This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa File: AS9009.roa (raw, json) Hash identifier: 7aYtaG5xAM+5wIp/EoDIZZ7AKbXbToBMm1ro3BnB45c= Subject key identifier: 21:4F:1B:18:15:49:C0:DB:E2:F6:1A:C6:C6:BC:16:D8:FE:58:C5:BC Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 51D1B5ECC91EFEC59E2A663DA0DF712AB077E813 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa Signing time: Wed 10 Dec 2025 07:59:15 +0000 ROA not before: Wed 10 Dec 2025 07:54:15 +0000 ROA not after: Wed 09 Dec 2026 07:59:15 +0000 asID: 9009 IP address blocks: 82.21.138.0/24 maxlen: 24 82.21.146.0/24 maxlen: 24 82.21.147.0/24 maxlen: 24 82.21.196.0/24 maxlen: 24 82.21.197.0/24 maxlen: 24 82.21.217.0/24 maxlen: 24 82.21.240.0/24 maxlen: 24 82.22.242.0/24 maxlen: 24 82.23.7.0/24 maxlen: 24 82.23.8.0/24 maxlen: 24 82.23.9.0/24 maxlen: 24 82.23.10.0/24 maxlen: 24 82.23.11.0/24 maxlen: 24 82.23.12.0/24 maxlen: 24 82.23.13.0/24 maxlen: 24 82.23.14.0/24 maxlen: 24 82.23.216.0/24 maxlen: 24 82.23.232.0/24 maxlen: 24 82.24.223.0/24 maxlen: 24 82.24.230.0/24 maxlen: 24 82.25.214.0/24 maxlen: 24 82.25.227.0/24 maxlen: 24 82.26.121.0/24 maxlen: 24 82.26.217.0/24 maxlen: 24 82.27.226.0/24 maxlen: 24 82.29.113.0/24 maxlen: 24 82.29.114.0/24 maxlen: 24 82.29.116.0/24 maxlen: 24 82.29.117.0/24 maxlen: 24 82.29.238.0/24 maxlen: 24 82.38.14.0/24 maxlen: 24 2a13:9500:2::/48 maxlen: 48 2a13:9500:4::/48 maxlen: 48 2a13:9500:5::/48 maxlen: 48 2a13:9500:6::/48 maxlen: 48 2a13:9500:7::/48 maxlen: 48 2a13:9500:8::/48 maxlen: 48 2a13:9500:9::/48 maxlen: 48 2a13:9500:a::/48 maxlen: 48 2a13:9500:b::/48 maxlen: 48 2a13:9500:c::/48 maxlen: 48 2a13:9500:d::/48 maxlen: 48 2a13:9500:e::/48 maxlen: 48 2a13:9500:f::/48 maxlen: 48 2a13:9500:10::/48 maxlen: 48 2a13:9500:11::/48 maxlen: 48 2a13:9500:12::/48 maxlen: 48 2a13:9500:13::/48 maxlen: 48 2a13:9500:14::/48 maxlen: 48 2a13:9500:15::/48 maxlen: 48 2a13:9500:16::/48 maxlen: 48 2a13:9500:17::/48 maxlen: 48 2a13:9500:18::/48 maxlen: 48 2a13:9500:19::/48 maxlen: 48 2a13:9500:1a::/48 maxlen: 48 2a13:9500:1b::/48 maxlen: 48 2a13:9500:29::/48 maxlen: 48 2a13:9500:2a::/48 maxlen: 48 2a13:9500:2b::/48 maxlen: 48 2a13:9500:2c::/48 maxlen: 48 2a13:9500:2e::/48 maxlen: 48 2a13:9500:2f::/48 maxlen: 48 2a13:9500:30::/48 maxlen: 48 2a13:9500:31::/48 maxlen: 48 2a13:9500:34::/48 maxlen: 48 2a13:9500:35::/48 maxlen: 48 2a13:9500:3b::/48 maxlen: 48 2a13:9500:3c::/48 maxlen: 48 2a13:9500:3d::/48 maxlen: 48 2a13:9500:58::/48 maxlen: 48 2a13:9500:59::/48 maxlen: 48 2a13:9500:5a::/48 maxlen: 48 2a13:9500:f1::/48 maxlen: 48 2a13:9500:f2::/48 maxlen: 48 2a13:9500:f3::/48 maxlen: 48 2a13:9500:f4::/48 maxlen: 48 2a13:9500:f5::/48 maxlen: 48 2a13:9500:f6::/48 maxlen: 48 2a13:9500:f7::/48 maxlen: 48 2a13:9500:f8::/48 maxlen: 48 2a13:9500:f9::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:d1:b5:ec:c9:1e:fe:c5:9e:2a:66:3d:a0:df:71:2a:b0:77:e8:13 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Dec 10 07:54:15 2025 GMT Not After : Dec 9 07:59:15 2026 GMT Subject: CN=214F1B181549C0DBE2F61AC6C6BC16D8FE58C5BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:6b:14:d9:b1:cc:2d:23:31:0b:ca:5f:f6:48: bd:3f:00:60:d1:62:95:08:10:33:f2:8f:fb:e7:43: 84:7d:9c:c6:b0:e5:95:dd:da:31:f8:d3:db:85:76: 28:35:9f:96:21:7c:d4:ff:24:6c:6d:96:29:4c:94: ad:24:15:fd:32:d6:b4:3e:68:55:4c:78:2b:74:2f: 11:f7:fd:b0:b2:19:bc:10:81:ef:eb:88:c5:dd:68: 91:92:fe:18:03:03:50:a1:65:4e:f3:77:e0:10:15: 14:94:22:2d:c9:a6:7e:b9:6f:95:3f:66:e2:2a:c6: 11:2f:9e:be:b9:9e:07:1f:16:f1:c7:2a:d1:61:63: c8:3d:a0:cb:df:9e:14:91:e7:cc:4b:7a:bb:d0:9d: a9:1d:18:51:e4:8c:5f:14:d0:17:a1:e4:88:95:ca: be:d7:11:f0:56:02:7f:77:b2:cf:e7:08:db:5d:e0: 1a:20:67:a4:4d:e1:9d:b4:f9:95:a2:e2:05:9e:b6: 9a:9c:7c:ad:28:e3:a9:96:0c:b5:e1:c4:f5:1d:46: f4:53:a3:06:33:c3:8a:80:30:90:88:a3:51:4f:6b: e1:ab:d5:be:02:62:f9:bd:d4:bc:2e:a8:32:d1:ac: 38:13:8b:a7:3f:76:da:c9:8a:91:34:0d:bd:07:82: 7a:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:4F:1B:18:15:49:C0:DB:E2:F6:1A:C6:C6:BC:16:D8:FE:58:C5:BC X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9009.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.138.0/24 82.21.146.0/23 82.21.196.0/23 82.21.217.0/24 82.21.240.0/24 82.22.242.0/24 82.23.7.0-82.23.14.255 82.23.216.0/24 82.23.232.0/24 82.24.223.0/24 82.24.230.0/24 82.25.214.0/24 82.25.227.0/24 82.26.121.0/24 82.26.217.0/24 82.27.226.0/24 82.29.113.0-82.29.114.255 82.29.116.0/23 82.29.238.0/24 82.38.14.0/24 IPv6: 2a13:9500:2::/48 2a13:9500:4::-2a13:9500:1b:ffff:ffff:ffff:ffff:ffff 2a13:9500:29::-2a13:9500:2c:ffff:ffff:ffff:ffff:ffff 2a13:9500:2e::-2a13:9500:31:ffff:ffff:ffff:ffff:ffff 2a13:9500:34::/47 2a13:9500:3b::-2a13:9500:3d:ffff:ffff:ffff:ffff:ffff 2a13:9500:58::-2a13:9500:5a:ffff:ffff:ffff:ffff:ffff 2a13:9500:f1::-2a13:9500:f9:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 06:7f:b4:8b:4e:62:25:37:50:da:48:4b:34:12:c6:ab:5f:81: 4c:a4:20:3b:a8:44:f4:ef:01:32:ab:26:75:85:f4:34:cf:2a: dd:1c:24:0e:1b:a6:3b:7e:ac:be:52:cf:a2:10:ef:39:cd:22: d4:e4:b7:50:67:10:62:85:e8:c8:48:e4:e0:35:71:d1:8f:4f: 3f:3f:de:69:c4:33:5e:39:61:1f:01:1d:77:e0:ae:cd:a4:0d: 8b:3c:42:15:23:31:a0:7c:e8:66:70:33:37:3c:ac:40:36:25: 32:08:0d:2b:6a:d5:06:dd:5a:2d:e4:b9:96:64:d6:bd:14:b6: dd:31:a3:1d:b2:bc:55:45:7e:5a:07:1c:f2:f4:a6:ae:7a:94: 68:88:a8:4c:28:9d:18:50:69:f7:43:e6:dd:3e:87:bb:3a:d9: 4d:75:28:f5:44:95:f1:7f:0d:ba:ac:fd:01:51:8f:eb:c8:d4: 7c:1b:7d:73:fd:06:4a:70:39:6b:bd:af:54:5e:cf:e7:d1:95: a7:b4:ee:2a:4c:e5:4f:ba:08:85:a2:c5:e5:06:bb:bb:e5:a7: c1:9b:84:66:cd:ef:49:37:43:a4:df:a6:84:3e:c4:0f:c8:b0: f5:65:5e:1c:d9:6a:93:0b:1a:2d:24:dc:23:fe:c6:c9:5e:ca: 35:81:39:91 -----BEGIN CERTIFICATE----- MIIGHDCCBQSgAwIBAgIUUdG17Mke/sWeKmY9oN9xKrB36BMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTEyMTAwNzU0MTVaFw0yNjEyMDkwNzU5MTVaMDMxMTAvBgNV BAMTKDIxNEYxQjE4MTU0OUMwREJFMkY2MUFDNkM2QkMxNkQ4RkU1OEM1QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDaxTZscwtIzELyl/2SL0/AGDR YpUIEDPyj/vnQ4R9nMaw5ZXd2jH409uFdig1n5YhfNT/JGxtlilMlK0kFf0y1rQ+ aFVMeCt0LxH3/bCyGbwQge/riMXdaJGS/hgDA1ChZU7zd+AQFRSUIi3Jpn65b5U/ ZuIqxhEvnr65ngcfFvHHKtFhY8g9oMvfnhSR58xLervQnakdGFHkjF8U0Beh5IiV yr7XEfBWAn93ss/nCNtd4BogZ6RN4Z20+ZWi4gWetpqcfK0o46mWDLXhxPUdRvRT owYzw4qAMJCIo1FPa+Gr1b4CYvm91LwuqDLRrDgTi6c/dtrJipE0Db0Hgnr5AgMB AAGjggMmMIIDIjAdBgNVHQ4EFgQUIU8bGBVJwNvi9hrGxrwW2P5YxbwwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCATsGCCsGAQUFBwEHAQH/BIIBKjCCASYwgY8EAgABMIGI AwQAUhWKAwQBUhWSAwQBUhXEAwQAUhXZAwQAUhXwAwQAUhbyMAwDBABSFwcDBABS Fw4DBABSF9gDBABSF+gDBABSGN8DBABSGOYDBABSGdYDBABSGeMDBABSGnkDBABS GtkDBABSG+IwDAMEAFIdcQMEAFIdcgMEAVIddAMEAFId7gMEAFImDjCBkQQCAAIw gYoDBwAqE5UAAAIwEgMHAioTlQAABAMHAioTlQAAGDASAwcAKhOVAAApAwcAKhOV AAAsMBIDBwEqE5UAAC4DBwEqE5UAADADBwEqE5UAADQwEgMHACoTlQAAOwMHASoT lQAAPDASAwcDKhOVAABYAwcAKhOVAABaMBIDBwAqE5UAAPEDBwEqE5UAAPgwDQYJ KoZIhvcNAQELBQADggEBAAZ/tItOYiU3UNpISzQSxqtfgUykIDuoRPTvATKrJnWF 9DTPKt0cJA4bpjt+rL5Sz6IQ7znNItTkt1BnEGKF6MhI5OA1cdGPTz8/3mnEM145 YR8BHXfgrs2kDYs8QhUjMaB86GZwMzc8rEA2JTIIDStq1QbdWi3kuZZk1r0Utt0x ox2yvFVFfloHHPL0pq56lGiIqEwonRhQafdD5t0+h7s62U11KPVElfF/Dbqs/QFR j+vI1HwbfXP9BkpwOWu9r1Rez+fRlae07ipM5U+6CIWixeUGu7vlp8GbhGbN70k3 Q6TfpoQ+xA/IsPVlXhzZapMLGi0k3CP+xsleyjWBOZE= -----END CERTIFICATE-----Generated at Mon Dec 15 15:30:00 2025 by rpki-client