
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: 33hOWxRz/ifTI4DHayLBfhwKnAp/DCyHolCl9LDpHYU=
Subject key identifier: 91:1C:3C:80:E0:6A:AA:22:1C:8C:5F:AD:80:23:83:EC:D9:1E:06:74
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 39832E5185309D46AD4D380C753D7A411CCBDE5F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time: Sat 27 Jun 2026 12:27:25 +0000
ROA not before: Sat 27 Jun 2026 12:22:25 +0000
ROA not after: Sat 26 Jun 2027 12:27:25 +0000
asID: 9009
IP address blocks: 82.21.138.0/24 maxlen: 24
82.21.146.0/24 maxlen: 24
82.21.147.0/24 maxlen: 24
82.21.196.0/24 maxlen: 24
82.21.197.0/24 maxlen: 24
82.21.217.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.23.7.0/24 maxlen: 24
82.23.8.0/24 maxlen: 24
82.23.9.0/24 maxlen: 24
82.23.10.0/24 maxlen: 24
82.23.11.0/24 maxlen: 24
82.23.12.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.24.8.0/24 maxlen: 24
82.24.86.0/24 maxlen: 24
82.24.223.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.25.214.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.26.121.0/24 maxlen: 24
82.26.217.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.29.95.0/24 maxlen: 24
82.29.113.0/24 maxlen: 24
82.29.114.0/24 maxlen: 24
82.29.116.0/24 maxlen: 24
82.29.117.0/24 maxlen: 24
82.29.238.0/24 maxlen: 24
82.38.14.0/24 maxlen: 24
82.47.252.0/23 maxlen: 24
178.83.10.0/24 maxlen: 24
178.83.108.0/24 maxlen: 24
2a13:9500:2::/48 maxlen: 48
2a13:9500:4::/48 maxlen: 48
2a13:9500:5::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:11::/48 maxlen: 48
2a13:9500:12::/48 maxlen: 48
2a13:9500:13::/48 maxlen: 48
2a13:9500:14::/48 maxlen: 48
2a13:9500:15::/48 maxlen: 48
2a13:9500:16::/48 maxlen: 48
2a13:9500:17::/48 maxlen: 48
2a13:9500:18::/48 maxlen: 48
2a13:9500:19::/48 maxlen: 48
2a13:9500:1a::/48 maxlen: 48
2a13:9500:1b::/48 maxlen: 48
2a13:9500:29::/48 maxlen: 48
2a13:9500:2a::/48 maxlen: 48
2a13:9500:2b::/48 maxlen: 48
2a13:9500:2c::/48 maxlen: 48
2a13:9500:2f::/48 maxlen: 48
2a13:9500:30::/48 maxlen: 48
2a13:9500:31::/48 maxlen: 48
2a13:9500:34::/48 maxlen: 48
2a13:9500:35::/48 maxlen: 48
2a13:9500:3b::/48 maxlen: 48
2a13:9500:3c::/48 maxlen: 48
2a13:9500:3d::/48 maxlen: 48
2a13:9500:58::/48 maxlen: 48
2a13:9500:59::/48 maxlen: 48
2a13:9500:5a::/48 maxlen: 48
2a13:9500:f1::/48 maxlen: 48
2a13:9500:f2::/48 maxlen: 48
2a13:9500:f3::/48 maxlen: 48
2a13:9500:f4::/48 maxlen: 48
2a13:9500:f5::/48 maxlen: 48
2a13:9500:f6::/48 maxlen: 48
2a13:9500:f7::/48 maxlen: 48
2a13:9500:f8::/48 maxlen: 48
2a13:9500:f9::/48 maxlen: 48
2a13:9500:16b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 16:14:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:83:2e:51:85:30:9d:46:ad:4d:38:0c:75:3d:7a:41:1c:cb:de:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 27 12:22:25 2026 GMT
Not After : Jun 26 12:27:25 2027 GMT
Subject: CN=911C3C80E06AAA221C8C5FAD802383ECD91E0674
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:62:56:5f:18:26:88:31:df:85:2a:17:0d:a6:
32:70:27:2a:21:da:21:73:3a:00:36:2f:d5:04:cd:
2c:28:71:cb:d2:a6:75:3f:ee:6e:75:69:94:6b:7f:
df:70:ee:d6:26:39:61:c6:1e:ed:90:d9:87:f0:39:
4b:58:2d:5f:a1:9e:cd:f9:ba:9b:64:77:00:e8:2f:
ec:17:e9:de:33:93:f6:7b:a5:13:f2:c6:27:06:92:
61:04:08:6e:13:62:0a:8e:94:2a:2c:f4:07:b0:9b:
6a:7e:15:f6:ad:b4:6e:71:8b:56:73:5f:ba:98:d6:
15:91:8e:05:66:1e:37:fa:fa:d1:01:72:14:5e:9a:
ec:f5:d1:8d:5e:4b:a4:7b:f1:5d:e6:1f:13:94:69:
f2:df:8c:29:49:e2:cb:cf:2d:05:0b:bb:96:76:94:
43:c3:19:68:23:a9:9d:eb:c4:69:e8:66:12:17:f6:
06:f0:54:92:38:53:de:d0:b6:bc:e0:c2:d7:f0:b3:
b1:40:95:45:b0:35:a7:47:35:2b:8a:80:a2:b5:21:
60:ff:2d:c4:5f:39:5d:d7:e5:5c:95:73:23:61:b5:
cd:8d:2d:a7:e7:bf:51:6f:70:9f:9e:e1:fc:f0:0f:
95:8d:2f:01:ba:b4:3c:77:9a:c8:00:27:36:68:36:
74:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:1C:3C:80:E0:6A:AA:22:1C:8C:5F:AD:80:23:83:EC:D9:1E:06:74
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.21.146.0/23
82.21.196.0/23
82.21.217.0/24
82.21.240.0/24
82.22.242.0/24
82.23.7.0-82.23.12.255
82.23.216.0/24
82.23.232.0/24
82.24.8.0/24
82.24.86.0/24
82.24.223.0/24
82.24.230.0/24
82.25.214.0/24
82.25.227.0/24
82.26.121.0/24
82.26.217.0/24
82.27.226.0/24
82.29.95.0/24
82.29.113.0-82.29.114.255
82.29.116.0/23
82.29.238.0/24
82.38.14.0/24
82.47.252.0/23
178.83.10.0/24
178.83.108.0/24
IPv6:
2a13:9500:2::/48
2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
2a13:9500:2f::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
2a13:9500:34::/47
2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff
2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff
2a13:9500:f1::-2a13:9500:f9:ffff:ffff:ffff:ffff:ffff
2a13:9500:16b::/48
Signature Algorithm: sha256WithRSAEncryption
95:3d:48:13:35:a6:1d:88:26:37:76:51:99:10:85:ff:5a:b9:
17:5a:9e:21:05:c3:73:52:d1:b9:35:75:d1:e2:ba:59:ce:c5:
4d:09:fb:2c:ed:e1:64:81:dd:94:ca:72:3c:94:3c:35:a2:25:
1d:07:9b:ff:73:d9:2e:e7:2c:70:d0:a7:d5:dd:48:e7:d5:2b:
95:14:ec:d8:dc:0f:c8:66:ee:12:d7:d1:19:f0:8b:3f:86:f5:
84:b4:a8:0b:be:5d:98:6b:d4:f5:5b:eb:b7:0a:24:24:05:29:
5b:f9:8a:0c:b9:89:43:75:87:2b:45:46:8c:48:b1:4f:57:c4:
47:7a:a9:22:21:72:0a:50:70:4a:6d:db:78:98:93:24:5f:57:
f6:84:4e:a0:e9:11:6c:0b:d2:57:ab:dc:16:a4:d0:c2:f6:bd:
ba:79:9e:1d:b6:39:27:98:9c:4c:21:2c:75:8a:6e:15:62:63:
35:65:94:c3:66:4d:d1:50:ec:56:d2:48:7e:d0:43:ee:d3:20:
d1:be:9b:29:ac:26:5d:49:1b:d9:9d:78:fb:2e:7a:32:34:cb:
d7:8a:60:e3:8e:36:22:97:17:80:c4:86:01:66:e4:5a:98:09:
df:a5:f8:55:f0:25:52:b0:13:ad:28:ff:16:0e:c9:d0:2d:e7:
96:09:6f:3e
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIUOYMuUYUwnUatTTgMdT16QRzL3l8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjcxMjIyMjVaFw0yNzA2MjYxMjI3MjVaMDMxMTAvBgNV
BAMTKDkxMUMzQzgwRTA2QUFBMjIxQzhDNUZBRDgwMjM4M0VDRDkxRTA2NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcYlZfGCaIMd+FKhcNpjJwJyoh
2iFzOgA2L9UEzSwoccvSpnU/7m51aZRrf99w7tYmOWHGHu2Q2YfwOUtYLV+hns35
uptkdwDoL+wX6d4zk/Z7pRPyxicGkmEECG4TYgqOlCos9Aewm2p+FfattG5xi1Zz
X7qY1hWRjgVmHjf6+tEBchRemuz10Y1eS6R78V3mHxOUafLfjClJ4svPLQULu5Z2
lEPDGWgjqZ3rxGnoZhIX9gbwVJI4U97Qtrzgwtfws7FAlUWwNadHNSuKgKK1IWD/
LcRfOV3X5VyVcyNhtc2NLafnv1FvcJ+e4fzwD5WNLwG6tDx3msgAJzZoNnRNAgMB
AAGjggNTMIIDTzAdBgNVHQ4EFgQUkRw8gOBqqiIcjF+tgCOD7NkeBnQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWgGCCsGAQUFBwEHAQH/BIIBVzCCAVMwgbMEAgABMIGs
AwQAUhWKAwQBUhWSAwQBUhXEAwQAUhXZAwQAUhXwAwQAUhbyMAwDBABSFwcDBABS
FwwDBABSF9gDBABSF+gDBABSGAgDBABSGFYDBABSGN8DBABSGOYDBABSGdYDBABS
GeMDBABSGnkDBABSGtkDBABSG+IDBABSHV8wDAMEAFIdcQMEAFIdcgMEAVIddAME
AFId7gMEAFImDgMEAVIv/AMEALJTCgMEALJTbDCBmgQCAAIwgZMDBwAqE5UAAAIw
EgMHAioTlQAABAMHAioTlQAAGDASAwcAKhOVAAApAwcAKhOVAAAsMBIDBwAqE5UA
AC8DBwEqE5UAADADBwEqE5UAADQwEgMHACoTlQAAOwMHASoTlQAAPDASAwcDKhOV
AABYAwcAKhOVAABaMBIDBwAqE5UAAPEDBwEqE5UAAPgDBwAqE5UAAWswDQYJKoZI
hvcNAQELBQADggEBAJU9SBM1ph2IJjd2UZkQhf9auRdaniEFw3NS0bk1ddHiulnO
xU0J+yzt4WSB3ZTKcjyUPDWiJR0Hm/9z2S7nLHDQp9XdSOfVK5UU7NjcD8hm7hLX
0Rnwiz+G9YS0qAu+XZhr1PVb67cKJCQFKVv5igy5iUN1hytFRoxIsU9XxEd6qSIh
cgpQcEpt23iYkyRfV/aETqDpEWwL0ler3Bak0ML2vbp5nh22OSeYnEwhLHWKbhVi
YzVllMNmTdFQ7FbSSH7QQ+7TING+mymsJl1JG9mdePsuejI0y9eKYOOONiKXF4DE
hgFm5FqYCd+l+FXwJVKwE60o/xYOydAt55YJbz4=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:07:06 2026 by rpki-client