Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: uGup3T0odvu2bqa71cSdVP3hfjlrtm9rS0BQ2tEa0n0=
Subject key identifier: 9A:93:38:7F:C4:75:76:1E:5F:73:6F:58:61:26:89:00:88:07:4A:DE
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 6A04FA163C8072355ED26CC67C1CFBDAFEA07B3B
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Fri 27 Jun 2025 17:43:17 +0000
ROA not before: Fri 27 Jun 2025 17:38:17 +0000
ROA not after: Fri 26 Jun 2026 17:43:17 +0000
asID: 9304
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.172.0/24 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.127.0/24 maxlen: 24
82.24.189.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.17.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
82.27.118.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 11:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:04:fa:16:3c:80:72:35:5e:d2:6c:c6:7c:1c:fb:da:fe:a0:7b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 27 17:38:17 2025 GMT
Not After : Jun 26 17:43:17 2026 GMT
Subject: CN=9A93387FC475761E5F736F586126890088074ADE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:22:4d:0e:f2:0a:7f:03:80:3a:1f:fd:58:5f:
d6:1d:09:cf:f3:7b:e6:ae:48:77:be:86:2b:8a:c2:
cc:52:21:c7:de:3d:8e:46:a4:33:da:cd:b5:7a:72:
a9:6f:c6:8d:5c:7b:df:0f:f7:9d:59:28:3c:d9:f1:
47:14:1a:e5:d6:88:bb:ef:b7:4b:c3:f3:e1:ed:b9:
a6:ac:f2:c0:cc:66:42:90:09:24:20:a9:be:2e:e8:
94:d7:16:f2:04:d0:eb:1a:f6:6e:63:01:0e:3d:f6:
17:ba:25:be:6f:79:e1:ce:72:26:d7:d7:6b:d6:4b:
b5:17:e1:f5:b8:87:92:dc:87:04:a4:1a:37:77:9e:
33:b7:dc:aa:5f:df:b8:62:84:50:35:42:29:4b:d8:
79:15:4c:88:13:01:98:29:d5:5b:05:56:18:0a:9e:
e2:bc:c8:5b:41:0c:76:11:31:1b:43:40:5c:65:44:
1f:d7:5c:bb:50:63:d5:a2:59:70:32:48:1c:79:7d:
fa:4c:ea:97:82:fb:14:92:18:28:c9:92:13:61:42:
fb:d7:02:f1:d8:ab:56:d1:0b:90:8e:3c:21:c2:1a:
bb:8b:04:98:b1:6a:19:64:e9:9e:10:eb:ff:e4:7b:
e6:93:cd:2a:55:95:d8:f1:2c:15:59:fd:55:ac:da:
5e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:93:38:7F:C4:75:76:1E:5F:73:6F:58:61:26:89:00:88:07:4A:DE
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.190.0/24
82.23.144.0/24
82.23.147.0/24
82.23.162.0/23
82.23.172.0/24
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.31.0/24
82.24.127.0/24
82.24.189.0/24
82.25.205.0/24
82.26.118.0/24
82.26.152.0/24
82.26.174.0/24
82.27.17.0/24
82.27.92.0/22
82.27.116.0-82.27.118.255
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:5f:ef:c6:e9:a3:74:d5:18:f3:d1:c2:79:a0:2c:93:4c:8b:
0e:4b:61:00:fa:92:14:14:f1:d3:48:a2:a1:8f:66:92:63:04:
58:d3:a7:a5:2f:2c:97:74:96:3b:d4:54:ff:02:36:01:49:e7:
7d:d0:fe:7f:ed:e3:c2:ff:bf:a8:88:09:b9:17:2a:2d:de:4b:
e6:50:0d:c2:4d:13:d0:e7:5d:75:00:2a:f7:a8:79:64:2a:19:
66:59:a9:be:36:ff:89:dd:d4:9e:ac:04:33:6b:f2:d9:f7:3a:
24:80:e3:d4:db:ea:ee:62:d6:2a:3c:74:bc:17:18:47:8b:5f:
c5:8d:68:39:68:15:c6:30:83:f9:db:ac:ff:34:a6:a2:fb:aa:
98:b7:ef:57:e1:2e:06:af:16:16:6d:4f:9a:fd:2f:a8:4b:d8:
19:c6:c8:e4:05:08:be:72:01:44:35:99:16:ae:ca:6f:ce:39:
45:db:58:82:fe:8e:02:1a:0c:1f:7f:78:e7:cf:b8:71:b2:8c:
66:50:ce:da:9b:24:c8:18:5a:e2:af:c9:50:13:af:19:0d:d1:
41:41:de:0b:40:94:6b:5d:2b:c5:f9:18:db:e0:45:fc:32:bd:
82:ce:05:cd:4b:ad:2d:8e:ec:23:f1:33:b4:e0:89:38:93:8a:
ff:20:67:f0
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIUagT6FjyAcjVe0mzGfBz72v6gezswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MjcxNzM4MTdaFw0yNjA2MjYxNzQzMTdaMDMxMTAvBgNV
BAMTKDlBOTMzODdGQzQ3NTc2MUU1RjczNkY1ODYxMjY4OTAwODgwNzRBREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoIk0O8gp/A4A6H/1YX9YdCc/z
e+auSHe+hiuKwsxSIcfePY5GpDPazbV6cqlvxo1ce98P951ZKDzZ8UcUGuXWiLvv
t0vD8+Htuaas8sDMZkKQCSQgqb4u6JTXFvIE0Osa9m5jAQ499he6Jb5veeHOcibX
12vWS7UX4fW4h5LchwSkGjd3njO33Kpf37hihFA1QilL2HkVTIgTAZgp1VsFVhgK
nuK8yFtBDHYRMRtDQFxlRB/XXLtQY9WiWXAySBx5ffpM6peC+xSSGCjJkhNhQvvX
AvHYq1bRC5COPCHCGruLBJixahlk6Z4Q6//ke+aTzSpVldjxLBVZ/VWs2l4dAgMB
AAGjggKPMIICizAdBgNVHQ4EFgQUmpM4f8R1dh5fc29YYSaJAIgHSt4wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwgY8EAgABMIGIAwQA
UhWKAwQAUha+AwQAUheQAwQAUheTAwQBUheiAwQAUhesMAwDBANSF/gDBABSF/oD
BAJSGAADBABSGBADBABSGB8DBABSGH8DBABSGL0DBABSGc0DBABSGnYDBABSGpgD
BABSGq4DBABSGxEDBAJSG1wwDAMEAlIbdAMEAFIbdgMEAFIdazANBgkqhkiG9w0B
AQsFAAOCAQEAb1/vxumjdNUY89HCeaAsk0yLDkthAPqSFBTx00iioY9mkmMEWNOn
pS8sl3SWO9RU/wI2AUnnfdD+f+3jwv+/qIgJuRcqLd5L5lANwk0T0OdddQAq96h5
ZCoZZlmpvjb/id3UnqwEM2vy2fc6JIDj1Nvq7mLWKjx0vBcYR4tfxY1oOWgVxjCD
+dus/zSmovuqmLfvV+EuBq8WFm1Pmv0vqEvYGcbI5AUIvnIBRDWZFq7Kb845RdtY
gv6OAhoMH39458+4cbKMZlDO2pskyBha4q/JUBOvGQ3RQUHeC0CUa10rxfkY2+BF
/DK9gs4FzUutLY7sI/EztOCJOJOK/yBn8A==
-----END CERTIFICATE-----
Generated at Sat Jun 28 23:49:00 2025 by rpki-client