Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: P5LCBjlTZfneU1jZ40WexOaoLhE1mgvcSGxemdxw9uA=
Subject key identifier: A7:6F:4D:D8:65:B4:F2:48:83:90:03:DD:48:82:C2:83:68:40:D2:07
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 5A48E54B6346B658634F20DDBC5AFE8E946A20D9
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Mon 06 Oct 2025 16:24:01 +0000
ROA not before: Mon 06 Oct 2025 16:19:01 +0000
ROA not after: Mon 05 Oct 2026 16:24:01 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.122.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:48:e5:4b:63:46:b6:58:63:4f:20:dd:bc:5a:fe:8e:94:6a:20:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Oct 6 16:19:01 2025 GMT
Not After : Oct 5 16:24:01 2026 GMT
Subject: CN=A76F4DD865B4F248839003DD4882C2836840D207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:82:43:4a:4b:ea:2b:01:0a:52:a3:86:e3:8c:
6e:23:19:4b:5c:ca:17:d1:60:80:cc:c7:9f:d7:bd:
70:1f:e7:74:66:0d:cb:c7:df:3b:c2:26:0d:91:2d:
1a:be:e5:41:70:cf:1d:46:8b:08:cf:be:95:4a:15:
c7:f8:20:74:d5:0d:76:e7:86:82:c3:57:25:d5:cb:
cb:6d:90:a3:a3:74:57:2e:2d:61:f8:21:95:ab:4c:
e7:f8:53:ac:98:1a:77:6f:06:1d:c0:07:71:40:a3:
a4:8f:82:40:b1:38:0c:f8:c9:e1:d5:4d:2e:9d:6e:
f8:e8:19:8a:92:2a:f3:d7:19:ee:dd:62:b5:99:6e:
26:09:83:32:7d:a5:70:cf:bb:a9:47:d6:9a:b4:8f:
c2:5b:68:4c:b2:a9:48:c7:29:0d:7b:f2:a9:36:3e:
fa:87:ca:0b:a1:e9:7b:f7:e1:8b:0a:77:54:d5:cd:
5b:e3:93:a0:f8:0a:96:b9:a3:f4:01:61:ec:5a:26:
c7:81:0f:29:65:4e:ca:eb:91:2f:f5:74:f1:9c:57:
28:81:23:29:c1:1f:85:77:71:42:36:52:d5:a2:54:
ee:fa:a0:ea:a7:6a:52:e9:1e:3f:3c:6e:07:ef:52:
c4:0a:12:47:0f:fa:90:ed:57:0e:e4:00:44:05:f5:
27:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:6F:4D:D8:65:B4:F2:48:83:90:03:DD:48:82:C2:83:68:40:D2:07
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
91.124.122.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.59.0/24
92.112.72.0/23
92.112.79.0/24
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
19:01:0f:8e:86:d8:25:f3:fb:dc:7c:c7:e8:4e:c2:1e:43:de:
31:d3:83:eb:9f:03:04:76:c0:ea:67:4e:12:c4:67:a5:8d:90:
60:d7:4f:23:b6:2d:01:3b:e5:0f:22:ef:ec:6c:80:92:20:15:
69:c4:e1:84:34:20:a4:58:10:54:80:ec:32:f2:97:aa:60:e0:
9a:da:55:b9:fd:26:a9:d7:2b:c7:eb:58:34:88:f9:ec:de:3d:
2a:02:2a:04:84:dc:1b:fa:12:c5:47:02:d1:01:44:31:79:cd:
5e:e3:dd:59:a6:c8:b1:2d:b6:7a:a2:5d:ae:c3:a2:af:10:80:
b8:16:70:36:70:62:71:88:57:08:2e:4d:df:ea:ad:a9:34:51:
f7:cc:c9:e1:e1:75:9a:56:59:1d:d3:2b:4c:0e:7a:86:ca:59:
f3:ad:d7:2f:5b:8a:26:bc:3b:c5:fc:04:26:6b:fe:c2:30:7c:
39:f0:a3:eb:ee:b7:95:2f:05:79:6b:c5:38:2f:d1:6f:b5:37:
97:3c:70:8e:26:b5:9a:1d:d8:f9:f7:f6:bd:a5:7a:e5:7e:92:
e1:e3:a2:fb:4a:ed:28:2b:90:3d:15:db:61:51:64:93:89:b2:
af:59:1b:b6:07:5b:6e:5c:f9:ee:51:1e:b5:99:37:a6:ea:c7:
45:7f:b6:2a
-----BEGIN CERTIFICATE-----
MIIGrjCCBZagAwIBAgIUWkjlS2NGtlhjTyDdvFr+jpRqINkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTEwMDYxNjE5MDFaFw0yNjEwMDUxNjI0MDFaMDMxMTAvBgNV
BAMTKEE3NkY0REQ4NjVCNEYyNDg4MzkwMDNERDQ4ODJDMjgzNjg0MEQyMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEgkNKS+orAQpSo4bjjG4jGUtc
yhfRYIDMx5/XvXAf53RmDcvH3zvCJg2RLRq+5UFwzx1GiwjPvpVKFcf4IHTVDXbn
hoLDVyXVy8ttkKOjdFcuLWH4IZWrTOf4U6yYGndvBh3AB3FAo6SPgkCxOAz4yeHV
TS6dbvjoGYqSKvPXGe7dYrWZbiYJgzJ9pXDPu6lH1pq0j8JbaEyyqUjHKQ178qk2
PvqHyguh6Xv34YsKd1TVzVvjk6D4Cpa5o/QBYexaJseBDyllTsrrkS/1dPGcVyiB
IynBH4V3cUI2UtWiVO76oOqnalLpHj88bgfvUsQKEkcP+pDtVw7kAEQF9SeDAgMB
AAGjggO4MIIDtDAdBgNVHQ4EFgQUp29N2GW08kiDkAPdSILCg2hA0gcwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAc0GCCsGAQUFBwEHAQH/BIIBvDCCAbgwggG0BAIAATCC
AawDBAIuygwDBAIuymQDBAIuynQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAIu
yyQDBAEuy14DBAEuy2QDBAEuy3oDBAEuy4QDBAEuy6IDBAIuy+wwDAMEAC7L8QME
Ay7L8AMEAi7L/AMEAFt8egMEAFt8jAMEAFt83AMEAFt88wMEAFt8/AMEAVxwAgME
AFxwOwMEAVxwSAMEAFxwTwMEAlxwZAMEAlxweAMEAVxw1jAMAwQBXHDaAwQBXHDc
MAwDBABccN8DBABccOIwDAMEAFxw5QMEAFxw5jAMAwQDXHDoAwQAXHDqAwQAXHDt
AwQAXHECAwQAXHEFAwQAXHEIMAwDBAFccV4DBAJccWADBAJccWwDBAJccXgDBAFc
cYIDBAJfhggDBAJfhhgDBAJfhiQDBAJfhiwDBAJfhjgDBAJfhkgDBAJfhpADBAJf
hrwDBAJfhtADBAJfhtgDBAJfh2ADBAJfh3gDBABfh4kDBABfh8UDBABfh9EwDAME
AF+H2QMEAF+H2gMEAF+H4QMEAF+H5QMEAF+H6gMEAF+H7QMEAF+H+AMEALJddDAN
BgkqhkiG9w0BAQsFAAOCAQEAGQEPjobYJfP73HzH6E7CHkPeMdOD658DBHbA6mdO
EsRnpY2QYNdPI7YtATvlDyLv7GyAkiAVacThhDQgpFgQVIDsMvKXqmDgmtpVuf0m
qdcrx+tYNIj57N49KgIqBITcG/oSxUcC0QFEMXnNXuPdWabIsS22eqJdrsOirxCA
uBZwNnBicYhXCC5N3+qtqTRR98zJ4eF1mlZZHdMrTA56hspZ863XL1uKJrw7xfwE
Jmv+wjB8OfCj6+63lS8FeWvFOC/Rb7U3lzxwjia1mh3Y+ff2vaV65X6S4eOi+0rt
KCuQPRXbYVFkk4myr1kbtgdbblz57lEetZk3purHRX+2Kg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 19:36:28 2025 by rpki-client