Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: V5drktgVG4bMuAu4tEi0YPywVycqIfbbrTd/jb+pZu0=
Subject key identifier: FA:51:FB:69:B3:8B:79:88:3B:CE:ED:E9:57:12:B1:38:C6:EA:C1:69
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 081DD2651DB51E553652FF6F9A32A28C20159A3B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time: Fri 29 Aug 2025 11:46:37 +0000
ROA not before: Fri 29 Aug 2025 11:41:37 +0000
ROA not after: Fri 28 Aug 2026 11:46:37 +0000
asID: 9009
IP address blocks: 82.21.146.0/24 maxlen: 24
82.21.147.0/24 maxlen: 24
82.21.196.0/24 maxlen: 24
82.21.197.0/24 maxlen: 24
82.21.217.0/24 maxlen: 24
82.21.240.0/24 maxlen: 24
82.22.187.0/24 maxlen: 24
82.22.242.0/24 maxlen: 24
82.23.7.0/24 maxlen: 24
82.23.8.0/24 maxlen: 24
82.23.9.0/24 maxlen: 24
82.23.10.0/24 maxlen: 24
82.23.11.0/24 maxlen: 24
82.23.12.0/24 maxlen: 24
82.23.13.0/24 maxlen: 24
82.23.14.0/24 maxlen: 24
82.23.216.0/24 maxlen: 24
82.23.232.0/24 maxlen: 24
82.24.223.0/24 maxlen: 24
82.24.230.0/24 maxlen: 24
82.25.214.0/24 maxlen: 24
82.25.227.0/24 maxlen: 24
82.26.121.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.26.217.0/24 maxlen: 24
82.27.226.0/24 maxlen: 24
82.29.113.0/24 maxlen: 24
82.29.114.0/24 maxlen: 24
82.29.116.0/24 maxlen: 24
82.29.117.0/24 maxlen: 24
82.29.238.0/24 maxlen: 24
2a13:9500:2::/48 maxlen: 48
2a13:9500:4::/48 maxlen: 48
2a13:9500:5::/48 maxlen: 48
2a13:9500:6::/48 maxlen: 48
2a13:9500:7::/48 maxlen: 48
2a13:9500:8::/48 maxlen: 48
2a13:9500:9::/48 maxlen: 48
2a13:9500:a::/48 maxlen: 48
2a13:9500:b::/48 maxlen: 48
2a13:9500:c::/48 maxlen: 48
2a13:9500:d::/48 maxlen: 48
2a13:9500:e::/48 maxlen: 48
2a13:9500:f::/48 maxlen: 48
2a13:9500:10::/48 maxlen: 48
2a13:9500:11::/48 maxlen: 48
2a13:9500:12::/48 maxlen: 48
2a13:9500:13::/48 maxlen: 48
2a13:9500:14::/48 maxlen: 48
2a13:9500:15::/48 maxlen: 48
2a13:9500:16::/48 maxlen: 48
2a13:9500:17::/48 maxlen: 48
2a13:9500:18::/48 maxlen: 48
2a13:9500:19::/48 maxlen: 48
2a13:9500:1a::/48 maxlen: 48
2a13:9500:1b::/48 maxlen: 48
2a13:9500:29::/48 maxlen: 48
2a13:9500:2a::/48 maxlen: 48
2a13:9500:2b::/48 maxlen: 48
2a13:9500:2c::/48 maxlen: 48
2a13:9500:2e::/48 maxlen: 48
2a13:9500:2f::/48 maxlen: 48
2a13:9500:30::/48 maxlen: 48
2a13:9500:31::/48 maxlen: 48
2a13:9500:34::/48 maxlen: 48
2a13:9500:35::/48 maxlen: 48
2a13:9500:3b::/48 maxlen: 48
2a13:9500:3c::/48 maxlen: 48
2a13:9500:3d::/48 maxlen: 48
2a13:9500:58::/48 maxlen: 48
2a13:9500:59::/48 maxlen: 48
2a13:9500:5a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 19:30:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:1d:d2:65:1d:b5:1e:55:36:52:ff:6f:9a:32:a2:8c:20:15:9a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 29 11:41:37 2025 GMT
Not After : Aug 28 11:46:37 2026 GMT
Subject: CN=FA51FB69B38B79883BCEEDE95712B138C6EAC169
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:eb:ab:8e:25:d4:39:cb:3a:98:3f:85:52:5c:
42:6d:37:9b:8b:e9:01:1e:29:57:4b:f0:e0:d4:be:
bc:f7:ba:2d:2c:c5:b3:9d:f9:20:1b:cb:40:a9:89:
fa:29:70:fe:e9:06:59:15:58:e1:aa:7c:60:c7:ee:
27:89:43:c6:fc:4c:79:08:09:ec:bf:fc:10:29:f1:
8c:c4:8d:1f:63:8d:d7:a4:24:d5:f3:b3:c9:93:6d:
eb:ca:b0:be:c8:96:48:99:63:f9:12:be:08:43:ae:
1a:cc:4b:1e:a3:eb:04:63:79:e2:4a:82:64:73:f9:
1b:fe:00:1f:ce:77:4e:ed:a4:f7:0e:1a:f7:69:b9:
8a:29:4b:e8:b1:2e:5e:e8:a0:49:ee:7d:21:38:24:
85:47:49:bc:98:b7:70:85:ee:a5:60:46:cf:be:e7:
86:af:4e:f5:67:74:06:a4:4d:b8:1b:8e:4b:60:db:
50:ad:82:d2:40:41:5c:60:91:52:da:0e:03:bc:9f:
4d:3b:fb:a8:30:3e:22:99:f6:94:00:97:a7:9d:9f:
b9:c3:f9:4d:65:00:4a:71:e5:97:35:79:83:e7:2d:
a6:66:64:cd:39:3e:89:23:a9:b0:3b:86:04:22:bf:
68:c6:0a:76:8d:fa:f0:32:ac:2e:1b:df:a3:54:db:
f3:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:51:FB:69:B3:8B:79:88:3B:CE:ED:E9:57:12:B1:38:C6:EA:C1:69
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.146.0/23
82.21.196.0/23
82.21.217.0/24
82.21.240.0/24
82.22.187.0/24
82.22.242.0/24
82.23.7.0-82.23.14.255
82.23.216.0/24
82.23.232.0/24
82.24.223.0/24
82.24.230.0/24
82.25.214.0/24
82.25.227.0/24
82.26.121.0/24
82.26.198.0/24
82.26.217.0/24
82.27.226.0/24
82.29.113.0-82.29.114.255
82.29.116.0/23
82.29.238.0/24
IPv6:
2a13:9500:2::/48
2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
2a13:9500:34::/47
2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff
2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
17:0f:22:6f:46:40:be:99:dc:d4:29:ed:00:ea:8c:eb:75:85:
93:94:e6:a7:90:a7:9c:21:2b:1b:20:03:d0:bd:90:c2:3b:47:
87:73:72:4b:2e:51:26:a7:42:06:c5:dc:f3:0f:3b:2c:f6:82:
9f:d6:2a:92:14:ac:29:29:61:9f:f4:bb:a6:7b:cf:2d:fd:02:
8f:d8:37:fb:e5:4d:00:aa:33:f1:1a:cf:14:4b:51:74:5d:01:
a8:00:b4:2f:b6:5e:f9:64:d0:50:8f:ca:5d:0a:0d:72:32:39:
2a:d6:a5:84:02:a9:3b:9f:9f:e6:5d:39:b6:b2:d0:3a:e9:be:
28:38:b0:b5:09:ef:ac:b7:15:ee:1f:1b:9d:aa:30:44:fd:43:
8a:fe:b4:18:af:71:4d:68:c7:a6:f7:47:3e:98:8e:e1:27:6a:
54:fe:7b:e5:51:27:f7:49:f5:f7:59:e4:33:61:7a:f2:9f:53:
ab:a9:c0:5a:ca:c5:3e:e3:3b:f2:71:04:32:07:69:94:1d:1d:
fa:a2:d8:c3:25:55:d8:6d:54:d5:e0:ff:ed:15:8b:ac:45:bd:
7f:a9:7b:63:76:4c:c6:ba:54:1c:f9:d5:10:2a:a2:0b:4c:14:
cc:16:6d:db:99:e6:a4:79:82:71:e0:00:e7:d5:a8:3f:60:bf:
8a:0a:bc:56
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIUCB3SZR21HlU2Uv9vmjKijCAVmjswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MjkxMTQxMzdaFw0yNjA4MjgxMTQ2MzdaMDMxMTAvBgNV
BAMTKEZBNTFGQjY5QjM4Qjc5ODgzQkNFRURFOTU3MTJCMTM4QzZFQUMxNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQ66uOJdQ5yzqYP4VSXEJtN5uL
6QEeKVdL8ODUvrz3ui0sxbOd+SAby0CpifopcP7pBlkVWOGqfGDH7ieJQ8b8THkI
Cey//BAp8YzEjR9jjdekJNXzs8mTbevKsL7IlkiZY/kSvghDrhrMSx6j6wRjeeJK
gmRz+Rv+AB/Od07tpPcOGvdpuYopS+ixLl7ooEnufSE4JIVHSbyYt3CF7qVgRs++
54avTvVndAakTbgbjktg21CtgtJAQVxgkVLaDgO8n007+6gwPiKZ9pQAl6edn7nD
+U1lAEpx5Zc1eYPnLaZmZM05PokjqbA7hgQiv2jGCnaN+vAyrC4b36NU2/MBAgMB
AAGjggMQMIIDDDAdBgNVHQ4EFgQU+lH7abOLeYg7zu3pVxKxOMbqwWkwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCASUGCCsGAQUFBwEHAQH/BIIBFDCCARAwgY8EAgABMIGI
AwQBUhWSAwQBUhXEAwQAUhXZAwQAUhXwAwQAUha7AwQAUhbyMAwDBABSFwcDBABS
Fw4DBABSF9gDBABSF+gDBABSGN8DBABSGOYDBABSGdYDBABSGeMDBABSGnkDBABS
GsYDBABSGtkDBABSG+IwDAMEAFIdcQMEAFIdcgMEAVIddAMEAFId7jB8BAIAAjB2
AwcAKhOVAAACMBIDBwIqE5UAAAQDBwIqE5UAABgwEgMHACoTlQAAKQMHACoTlQAA
LDASAwcBKhOVAAAuAwcBKhOVAAAwAwcBKhOVAAA0MBIDBwAqE5UAADsDBwEqE5UA
ADwwEgMHAyoTlQAAWAMHACoTlQAAWjANBgkqhkiG9w0BAQsFAAOCAQEAFw8ib0ZA
vpnc1CntAOqM63WFk5Tmp5CnnCErGyAD0L2QwjtHh3NySy5RJqdCBsXc8w87LPaC
n9YqkhSsKSlhn/S7pnvPLf0Cj9g3++VNAKoz8RrPFEtRdF0BqAC0L7Ze+WTQUI/K
XQoNcjI5KtalhAKpO5+f5l05trLQOum+KDiwtQnvrLcV7h8bnaowRP1Div60GK9x
TWjHpvdHPpiO4SdqVP575VEn90n191nkM2F68p9Tq6nAWsrFPuM78nEEMgdplB0d
+qLYwyVV2G1U1eD/7RWLrEW9f6l7Y3ZMxrpUHPnVECqiC0wUzBZt25nmpHmCceAA
59WoP2C/igq8Vg==
-----END CERTIFICATE-----
Generated at Fri Sep 5 07:29:16 2025 by rpki-client