Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 5ezd462HdTB8jdOc/Fjd+UAvvYwk44DSkEND89y5SSw=
Subject key identifier: B6:BD:20:D0:03:AD:EC:F0:2A:5A:B2:DA:2B:3A:8C:B4:82:9F:E4:95
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 023DD3F8966857ADAC45FD576B1F2B7E5F4F6297
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Sun 04 May 2025 13:40:14 +0000
ROA not before: Sun 04 May 2025 13:35:14 +0000
ROA not after: Sun 03 May 2026 13:40:14 +0000
asID: 9304
IP address blocks: 96.62.152.0/22 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
143.14.65.0/24 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.245.0/24 maxlen: 24
147.79.60.0/23 maxlen: 24
150.241.228.0/24 maxlen: 24
155.117.208.0/23 maxlen: 24
155.117.216.0/24 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.224.0/23 maxlen: 24
155.117.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 06 May 2025 18:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:3d:d3:f8:96:68:57:ad:ac:45:fd:57:6b:1f:2b:7e:5f:4f:62:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: May 4 13:35:14 2025 GMT
Not After : May 3 13:40:14 2026 GMT
Subject: CN=B6BD20D003ADECF02A5AB2DA2B3A8CB4829FE495
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0a:7b:e0:10:6b:38:ef:94:a7:1c:1b:db:31:
fa:b3:78:86:19:9b:6c:d5:43:98:48:f4:1e:f6:92:
65:b5:b3:95:9a:0d:08:b3:75:8f:cb:3d:d1:9b:3e:
81:4d:58:d7:4e:3e:86:19:a6:c3:92:f1:66:7c:99:
09:ca:2c:a3:06:b1:8e:10:f5:07:60:a9:13:49:59:
cd:ef:a3:d5:da:08:84:45:96:4f:8b:fd:5d:a6:b9:
b9:53:2b:6a:62:3a:3f:81:58:ff:6a:c3:13:18:83:
53:ab:24:c8:c9:ee:7b:a0:25:f4:2e:0e:3e:b5:7a:
9a:e3:3a:99:26:97:01:73:37:3a:81:97:08:e8:59:
85:fe:9e:87:11:79:19:96:cc:1f:79:96:bc:c1:91:
1d:b4:35:bc:4b:78:02:ff:89:8a:14:a8:2c:95:9d:
b0:59:c4:66:9e:c4:5f:21:ef:67:fa:77:f8:9c:7f:
4c:48:58:e2:04:1c:b5:0e:21:b7:cc:8d:e3:34:a6:
19:55:e0:34:5b:4c:18:4a:b5:c2:e8:67:04:99:b8:
6e:74:25:55:2f:40:d2:04:e8:9b:9b:87:ea:6f:ab:
49:2a:e8:7e:d2:2b:c5:d5:cd:93:18:e9:0e:a1:5c:
c9:20:6d:89:b2:7b:52:a7:06:dc:87:87:a4:25:b4:
c3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:BD:20:D0:03:AD:EC:F0:2A:5A:B2:DA:2B:3A:8C:B4:82:9F:E4:95
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.152.0/21
96.62.224.0/24
143.14.65.0-143.14.66.255
143.14.208.0/23
143.14.245.0/24
147.79.60.0/23
150.241.228.0/24
155.117.208.0/23
155.117.216.0/24
155.117.218.0/24
155.117.224.0/23
155.117.247.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c3:fc:43:70:dd:ae:54:41:03:da:06:48:b5:07:aa:be:31:
bd:35:23:7e:f9:78:76:ac:49:56:fc:41:fb:5e:ea:f5:aa:97:
0d:b2:d5:70:9a:70:6e:76:b4:e7:01:0b:95:1f:3d:34:e2:f8:
13:2e:ca:6e:7b:82:0e:c4:e5:ac:b2:28:6e:49:23:d1:be:c5:
bf:57:75:35:6d:15:3c:b8:bb:ac:f4:d3:83:8e:ba:89:2d:d2:
2d:11:e5:1c:ca:5e:64:6e:ce:6f:82:8c:d4:f1:61:7c:3b:eb:
a2:55:fc:18:27:ce:d0:4d:8d:eb:c9:f6:0d:f1:14:84:73:b0:
e6:34:74:0a:a7:8e:87:e2:00:e8:27:bc:60:91:d7:9f:f6:c5:
46:7a:e6:86:50:5f:fb:5a:da:9d:a3:ea:88:4f:5f:66:93:58:
6e:3a:10:1f:79:58:cc:49:9c:eb:2e:08:3e:f4:4a:1c:4d:4c:
ef:37:67:f5:c7:09:cc:04:94:c4:0a:a7:96:7d:39:ef:a7:31:
44:fc:8d:fa:e6:1d:28:d3:3b:ca:00:8b:61:3a:60:ee:1b:a3:
5a:67:09:46:5b:5c:46:af:e0:b7:70:b4:01:05:3a:30:bb:fd:
10:38:7b:e5:06:91:f9:63:1b:ff:1f:17:91:7c:50:7f:e2:89:
82:76:fa:3f
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUAj3T+JZoV62sRf1Xax8rfl9PYpcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA1MDQxMzM1MTRaFw0yNjA1MDMxMzQwMTRaMDMxMTAvBgNV
BAMTKEI2QkQyMEQwMDNBREVDRjAyQTVBQjJEQTJCM0E4Q0I0ODI5RkU0OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnCnvgEGs475SnHBvbMfqzeIYZ
m2zVQ5hI9B72kmW1s5WaDQizdY/LPdGbPoFNWNdOPoYZpsOS8WZ8mQnKLKMGsY4Q
9QdgqRNJWc3vo9XaCIRFlk+L/V2mublTK2piOj+BWP9qwxMYg1OrJMjJ7nugJfQu
Dj61eprjOpkmlwFzNzqBlwjoWYX+nocReRmWzB95lrzBkR20NbxLeAL/iYoUqCyV
nbBZxGaexF8h72f6d/icf0xIWOIEHLUOIbfMjeM0phlV4DRbTBhKtcLoZwSZuG50
JVUvQNIE6Jubh+pvq0kq6H7SK8XVzZMY6Q6hXMkgbYmye1KnBtyHh6QltMNfAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUtr0g0AOt7PAqWrLaKzqMtIKf5JUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEA2A+mAME
AGA+4DAMAwQAjw5BAwQAjw5CAwQBjw7QAwQAjw71AwQBk088AwQAlvHkAwQBm3XQ
AwQAm3XYAwQAm3XaAwQBm3XgAwQAm3X3MA0GCSqGSIb3DQEBCwUAA4IBAQCWw/xD
cN2uVEED2gZItQeqvjG9NSN++Xh2rElW/EH7Xur1qpcNstVwmnBudrTnAQuVHz00
4vgTLspue4IOxOWssihuSSPRvsW/V3U1bRU8uLus9NODjrqJLdItEeUcyl5kbs5v
gozU8WF8O+uiVfwYJ87QTY3ryfYN8RSEc7DmNHQKp46H4gDoJ7xgkdef9sVGeuaG
UF/7Wtqdo+qIT19mk1huOhAfeVjMSZzrLgg+9EocTUzvN2f1xwnMBJTECqeWfTnv
pzFE/I365h0o0zvKAIthOmDuG6NaZwlGW1xGr+C3cLQBBTowu/0QOHvlBpH5Yxv/
HxeRfFB/4omCdvo/
-----END CERTIFICATE-----
Generated at Mon May 5 23:57:23 2025 by rpki-client