:68:31:90:a2:3d:64:90:74:14:9d:c1:
6f:ba:c5:4f:93:ea:d3:01:8d:30:e1:a7:3c:e5:ea:
16:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:60:80:BA:DF:14:AB:65:3F:AD:81:E2:FE:EE:19:39:7C:DA:1A:8B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
5.45.38.0/24
5.181.125.0-5.181.127.255
5.182.109.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
130.185.124.0/24
179.61.131.0/24
179.61.133.0/24
179.61.150.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.41.216.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.115.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.149.0/24
181.215.151.0/24
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.135.156.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
185.173.35.0/24
191.96.23.0/24
191.96.65.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.226.0/24
193.58.107.0/24
194.53.141.0/24
194.110.15.0/24
194.110.242.0/24
213.109.168.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f6:9b:38:8d:b1:3e:32:a4:bd:5c:2a:7d:1b:6c:ab:63:27:
a8:3d:6b:ff:a4:1a:54:8e:41:65:23:fe:26:82:03:4d:81:10:
62:2d:4a:fe:a3:48:14:cb:03:8f:5e:0a:c7:d9:62:f4:b4:12:
a9:dc:dc:85:e3:61:16:ab:c0:a0:03:22:83:a6:ce:5b:3a:51:
e6:e1:e9:4e:b8:04:16:71:b7:e9:b8:d0:47:be:ae:e4:26:d7:
36:8b:87:3b:04:52:20:22:e8:b5:ae:7b:e6:8f:c8:ea:02:66:
96:73:15:df:fc:31:0e:a1:5d:cc:01:93:63:f6:a6:98:7c:c1:
46:05:ef:c8:2a:5f:2f:f3:04:3a:df:f4:54:a0:6d:d2:b7:99:
cb:39:67:7f:92:cf:6c:60:77:11:dd:0b:09:89:b2:1f:d4:73:
23:34:3a:a4:b7:f1:46:9e:f6:a8:cf:1e:ce:ba:86:29:72:bb:
e9:53:d6:20:b1:0e:5d:ce:00:90:6b:87:54:c3:fe:f1:fa:4f:
fd:d4:bf:a6:13:e5:ec:d4:2e:61:77:4d:ed:1a:9e:b9:6b:23:
4a:fc:66:8c:05:16:06:83:03:fd:ea:ee:e1:fe:0c:43:d2:6c:
30:86:f8:be:a4:67:61:fb:2f:22:c3:e5:8c:65:89:0c:d3:b1:
44:28:da:a2
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUJVkPgpXBHzY5wltS++4GrJ8iTfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA2MzAyMzU3MThaFw0yNjA2MzAwMDAyMThaMDMxMTAvBgNV
BAMTKEYyNjA4MEJBREYxNEFCNjUzRkFEODFFMkZFRUUxOTM5N0NEQTFBOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgjqWBE8kJRILelVdTmdqk+8TX
w1x94EupKXwb2ooEjZkPdlSXX3IVZnnquxw/aaWKth/9M9Zd2Ti9OmmkCelZSnbA
9DlKujDJuGWL1sIGfrWMIiIxRyXRLQDDD3jwHYuhqsWHPkD6jspy9Jcyq+4CUpLH
AKQDopETFp+o3Az4TUZ+g1VEUKoZN+4qrxqUwYjJ5DEyLWdHXP8VyF/eLfF4/aq6
TgMcfcmFkaN4E5snIagntlgSW0enR99brSgC1Smh0x41J8WevnQZhEnSYK8OY98M
CjOaLekUvSX3wy3HxXgSDPVoMZCiPWSQdBSdwW+6xU+T6tMBjTDhpzzl6hbZAgMB
AAGjggQWMIIEEjAdBgNVHQ4EFgQU8mCAut8Uq2U/rYHi/u4ZOXzaGoswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAisGCCsGAQUFBwEHAQH/BIICGjCCAhYwggISBAIAATCC
AgoDBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME
AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9lgME
ALM9pQMEALM9qwMEALM9twMEALM9ugMEALM9yQMEALUp2AMEALXWBQMEALXWGwME
ALXWLQMEALXWNzAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZzAwQAtdZ/AwQAtdaq
AwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3AwQAtdd8
AwQAtdeCAwQAtdeEAwQAtdeJAwQAtdeVAwQAtdeXAwQAtdedAwQAtdfAAwQAtdfH
AwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/nAwQAuZEkAwQAuZEn
AwQBuZc4AwQAuaxCAwQAua0jAwQAv2AXAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DD
AwQAv2DSAwQAv2DVAwQAv2DXAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VK
AwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/
ZXUDBAC/ZZwDBAC/ZeIDBADBOmsDBADCNY0DBADCbg8DBADCbvIDBADVbagwDQYJ
KoZIhvcNAQELBQADggEBAAj2mziNsT4ypL1cKn0bbKtjJ6g9a/+kGlSOQWUj/iaC
A02BEGItSv6jSBTLA49eCsfZYvS0Eqnc3IXjYRarwKADIoOmzls6Uebh6U64BBZx
t+m40Ee+ruQm1zaLhzsEUiAi6LWue+aPyOoCZpZzFd/8MQ6hXcwBk2P2pph8wUYF
78gqXy/zBDrf9FSgbdK3mcs5Z3+Sz2xgdxHdCwmJsh/UcyM0OqS38Uae9qjPHs66
hilyu+lT1iCxDl3OAJBrh1TD/vH6T/3Uv6YT5ezULmF3Te0anrlrI0r8ZowFFgaD
A/3q7uH+DEPSbDCG+L6kZ2H7LyLD5YxliQzTsUQo2qI=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:10:07 2025 by rpki-client