Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: /U6uxg9e8RNRsZang1uP2rk4kRQwpXg6wdxlmfnO6QY=
Subject key identifier: 41:00:7D:E1:0E:91:D6:3E:F2:58:94:FD:07:D0:B4:1B:D4:F9:B9:6E
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2DDD6D06B5B9631996E402FF07C71DC9054F333E
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Fri 04 Jul 2025 13:51:12 +0000
ROA not before: Fri 04 Jul 2025 13:46:12 +0000
ROA not after: Fri 03 Jul 2026 13:51:12 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.9.0/24 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:dd:6d:06:b5:b9:63:19:96:e4:02:ff:07:c7:1d:c9:05:4f:33:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jul 4 13:46:12 2025 GMT
Not After : Jul 3 13:51:12 2026 GMT
Subject: CN=41007DE10E91D63EF25894FD07D0B41BD4F9B96E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:75:ff:80:ae:b0:f0:45:64:51:48:22:c1:f8:
08:24:19:2e:c2:36:d6:cc:d9:d0:b7:af:0d:b2:9c:
ff:75:a0:07:bc:3e:20:ac:4b:4e:70:d5:f3:78:47:
02:d9:45:69:0c:82:c7:43:c5:8f:8b:f1:e8:95:2b:
2c:82:f9:89:10:bf:6b:64:4e:9a:87:c4:39:51:91:
1f:9f:35:d6:68:62:38:56:93:69:b9:a5:b8:56:cc:
79:04:24:3c:4b:ac:0b:5b:11:39:3d:69:65:54:04:
d7:a0:9e:5b:4a:ed:62:0e:a8:5c:ae:49:d1:ba:af:
b3:5e:76:52:93:16:27:09:4d:3a:a2:82:2a:45:09:
b6:77:a9:29:fb:0e:32:47:0b:b6:b7:82:94:41:87:
01:40:02:ba:85:a5:79:f6:bb:e2:e7:a6:53:8e:a3:
88:cf:61:f4:6e:24:a0:44:94:ed:5f:77:88:87:9a:
2f:18:79:e1:ea:a4:e9:44:be:3b:63:d9:a4:a9:df:
79:82:ec:93:3b:17:b3:c5:d7:0f:c4:8b:76:78:c1:
03:ab:12:8d:87:75:fa:20:1c:a7:d2:c2:e8:87:e1:
24:d1:91:b1:5a:b1:63:1a:97:64:08:f9:04:b4:ec:
f9:00:a0:1b:4a:f0:c2:e5:c3:df:d9:d2:fa:24:6c:
25:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:00:7D:E1:0E:91:D6:3E:F2:58:94:FD:07:D0:B4:1B:D4:F9:B9:6E
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.9.0/24
92.112.59.0/24
92.112.72.0/23
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
92:27:09:5d:33:ca:ff:54:8d:69:5b:d8:62:21:3d:b1:c8:bb:
7e:50:7f:8b:48:8f:31:e4:2a:c7:35:7f:8f:e0:ae:fd:da:88:
ce:80:93:b8:97:c6:2e:be:7f:c0:1d:d6:d2:ea:60:a0:5d:4d:
48:6f:1f:88:17:62:c3:0a:78:80:56:b6:4d:03:fe:5b:b3:52:
a6:ed:2c:06:83:82:7d:98:84:66:da:cd:9f:87:44:2b:93:4d:
06:d2:f6:3e:45:fd:49:83:89:ed:81:80:fa:b2:5c:ed:3b:8c:
38:77:a2:b3:18:e4:41:3f:91:16:d4:c7:9c:85:50:ee:d2:66:
75:b7:d0:3c:fc:c0:65:d7:41:47:96:27:35:b5:23:fe:d5:be:
4c:d4:43:1a:af:bd:de:3d:58:bb:5d:96:e4:6c:44:b3:2d:6b:
12:bd:1f:f5:73:a1:32:d1:bf:a5:a0:4a:1f:bd:24:08:05:16:
09:33:d7:eb:17:a2:88:1a:61:bb:ed:b1:c7:88:44:46:d3:9f:
7c:34:b2:5d:76:91:3b:b7:ba:19:de:94:76:e0:cd:88:d9:99:
a1:bd:d3:4d:d0:fc:05:9e:b8:f3:9a:91:b2:4b:a5:46:1b:5c:
6c:53:97:db:f5:da:c5:46:9f:5b:57:34:99:f9:9c:18:d8:4c:
ab:ac:87:26
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIULd1tBrW5YxmW5AL/B8cdyQVPMz4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA3MDQxMzQ2MTJaFw0yNjA3MDMxMzUxMTJaMDMxMTAvBgNV
BAMTKDQxMDA3REUxMEU5MUQ2M0VGMjU4OTRGRDA3RDBCNDFCRDRGOUI5NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNdf+ArrDwRWRRSCLB+AgkGS7C
NtbM2dC3rw2ynP91oAe8PiCsS05w1fN4RwLZRWkMgsdDxY+L8eiVKyyC+YkQv2tk
TpqHxDlRkR+fNdZoYjhWk2m5pbhWzHkEJDxLrAtbETk9aWVUBNegnltK7WIOqFyu
SdG6r7NedlKTFicJTTqigipFCbZ3qSn7DjJHC7a3gpRBhwFAArqFpXn2u+LnplOO
o4jPYfRuJKBElO1fd4iHmi8YeeHqpOlEvjtj2aSp33mC7JM7F7PF1w/Ei3Z4wQOr
Eo2HdfogHKfSwuiH4STRkbFasWMal2QI+QS07PkAoBtK8MLlw9/Z0vokbCWjAgMB
AAGjggO4MIIDtDAdBgNVHQ4EFgQUQQB94Q6R1j7yWJT9B9C0G9T5uW4wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAc0GCCsGAQUFBwEHAQH/BIIBvDCCAbgwggG0BAIAATCC
AawDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt8jAMEAFt83AMEAFt88wMEAFt8/AMEAVxwAgME
AFxwCQMEAFxwOwMEAVxwSAMEAlxwZAMEAlxweAMEAVxw1jAMAwQBXHDaAwQBXHDc
MAwDBABccN8DBABccOIwDAMEAFxw5QMEAFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDt
AwQAXHECAwQAXHEFAwQAXHEIMAwDBAFccV4DBAJccWADBAJccWwDBAJccXgDBAFc
cYIDBAJfhggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJfhpADBAJf
hrwDBAJfhtADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABfh9EwDAME
AF+H2QMEAF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+AMEALJddDAN
BgkqhkiG9w0BAQsFAAOCAQEAkicJXTPK/1SNaVvYYiE9sci7flB/i0iPMeQqxzV/
j+Cu/dqIzoCTuJfGLr5/wB3W0upgoF1NSG8fiBdiwwp4gFa2TQP+W7NSpu0sBoOC
fZiEZtrNn4dEK5NNBtL2PkX9SYOJ7YGA+rJc7TuMOHeisxjkQT+RFtTHnIVQ7tJm
dbfQPPzAZddBR5YnNbUj/tW+TNRDGq+93j1Yu12W5GxEsy1rEr0f9XOhMtG/paBK
H70kCAUWCTPX6xeiiBphu+2xx4hERtOffDSyXXaRO7e6Gd6UduDNiNmZob3TTdD8
BZ6485qRskulRhtcbFOX2/XaxUafW1c0mfmcGNhMq6yHJg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:10:13 2025 by rpki-client