Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: AJRiULT65fLesjzby4GHMJ3xXuSUHS6OvyTcd0EEr8E=
Subject key identifier: 37:13:68:33:D4:CD:77:A4:C3:F6:19:DF:BC:39:BF:CA:F8:E3:5F:5B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2FF4C87A6B0889703F038C0DE3BEB0D5FCC9CE17
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
Signing time: Wed 06 May 2026 11:01:23 +0000
ROA not before: Wed 06 May 2026 10:56:23 +0000
ROA not after: Wed 05 May 2027 11:01:23 +0000
asID: 9009
IP address blocks: 2.58.29.0/24 maxlen: 24
2.58.172.0/24 maxlen: 24
5.45.38.0/24 maxlen: 24
5.181.127.0/24 maxlen: 24
37.143.60.0/24 maxlen: 24
45.89.251.0/24 maxlen: 24
45.95.14.0/24 maxlen: 24
45.95.37.0/24 maxlen: 24
45.133.175.0/24 maxlen: 24
45.137.31.0/24 maxlen: 24
45.137.132.0/24 maxlen: 24
45.137.133.0/24 maxlen: 24
45.137.134.0/24 maxlen: 24
45.137.135.0/24 maxlen: 24
45.139.181.0/24 maxlen: 24
92.242.185.0/24 maxlen: 24
179.61.131.0/24 maxlen: 24
179.61.133.0/24 maxlen: 24
179.61.165.0/24 maxlen: 24
179.61.171.0/24 maxlen: 24
179.61.183.0/24 maxlen: 24
179.61.186.0/24 maxlen: 24
179.61.201.0/24 maxlen: 24
181.41.205.0/24 maxlen: 24
181.41.216.0/24 maxlen: 24
181.214.5.0/24 maxlen: 24
181.214.27.0/24 maxlen: 24
181.214.45.0/24 maxlen: 24
181.214.55.0/24 maxlen: 24
181.214.60.0/24 maxlen: 24
181.214.65.0/24 maxlen: 24
181.214.68.0/24 maxlen: 24
181.214.69.0/24 maxlen: 24
181.214.71.0/24 maxlen: 24
181.214.72.0/24 maxlen: 24
181.214.92.0/24 maxlen: 24
181.214.103.0/24 maxlen: 24
181.214.109.0/24 maxlen: 24
181.214.114.0/24 maxlen: 24
181.214.115.0/24 maxlen: 24
181.214.116.0/24 maxlen: 24
181.214.126.0/24 maxlen: 24
181.214.127.0/24 maxlen: 24
181.214.170.0/24 maxlen: 24
181.214.175.0/24 maxlen: 24
181.214.200.0/24 maxlen: 24
181.214.202.0/24 maxlen: 24
181.214.203.0/24 maxlen: 24
181.214.204.0/24 maxlen: 24
181.214.207.0/24 maxlen: 24
181.214.251.0/24 maxlen: 24
181.215.81.0/24 maxlen: 24
181.215.82.0/24 maxlen: 24
181.215.83.0/24 maxlen: 24
181.215.86.0/24 maxlen: 24
181.215.96.0/24 maxlen: 24
181.215.98.0/24 maxlen: 24
181.215.100.0/24 maxlen: 24
181.215.103.0/24 maxlen: 24
181.215.105.0/24 maxlen: 24
181.215.107.0/24 maxlen: 24
181.215.116.0/24 maxlen: 24
181.215.119.0/24 maxlen: 24
181.215.124.0/24 maxlen: 24
181.215.130.0/24 maxlen: 24
181.215.132.0/24 maxlen: 24
181.215.137.0/24 maxlen: 24
181.215.150.0/24 maxlen: 24
181.215.151.0/24 maxlen: 24
181.215.157.0/24 maxlen: 24
181.215.192.0/24 maxlen: 24
181.215.199.0/24 maxlen: 24
181.215.209.0/24 maxlen: 24
181.215.217.0/24 maxlen: 24
181.215.228.0/24 maxlen: 24
181.215.235.0/24 maxlen: 24
181.215.251.0/24 maxlen: 24
185.135.156.0/24 maxlen: 24
185.143.231.0/24 maxlen: 24
185.145.36.0/24 maxlen: 24
185.145.39.0/24 maxlen: 24
185.151.56.0/24 maxlen: 24
185.151.57.0/24 maxlen: 24
185.172.66.0/24 maxlen: 24
191.96.23.0/24 maxlen: 24
191.96.35.0/24 maxlen: 24
191.96.147.0/24 maxlen: 24
191.96.172.0/24 maxlen: 24
191.96.195.0/24 maxlen: 24
191.96.210.0/24 maxlen: 24
191.96.213.0/24 maxlen: 24
191.96.215.0/24 maxlen: 24
191.96.232.0/24 maxlen: 24
191.101.6.0/24 maxlen: 24
191.101.10.0/24 maxlen: 24
191.101.23.0/24 maxlen: 24
191.101.72.0/24 maxlen: 24
191.101.74.0/24 maxlen: 24
191.101.75.0/24 maxlen: 24
191.101.77.0/24 maxlen: 24
191.101.90.0/24 maxlen: 24
191.101.98.0/24 maxlen: 24
191.101.105.0/24 maxlen: 24
191.101.107.0/24 maxlen: 24
191.101.108.0/24 maxlen: 24
191.101.115.0/24 maxlen: 24
191.101.117.0/24 maxlen: 24
191.101.156.0/24 maxlen: 24
191.101.159.0/24 maxlen: 24
191.101.167.0/24 maxlen: 24
191.101.226.0/24 maxlen: 24
193.58.107.0/24 maxlen: 24
194.110.15.0/24 maxlen: 24
194.110.242.0/24 maxlen: 24
213.109.168.0/24 maxlen: 24
2a00:d1a0::/48 maxlen: 48
2a00:d1a0:1::/48 maxlen: 48
2a00:d1a0:2::/48 maxlen: 48
2a00:d1a0:3::/48 maxlen: 48
2a00:d1a0:4::/48 maxlen: 48
2a00:d1a0:5::/48 maxlen: 48
2a00:d1a0:6::/48 maxlen: 48
2a00:d1a0:7::/48 maxlen: 48
2a00:d1a0:8::/48 maxlen: 48
2a00:d1a0:9::/48 maxlen: 48
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 08:12:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:f4:c8:7a:6b:08:89:70:3f:03:8c:0d:e3:be:b0:d5:fc:c9:ce:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: May 6 10:56:23 2026 GMT
Not After : May 5 11:01:23 2027 GMT
Subject: CN=37136833D4CD77A4C3F619DFBC39BFCAF8E35F5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7b:b4:d0:da:b7:b1:70:41:a1:62:3d:f3:32:
ab:46:a8:ef:2b:be:a2:40:8b:74:99:84:81:ef:23:
e4:29:9c:b7:65:69:10:5c:85:57:35:c5:06:bd:6f:
4d:3f:54:de:1c:f4:4e:00:1c:0b:95:f1:ab:49:1b:
83:0c:e0:dc:4c:d9:24:fd:17:a8:b1:65:1b:e2:c1:
fd:3b:7c:e2:03:ca:85:43:91:61:b0:90:c6:9a:71:
3f:99:b5:5a:6c:ef:7d:fc:b0:cc:ea:47:03:37:93:
dc:11:4c:00:c6:e7:f9:ca:c5:6d:cf:87:01:8b:38:
fd:87:a9:d0:b2:0b:0e:0f:0f:43:58:5d:ff:1d:2c:
32:29:39:c1:a0:0f:68:e8:15:be:b4:25:39:f6:a4:
cd:06:a5:91:51:69:db:39:15:81:77:97:c2:55:cc:
1e:a8:8b:93:b5:39:1b:8b:03:ca:02:92:50:4b:fe:
d8:35:8d:22:56:2b:f1:d9:b9:a8:4b:86:2f:fd:98:
35:2c:79:77:9b:99:01:c0:71:21:4f:10:fa:4e:e1:
63:86:dc:b5:3f:39:43:21:a3:79:0e:d0:40:41:c8:
5c:69:6e:23:01:5c:ca:93:61:8e:97:f0:ab:e2:ba:
dc:b9:da:39:94:7f:24:ae:80:4b:0a:8f:40:6e:cf:
9b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:13:68:33:D4:CD:77:A4:C3:F6:19:DF:BC:39:BF:CA:F8:E3:5F:5B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.29.0/24
2.58.172.0/24
5.45.38.0/24
5.181.127.0/24
37.143.60.0/24
45.89.251.0/24
45.95.14.0/24
45.95.37.0/24
45.133.175.0/24
45.137.31.0/24
45.137.132.0/22
45.139.181.0/24
92.242.185.0/24
179.61.131.0/24
179.61.133.0/24
179.61.165.0/24
179.61.171.0/24
179.61.183.0/24
179.61.186.0/24
179.61.201.0/24
181.41.205.0/24
181.41.216.0/24
181.214.5.0/24
181.214.27.0/24
181.214.45.0/24
181.214.55.0/24
181.214.60.0/24
181.214.65.0/24
181.214.68.0/23
181.214.71.0-181.214.72.255
181.214.92.0/24
181.214.103.0/24
181.214.109.0/24
181.214.114.0-181.214.116.255
181.214.126.0/23
181.214.170.0/24
181.214.175.0/24
181.214.200.0/24
181.214.202.0-181.214.204.255
181.214.207.0/24
181.214.251.0/24
181.215.81.0-181.215.83.255
181.215.86.0/24
181.215.96.0/24
181.215.98.0/24
181.215.100.0/24
181.215.103.0/24
181.215.105.0/24
181.215.107.0/24
181.215.116.0/24
181.215.119.0/24
181.215.124.0/24
181.215.130.0/24
181.215.132.0/24
181.215.137.0/24
181.215.150.0/23
181.215.157.0/24
181.215.192.0/24
181.215.199.0/24
181.215.209.0/24
181.215.217.0/24
181.215.228.0/24
181.215.235.0/24
181.215.251.0/24
185.135.156.0/24
185.143.231.0/24
185.145.36.0/24
185.145.39.0/24
185.151.56.0/23
185.172.66.0/24
191.96.23.0/24
191.96.35.0/24
191.96.147.0/24
191.96.172.0/24
191.96.195.0/24
191.96.210.0/24
191.96.213.0/24
191.96.215.0/24
191.96.232.0/24
191.101.6.0/24
191.101.10.0/24
191.101.23.0/24
191.101.72.0/24
191.101.74.0/23
191.101.77.0/24
191.101.90.0/24
191.101.98.0/24
191.101.105.0/24
191.101.107.0-191.101.108.255
191.101.115.0/24
191.101.117.0/24
191.101.156.0/24
191.101.159.0/24
191.101.167.0/24
191.101.226.0/24
193.58.107.0/24
194.110.15.0/24
194.110.242.0/24
213.109.168.0/24
IPv6:
2a00:d1a0::-2a00:d1a0:9:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
73:8b:27:e0:61:df:16:de:c7:2a:a5:4a:e2:e8:9c:9e:ff:d8:
8b:63:74:45:d7:dd:36:13:79:eb:0e:5d:99:df:e7:c8:6a:0a:
d2:5e:40:f7:5e:0b:64:44:fb:1f:b7:a5:e8:88:f7:b0:04:5b:
fd:e9:6e:79:19:fb:d6:e9:cb:9a:00:77:e5:d3:82:61:ed:32:
00:6f:06:71:f8:b6:73:e1:80:b6:51:98:f9:36:32:1d:e3:df:
cd:db:2c:46:0c:8d:fc:9b:f5:12:e0:63:19:19:7a:2b:b8:37:
62:12:bc:86:7a:fe:74:c8:58:76:00:3a:b1:cf:db:49:67:74:
f7:94:d6:3d:28:4c:11:6c:6a:9e:7e:08:45:9b:f7:ad:05:3c:
84:ac:6c:8c:ee:5c:7c:10:27:c6:3e:50:9c:6c:a2:61:21:dc:
df:ab:d5:5c:1c:09:5d:9c:37:88:43:d2:18:54:3b:2e:2c:34:
cd:19:2d:ac:98:32:e9:97:06:45:be:ef:b2:47:bd:6f:41:ca:
dc:62:97:71:1c:17:0d:69:15:36:00:e5:3d:15:54:c9:4b:ae:
9d:52:93:52:0d:6d:58:21:65:11:39:c7:1e:fa:fe:50:f9:e2:
a5:dc:16:7c:67:dd:83:2f:cf:1d:e4:80:cd:43:a9:87:76:c8:
3b:b3:d8:61
-----BEGIN CERTIFICATE-----
MIIHljCCBn6gAwIBAgIUL/TIemsIiXA/A4wN476w1fzJzhcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjA1MDYxMDU2MjNaFw0yNzA1MDUxMTAxMjNaMDMxMTAvBgNV
BAMTKDM3MTM2ODMzRDRDRDc3QTRDM0Y2MTlERkJDMzlCRkNBRjhFMzVGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCre7TQ2rexcEGhYj3zMqtGqO8r
vqJAi3SZhIHvI+QpnLdlaRBchVc1xQa9b00/VN4c9E4AHAuV8atJG4MM4NxM2ST9
F6ixZRviwf07fOIDyoVDkWGwkMaacT+ZtVps7338sMzqRwM3k9wRTADG5/nKxW3P
hwGLOP2HqdCyCw4PD0NYXf8dLDIpOcGgD2joFb60JTn2pM0GpZFRads5FYF3l8JV
zB6oi5O1ORuLA8oCklBL/tg1jSJWK/HZuahLhi/9mDUseXebmQHAcSFPEPpO4WOG
3LU/OUMho3kO0EBByFxpbiMBXMqTYY6X8Kviuty52jmUfySugEsKj0Buz5vxAgMB
AAGjggSgMIIEnDAdBgNVHQ4EFgQUNxNoM9TNd6TD9hnfvDm/yvjjX1swHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCArUGCCsGAQUFBwEHAQH/BIICpDCCAqAwggKCBAIAATCC
AnoDBAACOh0DBAACOqwDBAAFLSYDBAAFtX8DBAAljzwDBAAtWfsDBAAtXw4DBAAt
XyUDBAAtha8DBAAtiR8DBAItiYQDBAAti7UDBABc8rkDBACzPYMDBACzPYUDBACz
PaUDBACzPasDBACzPbcDBACzPboDBACzPckDBAC1Kc0DBAC1KdgDBAC11gUDBAC1
1hsDBAC11i0DBAC11jcDBAC11jwDBAC11kEDBAG11kQwDAMEALXWRwMEALXWSAME
ALXWXAMEALXWZwMEALXWbTAMAwQBtdZyAwQAtdZ0AwQBtdZ+AwQAtdaqAwQAtdav
AwQAtdbIMAwDBAG11soDBAC11swDBAC11s8DBAC11vswDAMEALXXUQMEArXXUAME
ALXXVgMEALXXYAMEALXXYgMEALXXZAMEALXXZwMEALXXaQMEALXXawMEALXXdAME
ALXXdwMEALXXfAMEALXXggMEALXXhAMEALXXiQMEAbXXlgMEALXXnQMEALXXwAME
ALXXxwMEALXX0QMEALXX2QMEALXX5AMEALXX6wMEALXX+wMEALmHnAMEALmP5wME
ALmRJAMEALmRJwMEAbmXOAMEALmsQgMEAL9gFwMEAL9gIwMEAL9gkwMEAL9grAME
AL9gwwMEAL9g0gMEAL9g1QMEAL9g1wMEAL9g6AMEAL9lBgMEAL9lCgMEAL9lFwME
AL9lSAMEAb9lSgMEAL9lTQMEAL9lWgMEAL9lYgMEAL9laTAMAwQAv2VrAwQAv2Vs
AwQAv2VzAwQAv2V1AwQAv2WcAwQAv2WfAwQAv2WnAwQAv2XiAwQAwTprAwQAwm4P
AwQAwm7yAwQA1W2oMBgEAgACMBIwEAMFBSoA0aADBwEqANGgAAgwDQYJKoZIhvcN
AQELBQADggEBAHOLJ+Bh3xbexyqlSuLonJ7/2ItjdEXX3TYTeesOXZnf58hqCtJe
QPdeC2RE+x+3peiI97AEW/3pbnkZ+9bpy5oAd+XTgmHtMgBvBnH4tnPhgLZRmPk2
Mh3j383bLEYMjfyb9RLgYxkZeiu4N2ISvIZ6/nTIWHYAOrHP20lndPeU1j0oTBFs
ap5+CEWb960FPISsbIzuXHwQJ8Y+UJxsomEh3N+r1VwcCV2cN4hD0hhUOy4sNM0Z
LayYMumXBkW+77JHvW9Bytxil3EcFw1pFTYA5T0VVMlLrp1Sk1INbVghZRE5xx76
/lD54qXcFnxn3YMvzx3kgM1DqYd2yDuz2GE=
-----END CERTIFICATE-----
Generated at Wed May 13 00:59:22 2026 by rpki-client