This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: QBJezGGFaFXI2pf+nzDQmOZ6xCWr8OLRYbAcBP/nKGw= Subject key identifier: 48:C7:D4:C8:FF:3A:EA:7B:86:AC:A5:93:49:30:25:DA:F8:7E:BE:A1 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 16FFF75961B7E8ADC2827A108924BAADCF79E97F Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa Signing time: Thu 15 Jan 2026 14:23:33 +0000 ROA not before: Thu 15 Jan 2026 14:18:33 +0000 ROA not after: Thu 14 Jan 2027 14:23:33 +0000 asID: 9009 IP address blocks: 2.58.172.0/24 maxlen: 24 5.45.38.0/24 maxlen: 24 5.181.125.0/24 maxlen: 24 5.181.126.0/24 maxlen: 24 5.181.127.0/24 maxlen: 24 5.182.109.0/24 maxlen: 24 37.143.60.0/24 maxlen: 24 45.95.14.0/24 maxlen: 24 45.95.37.0/24 maxlen: 24 45.133.175.0/24 maxlen: 24 45.137.132.0/24 maxlen: 24 45.137.133.0/24 maxlen: 24 45.137.134.0/24 maxlen: 24 45.137.135.0/24 maxlen: 24 92.242.185.0/24 maxlen: 24 130.185.124.0/24 maxlen: 24 179.61.131.0/24 maxlen: 24 179.61.133.0/24 maxlen: 24 179.61.165.0/24 maxlen: 24 179.61.171.0/24 maxlen: 24 179.61.183.0/24 maxlen: 24 179.61.186.0/24 maxlen: 24 179.61.201.0/24 maxlen: 24 181.41.205.0/24 maxlen: 24 181.41.216.0/24 maxlen: 24 181.214.5.0/24 maxlen: 24 181.214.27.0/24 maxlen: 24 181.214.45.0/24 maxlen: 24 181.214.55.0/24 maxlen: 24 181.214.65.0/24 maxlen: 24 181.214.71.0/24 maxlen: 24 181.214.72.0/24 maxlen: 24 181.214.92.0/24 maxlen: 24 181.214.115.0/24 maxlen: 24 181.214.127.0/24 maxlen: 24 181.214.170.0/24 maxlen: 24 181.214.175.0/24 maxlen: 24 181.214.204.0/24 maxlen: 24 181.214.207.0/24 maxlen: 24 181.214.251.0/24 maxlen: 24 181.215.107.0/24 maxlen: 24 181.215.116.0/24 maxlen: 24 181.215.119.0/24 maxlen: 24 181.215.124.0/24 maxlen: 24 181.215.130.0/24 maxlen: 24 181.215.132.0/24 maxlen: 24 181.215.137.0/24 maxlen: 24 181.215.150.0/24 maxlen: 24 181.215.151.0/24 maxlen: 24 181.215.157.0/24 maxlen: 24 181.215.192.0/24 maxlen: 24 181.215.199.0/24 maxlen: 24 181.215.209.0/24 maxlen: 24 181.215.228.0/24 maxlen: 24 181.215.235.0/24 maxlen: 24 181.215.251.0/24 maxlen: 24 185.135.156.0/24 maxlen: 24 185.143.231.0/24 maxlen: 24 185.145.36.0/24 maxlen: 24 185.145.39.0/24 maxlen: 24 185.151.56.0/24 maxlen: 24 185.151.57.0/24 maxlen: 24 185.172.66.0/24 maxlen: 24 191.96.23.0/24 maxlen: 24 191.96.35.0/24 maxlen: 24 191.96.65.0/24 maxlen: 24 191.96.147.0/24 maxlen: 24 191.96.172.0/24 maxlen: 24 191.96.195.0/24 maxlen: 24 191.96.210.0/24 maxlen: 24 191.96.213.0/24 maxlen: 24 191.96.215.0/24 maxlen: 24 191.96.232.0/24 maxlen: 24 191.101.6.0/24 maxlen: 24 191.101.23.0/24 maxlen: 24 191.101.72.0/24 maxlen: 24 191.101.74.0/24 maxlen: 24 191.101.75.0/24 maxlen: 24 191.101.77.0/24 maxlen: 24 191.101.90.0/24 maxlen: 24 191.101.98.0/24 maxlen: 24 191.101.105.0/24 maxlen: 24 191.101.107.0/24 maxlen: 24 191.101.108.0/24 maxlen: 24 191.101.115.0/24 maxlen: 24 191.101.117.0/24 maxlen: 24 191.101.156.0/24 maxlen: 24 191.101.159.0/24 maxlen: 24 191.101.226.0/24 maxlen: 24 193.58.107.0/24 maxlen: 24 194.53.141.0/24 maxlen: 24 194.110.15.0/24 maxlen: 24 194.110.242.0/24 maxlen: 24 213.109.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 19:40:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 16:ff:f7:59:61:b7:e8:ad:c2:82:7a:10:89:24:ba:ad:cf:79:e9:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Jan 15 14:18:33 2026 GMT Not After : Jan 14 14:23:33 2027 GMT Subject: CN=48C7D4C8FF3AEA7B86ACA593493025DAF87EBEA1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:dc:e5:47:01:f9:dd:97:f9:d3:48:8a:86:2d: 8c:b8:d5:a2:5c:20:02:8b:1b:28:4e:19:93:46:36: 52:e8:57:da:c8:e3:39:29:3d:1d:71:de:47:fa:af: fa:92:9d:a6:9b:e4:61:43:fd:fa:b3:2b:50:5b:dd: 5f:9a:12:ab:54:f0:3d:78:8d:e9:46:b9:3a:44:4a: 76:8e:4a:b9:f4:5d:71:01:11:d6:a0:42:b2:ea:74: 33:d6:f2:d2:fe:16:20:a0:25:2e:8e:ed:3b:e6:14: 9f:dd:1d:75:8a:9b:60:12:a7:c0:5e:c5:8e:fd:c3: 10:d6:67:83:9f:32:07:b2:5a:02:12:90:08:3f:7f: 1e:ad:fd:69:82:86:7d:33:77:2b:51:e8:c9:b2:51: d2:e3:c9:58:65:e1:0f:15:9b:45:49:48:37:ca:70: 24:eb:62:84:c5:7a:8c:c3:45:66:32:5b:a2:d5:d0: 1d:68:77:a7:fe:b7:3b:ba:e1:79:c2:81:4f:fe:65: 9a:db:62:83:7b:95:a6:5b:eb:5f:a8:2f:4f:34:5f: a0:e3:70:f4:c4:f4:5b:f3:6f:f4:39:47:c9:79:e2: 90:e3:06:c7:1f:8b:55:ac:ff:c8:46:41:56:e1:be: 30:d8:52:d0:0c:dd:69:04:8e:44:43:f1:1a:ee:5f: 5c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:C7:D4:C8:FF:3A:EA:7B:86:AC:A5:93:49:30:25:DA:F8:7E:BE:A1 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.172.0/24 5.45.38.0/24 5.181.125.0-5.181.127.255 5.182.109.0/24 37.143.60.0/24 45.95.14.0/24 45.95.37.0/24 45.133.175.0/24 45.137.132.0/22 92.242.185.0/24 130.185.124.0/24 179.61.131.0/24 179.61.133.0/24 179.61.165.0/24 179.61.171.0/24 179.61.183.0/24 179.61.186.0/24 179.61.201.0/24 181.41.205.0/24 181.41.216.0/24 181.214.5.0/24 181.214.27.0/24 181.214.45.0/24 181.214.55.0/24 181.214.65.0/24 181.214.71.0-181.214.72.255 181.214.92.0/24 181.214.115.0/24 181.214.127.0/24 181.214.170.0/24 181.214.175.0/24 181.214.204.0/24 181.214.207.0/24 181.214.251.0/24 181.215.107.0/24 181.215.116.0/24 181.215.119.0/24 181.215.124.0/24 181.215.130.0/24 181.215.132.0/24 181.215.137.0/24 181.215.150.0/23 181.215.157.0/24 181.215.192.0/24 181.215.199.0/24 181.215.209.0/24 181.215.228.0/24 181.215.235.0/24 181.215.251.0/24 185.135.156.0/24 185.143.231.0/24 185.145.36.0/24 185.145.39.0/24 185.151.56.0/23 185.172.66.0/24 191.96.23.0/24 191.96.35.0/24 191.96.65.0/24 191.96.147.0/24 191.96.172.0/24 191.96.195.0/24 191.96.210.0/24 191.96.213.0/24 191.96.215.0/24 191.96.232.0/24 191.101.6.0/24 191.101.23.0/24 191.101.72.0/24 191.101.74.0/23 191.101.77.0/24 191.101.90.0/24 191.101.98.0/24 191.101.105.0/24 191.101.107.0-191.101.108.255 191.101.115.0/24 191.101.117.0/24 191.101.156.0/24 191.101.159.0/24 191.101.226.0/24 193.58.107.0/24 194.53.141.0/24 194.110.15.0/24 194.110.242.0/24 213.109.168.0/24 Signature Algorithm: sha256WithRSAEncryption 80:b0:2e:ed:dc:d8:4f:4f:b8:e6:2e:e6:ba:cc:95:e7:06:df: 5d:01:14:17:31:26:f4:5f:71:54:ee:9b:f7:46:e9:75:69:ba: 51:c8:b6:27:df:d5:dd:4c:63:95:9d:0b:a7:58:27:93:c0:33: 73:1b:35:71:63:27:61:ad:7d:f8:ad:3a:e7:b9:27:f0:34:b1: f2:92:d5:11:1e:a5:9a:3a:9c:f4:0c:19:64:69:88:cd:07:7e: d8:ac:b6:c0:8e:09:ed:d2:73:38:e5:b3:ab:bc:95:9a:b7:7a: 7a:58:4d:97:49:f2:29:73:f8:b0:34:db:2b:ca:4c:3f:8e:cf: 9c:19:0f:e5:a2:5c:33:c9:19:b3:35:00:66:0d:8a:2b:aa:e9: 51:da:ee:f0:18:54:61:02:48:d2:f6:2f:57:7a:b7:4b:95:b6: b0:8a:4a:f4:4f:e1:f5:5a:fc:46:03:fa:26:38:71:8d:ff:da: 87:97:3c:6b:cf:e4:e9:e1:a4:48:37:bc:5d:79:7c:de:98:79: f4:f2:06:99:6d:00:76:64:50:2c:0a:e6:a1:54:c2:d1:51:c5: 7f:f7:1b:26:ef:74:78:e0:f3:01:1a:c5:a7:0a:b9:00:cd:9a: 7c:bc:60:fe:49:eb:27:d5:c6:02:28:8b:9e:4a:bc:47:ba:3d: 57:be:c1:cf -----BEGIN CERTIFICATE----- MIIHEjCCBfqgAwIBAgIUFv/3WWG36K3CgnoQiSS6rc956X8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNjAxMTUxNDE4MzNaFw0yNzAxMTQxNDIzMzNaMDMxMTAvBgNV BAMTKDQ4QzdENEM4RkYzQUVBN0I4NkFDQTU5MzQ5MzAyNURBRjg3RUJFQTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC43OVHAfndl/nTSIqGLYy41aJc IAKLGyhOGZNGNlLoV9rI4zkpPR1x3kf6r/qSnaab5GFD/fqzK1Bb3V+aEqtU8D14 jelGuTpESnaOSrn0XXEBEdagQrLqdDPW8tL+FiCgJS6O7TvmFJ/dHXWKm2ASp8Be xY79wxDWZ4OfMgeyWgISkAg/fx6t/WmChn0zdytR6MmyUdLjyVhl4Q8Vm0VJSDfK cCTrYoTFeozDRWYyW6LV0B1od6f+tzu64XnCgU/+ZZrbYoN7laZb61+oL080X6Dj cPTE9Fvzb/Q5R8l54pDjBscfi1Ws/8hGQVbhvjDYUtAM3WkEjkRD8RruX1yRAgMB AAGjggQcMIIEGDAdBgNVHQ4EFgQUSMfUyP866nuGrKWTSTAl2vh+vqEwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAjEGCCsGAQUFBwEHAQH/BIICIDCCAhwwggIYBAIAATCC AhADBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9pQME ALM9qwMEALM9twMEALM9ugMEALM9yQMEALUpzQMEALUp2AMEALXWBQMEALXWGwME ALXWLQMEALXWNwMEALXWQTAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZzAwQAtdZ/ AwQAtdaqAwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3 AwQAtdd8AwQAtdeCAwQAtdeEAwQAtdeJAwQBtdeWAwQAtdedAwQAtdfAAwQAtdfH AwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/nAwQAuZEkAwQAuZEn AwQBuZc4AwQAuaxCAwQAv2AXAwQAv2AjAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DD AwQAv2DSAwQAv2DVAwQAv2DXAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VK AwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/ ZXUDBAC/ZZwDBAC/ZZ8DBAC/ZeIDBADBOmsDBADCNY0DBADCbg8DBADCbvIDBADV bagwDQYJKoZIhvcNAQELBQADggEBAICwLu3c2E9PuOYu5rrMlecG310BFBcxJvRf cVTum/dG6XVpulHItiff1d1MY5WdC6dYJ5PAM3MbNXFjJ2GtffitOue5J/A0sfKS 1REepZo6nPQMGWRpiM0HftistsCOCe3Sczjls6u8lZq3enpYTZdJ8ilz+LA02yvK TD+Oz5wZD+WiXDPJGbM1AGYNiiuq6VHa7vAYVGECSNL2L1d6t0uVtrCKSvRP4fVa /EYD+iY4cY3/2oeXPGvP5OnhpEg3vF15fN6YefTyBpltAHZkUCwK5qFUwtFRxX/3 GybvdHjg8wEaxacKuQDNmny8YP5J6yfVxgIoi55KvEe6PVe+wc8= -----END CERTIFICATE-----Generated at Sun Jan 18 08:56:46 2026 by rpki-client