Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: UzV5sNsMk1iTfRNPFyLfCo84lem7aa0MiBZtIp6l+Xk=
Subject key identifier: 06:65:D8:8B:D1:28:59:ED:2E:BA:B5:6A:21:38:14:42:BF:BC:BA:2F
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 0439E744A39C15AD2382FF0D4CC66C9D3361A5D2
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Sat 01 Mar 2025 00:00:52 +0000
ROA not before: Fri 28 Feb 2025 23:55:52 +0000
ROA not after: Sat 28 Feb 2026 00:00:52 +0000
asID: 9009
IP address blocks: 2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.125.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
5.182.109.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:39:e7:44:a3:9c:15:ad:23:82:ff:0d:4c:c6:6c:9d:33:61:a5:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 28 23:55:52 2025 GMT
Not After : Feb 28 00:00:52 2026 GMT
Subject: CN=0665D88BD12859ED2EBAB56A21381442BFBCBA2F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:61:11:3d:41:2e:aa:8a:b6:22:1e:5d:0c:a5:
d2:74:0f:d3:41:6b:75:32:94:d6:44:05:4d:06:49:
41:2f:77:9d:8a:40:a1:16:e0:29:cb:af:0e:78:fa:
8d:e5:42:ab:bd:01:ab:01:71:a2:8e:5f:32:76:26:
53:d4:48:b9:d7:35:36:de:6a:e2:b0:63:a5:b5:77:
47:84:15:49:ae:08:07:b1:d8:39:ce:f0:09:a5:30:
64:2d:ab:67:c1:e7:b4:d6:5b:96:cf:07:58:8f:99:
6e:55:bb:93:b4:d4:db:84:0d:6a:15:67:36:1a:74:
f3:8d:a7:2b:27:b2:dd:ab:e2:87:3a:7e:94:97:47:
ed:7f:c6:ff:06:4a:76:30:47:c4:d8:2b:7d:7f:52:
9f:40:74:3a:5a:e3:cc:b3:bd:4c:15:fd:ce:e2:bd:
75:45:3c:2f:7e:ec:72:10:43:5c:f0:0d:8b:f6:b2:
08:b5:8a:3d:30:db:d9:a1:57:6d:3f:e8:45:75:35:
3c:b5:3c:14:a8:fd:cc:90:80:1d:92:ca:6b:80:e4:
e8:3f:4f:2a:05:ef:59:a4:66:6c:00:43:fe:1c:83:
dc:a9:4f:a7:23:82:ae:fe:43:51:dd:4a:9c:f9:59:
53:10:85:81:ba:65:96:c3:b9:3d:48:ef:52:b4:ab:
96:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:65:D8:8B:D1:28:59:ED:2E:BA:B5:6A:21:38:14:42:BF:BC:BA:2F
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
5.45.38.0/24
5.181.125.0-5.181.127.255
5.182.109.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
130.185.124.0/24
179.61.131.0/24
179.61.133.0/24
179.61.150.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.98.0/24
181.214.121.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.149.0/24
181.215.151.0/24
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
185.173.35.0/24
191.96.23.0/24
191.96.65.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.222.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.226.0/24
191.101.236.0/24
191.101.238.0/24
193.58.107.0/24
194.53.141.0/24
194.110.15.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d1:c4:70:c4:62:fb:5e:f7:dd:90:fd:ba:b0:b0:d2:1c:47:
cb:e6:2d:f3:19:cb:cb:af:01:28:e1:ea:a3:e6:e2:a3:53:fe:
cf:cd:7a:cd:e2:15:a0:44:1b:c6:ec:b6:b1:3b:59:04:f3:4d:
82:8f:0c:67:ae:5a:69:d5:8d:02:f2:7d:97:0b:78:f7:9a:eb:
a3:7f:cf:44:35:13:ff:6a:70:61:b8:50:ff:48:24:a9:db:df:
7d:02:f8:e5:33:96:ae:f7:01:ca:0b:fe:8e:8d:8a:a0:02:d4:
95:d5:c9:4a:e7:69:24:13:a1:df:af:46:61:73:97:63:4b:19:
1b:aa:13:40:74:da:50:18:ae:e7:a0:7f:06:16:8a:5e:c7:29:
45:50:84:3b:ea:05:87:d0:fe:fe:42:d9:b0:3d:da:03:f1:fe:
72:aa:84:8e:57:b6:ed:2f:19:b8:30:d7:11:cb:83:ec:86:73:
70:cb:02:77:cd:2b:48:da:ea:31:75:26:75:c4:f2:85:0d:40:
ac:4a:7a:17:7e:a6:6e:83:e5:a2:ed:a3:6c:30:d1:8e:18:89:
1b:45:33:a8:ad:c6:96:90:40:10:f2:93:d0:e5:d6:88:80:92:
fd:15:b8:f5:50:64:a5:5a:9b:c2:42:43:c2:a9:dc:ac:e9:d5:
76:d5:a8:94
-----BEGIN CERTIFICATE-----
MIIHDDCCBfSgAwIBAgIUBDnnRKOcFa0jgv8NTMZsnTNhpdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTAyMjgyMzU1NTJaFw0yNjAyMjgwMDAwNTJaMDMxMTAvBgNV
BAMTKDA2NjVEODhCRDEyODU5RUQyRUJBQjU2QTIxMzgxNDQyQkZCQ0JBMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeYRE9QS6qirYiHl0MpdJ0D9NB
a3UylNZEBU0GSUEvd52KQKEW4CnLrw54+o3lQqu9AasBcaKOXzJ2JlPUSLnXNTbe
auKwY6W1d0eEFUmuCAex2DnO8AmlMGQtq2fB57TWW5bPB1iPmW5Vu5O01NuEDWoV
ZzYadPONpysnst2r4oc6fpSXR+1/xv8GSnYwR8TYK31/Up9AdDpa48yzvUwV/c7i
vXVFPC9+7HIQQ1zwDYv2sgi1ij0w29mhV20/6EV1NTy1PBSo/cyQgB2SymuA5Og/
TyoF71mkZmwAQ/4cg9ypT6cjgq7+Q1HdSpz5WVMQhYG6ZZbDuT1I71K0q5YZAgMB
AAGjggQWMIIEEjAdBgNVHQ4EFgQUBmXYi9EoWe0uurVqITgUQr+8ui8wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAisGCCsGAQUFBwEHAQH/BIICGjCCAhYwggISBAIAATCC
AgoDBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME
AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9lgME
ALM9pQMEALM9qwMEALM9twMEALM9ugMEALM9yQMEALXWBQMEALXWGwMEALXWLQME
ALXWNzAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZiAwQAtdZ5AwQAtdZ/AwQAtdaq
AwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3AwQAtdd8
AwQAtdeCAwQAtdeEAwQAtdeJAwQAtdeVAwQAtdeXAwQAtdedAwQAtdfAAwQAtdfH
AwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuY/nAwQAuZEkAwQAuZEnAwQBuZc4
AwQAuaxCAwQAua0jAwQAv2AXAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DDAwQAv2DS
AwQAv2DVAwQAv2DXAwQAv2DeAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VK
AwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/
ZXUDBAC/ZZwDBAC/ZeIDBAC/ZewDBAC/Ze4DBADBOmsDBADCNY0DBADCbg8wDQYJ
KoZIhvcNAQELBQADggEBAJnRxHDEYvte992Q/bqwsNIcR8vmLfMZy8uvASjh6qPm
4qNT/s/Nes3iFaBEG8bstrE7WQTzTYKPDGeuWmnVjQLyfZcLePea66N/z0Q1E/9q
cGG4UP9IJKnb330C+OUzlq73AcoL/o6NiqAC1JXVyUrnaSQTod+vRmFzl2NLGRuq
E0B02lAYruegfwYWil7HKUVQhDvqBYfQ/v5C2bA92gPx/nKqhI5Xtu0vGbgw1xHL
g+yGc3DLAnfNK0ja6jF1JnXE8oUNQKxKehd+pm6D5aLto2ww0Y4YiRtFM6itxpaQ
QBDyk9Dl1oiAkv0VuPVQZKVam8JCQ8Kp3Kzp1XbVqJQ=
-----END CERTIFICATE-----
Generated at Sat Apr 5 06:23:42 2025 by rpki-client