Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
File: AS9009.roa (raw, json)
Hash identifier: ogXsA/M2bmktdlcMQfGoxP7n6dxgh7bVvwi/wxR0uns=
Subject key identifier: E2:0B:D5:0A:A9:2A:60:50:B2:CE:05:89:7B:8E:55:4D:3B:E2:36:F3
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 2830DD63A5E9762188FD3F74080C62D1C50433CF
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
Signing time: Fri 22 Nov 2024 13:56:01 +0000
ROA not before: Fri 22 Nov 2024 13:51:01 +0000
ROA not after: Fri 21 Nov 2025 13:56:01 +0000
asID: 9009
IP address blocks: 46.202.12.0/22 maxlen: 24
46.202.100.0/22 maxlen: 24
46.202.116.0/22 maxlen: 24
46.202.228.0/22 maxlen: 24
46.202.236.0/22 maxlen: 24
46.202.244.0/22 maxlen: 24
46.203.16.0/23 maxlen: 24
46.203.36.0/22 maxlen: 24
46.203.94.0/23 maxlen: 24
46.203.100.0/23 maxlen: 24
46.203.122.0/23 maxlen: 24
46.203.132.0/23 maxlen: 24
46.203.162.0/23 maxlen: 24
46.203.236.0/22 maxlen: 24
46.203.241.0/24 maxlen: 24
46.203.242.0/24 maxlen: 24
46.203.243.0/24 maxlen: 24
46.203.244.0/22 maxlen: 24
46.203.252.0/22 maxlen: 24
92.112.2.0/23 maxlen: 24
92.112.72.0/23 maxlen: 24
92.112.100.0/22 maxlen: 24
92.112.120.0/22 maxlen: 24
92.112.214.0/24 maxlen: 24
92.112.215.0/24 maxlen: 24
92.112.218.0/24 maxlen: 24
92.112.219.0/24 maxlen: 24
92.112.220.0/24 maxlen: 24
92.112.221.0/24 maxlen: 24
92.112.223.0/24 maxlen: 24
92.112.224.0/24 maxlen: 24
92.112.225.0/24 maxlen: 24
92.112.226.0/24 maxlen: 24
92.112.229.0/24 maxlen: 24
92.112.230.0/24 maxlen: 24
92.112.232.0/24 maxlen: 24
92.112.233.0/24 maxlen: 24
92.112.234.0/24 maxlen: 24
92.112.237.0/24 maxlen: 24
92.113.94.0/23 maxlen: 24
92.113.96.0/22 maxlen: 24
92.113.108.0/22 maxlen: 24
92.113.120.0/22 maxlen: 24
92.113.130.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:30:dd:63:a5:e9:76:21:88:fd:3f:74:08:0c:62:d1:c5:04:33:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Nov 22 13:51:01 2024 GMT
Not After : Nov 21 13:56:01 2025 GMT
Subject: CN=E20BD50AA92A6050B2CE05897B8E554D3BE236F3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:8c:f8:b3:e8:a1:97:d4:ba:20:f5:ff:d8:70:
40:83:d7:38:cb:f0:75:24:51:2d:7b:68:49:b9:67:
eb:8a:d5:b1:c7:3d:38:ea:c6:74:a2:4e:37:01:e6:
df:e5:3b:9d:bf:b2:6a:ba:b1:f0:5f:a2:fc:95:68:
cd:91:30:3d:87:51:4a:d7:c3:88:c8:c2:14:26:c9:
34:65:14:d9:80:06:c9:fb:b9:23:e0:27:92:a1:21:
b7:ce:56:2b:fc:9b:a8:c5:72:7d:de:e0:b0:05:da:
6a:2d:9c:b5:81:b4:4e:c4:30:54:94:b9:80:9d:84:
57:a6:b2:00:be:b9:9d:82:17:9d:9e:4e:3e:56:0e:
7b:51:8f:aa:be:6e:ba:4e:d9:e0:10:ad:11:81:21:
b8:2c:60:67:13:b9:d7:6f:41:0c:c5:c5:ca:69:15:
79:07:81:59:40:c5:69:2b:09:16:5d:5f:93:4b:9e:
d6:0c:81:20:67:d5:df:fb:73:22:18:3c:56:23:76:
46:86:c6:7f:5d:1b:25:56:ca:98:22:12:0f:b7:d6:
d5:ed:f7:e3:13:4c:bd:db:c0:c6:7a:91:50:99:0e:
05:0e:c5:04:ee:38:0d:a7:76:67:0a:97:2f:14:29:
e5:32:67:fb:8a:a2:c5:bb:16:13:7d:33:d1:1b:2a:
d9:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:0B:D5:0A:A9:2A:60:50:B2:CE:05:89:7B:8E:55:4D:3B:E2:36:F3
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9009.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.12.0/22
46.202.100.0/22
46.202.116.0/22
46.202.228.0/22
46.202.236.0/22
46.202.244.0/22
46.203.16.0/23
46.203.36.0/22
46.203.94.0/23
46.203.100.0/23
46.203.122.0/23
46.203.132.0/23
46.203.162.0/23
46.203.236.0/22
46.203.241.0-46.203.247.255
46.203.252.0/22
92.112.2.0/23
92.112.72.0/23
92.112.100.0/22
92.112.120.0/22
92.112.214.0/23
92.112.218.0-92.112.221.255
92.112.223.0-92.112.226.255
92.112.229.0-92.112.230.255
92.112.232.0-92.112.234.255
92.112.237.0/24
92.113.94.0-92.113.99.255
92.113.108.0/22
92.113.120.0/22
92.113.130.0/23
Signature Algorithm: sha256WithRSAEncryption
93:69:ff:52:23:6f:18:86:33:06:33:9c:55:21:1e:d6:d1:fb:
f6:a2:35:2c:fa:24:ad:62:4f:d0:10:5f:b7:f8:87:b6:de:50:
ec:dd:fd:5a:61:13:ec:41:8d:80:6e:b3:e5:b2:3e:97:35:4f:
a3:71:bb:d4:4c:a0:ba:83:15:23:47:da:d9:3a:4d:56:5b:42:
91:72:cb:ae:ae:a5:58:96:8c:e2:43:7c:bd:5e:d6:9e:cd:0b:
dd:9b:1b:40:59:42:d6:df:c3:ff:d8:3e:91:7f:d1:c4:a3:45:
b0:6c:58:d0:c1:06:1e:53:78:11:9a:a6:8d:60:3e:e5:56:a1:
35:eb:78:f5:6e:fc:37:03:f3:00:78:85:bc:13:c2:77:7a:f7:
a1:87:0b:0d:10:fc:b8:f4:c5:77:6d:38:77:f0:98:d0:5b:3f:
c6:a8:19:f2:33:d6:62:b7:c0:de:26:25:de:48:bc:4e:c6:47:
2e:5b:96:bb:24:ad:61:5f:93:6d:fd:48:4e:f5:0a:57:7f:1b:
f9:3e:c0:67:0f:a7:a0:f6:55:cb:da:5d:a6:10:c6:12:56:a0:
9a:48:10:8d:fb:93:d8:4f:c1:2d:e6:50:1c:c7:a0:03:74:8c:
18:fe:f5:f4:59:6c:b6:b6:d7:21:59:c9:c5:94:be:3d:96:4f:
9e:3f:44:e7
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgIUKDDdY6XpdiGI/T90CAxi0cUEM88wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNDExMjIxMzUxMDFaFw0yNTExMjExMzU2MDFaMDMxMTAvBgNV
BAMTKEUyMEJENTBBQTkyQTYwNTBCMkNFMDU4OTdCOEU1NTREM0JFMjM2RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpjPiz6KGX1Log9f/YcECD1zjL
8HUkUS17aEm5Z+uK1bHHPTjqxnSiTjcB5t/lO52/smq6sfBfovyVaM2RMD2HUUrX
w4jIwhQmyTRlFNmABsn7uSPgJ5KhIbfOViv8m6jFcn3e4LAF2motnLWBtE7EMFSU
uYCdhFemsgC+uZ2CF52eTj5WDntRj6q+brpO2eAQrRGBIbgsYGcTuddvQQzFxcpp
FXkHgVlAxWkrCRZdX5NLntYMgSBn1d/7cyIYPFYjdkaGxn9dGyVWypgiEg+31tXt
9+MTTL3bwMZ6kVCZDgUOxQTuOA2ndmcKly8UKeUyZ/uKosW7FhN9M9EbKtlPAgMB
AAGjggLsMIIC6DAdBgNVHQ4EFgQU4gvVCqkqYFCyzgWJe45VTTviNvMwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTAwOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAQEGCCsGAQUFBwEHAQH/BIHxMIHuMIHrBAIAATCB5AME
Ai7KDAMEAi7KZAMEAi7KdAMEAi7K5AMEAi7K7AMEAi7K9AMEAS7LEAMEAi7LJAME
AS7LXgMEAS7LZAMEAS7LegMEAS7LhAMEAS7LogMEAi7L7DAMAwQALsvxAwQDLsvw
AwQCLsv8AwQBXHACAwQBXHBIAwQCXHBkAwQCXHB4AwQBXHDWMAwDBAFccNoDBAFc
cNwwDAMEAFxw3wMEAFxw4jAMAwQAXHDlAwQAXHDmMAwDBANccOgDBABccOoDBABc
cO0wDAMEAVxxXgMEAlxxYAMEAlxxbAMEAlxxeAMEAVxxgjANBgkqhkiG9w0BAQsF
AAOCAQEAk2n/UiNvGIYzBjOcVSEe1tH79qI1LPokrWJP0BBft/iHtt5Q7N39WmET
7EGNgG6z5bI+lzVPo3G71EyguoMVI0fa2TpNVltCkXLLrq6lWJaM4kN8vV7Wns0L
3ZsbQFlC1t/D/9g+kX/RxKNFsGxY0MEGHlN4EZqmjWA+5VahNet49W78NwPzAHiF
vBPCd3r3oYcLDRD8uPTFd204d/CY0Fs/xqgZ8jPWYrfA3iYl3ki8TsZHLluWuySt
YV+Tbf1ITvUKV38b+T7AZw+noPZVy9pdphDGElagmkgQjfuT2E/BLeZQHMegA3SM
GP719FlstrbXIVnJxZS+PZZPnj9E5w==
-----END CERTIFICATE-----
Generated at Fri Apr 25 07:02:14 2025 by rpki-client