This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: FnX3C2aSV/zatoVJcwZOdD+JV+DlBjRfuUKCKJKSYGg= Subject key identifier: 12:C3:BB:19:1D:4F:1E:0E:97:81:8E:4E:2B:A2:01:59:A5:7B:6C:E2 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 14ABD9D07C3BE8ECD27D5200E94C04DDAEC6D719 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa Signing time: Fri 28 Nov 2025 16:26:33 +0000 ROA not before: Fri 28 Nov 2025 16:21:33 +0000 ROA not after: Fri 27 Nov 2026 16:26:33 +0000 asID: 9009 IP address blocks: 82.21.138.0/24 maxlen: 24 82.21.146.0/24 maxlen: 24 82.21.147.0/24 maxlen: 24 82.21.196.0/24 maxlen: 24 82.21.197.0/24 maxlen: 24 82.21.217.0/24 maxlen: 24 82.21.240.0/24 maxlen: 24 82.22.242.0/24 maxlen: 24 82.23.7.0/24 maxlen: 24 82.23.8.0/24 maxlen: 24 82.23.9.0/24 maxlen: 24 82.23.10.0/24 maxlen: 24 82.23.11.0/24 maxlen: 24 82.23.12.0/24 maxlen: 24 82.23.13.0/24 maxlen: 24 82.23.14.0/24 maxlen: 24 82.23.216.0/24 maxlen: 24 82.23.232.0/24 maxlen: 24 82.24.223.0/24 maxlen: 24 82.24.230.0/24 maxlen: 24 82.25.214.0/24 maxlen: 24 82.25.227.0/24 maxlen: 24 82.26.121.0/24 maxlen: 24 82.26.217.0/24 maxlen: 24 82.27.226.0/24 maxlen: 24 82.29.113.0/24 maxlen: 24 82.29.114.0/24 maxlen: 24 82.29.116.0/24 maxlen: 24 82.29.117.0/24 maxlen: 24 82.29.238.0/24 maxlen: 24 2a13:9500:2::/48 maxlen: 48 2a13:9500:4::/48 maxlen: 48 2a13:9500:5::/48 maxlen: 48 2a13:9500:6::/48 maxlen: 48 2a13:9500:7::/48 maxlen: 48 2a13:9500:8::/48 maxlen: 48 2a13:9500:9::/48 maxlen: 48 2a13:9500:a::/48 maxlen: 48 2a13:9500:b::/48 maxlen: 48 2a13:9500:c::/48 maxlen: 48 2a13:9500:d::/48 maxlen: 48 2a13:9500:e::/48 maxlen: 48 2a13:9500:f::/48 maxlen: 48 2a13:9500:10::/48 maxlen: 48 2a13:9500:11::/48 maxlen: 48 2a13:9500:12::/48 maxlen: 48 2a13:9500:13::/48 maxlen: 48 2a13:9500:14::/48 maxlen: 48 2a13:9500:15::/48 maxlen: 48 2a13:9500:16::/48 maxlen: 48 2a13:9500:17::/48 maxlen: 48 2a13:9500:18::/48 maxlen: 48 2a13:9500:19::/48 maxlen: 48 2a13:9500:1a::/48 maxlen: 48 2a13:9500:1b::/48 maxlen: 48 2a13:9500:29::/48 maxlen: 48 2a13:9500:2a::/48 maxlen: 48 2a13:9500:2b::/48 maxlen: 48 2a13:9500:2c::/48 maxlen: 48 2a13:9500:2e::/48 maxlen: 48 2a13:9500:2f::/48 maxlen: 48 2a13:9500:30::/48 maxlen: 48 2a13:9500:31::/48 maxlen: 48 2a13:9500:34::/48 maxlen: 48 2a13:9500:35::/48 maxlen: 48 2a13:9500:3b::/48 maxlen: 48 2a13:9500:3c::/48 maxlen: 48 2a13:9500:3d::/48 maxlen: 48 2a13:9500:58::/48 maxlen: 48 2a13:9500:59::/48 maxlen: 48 2a13:9500:5a::/48 maxlen: 48 2a13:9500:f1::/48 maxlen: 48 2a13:9500:f2::/48 maxlen: 48 2a13:9500:f3::/48 maxlen: 48 2a13:9500:f4::/48 maxlen: 48 2a13:9500:f5::/48 maxlen: 48 2a13:9500:f6::/48 maxlen: 48 2a13:9500:f7::/48 maxlen: 48 2a13:9500:f8::/48 maxlen: 48 2a13:9500:f9::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:57:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:ab:d9:d0:7c:3b:e8:ec:d2:7d:52:00:e9:4c:04:dd:ae:c6:d7:19 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 28 16:21:33 2025 GMT Not After : Nov 27 16:26:33 2026 GMT Subject: CN=12C3BB191D4F1E0E97818E4E2BA20159A57B6CE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2c:ae:87:c3:29:6c:ea:c6:ea:6a:17:68:c3: c5:5c:c1:ae:01:81:e3:8c:c3:e1:ce:65:f3:ac:c3: ca:d4:e0:9a:94:bd:ec:6d:95:e5:58:64:2d:45:ba: f9:4e:7e:87:61:ae:86:32:73:b9:ad:13:ee:50:6b: 04:68:bd:df:fc:0d:cb:28:a3:46:d6:a6:e9:e9:d0: 0e:35:28:1c:a0:26:88:19:68:fb:69:ab:04:fd:cf: d8:64:da:2f:07:14:b5:9a:74:98:2c:76:1e:e4:d3: 4f:f2:a3:60:96:8d:ad:ce:6f:1e:79:67:8f:31:15: 64:fd:ae:a0:73:1e:67:a1:5d:e5:1b:e2:0d:8e:74: 87:40:2b:a4:f5:ac:db:5c:ce:6b:63:e2:f7:2b:2e: d5:b1:b4:5c:df:b7:47:14:cf:cf:c7:e0:54:39:6c: 21:a6:9a:ef:15:ba:6d:cf:7b:e0:e3:e9:ee:9b:63: c2:9b:ce:98:a9:0c:80:ea:ff:c1:10:44:40:8b:60: 51:20:26:f7:b8:53:1b:a1:cc:4d:b9:71:db:8b:6c: fb:c5:13:ad:30:95:02:7c:b8:49:68:06:15:f0:56: 35:26:26:a1:1d:ae:14:61:9e:3a:d5:bf:99:f9:7b: ec:d3:9d:8f:64:1f:dc:e8:dc:8c:be:36:67:9d:93: 20:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:C3:BB:19:1D:4F:1E:0E:97:81:8E:4E:2B:A2:01:59:A5:7B:6C:E2 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.138.0/24 82.21.146.0/23 82.21.196.0/23 82.21.217.0/24 82.21.240.0/24 82.22.242.0/24 82.23.7.0-82.23.14.255 82.23.216.0/24 82.23.232.0/24 82.24.223.0/24 82.24.230.0/24 82.25.214.0/24 82.25.227.0/24 82.26.121.0/24 82.26.217.0/24 82.27.226.0/24 82.29.113.0-82.29.114.255 82.29.116.0/23 82.29.238.0/24 IPv6: 2a13:9500:2::/48 2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff 2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff 2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff 2a13:9500:34::/47 2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff 2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff 2a13:9500:f1::-2a13:9500:f9:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 5e:bd:8f:34:34:42:7b:cb:3d:65:40:c5:d6:14:10:0c:e5:55: de:be:49:41:8f:07:19:da:8f:73:3f:3c:ca:39:08:89:c8:68: 3e:cd:e4:48:ad:f3:cb:1d:f2:b6:a5:c1:e9:c4:d0:15:15:46: b4:4f:c2:e3:6d:08:f6:09:83:ea:3a:c9:e6:12:c3:6b:34:15: 04:71:8c:4a:15:f5:08:f4:5e:6c:9a:dc:65:2f:c2:3e:86:cb: 3a:46:82:0d:60:b8:a7:ee:88:dd:65:c2:29:d9:9b:c2:11:a7: 20:2e:98:d3:69:9c:1b:e9:14:55:e7:ad:51:2b:90:18:f0:fa: 98:f6:6d:93:05:cf:96:f5:15:5e:3b:cd:dc:cd:2b:4b:c2:88: df:91:b8:92:e9:b7:6c:57:aa:47:d1:92:9e:41:28:8c:08:cd: aa:5a:58:15:18:d6:e3:7e:4a:75:05:c3:09:f8:ac:6d:3e:a6: 20:e9:13:ba:11:c0:58:c8:e2:f2:0e:c5:13:be:41:8e:cc:9c: 1c:34:cd:7a:84:2e:5a:c7:0e:f6:bb:db:a0:af:d8:3e:c1:c2: ea:d4:ab:bc:4c:26:88:1a:d0:fe:e8:f4:92:0a:9a:3d:1f:fa: f5:30:43:d2:03:b5:9d:5f:0d:ad:cb:e0:fd:4d:f2:29:cc:f8: 8d:5c:93:a3 -----BEGIN CERTIFICATE----- MIIGFjCCBP6gAwIBAgIUFKvZ0Hw76OzSfVIA6UwE3a7G1xkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMjgxNjIxMzNaFw0yNjExMjcxNjI2MzNaMDMxMTAvBgNV BAMTKDEyQzNCQjE5MUQ0RjFFMEU5NzgxOEU0RTJCQTIwMTU5QTU3QjZDRTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXLK6Hwyls6sbqahdow8Vcwa4B geOMw+HOZfOsw8rU4JqUvextleVYZC1FuvlOfodhroYyc7mtE+5QawRovd/8Dcso o0bWpunp0A41KBygJogZaPtpqwT9z9hk2i8HFLWadJgsdh7k00/yo2CWja3Obx55 Z48xFWT9rqBzHmehXeUb4g2OdIdAK6T1rNtczmtj4vcrLtWxtFzft0cUz8/H4FQ5 bCGmmu8Vum3Pe+Dj6e6bY8KbzpipDIDq/8EQRECLYFEgJve4UxuhzE25cduLbPvF E60wlQJ8uEloBhXwVjUmJqEdrhRhnjrVv5n5e+zTnY9kH9zo3Iy+NmedkyDLAgMB AAGjggMgMIIDHDAdBgNVHQ4EFgQUEsO7GR1PHg6XgY5OK6IBWaV7bOIwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCATUGCCsGAQUFBwEHAQH/BIIBJDCCASAwgYkEAgABMIGC AwQAUhWKAwQBUhWSAwQBUhXEAwQAUhXZAwQAUhXwAwQAUhbyMAwDBABSFwcDBABS Fw4DBABSF9gDBABSF+gDBABSGN8DBABSGOYDBABSGdYDBABSGeMDBABSGnkDBABS GtkDBABSG+IwDAMEAFIdcQMEAFIdcgMEAVIddAMEAFId7jCBkQQCAAIwgYoDBwAq E5UAAAIwEgMHAioTlQAABAMHAioTlQAAGDASAwcAKhOVAAApAwcAKhOVAAAsMBID BwEqE5UAAC4DBwEqE5UAADADBwEqE5UAADQwEgMHACoTlQAAOwMHASoTlQAAPDAS AwcDKhOVAABYAwcAKhOVAABaMBIDBwAqE5UAAPEDBwEqE5UAAPgwDQYJKoZIhvcN AQELBQADggEBAF69jzQ0QnvLPWVAxdYUEAzlVd6+SUGPBxnaj3M/PMo5CInIaD7N 5Eit88sd8ralwenE0BUVRrRPwuNtCPYJg+o6yeYSw2s0FQRxjEoV9Qj0Xmya3GUv wj6GyzpGgg1guKfuiN1lwinZm8IRpyAumNNpnBvpFFXnrVErkBjw+pj2bZMFz5b1 FV47zdzNK0vCiN+RuJLpt2xXqkfRkp5BKIwIzapaWBUY1uN+SnUFwwn4rG0+piDp E7oRwFjI4vIOxRO+QY7MnBw0zXqELlrHDva726Cv2D7BwurUq7xMJoga0P7o9JIK mj0f+vUwQ9IDtZ1fDa3L4P1N8inM+I1ck6M= -----END CERTIFICATE-----Generated at Wed Dec 3 11:47:27 2025 by rpki-client