Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: Rjt72q1ZkdukBhLCdSeZeshppIz2TLO4ZccT+7fUvRo=
Subject key identifier: 4A:EB:CF:67:38:E3:52:2F:D4:42:CA:AC:1D:DC:10:69:8B:1F:2A:7F
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 21997072070ADF2B56D3B37571DADE0ED82A274C
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Fri 08 May 2026 12:32:05 +0000
ROA not before: Fri 08 May 2026 12:27:05 +0000
ROA not after: Fri 07 May 2027 12:32:05 +0000
asID: 9009
IP address blocks: 46.202.100.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.158.0/24 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
91.124.31.0/24 maxlen: 24
91.124.140.0/24 maxlen: 24
91.124.220.0/24 maxlen: 24
91.124.243.0/24 maxlen: 24
91.124.252.0/24 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.59.0/24 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.79.0/24 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.2.0/24 maxlen: 24
92.113.5.0/24 maxlen: 24
92.113.8.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
95.134.8.0/22 maxlen: 22
95.134.24.0/22 maxlen: 22
95.134.36.0/22 maxlen: 22
95.134.44.0/22 maxlen: 22
95.134.56.0/22 maxlen: 22
95.134.72.0/22 maxlen: 22
95.134.102.0/24 maxlen: 24
95.134.144.0/22 maxlen: 22
95.134.188.0/22 maxlen: 22
95.134.208.0/22 maxlen: 22
95.134.216.0/22 maxlen: 22
95.135.96.0/22 maxlen: 22
95.135.120.0/22 maxlen: 22
95.135.137.0/24 maxlen: 24
95.135.197.0/24 maxlen: 24
95.135.209.0/24 maxlen: 24
95.135.217.0/24 maxlen: 24
95.135.218.0/24 maxlen: 24
95.135.225.0/24 maxlen: 24
95.135.229.0/24 maxlen: 24
95.135.234.0/24 maxlen: 24
95.135.237.0/24 maxlen: 24
95.135.248.0/24 maxlen: 24
178.93.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:99:70:72:07:0a:df:2b:56:d3:b3:75:71:da:de:0e:d8:2a:27:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: May 8 12:27:05 2026 GMT
Not After : May 7 12:32:05 2027 GMT
Subject: CN=4AEBCF6738E3522FD442CAAC1DDC10698B1F2A7F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e2:00:0e:2e:3c:90:d6:be:c1:02:73:6f:86:
3e:1b:a4:3f:7a:f7:82:d0:72:9d:72:5e:f0:9b:4f:
a2:9b:5e:13:c9:dd:e1:c0:fa:d6:87:c3:e6:87:1a:
87:0c:65:b0:da:1c:c1:93:99:50:34:8b:04:a4:1c:
58:82:87:91:2d:bb:f0:42:c2:9e:19:43:fc:e6:99:
93:ac:e7:25:96:fd:05:2c:56:2d:7e:ce:0e:9c:8c:
e7:5e:8f:40:ae:a8:f5:9b:2a:70:31:32:d8:a5:53:
14:46:17:d6:a1:cb:ae:51:b4:27:ed:51:9c:26:64:
72:97:8d:77:7d:8e:ec:cd:dc:ac:a8:d2:ec:c8:6c:
6c:b4:3a:94:20:b2:d1:73:91:d3:ad:82:ed:7d:d3:
81:cb:16:80:21:88:93:db:0f:dc:f6:8f:71:76:58:
76:95:5a:50:8c:26:8c:4f:7a:cf:d9:95:18:d6:44:
a0:d4:66:be:8f:27:6f:63:a5:4d:ec:05:d7:90:b0:
ab:6d:8d:7c:06:92:86:45:cb:ce:7c:27:61:03:dd:
f9:d6:f1:2a:75:9a:04:bc:72:93:e1:16:23:0d:40:
f4:30:bf:ad:ac:37:0b:bc:c1:38:08:12:6e:c0:ac:
02:f8:ce:a7:e8:58:2c:d1:ae:68:1c:f5:f8:a5:20:
8f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:EB:CF:67:38:E3:52:2F:D4:42:CA:AC:1D:DC:10:69:8B:1F:2A:7F
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.100.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.158.0/24
46.203.162.0/23
46.203.236.0/22
46.203.242.0/24
46.203.244.0/22
46.203.252.0/22
91.124.31.0/24
91.124.140.0/24
91.124.220.0/24
91.124.243.0/24
91.124.252.0/24
92.112.2.0/23
92.112.59.0/24
92.112.72.0/23
92.112.79.0/24
92.112.100.0/22
92.112.120.0/22
92.112.214.0/24
92.112.220.0/23
92.112.226.0/24
92.112.234.0/24
92.112.237.0/24
92.113.2.0/24
92.113.5.0/24
92.113.8.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
95.134.8.0/22
95.134.24.0/22
95.134.36.0/22
95.134.44.0/22
95.134.56.0/22
95.134.72.0/22
95.134.102.0/24
95.134.144.0/22
95.134.188.0/22
95.134.208.0/22
95.134.216.0/22
95.135.96.0/22
95.135.120.0/22
95.135.137.0/24
95.135.197.0/24
95.135.209.0/24
95.135.217.0-95.135.218.255
95.135.225.0/24
95.135.229.0/24
95.135.234.0/24
95.135.237.0/24
95.135.248.0/24
178.93.116.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:1e:9e:90:f7:b5:7c:67:15:fc:c1:a9:30:3b:f7:33:73:91:
9f:6f:d8:45:fb:99:42:1a:d1:a1:2e:f2:0c:d3:f0:fb:1b:a8:
8e:72:4f:2d:79:1d:f3:0e:36:c4:f3:2a:e1:a1:7d:a0:28:14:
98:c1:36:03:a7:eb:5e:0d:11:96:df:dc:35:c2:97:5f:75:f5:
d5:9a:08:e9:6a:38:04:4c:68:f3:15:f1:69:b1:a7:c8:e5:7f:
19:4b:98:4d:f7:0d:8f:8f:cf:a5:40:a2:8f:8e:74:e0:fa:38:
b0:0a:89:2d:4d:64:8e:e8:5e:ef:ad:e2:97:b9:0e:13:b9:78:
4a:0b:4b:24:1b:34:73:d5:6d:fc:b8:55:cd:3b:fe:85:72:e6:
c5:1a:4e:ea:51:87:b7:c1:77:db:85:d0:e1:18:19:a2:47:2a:
af:47:cd:1c:a8:65:f4:08:32:6d:a5:ea:fd:a8:c9:99:77:30:
b6:c8:8a:cf:84:91:c5:02:dd:da:15:67:4a:5f:e7:73:b0:ee:
fb:0d:8a:c4:a0:03:c9:d2:56:8f:af:c9:8b:c1:9a:51:d4:19:
88:b5:a5:a4:db:47:49:7d:2c:ba:1a:0b:cb:10:b1:e6:7f:0e:
c2:ec:62:c7:94:6a:2c:2d:92:99:8e:2a:5b:48:11:e2:93:a2:
23:83:ad:6c
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgIUIZlwcgcK3ytW07N1cdreDtgqJ0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNjA1MDgxMjI3MDVaFw0yNzA1MDcxMjMyMDVaMDMxMTAvBgNV
BAMTKDRBRUJDRjY3MzhFMzUyMkZENDQyQ0FBQzFEREMxMDY5OEIxRjJBN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4gAOLjyQ1r7BAnNvhj4bpD96
94LQcp1yXvCbT6KbXhPJ3eHA+taHw+aHGocMZbDaHMGTmVA0iwSkHFiCh5Etu/BC
wp4ZQ/zmmZOs5yWW/QUsVi1+zg6cjOdej0CuqPWbKnAxMtilUxRGF9ahy65RtCft
UZwmZHKXjXd9juzN3Kyo0uzIbGy0OpQgstFzkdOtgu1904HLFoAhiJPbD9z2j3F2
WHaVWlCMJoxPes/ZlRjWRKDUZr6PJ29jpU3sBdeQsKttjXwGkoZFy858J2ED3fnW
8Sp1mgS8cpPhFiMNQPQwv62sNwu8wTgIEm7ArAL4zqfoWCzRrmgc9filII8/AgMB
AAGjggOKMIIDhjAdBgNVHQ4EFgQUSuvPZzjjUi/UQsqsHdwQaYsfKn8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZ8GCCsGAQUFBwEHAQH/BIIBjjCCAYowggGGBAIAATCC
AX4DBAIuymQDBAIuyuQDBAIuyuwDBAIuyvQDBAEuyxADBAEuy14DBAEuy2QDBAEu
y3oDBAEuy4QDBAAuy54DBAEuy6IDBAIuy+wDBAAuy/IDBAIuy/QDBAIuy/wDBABb
fB8DBABbfIwDBABbfNwDBABbfPMDBABbfPwDBAFccAIDBABccDsDBAFccEgDBABc
cE8DBAJccGQDBAJccHgDBABccNYDBAFccNwDBABccOIDBABccOoDBABccO0DBABc
cQIDBABccQUDBABccQgwDAMEAVxxXgMEAlxxYAMEAlxxbAMEAlxxeAMEAVxxggME
Al+GCAMEAl+GGAMEAl+GJAMEAl+GLAMEAl+GOAMEAl+GSAMEAF+GZgMEAl+GkAME
Al+GvAMEAl+G0AMEAl+G2AMEAl+HYAMEAl+HeAMEAF+HiQMEAF+HxQMEAF+H0TAM
AwQAX4fZAwQAX4faAwQAX4fhAwQAX4flAwQAX4fqAwQAX4ftAwQAX4f4AwQAsl10
MA0GCSqGSIb3DQEBCwUAA4IBAQCkHp6Q97V8ZxX8wakwO/czc5Gfb9hF+5lCGtGh
LvIM0/D7G6iOck8teR3zDjbE8yrhoX2gKBSYwTYDp+teDRGW39w1wpdfdfXVmgjp
ajgETGjzFfFpsafI5X8ZS5hN9w2Pj8+lQKKPjnTg+jiwCoktTWSO6F7vreKXuQ4T
uXhKC0skGzRz1W38uFXNO/6FcubFGk7qUYe3wXfbhdDhGBmiRyqvR80cqGX0CDJt
per9qMmZdzC2yIrPhJHFAt3aFWdKX+dzsO77DYrEoAPJ0laPr8mLwZpR1BmItaWk
20dJfSy6GgvLELHmfw7C7GLHlGosLZKZjipbSBHik6Ijg61s
-----END CERTIFICATE-----
Generated at Tue May 12 22:37:38 2026 by rpki-client