Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: oLSBmv8xB5VsYw6zgpaSWQqejAAtti3ft5KiEcQbSyc=
Subject key identifier: 6C:08:AC:7F:33:32:00:30:F9:91:B5:7F:13:BB:EF:F6:B4:23:9D:29
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 545569B2A68573B0DFFAA17F7752403C2AD30463
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
Signing time: Thu 05 Dec 2024 07:51:42 +0000
ROA not before: Thu 05 Dec 2024 07:46:42 +0000
ROA not after: Thu 04 Dec 2025 07:51:42 +0000
asID: 9009
IP address blocks: 96.62.250.0/24 maxlen: 24
96.62.251.0/24 maxlen: 24
96.62.254.0/24 maxlen: 24
96.62.255.0/24 maxlen: 24
145.223.41.0/24 maxlen: 24
145.223.47.0/24 maxlen: 24
147.79.28.0/24 maxlen: 24
148.135.212.0/22 maxlen: 24
148.135.220.0/22 maxlen: 24
148.135.228.0/22 maxlen: 24
148.135.236.0/22 maxlen: 24
148.135.244.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 21:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:55:69:b2:a6:85:73:b0:df:fa:a1:7f:77:52:40:3c:2a:d3:04:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Dec 5 07:46:42 2024 GMT
Not After : Dec 4 07:51:42 2025 GMT
Subject: CN=6C08AC7F33320030F991B57F13BBEFF6B4239D29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:4e:1a:24:1f:d4:8d:18:a0:f8:e3:4d:99:3c:
b2:cf:fd:ae:29:e1:6b:0e:71:0c:11:70:85:d9:76:
3f:24:b6:92:d8:3b:cf:86:84:d3:59:dc:d9:d3:2f:
90:60:34:db:40:6e:f4:d3:7b:e0:66:25:e0:37:48:
6c:34:12:b1:41:9f:61:23:d2:73:44:92:3b:aa:f6:
02:af:22:d4:40:64:33:bc:e8:66:53:82:80:37:d1:
1f:5c:0a:be:fb:3f:af:62:81:ec:6e:43:3d:64:30:
7e:18:5d:98:38:ee:b5:14:72:7e:5e:c1:1a:71:3e:
6d:fe:27:07:01:66:c5:57:78:50:cb:40:a6:ed:62:
04:d6:3a:be:8f:cf:43:4c:48:7f:c1:b6:ed:21:e9:
b7:2f:eb:e6:9d:49:9f:b2:67:f9:82:6f:4e:ce:87:
16:b3:16:d5:96:46:d2:ad:ff:2c:cb:44:0d:7f:ae:
2e:78:b2:85:3d:a8:53:79:8d:8e:9e:d9:d0:c2:79:
b3:db:9a:b4:87:4d:70:b3:3a:50:db:b7:92:60:c1:
73:59:65:c6:21:41:bf:f6:25:98:6f:8f:b7:9e:49:
9f:c6:ca:82:ac:76:28:82:d7:23:4d:67:11:ae:8f:
db:88:41:d2:b3:fb:fc:e0:56:3b:6a:41:e0:83:07:
8e:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:08:AC:7F:33:32:00:30:F9:91:B5:7F:13:BB:EF:F6:B4:23:9D:29
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.250.0/23
96.62.254.0/23
145.223.41.0/24
145.223.47.0/24
147.79.28.0/24
148.135.212.0/22
148.135.220.0/22
148.135.228.0/22
148.135.236.0/22
148.135.244.0/22
Signature Algorithm: sha256WithRSAEncryption
33:99:4c:88:c2:0f:54:24:e9:7e:20:06:47:28:1b:e9:20:0c:
4a:13:fa:3f:94:87:40:6b:b5:9e:eb:82:fa:c4:61:d8:4b:08:
e0:b4:bf:14:3b:f0:0b:75:f1:1e:c4:ea:0b:b8:98:6b:67:e8:
9b:f5:db:0a:41:fe:46:fd:67:b6:61:5c:8e:51:b0:29:23:92:
a6:99:fb:f1:eb:be:3d:e2:c4:4c:f0:71:cf:db:78:4b:6f:11:
ea:04:d7:29:a1:59:bd:29:91:6c:85:b7:3d:e1:4c:70:77:08:
b8:8e:c5:8a:ff:01:6d:55:b0:60:92:2f:b8:9a:4b:f8:81:68:
e3:fc:4c:b2:37:9d:20:39:cb:80:6c:ed:48:2f:cc:d2:ae:36:
18:0d:3e:18:80:d2:96:86:20:8b:8e:2f:dd:80:75:b8:80:fd:
06:fb:03:5a:5f:9b:27:dc:a1:f9:7a:ee:41:67:cf:49:43:1f:
ab:e3:a8:d4:63:04:d6:14:42:ac:49:3d:92:fc:2f:ba:d3:6d:
e4:8c:56:f4:36:31:93:80:50:d2:2d:8f:aa:56:48:3f:d8:40:
cc:51:02:3c:26:c1:e6:ce:3d:b6:b5:bc:8a:8c:d1:79:6e:40:
f2:c1:dc:db:ab:e6:a3:e6:05:5c:46:c3:f7:bb:7d:c2:ae:1b:
3c:e7:91:c6
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIUVFVpsqaFc7Df+qF/d1JAPCrTBGMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNDEyMDUwNzQ2NDJaFw0yNTEyMDQwNzUxNDJaMDMxMTAvBgNV
BAMTKDZDMDhBQzdGMzMzMjAwMzBGOTkxQjU3RjEzQkJFRkY2QjQyMzlEMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOThokH9SNGKD4402ZPLLP/a4p
4WsOcQwRcIXZdj8ktpLYO8+GhNNZ3NnTL5BgNNtAbvTTe+BmJeA3SGw0ErFBn2Ej
0nNEkjuq9gKvItRAZDO86GZTgoA30R9cCr77P69igexuQz1kMH4YXZg47rUUcn5e
wRpxPm3+JwcBZsVXeFDLQKbtYgTWOr6Pz0NMSH/Btu0h6bcv6+adSZ+yZ/mCb07O
hxazFtWWRtKt/yzLRA1/ri54soU9qFN5jY6e2dDCebPbmrSHTXCzOlDbt5JgwXNZ
ZcYhQb/2JZhvj7eeSZ/GyoKsdiiC1yNNZxGuj9uIQdKz+/zgVjtqQeCDB45dAgMB
AAGjggI+MIICOjAdBgNVHQ4EFgQUbAisfzMyADD5kbV/E7vv9rQjnSkwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBVBggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAWA++gME
AWA+/gMEAJHfKQMEAJHfLwMEAJNPHAMEApSH1AMEApSH3AMEApSH5AMEApSH7AME
ApSH9DANBgkqhkiG9w0BAQsFAAOCAQEAM5lMiMIPVCTpfiAGRygb6SAMShP6P5SH
QGu1nuuC+sRh2EsI4LS/FDvwC3XxHsTqC7iYa2fom/XbCkH+Rv1ntmFcjlGwKSOS
ppn78eu+PeLETPBxz9t4S28R6gTXKaFZvSmRbIW3PeFMcHcIuI7Fiv8BbVWwYJIv
uJpL+IFo4/xMsjedIDnLgGztSC/M0q42GA0+GIDSloYgi44v3YB1uID9BvsDWl+b
J9yh+XruQWfPSUMfq+Oo1GME1hRCrEk9kvwvutNt5IxW9DYxk4BQ0i2PqlZIP9hA
zFECPCbB5s49trW8iozReW5A8sHc26vmo+YFXEbD97t9wq4bPOeRxg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:27:17 2025 by rpki-client