Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: QXhPH6YyWMovs8vCDs1UW3TGXDuANpq19Wx+W9FtNzM=
Subject key identifier: 17:94:E6:06:19:3A:8D:FF:4B:AB:6B:30:98:92:1D:B7:01:55:75:F0
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 76376B9B420F2E20C97783A38DE4B764ABEC152B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Tue 07 Oct 2025 21:03:50 +0000
ROA not before: Tue 07 Oct 2025 20:58:50 +0000
ROA not after: Tue 06 Oct 2026 21:03:50 +0000
asID: 9009
IP address blocks: 2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.125.0/24 maxlen: 24
5.181.126.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
5.182.109.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
130.185.124.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.41.216.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.65.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.115.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.150.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.135.156.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.35.0/24 maxlen: 24
191.96.65.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.159.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.53.141.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
194.110.242.0/24 maxlen: 24
213.109.168.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:37:6b:9b:42:0f:2e:20:c9:77:83:a3:8d:e4:b7:64:ab:ec:15:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 7 20:58:50 2025 GMT
Not After : Oct 6 21:03:50 2026 GMT
Subject: CN=1794E606193A8DFF4BAB6B3098921DB7015575F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:96:b3:95:db:ac:53:eb:f4:d0:c7:52:cb:52:
0e:4b:4f:14:e0:17:24:5e:8a:80:c0:0e:08:24:04:
e2:f3:65:27:4a:d6:3e:cd:61:1a:ff:f9:64:bd:2e:
d3:d4:f7:84:49:97:b8:d1:b3:26:82:d8:b2:b4:3f:
4d:9e:17:cb:3f:56:25:b4:69:48:f5:18:85:e0:93:
9e:4d:6f:10:aa:e3:17:70:e7:ee:54:ff:e4:bd:9d:
14:a5:22:24:dc:d9:2e:c1:62:e6:ec:36:51:73:bf:
11:30:ed:f3:f0:b5:d9:d0:db:eb:88:bd:50:6f:6b:
7a:c9:36:1e:da:2a:c5:60:5f:70:9b:fb:5e:8f:21:
a6:2d:0a:fa:37:ab:d0:e9:98:aa:72:d2:e8:08:14:
68:10:da:57:c3:2d:34:28:9f:3a:4e:c6:53:fc:81:
4c:f0:74:01:74:4b:73:e3:1e:e0:96:b9:35:e6:d0:
ac:55:7d:ff:97:f2:bc:4f:90:cb:0a:3d:ba:84:ac:
89:7a:de:bb:55:7b:46:f1:8a:57:e9:20:b4:ab:ca:
6c:5f:cf:f6:53:70:6c:3a:de:97:3a:c3:15:41:1a:
75:1d:29:e6:0e:49:eb:fe:59:63:22:54:7e:28:63:
c7:ef:db:cb:b1:dc:6e:bc:14:0e:ac:e5:5c:68:30:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:94:E6:06:19:3A:8D:FF:4B:AB:6B:30:98:92:1D:B7:01:55:75:F0
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.172.0/24
5.45.38.0/24
5.181.125.0-5.181.127.255
5.182.109.0/24
37.143.60.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.132.0/22
92.242.185.0/24
130.185.124.0/24
179.61.131.0/24
179.61.133.0/24
179.61.150.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.41.216.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.65.0/24
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.115.0/24
181.214.127.0/24
181.214.170.0/24
181.214.175.0/24
181.214.204.0/24
181.214.207.0/24
181.214.251.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.150.0/23
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.135.156.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
191.96.23.0/24
191.96.35.0/24
191.96.65.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.232.0/24
191.101.6.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.159.0/24
191.101.226.0/24
193.58.107.0/24
194.53.141.0/24
194.110.15.0/24
194.110.242.0/24
213.109.168.0/24
Signature Algorithm: sha256WithRSAEncryption
97:14:7a:55:39:59:d2:90:83:6f:7e:73:9d:f1:a6:70:10:0d:
fc:78:51:bf:8d:1a:d4:69:1d:e5:f9:7f:68:18:3b:4c:47:d3:
c0:5b:ca:6a:f4:66:e2:50:56:68:c6:2f:cf:9e:53:d9:8a:dc:
bb:bf:d6:da:65:4d:56:e9:98:3b:93:a1:81:0b:c8:b3:b1:ee:
dd:79:90:36:13:d6:e8:06:df:0e:08:47:63:bf:8e:7e:e3:5c:
0f:a0:c8:7e:2d:42:92:3e:bc:aa:fb:59:93:c1:d1:d0:a2:88:
68:d9:45:93:0b:36:85:3a:de:06:0c:f4:00:c9:57:02:a0:0b:
a0:db:b3:42:38:51:2a:a5:d5:30:06:98:72:35:5b:b7:91:af:
8a:5a:ab:eb:b7:42:19:95:22:ed:33:57:d8:f6:23:6c:76:4c:
cc:ef:21:34:1b:16:97:ca:9b:d8:5c:77:9d:3f:3b:6f:67:08:
ed:23:14:46:09:bb:f3:73:de:5b:c4:36:fc:d0:2a:c4:99:f9:
cf:30:da:12:97:4e:98:a3:b5:a2:88:96:4c:ca:7a:c5:57:b7:
ba:a4:b7:6b:8f:c0:0a:2d:a4:c4:10:35:62:47:ba:1c:54:56:
29:1e:1f:7a:1f:f2:ce:47:4c:00:cf:6a:cc:ed:ae:5d:4b:5a:
c8:56:a4:10
-----BEGIN CERTIFICATE-----
MIIHEjCCBfqgAwIBAgIUdjdrm0IPLiDJd4OjjeS3ZKvsFSswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMDcyMDU4NTBaFw0yNjEwMDYyMTAzNTBaMDMxMTAvBgNV
BAMTKDE3OTRFNjA2MTkzQThERkY0QkFCNkIzMDk4OTIxREI3MDE1NTc1RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNlrOV26xT6/TQx1LLUg5LTxTg
FyReioDADggkBOLzZSdK1j7NYRr/+WS9LtPU94RJl7jRsyaC2LK0P02eF8s/ViW0
aUj1GIXgk55NbxCq4xdw5+5U/+S9nRSlIiTc2S7BYubsNlFzvxEw7fPwtdnQ2+uI
vVBva3rJNh7aKsVgX3Cb+16PIaYtCvo3q9DpmKpy0ugIFGgQ2lfDLTQonzpOxlP8
gUzwdAF0S3PjHuCWuTXm0KxVff+X8rxPkMsKPbqErIl63rtVe0bxilfpILSrymxf
z/ZTcGw63pc6wxVBGnUdKeYOSev+WWMiVH4oY8fv28ux3G68FA6s5VxoMI/HAgMB
AAGjggQcMIIEGDAdBgNVHQ4EFgQUF5TmBhk6jf9Lq2swmJIdtwFVdfAwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAjEGCCsGAQUFBwEHAQH/BIICIDCCAhwwggIYBAIAATCC
AhADBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME
AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9lgME
ALM9pQMEALM9qwMEALM9twMEALM9ugMEALM9yQMEALUp2AMEALXWBQMEALXWGwME
ALXWLQMEALXWNwMEALXWQTAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZzAwQAtdZ/
AwQAtdaqAwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3
AwQAtdd8AwQAtdeCAwQAtdeEAwQAtdeJAwQBtdeWAwQAtdedAwQAtdfAAwQAtdfH
AwQAtdfRAwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/nAwQAuZEkAwQAuZEn
AwQBuZc4AwQAuaxCAwQAv2AXAwQAv2AjAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DD
AwQAv2DSAwQAv2DVAwQAv2DXAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VK
AwQAv2VNAwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/
ZXUDBAC/ZZwDBAC/ZZ8DBAC/ZeIDBADBOmsDBADCNY0DBADCbg8DBADCbvIDBADV
bagwDQYJKoZIhvcNAQELBQADggEBAJcUelU5WdKQg29+c53xpnAQDfx4Ub+NGtRp
HeX5f2gYO0xH08Bbymr0ZuJQVmjGL8+eU9mK3Lu/1tplTVbpmDuToYELyLOx7t15
kDYT1ugG3w4IR2O/jn7jXA+gyH4tQpI+vKr7WZPB0dCiiGjZRZMLNoU63gYM9ADJ
VwKgC6Dbs0I4USql1TAGmHI1W7eRr4paq+u3QhmVIu0zV9j2I2x2TMzvITQbFpfK
m9hcd50/O29nCO0jFEYJu/Nz3lvENvzQKsSZ+c8w2hKXTpijtaKIlkzKesVXt7qk
t2uPwAotpMQQNWJHuhxUVikeH3of8s5HTADPasztrl1LWshWpBA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:28:34 2025 by rpki-client