This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: 3iOcqnFBWfK9ukE72a3a8xaqry723+hplb+IWYDErVs= Subject key identifier: FC:DD:41:04:02:75:62:4B:EC:3A:59:15:75:D2:55:65:B5:9B:19:93 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 6F174AA1C08F4C62DEB7BF2DCF8F33F5A8D75762 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa Signing time: Tue 20 Jan 2026 09:34:52 +0000 ROA not before: Tue 20 Jan 2026 09:29:52 +0000 ROA not after: Tue 19 Jan 2027 09:34:52 +0000 asID: 9009 IP address blocks: 2.58.172.0/24 maxlen: 24 5.45.38.0/24 maxlen: 24 5.181.125.0/24 maxlen: 24 5.181.126.0/24 maxlen: 24 5.181.127.0/24 maxlen: 24 5.182.109.0/24 maxlen: 24 37.143.60.0/24 maxlen: 24 45.95.14.0/24 maxlen: 24 45.95.37.0/24 maxlen: 24 45.133.175.0/24 maxlen: 24 45.137.132.0/24 maxlen: 24 45.137.133.0/24 maxlen: 24 45.137.134.0/24 maxlen: 24 45.137.135.0/24 maxlen: 24 92.242.185.0/24 maxlen: 24 130.185.124.0/24 maxlen: 24 179.61.131.0/24 maxlen: 24 179.61.133.0/24 maxlen: 24 179.61.165.0/24 maxlen: 24 179.61.171.0/24 maxlen: 24 179.61.183.0/24 maxlen: 24 179.61.186.0/24 maxlen: 24 179.61.201.0/24 maxlen: 24 181.41.205.0/24 maxlen: 24 181.41.216.0/24 maxlen: 24 181.214.5.0/24 maxlen: 24 181.214.27.0/24 maxlen: 24 181.214.45.0/24 maxlen: 24 181.214.55.0/24 maxlen: 24 181.214.65.0/24 maxlen: 24 181.214.71.0/24 maxlen: 24 181.214.72.0/24 maxlen: 24 181.214.92.0/24 maxlen: 24 181.214.115.0/24 maxlen: 24 181.214.127.0/24 maxlen: 24 181.214.170.0/24 maxlen: 24 181.214.175.0/24 maxlen: 24 181.214.204.0/24 maxlen: 24 181.214.207.0/24 maxlen: 24 181.214.251.0/24 maxlen: 24 181.215.107.0/24 maxlen: 24 181.215.116.0/24 maxlen: 24 181.215.119.0/24 maxlen: 24 181.215.124.0/24 maxlen: 24 181.215.130.0/24 maxlen: 24 181.215.132.0/24 maxlen: 24 181.215.137.0/24 maxlen: 24 181.215.150.0/24 maxlen: 24 181.215.151.0/24 maxlen: 24 181.215.157.0/24 maxlen: 24 181.215.192.0/24 maxlen: 24 181.215.199.0/24 maxlen: 24 181.215.209.0/24 maxlen: 24 181.215.228.0/24 maxlen: 24 181.215.235.0/24 maxlen: 24 181.215.251.0/24 maxlen: 24 185.135.156.0/24 maxlen: 24 185.143.231.0/24 maxlen: 24 185.145.36.0/24 maxlen: 24 185.145.39.0/24 maxlen: 24 185.151.56.0/24 maxlen: 24 185.151.57.0/24 maxlen: 24 185.172.66.0/24 maxlen: 24 191.96.23.0/24 maxlen: 24 191.96.35.0/24 maxlen: 24 191.96.65.0/24 maxlen: 24 191.96.147.0/24 maxlen: 24 191.96.172.0/24 maxlen: 24 191.96.195.0/24 maxlen: 24 191.96.210.0/24 maxlen: 24 191.96.213.0/24 maxlen: 24 191.96.215.0/24 maxlen: 24 191.96.232.0/24 maxlen: 24 191.101.6.0/24 maxlen: 24 191.101.23.0/24 maxlen: 24 191.101.72.0/24 maxlen: 24 191.101.74.0/24 maxlen: 24 191.101.75.0/24 maxlen: 24 191.101.77.0/24 maxlen: 24 191.101.90.0/24 maxlen: 24 191.101.98.0/24 maxlen: 24 191.101.105.0/24 maxlen: 24 191.101.107.0/24 maxlen: 24 191.101.108.0/24 maxlen: 24 191.101.115.0/24 maxlen: 24 191.101.117.0/24 maxlen: 24 191.101.156.0/24 maxlen: 24 191.101.159.0/24 maxlen: 24 191.101.226.0/24 maxlen: 24 193.58.107.0/24 maxlen: 24 194.53.141.0/24 maxlen: 24 194.110.15.0/24 maxlen: 24 194.110.242.0/24 maxlen: 24 213.109.168.0/24 maxlen: 24 2a00:d1a0::/48 maxlen: 48 2a00:d1a0:1::/48 maxlen: 48 2a00:d1a0:2::/48 maxlen: 48 2a00:d1a0:3::/48 maxlen: 48 2a00:d1a0:4::/48 maxlen: 48 2a00:d1a0:5::/48 maxlen: 48 2a00:d1a0:6::/48 maxlen: 48 2a00:d1a0:7::/48 maxlen: 48 2a00:d1a0:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:17:4a:a1:c0:8f:4c:62:de:b7:bf:2d:cf:8f:33:f5:a8:d7:57:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Jan 20 09:29:52 2026 GMT Not After : Jan 19 09:34:52 2027 GMT Subject: CN=FCDD41040275624BEC3A591575D25565B59B1993 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:17:3b:54:23:f4:a3:e1:ee:29:e5:a8:6f:de: 87:c5:63:d6:94:7a:a5:f3:8c:8b:bf:4b:f0:ca:7d: e1:96:c8:6b:43:0b:d9:64:d1:20:97:fa:ea:ff:5a: 1f:00:fb:8d:48:b1:5d:90:b8:8e:38:e6:6e:92:02: be:2c:ac:b4:63:34:ce:34:fa:e0:ad:07:c8:bb:ce: bf:e7:12:cb:7a:36:60:d5:16:2f:60:0a:91:bd:3f: 64:28:ed:e8:54:06:3b:1d:bb:a0:59:3e:66:bc:28: 90:43:b6:78:75:04:38:4e:c2:dc:7d:c3:11:d8:27: 94:cd:88:6f:48:79:1a:d9:07:ad:89:18:8f:85:5c: 5f:de:6a:3c:00:80:58:18:06:eb:e6:0e:ae:4c:02: 6b:df:e1:4f:aa:33:72:08:06:5b:00:ce:c5:70:1a: 4d:02:dd:bd:21:0f:48:54:1d:5b:ab:ea:60:b8:06: 1e:e8:59:25:19:64:1f:c9:26:55:f9:04:2e:a9:b1: 3e:c1:33:17:92:d9:b5:29:8c:ae:6c:c4:83:6c:7d: d5:7c:f9:04:44:4b:4f:67:27:15:bf:38:af:b8:1f: e3:b6:c6:7d:c8:ac:68:8a:9c:7f:ea:89:a6:76:01: 68:bf:68:fc:75:60:f3:ee:28:03:03:32:4c:c2:cd: 93:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:DD:41:04:02:75:62:4B:EC:3A:59:15:75:D2:55:65:B5:9B:19:93 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.172.0/24 5.45.38.0/24 5.181.125.0-5.181.127.255 5.182.109.0/24 37.143.60.0/24 45.95.14.0/24 45.95.37.0/24 45.133.175.0/24 45.137.132.0/22 92.242.185.0/24 130.185.124.0/24 179.61.131.0/24 179.61.133.0/24 179.61.165.0/24 179.61.171.0/24 179.61.183.0/24 179.61.186.0/24 179.61.201.0/24 181.41.205.0/24 181.41.216.0/24 181.214.5.0/24 181.214.27.0/24 181.214.45.0/24 181.214.55.0/24 181.214.65.0/24 181.214.71.0-181.214.72.255 181.214.92.0/24 181.214.115.0/24 181.214.127.0/24 181.214.170.0/24 181.214.175.0/24 181.214.204.0/24 181.214.207.0/24 181.214.251.0/24 181.215.107.0/24 181.215.116.0/24 181.215.119.0/24 181.215.124.0/24 181.215.130.0/24 181.215.132.0/24 181.215.137.0/24 181.215.150.0/23 181.215.157.0/24 181.215.192.0/24 181.215.199.0/24 181.215.209.0/24 181.215.228.0/24 181.215.235.0/24 181.215.251.0/24 185.135.156.0/24 185.143.231.0/24 185.145.36.0/24 185.145.39.0/24 185.151.56.0/23 185.172.66.0/24 191.96.23.0/24 191.96.35.0/24 191.96.65.0/24 191.96.147.0/24 191.96.172.0/24 191.96.195.0/24 191.96.210.0/24 191.96.213.0/24 191.96.215.0/24 191.96.232.0/24 191.101.6.0/24 191.101.23.0/24 191.101.72.0/24 191.101.74.0/23 191.101.77.0/24 191.101.90.0/24 191.101.98.0/24 191.101.105.0/24 191.101.107.0-191.101.108.255 191.101.115.0/24 191.101.117.0/24 191.101.156.0/24 191.101.159.0/24 191.101.226.0/24 193.58.107.0/24 194.53.141.0/24 194.110.15.0/24 194.110.242.0/24 213.109.168.0/24 IPv6: 2a00:d1a0::-2a00:d1a0:8:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 3d:d4:a1:ba:ed:9d:8d:4a:bd:f2:5c:84:a8:d3:c5:d8:97:a8: 81:33:47:b5:68:b9:c7:30:2c:c3:ae:d8:86:92:9e:41:12:84: 23:3e:38:5b:ee:d4:d9:b1:4e:01:0b:f0:bb:93:26:f0:ec:b8: c8:3a:a4:a1:37:f1:4a:9e:c5:b8:eb:f4:d8:e5:e1:d2:75:69: 08:f7:b3:e8:b2:c2:99:1e:99:84:a8:55:0c:93:38:a7:96:46: 56:72:e8:d3:e1:73:3f:62:62:14:07:18:09:89:00:e1:a6:45: e6:34:6d:97:ee:b6:d4:ef:b6:8a:fc:f6:3d:dc:4e:c2:f7:0b: e3:6f:a4:55:cc:1c:87:b2:58:c0:bd:d1:b5:f2:a4:e6:ba:19: 33:10:99:43:36:3d:95:2f:78:d6:41:72:17:2c:57:cf:03:15: 4e:8f:5e:47:f5:0f:d9:32:c6:0c:90:a1:ed:f0:a9:84:72:db: 93:06:80:74:94:7c:19:75:c0:d0:f4:25:19:c9:7c:5d:01:19: 23:e7:b1:1d:ae:bb:a4:45:8d:84:24:cf:6b:cd:e8:b9:3c:43: 7e:69:f6:5d:b9:de:c3:fc:a1:c7:cd:06:ed:33:01:a7:3a:7b: 88:70:de:65:09:87:8d:3c:fb:c6:d4:f5:5c:1c:23:83:8b:90: 5d:8a:c8:6b -----BEGIN CERTIFICATE----- MIIHLDCCBhSgAwIBAgIUbxdKocCPTGLet78tz48z9ajXV2IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNjAxMjAwOTI5NTJaFw0yNzAxMTkwOTM0NTJaMDMxMTAvBgNV BAMTKEZDREQ0MTA0MDI3NTYyNEJFQzNBNTkxNTc1RDI1NTY1QjU5QjE5OTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtFztUI/Sj4e4p5ahv3ofFY9aU eqXzjIu/S/DKfeGWyGtDC9lk0SCX+ur/Wh8A+41IsV2QuI445m6SAr4srLRjNM40 +uCtB8i7zr/nEst6NmDVFi9gCpG9P2Qo7ehUBjsdu6BZPma8KJBDtnh1BDhOwtx9 wxHYJ5TNiG9IeRrZB62JGI+FXF/eajwAgFgYBuvmDq5MAmvf4U+qM3IIBlsAzsVw Gk0C3b0hD0hUHVur6mC4Bh7oWSUZZB/JJlX5BC6psT7BMxeS2bUpjK5sxINsfdV8 +QRES09nJxW/OK+4H+O2xn3IrGiKnH/qiaZ2AWi/aPx1YPPuKAMDMkzCzZPXAgMB AAGjggQ2MIIEMjAdBgNVHQ4EFgQU/N1BBAJ1YkvsOlkVddJVZbWbGZMwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAksGCCsGAQUFBwEHAQH/BIICOjCCAjYwggIYBAIAATCC AhADBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9pQME ALM9qwMEALM9twMEALM9ugMEALM9yQMEALUpzQMEALUp2AMEALXWBQMEALXWGwME ALXWLQMEALXWNwMEALXWQTAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZzAwQAtdZ/ AwQAtdaqAwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3 AwQAtdd8AwQAtdeCAwQAtdeEAwQAtdeJAwQBtdeWAwQAtdedAwQAtdfAAwQAtdfH AwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/nAwQAuZEkAwQAuZEn AwQBuZc4AwQAuaxCAwQAv2AXAwQAv2AjAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DD AwQAv2DSAwQAv2DVAwQAv2DXAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VK AwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/ ZXUDBAC/ZZwDBAC/ZZ8DBAC/ZeIDBADBOmsDBADCNY0DBADCbg8DBADCbvIDBADV bagwGAQCAAIwEjAQAwUFKgDRoAMHACoA0aAACDANBgkqhkiG9w0BAQsFAAOCAQEA PdShuu2djUq98lyEqNPF2JeogTNHtWi5xzAsw67YhpKeQRKEIz44W+7U2bFOAQvw u5Mm8Oy4yDqkoTfxSp7FuOv02OXh0nVpCPez6LLCmR6ZhKhVDJM4p5ZGVnLo0+Fz P2JiFAcYCYkA4aZF5jRtl+621O+2ivz2PdxOwvcL42+kVcwch7JYwL3RtfKk5roZ MxCZQzY9lS941kFyFyxXzwMVTo9eR/UP2TLGDJCh7fCphHLbkwaAdJR8GXXA0PQl Gcl8XQEZI+exHa67pEWNhCTPa83ouTxDfmn2Xbnew/yhx80G7TMBpzp7iHDeZQmH jTz7xtT1XBwjg4uQXYrIaw== -----END CERTIFICATE-----Generated at Sun Jan 25 14:43:07 2026 by rpki-client