Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: JvD4PzLRefg6gGxuc2YCZRB80VJ1Ri4/gSpKaq46lM4=
Subject key identifier: 2A:99:FA:6B:6A:44:A2:8A:81:56:F5:10:16:40:7D:80:85:6A:69:F9
Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9
Certificate serial: 039F31B29E4A384BC65A7124F5E9BA41A1CFA7BB
Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9009.roa
Signing time: Tue 26 Aug 2025 12:23:55 +0000
ROA not before: Tue 26 Aug 2025 12:18:55 +0000
ROA not after: Tue 25 Aug 2026 12:23:55 +0000
asID: 9009
IP address blocks: 141.11.96.0/24 maxlen: 24
141.11.105.0/24 maxlen: 24
141.11.117.0/24 maxlen: 24
141.11.230.0/24 maxlen: 24
141.11.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft
rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 13:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:9f:31:b2:9e:4a:38:4b:c6:5a:71:24:f5:e9:ba:41:a1:cf:a7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9
Validity
Not Before: Aug 26 12:18:55 2025 GMT
Not After : Aug 25 12:23:55 2026 GMT
Subject: CN=2A99FA6B6A44A28A8156F51016407D80856A69F9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:50:a9:16:11:e3:35:68:3d:c9:42:50:4c:9b:
f8:9c:00:3c:d4:d4:46:3e:58:6f:bb:c2:ff:db:71:
ba:28:5a:e0:89:97:6e:b5:8e:83:bd:79:39:2c:04:
9e:75:62:2f:cc:ff:58:fb:fa:4c:ae:b5:4a:bd:05:
8f:1d:6e:fa:0c:7b:95:8a:3b:75:af:19:88:1a:89:
b8:b4:86:c2:70:44:04:2a:6a:51:6f:99:dc:99:64:
29:fb:cb:dc:50:9c:2a:8b:40:53:1c:8a:7a:cf:94:
95:10:01:4e:b4:6b:8b:ea:c0:b4:66:d6:6f:33:89:
6f:cd:cd:ac:65:68:b7:6a:cf:e1:b1:39:98:0f:d5:
17:16:05:62:65:78:aa:f2:d3:65:d4:87:5b:f1:81:
0c:88:1b:27:fa:3d:b6:61:30:d6:46:82:75:a3:f6:
a0:82:23:b0:37:a6:f1:f7:53:55:13:e5:f6:ee:85:
e3:ae:75:6f:cc:3d:dc:08:e5:43:01:f9:27:12:0a:
69:33:58:0f:d7:5f:28:16:5b:01:4b:97:e4:9d:37:
fa:65:81:e5:2b:91:f6:82:0c:17:96:5d:99:0a:1f:
e4:8f:09:98:81:81:4f:cc:4d:3f:45:f3:f8:41:08:
dd:ba:b6:8c:d4:af:9e:05:2f:23:98:5e:13:04:9f:
b8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:99:FA:6B:6A:44:A2:8A:81:56:F5:10:16:40:7D:80:85:6A:69:F9
X509v3 Authority Key Identifier:
keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.11.96.0/24
141.11.105.0/24
141.11.117.0/24
141.11.230.0/23
Signature Algorithm: sha256WithRSAEncryption
d1:70:a2:51:ef:2c:5a:b5:12:a2:24:f8:0d:65:71:83:84:ac:
d1:98:2d:23:42:5d:73:97:c7:4d:5c:69:5c:a9:43:92:0c:f9:
9f:6c:03:de:34:2c:e1:70:06:3f:9a:e0:47:69:71:16:b3:a6:
90:e7:f4:35:44:94:ab:3f:81:dd:0c:14:48:ca:e7:f0:e3:26:
78:ce:23:57:ad:20:8d:77:60:69:6a:45:e1:8c:02:e4:3d:33:
be:bc:48:c1:f4:ff:37:1e:1c:f6:0f:92:d6:e1:56:4e:54:05:
32:ae:13:ed:99:25:c5:32:94:3a:a6:3a:e9:4f:fa:4d:77:fe:
78:54:77:ae:cd:23:b6:1b:e9:b3:bd:86:f2:bd:d6:e9:46:03:
27:25:ed:86:e8:90:72:ba:18:a5:fb:09:1f:f8:77:d1:58:90:
46:39:98:36:8a:50:4d:e2:17:f1:79:0d:f9:bb:40:2a:f6:67:
91:56:50:8c:db:e5:d0:69:e8:93:41:35:6b:d8:a1:c7:32:98:
bb:16:8e:8f:1c:4d:c0:3a:b7:29:06:66:ea:ec:65:34:88:11:
41:d2:f6:d3:29:ab:6e:be:a7:23:4c:b2:1c:7c:92:27:68:82:
72:ce:c6:aa:7c:a0:86:cf:4b:e4:3a:92:6d:f3:7a:53:0d:43:
78:79:32:bd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIUA58xsp5KOEvGWnEk9em6QaHPp7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw
ODI4ZWNhOTAeFw0yNTA4MjYxMjE4NTVaFw0yNjA4MjUxMjIzNTVaMDMxMTAvBgNV
BAMTKDJBOTlGQTZCNkE0NEEyOEE4MTU2RjUxMDE2NDA3RDgwODU2QTY5RjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1UKkWEeM1aD3JQlBMm/icADzU
1EY+WG+7wv/bcbooWuCJl261joO9eTksBJ51Yi/M/1j7+kyutUq9BY8dbvoMe5WK
O3WvGYgaibi0hsJwRAQqalFvmdyZZCn7y9xQnCqLQFMcinrPlJUQAU60a4vqwLRm
1m8ziW/NzaxlaLdqz+GxOZgP1RcWBWJleKry02XUh1vxgQyIGyf6PbZhMNZGgnWj
9qCCI7A3pvH3U1UT5fbuheOudW/MPdwI5UMB+ScSCmkzWA/XXygWWwFLl+SdN/pl
geUrkfaCDBeWXZkKH+SPCZiBgU/MTT9F8/hBCN26tozUr54FLyOYXhMEn7jfAgMB
AAGjggIaMIICFjAdBgNVHQ4EFgQUKpn6a2pEooqBVvUQFkB9gIVqafkwHwYDVR0j
BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5
ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn
bzdLay5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt
NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAI0LYAME
AI0LaQMEAI0LdQMEAY0L5jANBgkqhkiG9w0BAQsFAAOCAQEA0XCiUe8sWrUSoiT4
DWVxg4Ss0ZgtI0Jdc5fHTVxpXKlDkgz5n2wD3jQs4XAGP5rgR2lxFrOmkOf0NUSU
qz+B3QwUSMrn8OMmeM4jV60gjXdgaWpF4YwC5D0zvrxIwfT/Nx4c9g+S1uFWTlQF
Mq4T7ZklxTKUOqY66U/6TXf+eFR3rs0jthvps72G8r3W6UYDJyXthuiQcroYpfsJ
H/h30ViQRjmYNopQTeIX8XkN+btAKvZnkVZQjNvl0Gnok0E1a9ihxzKYuxaOjxxN
wDq3KQZm6uxlNIgRQdL20ymrbr6nI0yyHHySJ2iCcs7Gqnyghs9L5DqSbfN6Uw1D
eHkyvQ==
-----END CERTIFICATE-----
Generated at Fri Sep 5 05:53:46 2025 by rpki-client