Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: B7BC9NXDkYYxgO+ZMUqTrbXtVAJ0lffmPbeH/YKrmks=
Subject key identifier: 7F:66:F8:D8:8C:99:96:08:7E:F5:DD:45:B3:AA:B8:98:1B:86:18:A1
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 56F3BD6AB2ECE76E8D0DD4A9503AEA6447AAC20C
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Wed 25 Mar 2026 13:00:20 +0000
ROA not before: Wed 25 Mar 2026 12:55:20 +0000
ROA not after: Wed 24 Mar 2027 13:00:20 +0000
asID: 9304
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.108.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.130.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.38.38.0/23 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.210.0/23 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.128.0/23 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.235.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.41.241.0/24 maxlen: 24
84.75.40.0/24 maxlen: 24
178.83.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:43:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:f3:bd:6a:b2:ec:e7:6e:8d:0d:d4:a9:50:3a:ea:64:47:aa:c2:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 12:55:20 2026 GMT
Not After : Mar 24 13:00:20 2027 GMT
Subject: CN=7F66F8D88C9996087EF5DD45B3AAB8981B8618A1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:e3:49:67:f8:1f:4c:0f:e1:5a:e8:7d:44:ac:
74:66:84:6b:80:8a:d5:82:02:32:38:e8:f6:15:e6:
3c:76:a4:c6:15:2b:5e:7f:dc:7e:25:6a:46:3b:41:
6e:66:e8:41:87:55:bc:a1:fc:a3:76:b9:c8:8d:51:
c6:58:02:d4:0f:74:cf:31:c9:29:a7:99:fb:50:89:
c3:3a:c2:27:56:f0:c4:8d:bc:c2:81:2f:e6:c8:35:
4f:5a:04:f4:f0:fe:02:aa:c1:8a:6f:16:c8:1e:e6:
f0:1a:5f:02:32:42:5a:59:b3:11:6e:18:90:ea:c2:
93:04:6a:3a:1f:38:57:14:da:96:27:20:bc:4e:8c:
ee:9a:45:b9:ff:4f:ff:b3:63:7b:66:94:64:11:2b:
c1:ca:3d:84:35:e4:9b:30:3d:5f:66:9d:c8:cf:18:
13:93:37:f8:0a:00:c9:15:40:de:ca:96:51:2a:be:
c6:5a:c0:cf:5b:4c:c6:47:62:e2:52:99:8f:ca:c8:
cb:31:02:22:ba:2e:48:63:c8:18:29:83:48:fb:69:
ae:12:ad:ad:96:53:bc:7e:99:16:ff:ea:d9:2d:de:
12:8a:34:e6:e7:7b:21:c3:6e:bf:f2:62:92:ee:16:
04:99:ca:c7:51:30:63:13:c6:00:d6:14:cb:af:dc:
0b:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:66:F8:D8:8C:99:96:08:7E:F5:DD:45:B3:AA:B8:98:1B:86:18:A1
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.14.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.108.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.130.0/24
82.26.147.0/24
82.26.175.0/24
82.26.202.0/24
82.27.131.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.38.38.0/23
82.38.76.0/22
82.39.194.0/23
82.39.210.0/23
82.40.52.0-82.40.54.255
82.41.128.0/23
82.41.233.0-82.41.238.255
82.41.241.0/24
84.75.40.0/24
178.83.146.0/23
Signature Algorithm: sha256WithRSAEncryption
6a:47:d6:53:d7:06:5c:d4:c2:a9:27:8b:11:c0:dc:83:34:8f:
af:43:df:7e:70:d4:fe:86:bd:02:15:05:a0:2a:19:3f:54:b6:
7b:57:03:48:12:58:7f:01:00:a3:9d:d4:f2:15:1b:cf:20:29:
4a:8a:fa:d3:6b:5a:e6:ec:1a:e7:b3:bd:ae:9b:71:5a:10:c6:
81:17:a3:69:e5:3a:2a:19:bc:d0:3f:7a:f5:95:ca:4e:8c:ef:
9e:8b:16:ee:18:a3:b7:c2:0d:2f:93:44:b4:71:03:8f:3d:06:
7a:85:a1:2c:36:4a:fb:b1:0f:fb:ce:4b:eb:11:66:f6:8f:5d:
1f:bb:62:90:88:d2:9e:6e:40:d3:8d:72:54:e7:52:32:c8:71:
57:d7:63:26:be:86:a6:a5:78:fe:d3:5c:fb:fc:34:00:5d:61:
9f:15:68:d3:6a:69:1d:56:1a:f6:b3:f0:71:53:ff:8f:49:00:
3e:e2:e0:7d:96:16:27:de:c7:3c:6d:69:60:c6:28:8d:71:20:
b7:71:17:24:35:c9:cf:f2:e8:03:4b:f1:ea:08:51:31:93:ed:
ba:cb:e6:a4:bf:40:59:56:fb:43:d0:32:79:9f:a4:15:d8:c4:
29:36:d6:33:b5:c2:93:1f:f3:8b:2b:7e:72:60:47:10:51:f8:
37:bd:64:1c
-----BEGIN CERTIFICATE-----
MIIF0zCCBLugAwIBAgIUVvO9arLs526NDdSpUDrqZEeqwgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMjUxMjU1MjBaFw0yNzAzMjQxMzAwMjBaMDMxMTAvBgNV
BAMTKDdGNjZGOEQ4OEM5OTk2MDg3RUY1REQ0NUIzQUFCODk4MUI4NjE4QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/40ln+B9MD+Fa6H1ErHRmhGuA
itWCAjI46PYV5jx2pMYVK15/3H4lakY7QW5m6EGHVbyh/KN2uciNUcZYAtQPdM8x
ySmnmftQicM6widW8MSNvMKBL+bINU9aBPTw/gKqwYpvFsge5vAaXwIyQlpZsxFu
GJDqwpMEajofOFcU2pYnILxOjO6aRbn/T/+zY3tmlGQRK8HKPYQ15JswPV9mncjP
GBOTN/gKAMkVQN7KllEqvsZawM9bTMZHYuJSmY/KyMsxAiK6LkhjyBgpg0j7aa4S
ra2WU7x+mRb/6tkt3hKKNObneyHDbr/yYpLuFgSZysdRMGMTxgDWFMuv3AuvAgMB
AAGjggLdMIIC2TAdBgNVHQ4EFgQUf2b42IyZlgh+9d1Fs6q4mBuGGKEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB8wYIKwYBBQUHAQcBAf8EgeMwgeAwgd0EAgABMIHWAwQA
UhVLAwQAUhYOAwQAUheQAwQAUheTAwQCUhgAAwQAUhhsAwQAUhpzAwQAUhp2AwQA
Uhp9AwQAUhqCAwQAUhqTAwQAUhqvAwQAUhrKAwQAUhuDAwQAUh0kAwQAUh0nAwQA
Uh0tAwQAUh0xAwQAUh0zAwQAUh1GAwQAUh1JAwQAUh1MAwQAUh1PAwQBUiYmAwQC
UiZMAwQBUifCAwQBUifSMAwDBAJSKDQDBABSKDYDBAFSKYAwDAMEAFIp6QMEAFIp
7gMEAFIp8QMEAFRLKAMEAbJTkjANBgkqhkiG9w0BAQsFAAOCAQEAakfWU9cGXNTC
qSeLEcDcgzSPr0PffnDU/oa9AhUFoCoZP1S2e1cDSBJYfwEAo53U8hUbzyApSor6
02ta5uwa57O9rptxWhDGgRejaeU6Khm80D969ZXKTozvnosW7hijt8INL5NEtHED
jz0GeoWhLDZK+7EP+85L6xFm9o9dH7tikIjSnm5A041yVOdSMshxV9djJr6GpqV4
/tNc+/w0AF1hnxVo02ppHVYa9rPwcVP/j0kAPuLgfZYWJ97HPG1pYMYojXEgt3EX
JDXJz/LoA0vx6ghRMZPtusvmpL9AWVb7Q9AyeZ+kFdjEKTbWM7XCkx/ziyt+cmBH
EFH4N71kHA==
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:33:45 2026 by rpki-client