This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: BM9bUO0uwA2Lna7YD7sO9yz1RJYsx0LVdTeXqRf619A= Subject key identifier: C6:5B:2F:10:B2:DC:45:4A:B8:22:CC:A3:31:EF:E4:F7:DB:9D:C4:1A Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 0AC45794E4D86E97E49E2487FD24C94A23C21D21 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa Signing time: Thu 04 Dec 2025 17:31:10 +0000 ROA not before: Thu 04 Dec 2025 17:26:10 +0000 ROA not after: Thu 03 Dec 2026 17:31:10 +0000 asID: 9009 IP address blocks: 2.58.172.0/24 maxlen: 24 5.45.38.0/24 maxlen: 24 5.181.125.0/24 maxlen: 24 5.181.126.0/24 maxlen: 24 5.181.127.0/24 maxlen: 24 5.182.109.0/24 maxlen: 24 37.143.60.0/24 maxlen: 24 45.95.14.0/24 maxlen: 24 45.95.37.0/24 maxlen: 24 45.133.175.0/24 maxlen: 24 45.137.132.0/24 maxlen: 24 45.137.133.0/24 maxlen: 24 45.137.134.0/24 maxlen: 24 45.137.135.0/24 maxlen: 24 92.242.185.0/24 maxlen: 24 130.185.124.0/24 maxlen: 24 179.61.131.0/24 maxlen: 24 179.61.133.0/24 maxlen: 24 179.61.165.0/24 maxlen: 24 179.61.171.0/24 maxlen: 24 179.61.183.0/24 maxlen: 24 179.61.186.0/24 maxlen: 24 179.61.201.0/24 maxlen: 24 181.41.216.0/24 maxlen: 24 181.214.5.0/24 maxlen: 24 181.214.27.0/24 maxlen: 24 181.214.45.0/24 maxlen: 24 181.214.55.0/24 maxlen: 24 181.214.65.0/24 maxlen: 24 181.214.71.0/24 maxlen: 24 181.214.72.0/24 maxlen: 24 181.214.92.0/24 maxlen: 24 181.214.115.0/24 maxlen: 24 181.214.127.0/24 maxlen: 24 181.214.170.0/24 maxlen: 24 181.214.175.0/24 maxlen: 24 181.214.204.0/24 maxlen: 24 181.214.207.0/24 maxlen: 24 181.214.251.0/24 maxlen: 24 181.215.107.0/24 maxlen: 24 181.215.116.0/24 maxlen: 24 181.215.119.0/24 maxlen: 24 181.215.124.0/24 maxlen: 24 181.215.130.0/24 maxlen: 24 181.215.132.0/24 maxlen: 24 181.215.137.0/24 maxlen: 24 181.215.150.0/24 maxlen: 24 181.215.151.0/24 maxlen: 24 181.215.157.0/24 maxlen: 24 181.215.192.0/24 maxlen: 24 181.215.199.0/24 maxlen: 24 181.215.209.0/24 maxlen: 24 181.215.228.0/24 maxlen: 24 181.215.235.0/24 maxlen: 24 181.215.251.0/24 maxlen: 24 185.135.156.0/24 maxlen: 24 185.143.231.0/24 maxlen: 24 185.145.36.0/24 maxlen: 24 185.145.39.0/24 maxlen: 24 185.151.56.0/24 maxlen: 24 185.151.57.0/24 maxlen: 24 185.172.66.0/24 maxlen: 24 191.96.23.0/24 maxlen: 24 191.96.35.0/24 maxlen: 24 191.96.65.0/24 maxlen: 24 191.96.147.0/24 maxlen: 24 191.96.172.0/24 maxlen: 24 191.96.195.0/24 maxlen: 24 191.96.210.0/24 maxlen: 24 191.96.213.0/24 maxlen: 24 191.96.215.0/24 maxlen: 24 191.96.232.0/24 maxlen: 24 191.101.6.0/24 maxlen: 24 191.101.23.0/24 maxlen: 24 191.101.72.0/24 maxlen: 24 191.101.74.0/24 maxlen: 24 191.101.75.0/24 maxlen: 24 191.101.77.0/24 maxlen: 24 191.101.90.0/24 maxlen: 24 191.101.98.0/24 maxlen: 24 191.101.105.0/24 maxlen: 24 191.101.107.0/24 maxlen: 24 191.101.108.0/24 maxlen: 24 191.101.115.0/24 maxlen: 24 191.101.117.0/24 maxlen: 24 191.101.156.0/24 maxlen: 24 191.101.159.0/24 maxlen: 24 191.101.226.0/24 maxlen: 24 193.58.107.0/24 maxlen: 24 194.53.141.0/24 maxlen: 24 194.110.15.0/24 maxlen: 24 194.110.242.0/24 maxlen: 24 213.109.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0a:c4:57:94:e4:d8:6e:97:e4:9e:24:87:fd:24:c9:4a:23:c2:1d:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 4 17:26:10 2025 GMT Not After : Dec 3 17:31:10 2026 GMT Subject: CN=C65B2F10B2DC454AB822CCA331EFE4F7DB9DC41A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:44:57:18:c1:7e:ee:6a:2e:38:c1:1f:20:00: aa:47:6a:b1:8c:75:b3:fa:e0:d6:2a:a9:51:aa:33: ad:e2:e1:e4:49:a1:89:bd:32:ab:00:80:62:6a:b5: 36:af:9c:b5:f3:b2:18:f7:68:76:4d:df:83:a7:0b: 42:b7:22:3a:c8:b6:93:3f:7c:5a:4d:25:8d:f8:07: ca:2d:15:0f:59:af:27:1b:e2:6d:61:16:93:5f:e3: 4a:c6:59:05:db:ed:2c:42:aa:c4:5c:71:33:23:a2: 3f:12:17:84:89:f0:e4:cb:1d:51:f2:09:aa:dc:71: fd:d4:3c:5b:e8:f1:c3:f1:a2:78:30:13:06:da:4b: 47:ea:73:de:fa:b7:de:dc:de:1b:27:2a:1b:61:40: 6e:47:e6:50:bf:83:aa:84:2d:9f:a6:92:6c:63:e8: cf:aa:07:dd:9f:96:cd:07:1c:a8:8f:52:19:b0:bd: 3c:bb:8a:b4:1d:f9:d2:9c:6b:eb:f3:68:f3:42:9e: 71:73:a1:e6:7d:17:63:1b:7b:9f:5d:b7:d3:2d:ec: d0:9d:83:0d:9e:64:3d:ff:18:04:60:b2:93:55:69: 2b:0e:ee:b5:e1:87:8d:c0:f9:d7:e6:23:ce:a7:ae: bb:38:a7:d0:da:cb:3d:38:cf:1e:a7:b2:87:14:b6: d1:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:5B:2F:10:B2:DC:45:4A:B8:22:CC:A3:31:EF:E4:F7:DB:9D:C4:1A X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.172.0/24 5.45.38.0/24 5.181.125.0-5.181.127.255 5.182.109.0/24 37.143.60.0/24 45.95.14.0/24 45.95.37.0/24 45.133.175.0/24 45.137.132.0/22 92.242.185.0/24 130.185.124.0/24 179.61.131.0/24 179.61.133.0/24 179.61.165.0/24 179.61.171.0/24 179.61.183.0/24 179.61.186.0/24 179.61.201.0/24 181.41.216.0/24 181.214.5.0/24 181.214.27.0/24 181.214.45.0/24 181.214.55.0/24 181.214.65.0/24 181.214.71.0-181.214.72.255 181.214.92.0/24 181.214.115.0/24 181.214.127.0/24 181.214.170.0/24 181.214.175.0/24 181.214.204.0/24 181.214.207.0/24 181.214.251.0/24 181.215.107.0/24 181.215.116.0/24 181.215.119.0/24 181.215.124.0/24 181.215.130.0/24 181.215.132.0/24 181.215.137.0/24 181.215.150.0/23 181.215.157.0/24 181.215.192.0/24 181.215.199.0/24 181.215.209.0/24 181.215.228.0/24 181.215.235.0/24 181.215.251.0/24 185.135.156.0/24 185.143.231.0/24 185.145.36.0/24 185.145.39.0/24 185.151.56.0/23 185.172.66.0/24 191.96.23.0/24 191.96.35.0/24 191.96.65.0/24 191.96.147.0/24 191.96.172.0/24 191.96.195.0/24 191.96.210.0/24 191.96.213.0/24 191.96.215.0/24 191.96.232.0/24 191.101.6.0/24 191.101.23.0/24 191.101.72.0/24 191.101.74.0/23 191.101.77.0/24 191.101.90.0/24 191.101.98.0/24 191.101.105.0/24 191.101.107.0-191.101.108.255 191.101.115.0/24 191.101.117.0/24 191.101.156.0/24 191.101.159.0/24 191.101.226.0/24 193.58.107.0/24 194.53.141.0/24 194.110.15.0/24 194.110.242.0/24 213.109.168.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:65:47:17:85:e7:47:b6:4c:10:90:8d:bf:db:0d:c7:49:f9: da:ef:42:41:30:4c:8b:fa:0d:70:f9:2e:99:1e:b8:12:0f:32: f2:6a:ba:7d:f0:ff:b8:ef:3f:10:5c:a8:97:5a:b8:98:5b:61: 36:12:c6:fe:f7:d9:77:da:6e:fe:dc:b6:ef:c3:b6:35:34:d5: 8c:f3:d0:b5:b6:fc:c1:ad:b7:57:3a:78:d8:23:d4:02:04:ec: 02:67:a4:52:77:1c:a2:91:ff:e7:92:d1:93:1f:bf:23:5a:61: e1:f1:dc:ec:76:31:8e:bd:c7:88:c3:bd:91:f1:ed:48:84:51: 15:f0:5b:bc:08:aa:99:1a:80:8b:d9:89:1b:a7:54:23:91:e7: 93:d6:78:28:9d:f1:43:a9:4c:47:44:c2:cd:e4:01:44:bf:d6: 62:76:51:62:29:1b:8a:d0:0f:43:fc:84:d8:97:43:07:6a:12: da:ed:f7:a6:ae:44:d4:10:ba:d1:96:cb:05:75:0a:c7:27:5d: 7c:4e:8c:96:57:02:3a:61:e5:5d:80:7e:58:88:45:d7:36:d1: 1b:9d:ea:ce:2e:74:ac:e0:2a:1f:9e:c6:1c:c4:66:0f:66:ef: 3f:31:6e:e7:70:56:ce:6c:85:fb:d8:91:c6:9b:ab:97:8d:da: 09:8f:bb:04 -----BEGIN CERTIFICATE----- MIIHDDCCBfSgAwIBAgIUCsRXlOTYbpfkniSH/STJSiPCHSEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMDQxNzI2MTBaFw0yNjEyMDMxNzMxMTBaMDMxMTAvBgNV BAMTKEM2NUIyRjEwQjJEQzQ1NEFCODIyQ0NBMzMxRUZFNEY3REI5REM0MUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrRFcYwX7uai44wR8gAKpHarGM dbP64NYqqVGqM63i4eRJoYm9MqsAgGJqtTavnLXzshj3aHZN34OnC0K3IjrItpM/ fFpNJY34B8otFQ9Zrycb4m1hFpNf40rGWQXb7SxCqsRccTMjoj8SF4SJ8OTLHVHy Carccf3UPFvo8cPxongwEwbaS0fqc976t97c3hsnKhthQG5H5lC/g6qELZ+mkmxj 6M+qB92fls0HHKiPUhmwvTy7irQd+dKca+vzaPNCnnFzoeZ9F2Mbe59dt9Mt7NCd gw2eZD3/GARgspNVaSsO7rXhh43A+dfmI86nrrs4p9Dayz04zx6nsocUttGJAgMB AAGjggQWMIIEEjAdBgNVHQ4EFgQUxlsvELLcRUq4IsyjMe/k99udxBowHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAisGCCsGAQUFBwEHAQH/BIICGjCCAhYwggISBAIAATCC AgoDBAACOqwDBAAFLSYwDAMEAAW1fQMEBwW1AAMEAAW2bQMEACWPPAMEAC1fDgME AC1fJQMEAC2FrwMEAi2JhAMEAFzyuQMEAIK5fAMEALM9gwMEALM9hQMEALM9pQME ALM9qwMEALM9twMEALM9ugMEALM9yQMEALUp2AMEALXWBQMEALXWGwMEALXWLQME ALXWNwMEALXWQTAMAwQAtdZHAwQAtdZIAwQAtdZcAwQAtdZzAwQAtdZ/AwQAtdaq AwQAtdavAwQAtdbMAwQAtdbPAwQAtdb7AwQAtddrAwQAtdd0AwQAtdd3AwQAtdd8 AwQAtdeCAwQAtdeEAwQAtdeJAwQBtdeWAwQAtdedAwQAtdfAAwQAtdfHAwQAtdfR AwQAtdfkAwQAtdfrAwQAtdf7AwQAuYecAwQAuY/nAwQAuZEkAwQAuZEnAwQBuZc4 AwQAuaxCAwQAv2AXAwQAv2AjAwQAv2BBAwQAv2CTAwQAv2CsAwQAv2DDAwQAv2DS AwQAv2DVAwQAv2DXAwQAv2DoAwQAv2UGAwQAv2UXAwQAv2VIAwQBv2VKAwQAv2VN AwQAv2VaAwQAv2ViAwQAv2VpMAwDBAC/ZWsDBAC/ZWwDBAC/ZXMDBAC/ZXUDBAC/ ZZwDBAC/ZZ8DBAC/ZeIDBADBOmsDBADCNY0DBADCbg8DBADCbvIDBADVbagwDQYJ KoZIhvcNAQELBQADggEBAH9lRxeF50e2TBCQjb/bDcdJ+drvQkEwTIv6DXD5Lpke uBIPMvJqun3w/7jvPxBcqJdauJhbYTYSxv732Xfabv7ctu/DtjU01Yzz0LW2/MGt t1c6eNgj1AIE7AJnpFJ3HKKR/+eS0ZMfvyNaYeHx3Ox2MY69x4jDvZHx7UiEURXw W7wIqpkagIvZiRunVCOR55PWeCid8UOpTEdEws3kAUS/1mJ2UWIpG4rQD0P8hNiX QwdqEtrt96auRNQQutGWywV1CscnXXxOjJZXAjph5V2AfliIRdc20Rud6s4udKzg Kh+exhzEZg9m7z8xbudwVs5shfvYkcabq5eN2gmPuwQ= -----END CERTIFICATE-----Generated at Sat Dec 6 15:45:20 2025 by rpki-client