Route Origin Authorization

$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
File:                     AS9009.roa (raw, json)
Hash identifier:          33hOWxRz/ifTI4DHayLBfhwKnAp/DCyHolCl9LDpHYU=
Subject key identifier:   91:1C:3C:80:E0:6A:AA:22:1C:8C:5F:AD:80:23:83:EC:D9:1E:06:74
Certificate issuer:       /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial:       39832E5185309D46AD4D380C753D7A411CCBDE5F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access:      rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa
Signing time:             Sat 27 Jun 2026 12:27:25 +0000
ROA not before:           Sat 27 Jun 2026 12:22:25 +0000
ROA not after:            Sat 26 Jun 2027 12:27:25 +0000
asID:                     9009
IP address blocks:        82.21.138.0/24 maxlen: 24
                          82.21.146.0/24 maxlen: 24
                          82.21.147.0/24 maxlen: 24
                          82.21.196.0/24 maxlen: 24
                          82.21.197.0/24 maxlen: 24
                          82.21.217.0/24 maxlen: 24
                          82.21.240.0/24 maxlen: 24
                          82.22.242.0/24 maxlen: 24
                          82.23.7.0/24 maxlen: 24
                          82.23.8.0/24 maxlen: 24
                          82.23.9.0/24 maxlen: 24
                          82.23.10.0/24 maxlen: 24
                          82.23.11.0/24 maxlen: 24
                          82.23.12.0/24 maxlen: 24
                          82.23.216.0/24 maxlen: 24
                          82.23.232.0/24 maxlen: 24
                          82.24.8.0/24 maxlen: 24
                          82.24.86.0/24 maxlen: 24
                          82.24.223.0/24 maxlen: 24
                          82.24.230.0/24 maxlen: 24
                          82.25.214.0/24 maxlen: 24
                          82.25.227.0/24 maxlen: 24
                          82.26.121.0/24 maxlen: 24
                          82.26.217.0/24 maxlen: 24
                          82.27.226.0/24 maxlen: 24
                          82.29.95.0/24 maxlen: 24
                          82.29.113.0/24 maxlen: 24
                          82.29.114.0/24 maxlen: 24
                          82.29.116.0/24 maxlen: 24
                          82.29.117.0/24 maxlen: 24
                          82.29.238.0/24 maxlen: 24
                          82.38.14.0/24 maxlen: 24
                          82.47.252.0/23 maxlen: 24
                          178.83.10.0/24 maxlen: 24
                          178.83.108.0/24 maxlen: 24
                          2a13:9500:2::/48 maxlen: 48
                          2a13:9500:4::/48 maxlen: 48
                          2a13:9500:5::/48 maxlen: 48
                          2a13:9500:6::/48 maxlen: 48
                          2a13:9500:7::/48 maxlen: 48
                          2a13:9500:8::/48 maxlen: 48
                          2a13:9500:9::/48 maxlen: 48
                          2a13:9500:a::/48 maxlen: 48
                          2a13:9500:b::/48 maxlen: 48
                          2a13:9500:c::/48 maxlen: 48
                          2a13:9500:d::/48 maxlen: 48
                          2a13:9500:e::/48 maxlen: 48
                          2a13:9500:f::/48 maxlen: 48
                          2a13:9500:10::/48 maxlen: 48
                          2a13:9500:11::/48 maxlen: 48
                          2a13:9500:12::/48 maxlen: 48
                          2a13:9500:13::/48 maxlen: 48
                          2a13:9500:14::/48 maxlen: 48
                          2a13:9500:15::/48 maxlen: 48
                          2a13:9500:16::/48 maxlen: 48
                          2a13:9500:17::/48 maxlen: 48
                          2a13:9500:18::/48 maxlen: 48
                          2a13:9500:19::/48 maxlen: 48
                          2a13:9500:1a::/48 maxlen: 48
                          2a13:9500:1b::/48 maxlen: 48
                          2a13:9500:29::/48 maxlen: 48
                          2a13:9500:2a::/48 maxlen: 48
                          2a13:9500:2b::/48 maxlen: 48
                          2a13:9500:2c::/48 maxlen: 48
                          2a13:9500:2f::/48 maxlen: 48
                          2a13:9500:30::/48 maxlen: 48
                          2a13:9500:31::/48 maxlen: 48
                          2a13:9500:34::/48 maxlen: 48
                          2a13:9500:35::/48 maxlen: 48
                          2a13:9500:3b::/48 maxlen: 48
                          2a13:9500:3c::/48 maxlen: 48
                          2a13:9500:3d::/48 maxlen: 48
                          2a13:9500:58::/48 maxlen: 48
                          2a13:9500:59::/48 maxlen: 48
                          2a13:9500:5a::/48 maxlen: 48
                          2a13:9500:f1::/48 maxlen: 48
                          2a13:9500:f2::/48 maxlen: 48
                          2a13:9500:f3::/48 maxlen: 48
                          2a13:9500:f4::/48 maxlen: 48
                          2a13:9500:f5::/48 maxlen: 48
                          2a13:9500:f6::/48 maxlen: 48
                          2a13:9500:f7::/48 maxlen: 48
                          2a13:9500:f8::/48 maxlen: 48
                          2a13:9500:f9::/48 maxlen: 48
                          2a13:9500:16b::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 Jul 2026 16:14:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:83:2e:51:85:30:9d:46:ad:4d:38:0c:75:3d:7a:41:1c:cb:de:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
        Validity
            Not Before: Jun 27 12:22:25 2026 GMT
            Not After : Jun 26 12:27:25 2027 GMT
        Subject: CN=911C3C80E06AAA221C8C5FAD802383ECD91E0674
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:62:56:5f:18:26:88:31:df:85:2a:17:0d:a6:
                    32:70:27:2a:21:da:21:73:3a:00:36:2f:d5:04:cd:
                    2c:28:71:cb:d2:a6:75:3f:ee:6e:75:69:94:6b:7f:
                    df:70:ee:d6:26:39:61:c6:1e:ed:90:d9:87:f0:39:
                    4b:58:2d:5f:a1:9e:cd:f9:ba:9b:64:77:00:e8:2f:
                    ec:17:e9:de:33:93:f6:7b:a5:13:f2:c6:27:06:92:
                    61:04:08:6e:13:62:0a:8e:94:2a:2c:f4:07:b0:9b:
                    6a:7e:15:f6:ad:b4:6e:71:8b:56:73:5f:ba:98:d6:
                    15:91:8e:05:66:1e:37:fa:fa:d1:01:72:14:5e:9a:
                    ec:f5:d1:8d:5e:4b:a4:7b:f1:5d:e6:1f:13:94:69:
                    f2:df:8c:29:49:e2:cb:cf:2d:05:0b:bb:96:76:94:
                    43:c3:19:68:23:a9:9d:eb:c4:69:e8:66:12:17:f6:
                    06:f0:54:92:38:53:de:d0:b6:bc:e0:c2:d7:f0:b3:
                    b1:40:95:45:b0:35:a7:47:35:2b:8a:80:a2:b5:21:
                    60:ff:2d:c4:5f:39:5d:d7:e5:5c:95:73:23:61:b5:
                    cd:8d:2d:a7:e7:bf:51:6f:70:9f:9e:e1:fc:f0:0f:
                    95:8d:2f:01:ba:b4:3c:77:9a:c8:00:27:36:68:36:
                    74:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:1C:3C:80:E0:6A:AA:22:1C:8C:5F:AD:80:23:83:EC:D9:1E:06:74
            X509v3 Authority Key Identifier:
                keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.21.138.0/24
                  82.21.146.0/23
                  82.21.196.0/23
                  82.21.217.0/24
                  82.21.240.0/24
                  82.22.242.0/24
                  82.23.7.0-82.23.12.255
                  82.23.216.0/24
                  82.23.232.0/24
                  82.24.8.0/24
                  82.24.86.0/24
                  82.24.223.0/24
                  82.24.230.0/24
                  82.25.214.0/24
                  82.25.227.0/24
                  82.26.121.0/24
                  82.26.217.0/24
                  82.27.226.0/24
                  82.29.95.0/24
                  82.29.113.0-82.29.114.255
                  82.29.116.0/23
                  82.29.238.0/24
                  82.38.14.0/24
                  82.47.252.0/23
                  178.83.10.0/24
                  178.83.108.0/24
                IPv6:
                  2a13:9500:2::/48
                  2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:2f::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:34::/47
                  2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:f1::-2a13:9500:f9:ffff:ffff:ffff:ffff:ffff
                  2a13:9500:16b::/48

    Signature Algorithm: sha256WithRSAEncryption
         95:3d:48:13:35:a6:1d:88:26:37:76:51:99:10:85:ff:5a:b9:
         17:5a:9e:21:05:c3:73:52:d1:b9:35:75:d1:e2:ba:59:ce:c5:
         4d:09:fb:2c:ed:e1:64:81:dd:94:ca:72:3c:94:3c:35:a2:25:
         1d:07:9b:ff:73:d9:2e:e7:2c:70:d0:a7:d5:dd:48:e7:d5:2b:
         95:14:ec:d8:dc:0f:c8:66:ee:12:d7:d1:19:f0:8b:3f:86:f5:
         84:b4:a8:0b:be:5d:98:6b:d4:f5:5b:eb:b7:0a:24:24:05:29:
         5b:f9:8a:0c:b9:89:43:75:87:2b:45:46:8c:48:b1:4f:57:c4:
         47:7a:a9:22:21:72:0a:50:70:4a:6d:db:78:98:93:24:5f:57:
         f6:84:4e:a0:e9:11:6c:0b:d2:57:ab:dc:16:a4:d0:c2:f6:bd:
         ba:79:9e:1d:b6:39:27:98:9c:4c:21:2c:75:8a:6e:15:62:63:
         35:65:94:c3:66:4d:d1:50:ec:56:d2:48:7e:d0:43:ee:d3:20:
         d1:be:9b:29:ac:26:5d:49:1b:d9:9d:78:fb:2e:7a:32:34:cb:
         d7:8a:60:e3:8e:36:22:97:17:80:c4:86:01:66:e4:5a:98:09:
         df:a5:f8:55:f0:25:52:b0:13:ad:28:ff:16:0e:c9:d0:2d:e7:
         96:09:6f:3e
-----BEGIN CERTIFICATE-----
MIIGSTCCBTGgAwIBAgIUOYMuUYUwnUatTTgMdT16QRzL3l8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MjcxMjIyMjVaFw0yNzA2MjYxMjI3MjVaMDMxMTAvBgNV
BAMTKDkxMUMzQzgwRTA2QUFBMjIxQzhDNUZBRDgwMjM4M0VDRDkxRTA2NzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcYlZfGCaIMd+FKhcNpjJwJyoh
2iFzOgA2L9UEzSwoccvSpnU/7m51aZRrf99w7tYmOWHGHu2Q2YfwOUtYLV+hns35
uptkdwDoL+wX6d4zk/Z7pRPyxicGkmEECG4TYgqOlCos9Aewm2p+FfattG5xi1Zz
X7qY1hWRjgVmHjf6+tEBchRemuz10Y1eS6R78V3mHxOUafLfjClJ4svPLQULu5Z2
lEPDGWgjqZ3rxGnoZhIX9gbwVJI4U97Qtrzgwtfws7FAlUWwNadHNSuKgKK1IWD/
LcRfOV3X5VyVcyNhtc2NLafnv1FvcJ+e4fzwD5WNLwG6tDx3msgAJzZoNnRNAgMB
AAGjggNTMIIDTzAdBgNVHQ4EFgQUkRw8gOBqqiIcjF+tgCOD7NkeBnQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAWgGCCsGAQUFBwEHAQH/BIIBVzCCAVMwgbMEAgABMIGs
AwQAUhWKAwQBUhWSAwQBUhXEAwQAUhXZAwQAUhXwAwQAUhbyMAwDBABSFwcDBABS
FwwDBABSF9gDBABSF+gDBABSGAgDBABSGFYDBABSGN8DBABSGOYDBABSGdYDBABS
GeMDBABSGnkDBABSGtkDBABSG+IDBABSHV8wDAMEAFIdcQMEAFIdcgMEAVIddAME
AFId7gMEAFImDgMEAVIv/AMEALJTCgMEALJTbDCBmgQCAAIwgZMDBwAqE5UAAAIw
EgMHAioTlQAABAMHAioTlQAAGDASAwcAKhOVAAApAwcAKhOVAAAsMBIDBwAqE5UA
AC8DBwEqE5UAADADBwEqE5UAADQwEgMHACoTlQAAOwMHASoTlQAAPDASAwcDKhOV
AABYAwcAKhOVAABaMBIDBwAqE5UAAPEDBwEqE5UAAPgDBwAqE5UAAWswDQYJKoZI
hvcNAQELBQADggEBAJU9SBM1ph2IJjd2UZkQhf9auRdaniEFw3NS0bk1ddHiulnO
xU0J+yzt4WSB3ZTKcjyUPDWiJR0Hm/9z2S7nLHDQp9XdSOfVK5UU7NjcD8hm7hLX
0Rnwiz+G9YS0qAu+XZhr1PVb67cKJCQFKVv5igy5iUN1hytFRoxIsU9XxEd6qSIh
cgpQcEpt23iYkyRfV/aETqDpEWwL0ler3Bak0ML2vbp5nh22OSeYnEwhLHWKbhVi
YzVllMNmTdFQ7FbSSH7QQ+7TING+mymsJl1JG9mdePsuejI0y9eKYOOONiKXF4DE
hgFm5FqYCd+l+FXwJVKwE60o/xYOydAt55YJbz4=
-----END CERTIFICATE-----
Generated at Fri Jul 17 23:07:06 2026 by rpki-client