Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: DwFB82LkZrFGhEAE6h5+x6DGFWrnlOhIdNRkNfpDp8w=
Subject key identifier: 3E:41:76:3A:97:9E:86:84:6A:56:68:4E:DA:74:F3:ED:12:A8:5D:CB
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 67D270022CF5F4893D71452BE102C2DAB35CCD8A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Sun 25 May 2025 13:16:47 +0000
ROA not before: Sun 25 May 2025 13:11:47 +0000
ROA not after: Sun 24 May 2026 13:16:47 +0000
asID: 9009
IP address blocks: 2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.125.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
5.182.109.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.41.216.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.115.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.135.156.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
194.110.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:d2:70:02:2c:f5:f4:89:3d:71:45:2b:e1:02:c2:da:b3:5c:cd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 25 13:11:47 2025 GMT
Not After : May 24 13:16:47 2026 GMT
Subject: CN=3E41763A979E86846A56684EDA74F3ED12A85DCB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:af:79:58:db:17:b1:50:eb:39:0c:31:8d:82:
69:47:66:2d:2f:30:1f:f7:86:e9:a7:37:1e:1a:5e:
bb:cc:84:86:c5:56:2e:dc:0e:b3:ca:bd:f3:04:90:
86:02:cd:4f:3c:9e:c2:b0:69:51:78:09:a3:6c:72:
f7:ca:1a:ff:02:9b:43:d8:c4:4c:f1:45:59:89:4c:
9a:98:09:ac:f3:7b:e0:fb:57:4c:fb:9d:59:69:06:
53:bf:09:b4:ae:b7:9f:7d:7b:24:ca:7b:c0:33:9f:
98:01:f3:0e:1e:83:87:25:3c:f6:67:41:59:11:f1:
14:71:49:99:eb:b2:b9:3a:4f:6d:f2:6f:48:bb:8d:
5b:06:d9:d4:9c:3c:69:a2:29:9b:b6:ac:e9:00:73:
8c:af:5b:c9:3d:88:36:11:69:db:6b:14:fd:13:c3:
2a:db:27:15:a0:0f:1c:bd:2e:9a:2a:22:71:ae:88:
c7:4d:be:b5:96:7a:2d:fc:a2:d3:88:a5:57:ad:5c:
88:c1:00:85:0e:89:11:5e:43:88:f8:e2:ab:24:69:
bc:1e:34:04:1d:26:06:23:79:f1:42:1d:1a:21:4b:
94:26:4a:8f:1c:70:82:7a:24:f9:78:22:6f:31:9e:
ce:26:e6:ec:52:62:eb:a8:37:71:fc:8c:e7:8b:6a:
d8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:41:76:3A:97:9E:86:84:6A:56:68:4E:DA:74:F3:ED:12:A8:5D:CB
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
5.45.38.0/24
5.181.125.0-5.181.127.255
5.182.109.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
130.185.124.0/24
179.61.131.0/24
179.61.133.0/24
179.61.150.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.41.216.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.98.0/24
181.214.115.0/24
181.214.121.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.149.0/24
181.215.151.0/24
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.135.156.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
185.173.35.0/24
191.96.23.0/24
191.96.65.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.222.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.226.0/24
191.101.236.0/24
191.101.238.0/24
193.58.107.0/24
194.53.141.0/24
194.110.15.0/24
194.110.242.0/24
Signature Algorithm: sha256WithRSAEncryption
03:20:02:01:c5:30:cd:e4:0c:e8:96:c8:da:4b:7b:49:4d:76:
2b:eb:76:9c:42:dd:e6:2a:9b:fc:8b:b6:62:6d:96:39:97:00:
e8:40:ca:fa:17:5c:86:cf:86:49:9d:a5:f1:f0:27:43:7e:70:
00:80:a9:60:91:30:c8:4c:e0:70:6e:61:d2:19:38:aa:42:42:
25:d6:68:5e:b0:bd:4c:48:4d:2b:25:5c:6f:1f:b5:65:3b:34:
75:25:3d:c5:d8:ec:af:23:3d:68:b8:60:6b:8b:d3:c7:4c:1c:
39:a0:04:7c:21:e5:1b:55:05:cb:02:1e:55:69:bd:3c:e1:23:
b1:7f:a0:20:85:39:e6:88:ca:d2:46:23:1d:05:af:66:b0:d3:
79:c9:40:e4:b3:05:25:8a:52:72:60:c6:21:fe:39:3d:c4:c2:
d2:2e:18:f1:1d:b0:b9:02:ab:76:dd:b4:ad:7b:d2:41:8b:8b:
ce:97:4c:48:a7:6c:94:a3:68:4e:c1:68:f0:72:42:68:d8:a4:
4c:1f:b7:12:81:cc:57:b0:aa:6f:a7:a4:1c:20:3c:ea:2c:a3:
27:f6:b4:d2:f9:0f:8d:c0:cb:a0:fc:4f:4c:d3:51:41:8e:68:
fc:74:24:93:2e:90:5f:8f:a1:2d:ab:7c:48:f1:3b:56:32:4c:
56:63:61:8f
-----BEGIN CERTIFICATE-----
MIIHJDCCBgygAwIBAgIUZ9JwAiz19Ik9cUUr4QLC2rNczYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA1MjUxMzExNDdaFw0yNjA1MjQxMzE2NDdaMDMxMTAvBgNV
BAMTKDNFNDE3NjNBOTc5RTg2ODQ2QTU2Njg0RURBNzRGM0VEMTJBODVEQ0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBr3lY2xexUOs5DDGNgmlHZi0v
MB/3humnNx4aXrvMhIbFVi7cDrPKvfMEkIYCzU88nsKwaVF4CaNscvfKGv8Cm0PY
xEzxRVmJTJqYCazze+D7V0z7nVlpBlO/CbSut599eyTKe8Azn5gB8w4eg4clPPZn
QVkR8RRxSZnrsrk6T23yb0i7jVsG2dScPGmiKZu2rOkAc4yvW8k9iDYRadtrFP0T
wyrbJxWgDxy9LpoqInGuiMdNvrWWei38otOIpVetXIjBAIUOiRFeQ4j44qskabwe
NAQdJgYjefFCHRohS5QmSo8ccIJ6JPl4Im8xns4m5uxSYuuoN3H8jOeLatitAgMB
AAGjggQuMIIEKjAdBgNVHQ4EFgQUPkF2OpeehoRqVmhO2nTz7RKoXcswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAkMGCCsGAQUFBwEHAQH/BIICMjCCAi4wggIqBAIAATCC
AiIDBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME
AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9lgME
ALM9pQMEALM9qwMEALM9twMEALM9ugMEALM9yQMEALUp2AMEALXWBQMEALXWGwME
ALXWLQMEALXWNzAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZiAwQAtdZzAwQAtdZ5
AwQAtdZ/AwQAtdaqAwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0
AwQAtdd3AwQAtdd8AwQAtdeCAwQAtdeEAwQAtdeJAwQAtdeVAwQAtdeXAwQAtded
AwQAtdfAAwQAtdfHAwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/n
AwQAuZEkAwQAuZEnAwQBuZc4AwQAuaxCAwQAua0jAwQAv2AXAwQAv2BBAwQAv2CT
AwQAv2CsAwQAv2DDAwQAv2DSAwQAv2DVAwQAv2DXAwQAv2DeAwQAv2DoAwQAv2UG
AwQAv2UXAwQAv2VIAwQBv2VKAwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/
ZWsDBAC/ZWwDBAC/ZXMDBAC/ZXUDBAC/ZZwDBAC/ZeIDBAC/ZewDBAC/Ze4DBADB
OmsDBADCNY0DBADCbg8DBADCbvIwDQYJKoZIhvcNAQELBQADggEBAAMgAgHFMM3k
DOiWyNpLe0lNdivrdpxC3eYqm/yLtmJtljmXAOhAyvoXXIbPhkmdpfHwJ0N+cACA
qWCRMMhM4HBuYdIZOKpCQiXWaF6wvUxITSslXG8ftWU7NHUlPcXY7K8jPWi4YGuL
08dMHDmgBHwh5RtVBcsCHlVpvTzhI7F/oCCFOeaIytJGIx0Fr2aw03nJQOSzBSWK
UnJgxiH+OT3EwtIuGPEdsLkCq3bdtK170kGLi86XTEinbJSjaE7BaPByQmjYpEwf
txKBzFewqm+npBwgPOosoyf2tNL5D43Ay6D8T0zTUUGOaPx0JJMukF+PoS2rfEjx
O1YyTFZjYY8=
-----END CERTIFICATE-----
Generated at Tue Jun 3 08:19:20 2025 by rpki-client