Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: RyZ/uNTkCI1Dfqwx3OuBXQVYajelT+i5h4dp/iQ/pb4=
Subject key identifier: 91:EF:87:32:FE:F6:7C:BF:2E:51:D4:1A:7D:47:B0:65:FD:DC:85:7B
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 26D78BA5113985F9AADE6642009A3AD074256833
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time: Thu 22 May 2025 10:45:43 +0000
ROA not before: Thu 22 May 2025 10:40:43 +0000
ROA not after: Thu 21 May 2026 10:45:43 +0000
asID: 9009
IP address blocks: 82.21.146.0/24 maxlen: 24
82.21.147.0/24 maxlen: 24
82.21.196.0/24 maxlen: 24
82.21.197.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.23.7.0/24 maxlen: 24
82.23.8.0/24 maxlen: 24
82.23.9.0/24 maxlen: 24
82.23.10.0/24 maxlen: 24
82.23.11.0/24 maxlen: 24
82.23.12.0/24 maxlen: 24
82.23.13.0/24 maxlen: 24
82.23.14.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.26.121.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.29.113.0/24 maxlen: 24
82.29.114.0/24 maxlen: 24
82.29.116.0/24 maxlen: 24
82.29.117.0/24 maxlen: 24
82.29.238.0/24 maxlen: 24
2a13:9500:2::/48 maxlen: 48
2a13:9500:4::/48 maxlen: 48
2a13:9500:5::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:11::/48 maxlen: 48
2a13:9500:12::/48 maxlen: 48
2a13:9500:13::/48 maxlen: 48
2a13:9500:14::/48 maxlen: 48
2a13:9500:15::/48 maxlen: 48
2a13:9500:16::/48 maxlen: 48
2a13:9500:17::/48 maxlen: 48
2a13:9500:18::/48 maxlen: 48
2a13:9500:19::/48 maxlen: 48
2a13:9500:1a::/48 maxlen: 48
2a13:9500:1b::/48 maxlen: 48
2a13:9500:29::/48 maxlen: 48
2a13:9500:2a::/48 maxlen: 48
2a13:9500:2b::/48 maxlen: 48
2a13:9500:2c::/48 maxlen: 48
2a13:9500:2e::/48 maxlen: 48
2a13:9500:2f::/48 maxlen: 48
2a13:9500:30::/48 maxlen: 48
2a13:9500:31::/48 maxlen: 48
2a13:9500:34::/48 maxlen: 48
2a13:9500:35::/48 maxlen: 48
2a13:9500:3b::/48 maxlen: 48
2a13:9500:3c::/48 maxlen: 48
2a13:9500:3d::/48 maxlen: 48
2a13:9500:58::/48 maxlen: 48
2a13:9500:59::/48 maxlen: 48
2a13:9500:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Jun 2025 08:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:d7:8b:a5:11:39:85:f9:aa:de:66:42:00:9a:3a:d0:74:25:68:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: May 22 10:40:43 2025 GMT
Not After : May 21 10:45:43 2026 GMT
Subject: CN=91EF8732FEF67CBF2E51D41A7D47B065FDDC857B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c9:02:47:d1:2d:c8:cc:a0:aa:85:f2:69:38:
8f:83:95:59:7e:cb:27:7b:9f:cb:12:0f:a7:61:d1:
d0:89:1d:6c:55:ed:4f:4d:6c:6a:98:22:1b:a2:45:
b4:26:e6:4e:7b:56:58:86:8a:f1:23:c6:aa:3a:72:
d7:36:bc:e8:d6:72:72:50:ff:8e:94:db:06:44:0f:
f1:38:95:84:3a:bb:9b:64:32:39:59:58:52:40:3d:
83:39:a6:b2:2c:2e:c6:65:2a:0f:b0:a8:8c:ec:94:
3c:a4:51:6c:96:cc:86:9d:c0:93:17:b4:29:b1:a2:
8b:fa:14:fc:e5:71:c6:33:57:84:e1:ba:8d:ed:2a:
74:6b:7a:6c:b7:95:2f:e1:0c:8c:5a:4f:4c:7e:9d:
4a:e6:be:d0:40:a4:40:3b:c3:74:e4:4b:8d:ff:e9:
13:40:5c:38:4c:be:0a:62:e1:9a:41:29:ed:e6:66:
91:b0:14:5e:3d:92:c3:bc:2e:0d:c7:2a:29:5a:bd:
38:9e:2c:8a:b6:7b:ee:a7:d3:93:b6:ac:bc:83:73:
05:1f:df:b6:13:af:b9:76:a8:43:c2:36:a2:d6:52:
19:28:32:fa:fc:05:9f:65:3d:f4:22:d1:3d:e7:d4:
29:3c:b8:c1:c7:81:d6:df:1c:ad:d7:0b:de:bd:93:
8f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EF:87:32:FE:F6:7C:BF:2E:51:D4:1A:7D:47:B0:65:FD:DC:85:7B
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.146.0/23
82.21.196.0/23
82.21.240.0/24
82.23.7.0-82.23.14.255
82.23.216.0/24
82.24.230.0/24
82.25.227.0/24
82.26.121.0/24
82.27.226.0/24
82.29.113.0-82.29.114.255
82.29.116.0/23
82.29.238.0/24
IPv6:
2a13:9500:2::/48
2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
2a13:9500:34::/47
2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff
2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3a:2d:a4:6e:be:82:d1:a9:4d:75:90:59:70:4e:a7:37:99:09:
8a:4e:84:90:4a:25:62:c5:a3:97:7b:ff:1a:0b:d9:a3:71:d2:
04:46:ec:46:42:d6:af:6e:a4:b7:84:f2:9d:82:91:22:95:ea:
8e:fc:7c:09:08:5e:4c:b3:07:1c:1b:7f:a6:34:c1:f9:83:80:
e2:ba:d7:53:8d:c0:85:b3:d4:9b:63:4d:09:49:a0:24:69:7b:
e9:89:ed:03:82:d0:b0:6b:8a:29:e8:99:0e:bb:48:d9:7b:95:
8f:8f:5a:e3:49:fc:23:88:e7:7a:92:4f:e8:67:d7:d5:a8:39:
71:27:f3:53:a7:02:37:10:25:fd:60:a2:d3:8d:33:c9:40:1c:
bb:65:fe:82:a5:f7:dc:51:3f:01:3b:3e:5f:a3:c8:08:41:55:
ba:83:a7:95:b8:ba:6e:7a:19:94:cc:41:db:0b:b6:39:f9:e5:
16:c2:ce:0f:73:b2:66:23:3b:61:7d:dd:28:7e:84:b9:fd:c7:
2a:3b:64:ed:ed:6a:26:70:ce:bf:ee:f7:f4:e4:e9:8a:28:26:
f8:03:51:e6:f4:3b:46:9f:fb:8e:77:8d:42:ce:90:84:b1:c3:
ed:ec:30:26:01:35:d4:5e:4a:af:71:c9:83:1d:cb:8d:db:21:
2c:b5:ad:91
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgIUJteLpRE5hfmq3mZCAJo60HQlaDMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA1MjIxMDQwNDNaFw0yNjA1MjExMDQ1NDNaMDMxMTAvBgNV
BAMTKDkxRUY4NzMyRkVGNjdDQkYyRTUxRDQxQTdENDdCMDY1RkREQzg1N0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzyQJH0S3IzKCqhfJpOI+DlVl+
yyd7n8sSD6dh0dCJHWxV7U9NbGqYIhuiRbQm5k57VliGivEjxqo6ctc2vOjWcnJQ
/46U2wZED/E4lYQ6u5tkMjlZWFJAPYM5prIsLsZlKg+wqIzslDykUWyWzIadwJMX
tCmxoov6FPzlccYzV4Thuo3tKnRremy3lS/hDIxaT0x+nUrmvtBApEA7w3TkS43/
6RNAXDhMvgpi4ZpBKe3mZpGwFF49ksO8Lg3HKilavTieLIq2e+6n05O2rLyDcwUf
37YTr7l2qEPCNqLWUhkoMvr8BZ9lPfQi0T3n1Ck8uMHHgdbfHK3XC969k49VAgMB
AAGjggLbMIIC1zAdBgNVHQ4EFgQUke+HMv72fL8uUdQafUewZf3chXswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB8QYIKwYBBQUHAQcBAf8EgeEwgd4wXgQCAAEwWAMEAVIV
kgMEAVIVxAMEAFIV8DAMAwQAUhcHAwQAUhcOAwQAUhfYAwQAUhjmAwQAUhnjAwQA
Uhp5AwQAUhviMAwDBABSHXEDBABSHXIDBAFSHXQDBABSHe4wfAQCAAIwdgMHACoT
lQAAAjASAwcCKhOVAAAEAwcCKhOVAAAYMBIDBwAqE5UAACkDBwAqE5UAACwwEgMH
ASoTlQAALgMHASoTlQAAMAMHASoTlQAANDASAwcAKhOVAAA7AwcBKhOVAAA8MBID
BwMqE5UAAFgDBwAqE5UAAFowDQYJKoZIhvcNAQELBQADggEBADotpG6+gtGpTXWQ
WXBOpzeZCYpOhJBKJWLFo5d7/xoL2aNx0gRG7EZC1q9upLeE8p2CkSKV6o78fAkI
XkyzBxwbf6Y0wfmDgOK611ONwIWz1JtjTQlJoCRpe+mJ7QOC0LBriinomQ67SNl7
lY+PWuNJ/COI53qST+hn19WoOXEn81OnAjcQJf1gotONM8lAHLtl/oKl99xRPwE7
Pl+jyAhBVbqDp5W4um56GZTMQdsLtjn55RbCzg9zsmYjO2F93Sh+hLn9xyo7ZO3t
aiZwzr/u9/Tk6YooJvgDUeb0O0af+453jULOkISxw+3sMCYBNdReSq9xyYMdy43b
ISy1rZE=
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:11:50 2025 by rpki-client