Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: zd1U5lrbCqlh0pc9TZXdJ3OunGplkfFcXbM3ITn5w1E=
Subject key identifier: 6E:F1:97:AF:92:A3:14:30:1A:CA:53:AC:09:C2:44:A6:4B:08:08:75
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 3DB06E4F3D6B42C10A7C92BF29DB6F19F7EA7D94
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Wed 17 Jul 2024 15:15:43 +0000
ROA not before: Wed 17 Jul 2024 15:10:43 +0000
ROA not after: Wed 16 Jul 2025 15:15:43 +0000
asID: 9009
IP address blocks: 2.57.20.0/23 maxlen: 23
2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.125.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
5.182.109.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.214.3.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.15.0/24 maxlen: 24
181.214.19.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.28.0/24 maxlen: 24
181.214.32.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.98.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.108.0/24 maxlen: 24
181.215.109.0/24 maxlen: 24
181.215.111.0/24 maxlen: 24
181.215.113.0/24 maxlen: 24
181.215.114.0/24 maxlen: 24
181.215.115.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.149.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.34.42.0/24 maxlen: 24
185.135.10.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
185.173.35.0/24 maxlen: 24
185.174.63.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.69.0/24 maxlen: 24
191.96.83.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.141.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.171.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.173.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.95.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.127.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.163.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/24 maxlen: 24
191.101.244.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:b0:6e:4f:3d:6b:42:c1:0a:7c:92:bf:29:db:6f:19:f7:ea:7d:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 17 15:10:43 2024 GMT
Not After : Jul 16 15:15:43 2025 GMT
Subject: CN=6EF197AF92A314301ACA53AC09C244A64B080875
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bc:7f:8e:4d:90:19:45:ca:16:d0:f2:51:6f:
7d:10:f5:3a:73:1b:e4:96:a8:bf:b8:4d:46:53:4c:
1d:53:d2:67:9d:25:42:5b:7a:8c:fc:fd:ae:5e:06:
8b:8d:6c:de:71:59:7b:9f:e1:96:a7:ba:0e:5f:4f:
0d:4c:77:a3:85:02:03:7f:dc:77:97:3c:2d:5c:9f:
03:1d:2a:85:61:81:33:25:a8:b8:60:8a:33:dd:c2:
45:8e:49:97:f3:fc:d2:78:c6:f3:e6:79:e8:59:e0:
2b:72:0f:e7:e8:ef:a8:b9:a9:1d:c1:c7:89:e4:63:
15:80:12:5b:6c:2d:ec:48:0f:e7:95:16:79:ed:86:
c5:db:db:f3:ce:0d:c7:e8:23:48:bb:e7:bc:61:bc:
92:8b:79:c8:f2:2d:c8:7c:09:6c:16:ea:58:4e:58:
69:b8:e2:e8:10:5c:26:4b:c8:97:91:67:10:a9:8e:
2c:b7:bb:d3:83:fb:a0:6d:21:cb:f4:a4:7a:fc:9b:
f0:db:ff:4a:bd:b8:6b:d9:77:59:8c:b8:d6:80:c1:
9c:4e:a6:80:c0:31:95:36:6c:31:73:45:d5:7a:cd:
52:46:f3:b9:cf:87:96:90:d4:5b:a3:d4:f0:f3:dd:
f0:8f:e3:a8:03:f2:c1:b4:55:d7:9c:f7:ce:9b:e0:
07:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:97:AF:92:A3:14:30:1A:CA:53:AC:09:C2:44:A6:4B:08:08:75
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.20.0/23
2.58.172.0/24
5.45.38.0/24
5.181.125.0-5.181.127.255
5.182.109.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
130.185.124.0/24
130.185.127.0/24
179.61.131.0/24
179.61.133.0/24
179.61.150.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.214.3.0/24
181.214.5.0/24
181.214.15.0/24
181.214.19.0/24
181.214.27.0-181.214.28.255
181.214.32.0/24
181.214.45.0/24
181.214.55.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.98.0/24
181.214.121.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0-181.215.109.255
181.215.111.0/24
181.215.113.0-181.215.116.255
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.149.0/24
181.215.151.0/24
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.34.42.0/24
185.135.10.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
185.173.35.0/24
185.174.63.0/24
191.96.23.0/24
191.96.65.0/24
191.96.69.0/24
191.96.83.0/24
191.96.126.0/24
191.96.140.0/23
191.96.147.0/24
191.96.149.0/24
191.96.171.0-191.96.173.255
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.222.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0-191.101.76.255
191.101.88.0/24
191.101.90.0/24
191.101.95.0/24
191.101.97.0-191.101.98.255
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.127.0/24
191.101.156.0/24
191.101.163.0/24
191.101.226.0/24
191.101.236.0/24
191.101.238.0/24
191.101.244.0/24
193.58.107.0/24
194.53.141.0/24
194.110.15.0/24
Signature Algorithm: sha256WithRSAEncryption
62:05:d8:8f:4a:86:ba:14:7c:74:9c:88:c4:f5:74:7b:25:d7:
7b:2b:41:db:68:8e:13:dc:4d:56:90:50:7c:55:20:89:ef:2c:
98:54:28:63:56:c5:3c:7e:20:78:da:cd:71:89:08:24:79:ba:
94:be:45:d6:66:1b:07:80:eb:66:3a:41:d4:98:a9:97:4c:8d:
74:2c:bc:74:e1:48:62:30:d6:61:a2:bb:26:22:49:3b:ed:c4:
9a:85:87:dd:2d:01:a2:5f:ec:9a:35:96:2c:95:56:89:19:51:
1f:23:82:43:bd:7b:38:73:ad:b7:81:22:e3:6a:06:8a:8e:1a:
02:14:b8:c3:ad:89:c5:82:6a:97:e0:4b:46:a2:a0:db:12:da:
7b:e3:93:12:fc:6c:25:d8:c1:8c:bb:40:33:99:6e:64:5f:d9:
3d:a1:9c:53:b8:59:4c:ea:f1:8a:98:55:a0:2f:1c:fe:0a:2d:
dc:61:05:9c:80:02:0d:4e:07:05:57:b5:b7:3d:81:cd:bf:ea:
23:8a:31:ba:2f:57:95:60:53:48:69:03:d5:a8:6f:f9:8d:f6:
e0:1e:62:85:ab:c5:43:a7:fe:ea:76:f4:ab:5a:2f:0b:8b:94:
ac:bf:ec:3d:bf:ec:82:7a:5e:f5:4a:19:bd:35:9c:c4:c6:da:
bd:75:17:82
-----BEGIN CERTIFICATE-----
MIIHrjCCBpagAwIBAgIUPbBuTz1rQsEKfJK/KdtvGffqfZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNDA3MTcxNTEwNDNaFw0yNTA3MTYxNTE1NDNaMDMxMTAvBgNV
BAMTKDZFRjE5N0FGOTJBMzE0MzAxQUNBNTNBQzA5QzI0NEE2NEIwODA4NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnvH+OTZAZRcoW0PJRb30Q9Tpz
G+SWqL+4TUZTTB1T0medJUJbeoz8/a5eBouNbN5xWXuf4Zanug5fTw1Md6OFAgN/
3HeXPC1cnwMdKoVhgTMlqLhgijPdwkWOSZfz/NJ4xvPmeehZ4CtyD+fo76i5qR3B
x4nkYxWAEltsLexID+eVFnnthsXb2/PODcfoI0i757xhvJKLecjyLch8CWwW6lhO
WGm44ugQXCZLyJeRZxCpjiy3u9OD+6BtIcv0pHr8m/Db/0q9uGvZd1mMuNaAwZxO
poDAMZU2bDFzRdV6zVJG87nPh5aQ1Fuj1PDz3fCP46gD8sG0Vdec986b4AcrAgMB
AAGjggS4MIIEtDAdBgNVHQ4EFgQUbvGXr5KjFDAaylOsCcJEpksICHUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAs0GCCsGAQUFBwEHAQH/BIICvDCCArgwggK0BAIAATCC
AqwDBAECORQDBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAME
AC1fDgMEAC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEAIK5fwMEALM9gwME
ALM9hQMEALM9lgMEALM9pQMEALM9qwMEALM9twMEALM9ugMEALM9yQMEALXWAwME
ALXWBQMEALXWDwMEALXWEzAMAwQAtdYbAwQAtdYcAwQAtdYgAwQAtdYtAwQAtdY3
MAwDBAC11kcDBAC11kgDBAC11lwDBAC11mIDBAC11nkDBAC11n8DBAC11qoDBAC1
1q8DBAC11swDBAC11s8DBAC11vswDAMEALXXawMEAbXXbAMEALXXbzAMAwQAtddx
AwQAtdd0AwQAtdd3AwQAtdd8AwQAtdeCAwQAtdeEAwQAtdeJAwQAtdeVAwQAtdeX
AwQAtdedAwQAtdfAAwQAtdfHAwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuSIq
AwQAuYcKAwQAuY/nAwQAuZEkAwQAuZEnAwQBuZc4AwQAuaxCAwQAua0jAwQAua4/
AwQAv2AXAwQAv2BBAwQAv2BFAwQAv2BTAwQAv2B+AwQBv2CMAwQAv2CTAwQAv2CV
MAwDBAC/YKsDBAG/YKwDBAC/YMMDBAC/YNIDBAC/YNUDBAC/YNcDBAC/YN4DBAC/
YOgDBAC/ZQYDBAC/ZRcDBAC/ZUgwDAMEAb9lSgMEAL9lTAMEAL9lWAMEAL9lWgME
AL9lXzAMAwQAv2VhAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/
ZXUDBAC/ZX8DBAC/ZZwDBAC/ZaMDBAC/ZeIDBAC/ZewDBAC/Ze4DBAC/ZfQDBADB
OmsDBADCNY0DBADCbg8wDQYJKoZIhvcNAQELBQADggEBAGIF2I9KhroUfHSciMT1
dHsl13srQdtojhPcTVaQUHxVIInvLJhUKGNWxTx+IHjazXGJCCR5upS+RdZmGweA
62Y6QdSYqZdMjXQsvHThSGIw1mGiuyYiSTvtxJqFh90tAaJf7Jo1liyVVokZUR8j
gkO9ezhzrbeBIuNqBoqOGgIUuMOticWCapfgS0aioNsS2nvjkxL8bCXYwYy7QDOZ
bmRf2T2hnFO4WUzq8YqYVaAvHP4KLdxhBZyAAg1OBwVXtbc9gc2/6iOKMbovV5Vg
U0hpA9Wob/mN9uAeYoWrxUOn/up29KtaLwuLlKy/7D2/7IJ6XvVKGb01nMTG2r11
F4I=
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:19 2024 by rpki-client on console-ams.rpki-client.org