This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: dSuAfFOywDHbXe/gwkpFZkTP9gWe3jQJjEaWUXueQfQ= Subject key identifier: 04:F3:8C:A3:8C:21:19:C4:67:35:76:F9:2D:74:E5:75:BC:57:DD:B1 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 6FE5893B64C6718D2C1EB093CD1495E48AB26DAA Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa Signing time: Fri 05 Dec 2025 07:53:53 +0000 ROA not before: Fri 05 Dec 2025 07:48:53 +0000 ROA not after: Fri 04 Dec 2026 07:53:53 +0000 asID: 9009 IP address blocks: 96.62.251.0/24 maxlen: 24 96.62.254.0/24 maxlen: 24 136.143.248.0/24 maxlen: 24 136.143.249.0/24 maxlen: 24 136.143.250.0/24 maxlen: 24 145.223.41.0/24 maxlen: 24 145.223.47.0/24 maxlen: 24 147.79.28.0/24 maxlen: 24 148.135.212.0/22 maxlen: 24 148.135.220.0/22 maxlen: 24 148.135.228.0/22 maxlen: 24 148.135.236.0/22 maxlen: 24 148.135.244.0/22 maxlen: 24 158.140.194.0/24 maxlen: 24 158.140.196.0/24 maxlen: 24 158.140.199.0/24 maxlen: 24 158.140.200.0/24 maxlen: 24 158.140.202.0/24 maxlen: 24 158.140.203.0/24 maxlen: 24 158.140.205.0/24 maxlen: 24 158.140.214.0/24 maxlen: 24 162.141.12.0/24 maxlen: 24 203.160.116.0/24 maxlen: 24 203.160.125.0/24 maxlen: 24 203.160.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:e5:89:3b:64:c6:71:8d:2c:1e:b0:93:cd:14:95:e4:8a:b2:6d:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 5 07:48:53 2025 GMT Not After : Dec 4 07:53:53 2026 GMT Subject: CN=04F38CA38C2119C4673576F92D74E575BC57DDB1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:c7:4c:05:a7:9f:62:6b:93:ed:00:66:ba:f6: a2:bd:8c:2a:28:49:92:04:64:83:97:76:a0:93:27: 5c:64:b9:2f:bd:be:6b:94:80:b9:64:12:0b:e0:ec: ac:b7:f2:e3:71:fc:c7:e0:9d:50:b3:27:8e:19:c8: c8:0c:f3:ee:0b:ce:65:11:fe:7d:8e:79:b1:59:77: a0:61:11:a2:a2:83:42:a3:e6:3e:4d:7d:7a:af:35: 48:2a:e3:8d:9b:e4:14:44:67:c5:c4:86:7d:53:bf: 95:f3:8a:f9:f6:1b:86:c8:31:ad:8e:85:4e:e7:d0: 3e:b9:ed:a3:f7:16:9f:f4:9a:6b:ae:ef:de:ca:e1: ff:98:48:a1:93:54:46:6d:c2:69:2e:0f:52:c9:c3: ef:32:a7:a1:7a:3b:9a:3a:d9:86:12:77:c8:e0:74: bb:fc:03:2c:95:80:44:b5:72:4e:4a:fe:22:18:d2: f2:82:0d:17:1a:71:cc:19:d2:12:de:d1:05:ff:4a: a8:a9:c2:40:ed:ea:a8:52:47:a4:82:21:51:3d:87: 58:89:18:49:01:db:c7:7d:41:e6:61:9a:ef:84:d4: 7e:6e:45:78:0b:5b:6c:43:c6:fe:04:cc:ac:f1:f5: 85:1d:32:6a:10:c8:17:91:7d:5a:ff:ca:15:6b:c8: d1:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:F3:8C:A3:8C:21:19:C4:67:35:76:F9:2D:74:E5:75:BC:57:DD:B1 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.251.0/24 96.62.254.0/24 136.143.248.0-136.143.250.255 145.223.41.0/24 145.223.47.0/24 147.79.28.0/24 148.135.212.0/22 148.135.220.0/22 148.135.228.0/22 148.135.236.0/22 148.135.244.0/22 158.140.194.0/24 158.140.196.0/24 158.140.199.0-158.140.200.255 158.140.202.0/23 158.140.205.0/24 158.140.214.0/24 162.141.12.0/24 203.160.116.0/24 203.160.125.0/24 203.160.127.0/24 Signature Algorithm: sha256WithRSAEncryption 7b:2c:df:da:23:4c:f3:cb:ac:65:cd:6c:68:d3:11:2b:d1:94: 78:4d:87:ed:b8:29:b3:43:8d:35:5e:2e:d2:f4:0e:b3:38:61: 49:d3:ce:cd:42:29:bc:aa:44:08:f2:dc:80:71:8a:db:0c:2c: 00:f6:ed:8a:d0:43:2a:47:ec:68:97:63:d2:01:db:67:3e:7a: b8:c8:5c:d4:a8:6c:27:c4:bc:cd:f5:48:3b:c4:dc:99:7f:eb: 5d:a4:ff:b1:70:79:71:3b:05:97:73:af:d4:1e:a3:28:e8:93: 23:8c:85:e7:9f:e5:9e:2f:52:41:bd:82:d7:28:b5:61:1f:3b: 27:72:80:f6:7d:83:67:77:f6:39:b4:b5:0f:43:2e:02:fa:78: 84:8a:d3:db:71:6f:25:bc:a9:97:87:da:52:49:89:b9:07:ae: 23:0e:11:72:84:8a:4c:a1:5c:f5:b1:b4:04:ad:01:89:90:ac: f8:b7:7c:9f:ba:ac:e5:51:25:d3:e9:f1:3a:dd:44:bb:8b:b2: 85:bf:9b:14:55:09:0a:ac:ae:32:35:58:2d:bf:dc:40:bf:fa: 6c:4c:84:68:2d:af:94:eb:35:72:b5:b0:b4:14:24:07:b9:ec: a5:8f:c9:c1:db:3a:45:b7:a8:29:76:ce:93:67:cf:57:f8:cc: ca:4e:4d:f7 -----BEGIN CERTIFICATE----- MIIFizCCBHOgAwIBAgIUb+WJO2TGcY0sHrCTzRSV5IqybaowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDUwNzQ4NTNaFw0yNjEyMDQwNzUzNTNaMDMxMTAvBgNV BAMTKDA0RjM4Q0EzOEMyMTE5QzQ2NzM1NzZGOTJENzRFNTc1QkM1N0REQjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQx0wFp59ia5PtAGa69qK9jCoo SZIEZIOXdqCTJ1xkuS+9vmuUgLlkEgvg7Ky38uNx/MfgnVCzJ44ZyMgM8+4LzmUR /n2OebFZd6BhEaKig0Kj5j5NfXqvNUgq442b5BREZ8XEhn1Tv5Xzivn2G4bIMa2O hU7n0D657aP3Fp/0mmuu797K4f+YSKGTVEZtwmkuD1LJw+8yp6F6O5o62YYSd8jg dLv8AyyVgES1ck5K/iIY0vKCDRcaccwZ0hLe0QX/SqipwkDt6qhSR6SCIVE9h1iJ GEkB28d9QeZhmu+E1H5uRXgLW2xDxv4EzKzx9YUdMmoQyBeRfVr/yhVryNH1AgMB AAGjggKVMIICkTAdBgNVHQ4EFgQUBPOMo4whGcRnNXb5LXTldbxX3bEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCBqwYIKwYBBQUHAQcBAf8EgZswgZgwgZUEAgABMIGOAwQA YD77AwQAYD7+MAwDBAOIj/gDBACIj/oDBACR3ykDBACR3y8DBACTTxwDBAKUh9QD BAKUh9wDBAKUh+QDBAKUh+wDBAKUh/QDBACejMIDBACejMQwDAMEAJ6MxwMEAJ6M yAMEAZ6MygMEAJ6MzQMEAJ6M1gMEAKKNDAMEAMugdAMEAMugfQMEAMugfzANBgkq hkiG9w0BAQsFAAOCAQEAeyzf2iNM88usZc1saNMRK9GUeE2H7bgps0ONNV4u0vQO szhhSdPOzUIpvKpECPLcgHGK2wwsAPbtitBDKkfsaJdj0gHbZz56uMhc1KhsJ8S8 zfVIO8TcmX/rXaT/sXB5cTsFl3Ov1B6jKOiTI4yF55/lni9SQb2C1yi1YR87J3KA 9n2DZ3f2ObS1D0MuAvp4hIrT23FvJbypl4faUkmJuQeuIw4RcoSKTKFc9bG0BK0B iZCs+Ld8n7qs5VEl0+nxOt1Eu4uyhb+bFFUJCqyuMjVYLb/cQL/6bEyEaC2vlOs1 crWwtBQkB7nspY/Jwds6RbeoKXbOk2fPV/jMyk5N9w== -----END CERTIFICATE-----Generated at Sat Dec 6 17:32:47 2025 by rpki-client