Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: ujRQdRQxc+VSFza4VcJZHsk+XjbXEX7M3D24ia8gOos=
Subject key identifier: 80:E6:05:4B:13:F6:E2:78:21:F3:90:A0:10:9D:97:0C:55:F7:0B:F9
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 171F080DCEA3D7C0B9CEF87A88AF07B3DE5635CF
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 28 Apr 2026 00:04:23 +0000
ROA not before: Mon 27 Apr 2026 23:59:23 +0000
ROA not after: Tue 27 Apr 2027 00:04:23 +0000
asID: 9304
IP address blocks: 82.22.14.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.108.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.130.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.38.38.0/23 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.210.0/23 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.128.0/23 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.47.0.0/23 maxlen: 24
84.75.151.0/24 maxlen: 24
178.83.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:1f:08:0d:ce:a3:d7:c0:b9:ce:f8:7a:88:af:07:b3:de:56:35:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 27 23:59:23 2026 GMT
Not After : Apr 27 00:04:23 2027 GMT
Subject: CN=80E6054B13F6E27821F390A0109D970C55F70BF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:5b:83:dc:84:5d:c5:54:00:b7:8b:af:d9:
79:fb:1d:41:02:ac:8d:0d:76:86:86:b9:fb:b7:db:
31:48:2d:17:ed:47:d8:85:a3:2d:8c:15:c8:fb:59:
dc:c9:93:f8:a4:da:47:74:59:20:ca:ef:5f:63:2d:
05:2a:85:f1:43:57:dc:ff:aa:c2:bb:ce:38:26:ed:
a1:f1:43:5e:10:3c:7b:4b:12:7f:24:7e:64:80:db:
b6:33:dc:23:df:fe:d0:91:7f:cc:b9:ff:63:ae:c9:
e0:ba:81:c7:63:f6:a6:f2:3a:c4:92:0d:52:95:cc:
3d:c3:a8:8c:3c:fb:61:19:16:c8:ae:09:a3:90:df:
01:16:83:a5:4a:db:7f:09:2e:1b:b8:9f:20:eb:7d:
c5:1f:43:36:64:ac:cd:af:69:f2:73:f0:c2:39:27:
8f:9d:3c:77:4c:19:17:e2:0d:05:86:6b:40:c5:f0:
21:f4:c0:e8:40:86:62:25:9c:dc:2a:e2:8a:04:2b:
31:7d:94:07:49:47:58:6e:6f:64:33:e1:4f:1f:8a:
d3:5e:8c:dc:6f:f1:91:7c:51:9e:97:d1:23:2c:da:
7f:a0:29:7b:04:34:0d:bb:54:8c:1f:a4:e0:bb:02:
ac:5f:7f:5b:20:6a:dc:8b:f5:b7:8c:73:21:63:e5:
29:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:E6:05:4B:13:F6:E2:78:21:F3:90:A0:10:9D:97:0C:55:F7:0B:F9
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.22.14.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.108.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.130.0/24
82.27.131.0/24
82.29.45.0/24
82.29.76.0/24
82.38.38.0/23
82.38.76.0/22
82.39.194.0/23
82.39.210.0/23
82.40.52.0-82.40.54.255
82.41.128.0/23
82.41.233.0-82.41.234.255
82.41.236.0-82.41.238.255
82.47.0.0/23
84.75.151.0/24
178.83.146.0/23
Signature Algorithm: sha256WithRSAEncryption
4e:e3:4f:0e:a4:8b:a9:6c:2f:6a:60:b3:f8:e5:72:57:64:9f:
26:c2:63:02:07:8c:c2:a6:29:a0:89:61:c7:5c:08:96:0a:fa:
dc:9f:f0:0d:13:76:a3:85:85:0f:78:75:06:83:5a:c0:a0:7e:
fe:eb:a2:c9:31:2d:ba:ee:e6:42:54:99:07:49:83:8d:07:0d:
87:8c:bd:d1:be:35:cc:79:47:24:51:08:60:30:42:75:a8:b7:
da:8b:2a:e2:51:17:c2:ae:d6:6f:43:f0:60:c6:46:73:ef:3f:
97:7e:1e:3b:f7:5e:e0:f1:1a:26:c9:82:6f:e4:8a:8d:8a:aa:
14:23:98:67:cd:fb:2d:42:c1:cb:e5:1c:8b:e7:15:93:04:e2:
4f:94:fc:4c:af:22:0a:b8:2b:99:f8:07:46:3f:7b:1f:63:a8:
0f:4c:3e:05:53:30:a0:cf:63:27:d9:77:28:0b:39:92:e4:cb:
fd:fd:00:bd:ef:2e:20:dd:29:81:bf:23:8a:64:5c:2a:81:14:
f1:34:51:02:30:6f:e2:bb:68:c7:31:d5:a5:ce:82:7d:5d:cc:
b9:bd:b4:7b:0c:2f:15:84:97:bc:5a:d7:50:6d:86:48:95:74:
d8:0f:c1:22:44:ce:ad:d6:3a:21:5c:1f:35:71:f2:40:51:79:
50:e7:37:4f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUFx8IDc6j18C5zvh6iK8Hs95WNc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MjcyMzU5MjNaFw0yNzA0MjcwMDA0MjNaMDMxMTAvBgNV
BAMTKDgwRTYwNTRCMTNGNkUyNzgyMUYzOTBBMDEwOUQ5NzBDNTVGNzBCRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbcFuD3IRdxVQAt4uv2Xn7HUEC
rI0NdoaGufu32zFILRftR9iFoy2MFcj7WdzJk/ik2kd0WSDK719jLQUqhfFDV9z/
qsK7zjgm7aHxQ14QPHtLEn8kfmSA27Yz3CPf/tCRf8y5/2OuyeC6gcdj9qbyOsSS
DVKVzD3DqIw8+2EZFsiuCaOQ3wEWg6VK238JLhu4nyDrfcUfQzZkrM2vafJz8MI5
J4+dPHdMGRfiDQWGa0DF8CH0wOhAhmIlnNwq4ooEKzF9lAdJR1hub2Qz4U8fitNe
jNxv8ZF8UZ6X0SMs2n+gKXsENA27VIwfpOC7Aqxff1sgatyL9beMcyFj5SmJAgMB
AAGjggKpMIICpTAdBgNVHQ4EFgQUgOYFSxP24ngh85CgEJ2XDFX3C/kwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBvwYIKwYBBQUHAQcBAf8Ega8wgawwgakEAgABMIGiAwQA
UhYOAwQAUheQAwQAUheTAwQCUhgAAwQAUhhsAwQAUhpzAwQAUhp2AwQAUhp9AwQA
UhqCAwQAUhuDAwQAUh0tAwQAUh1MAwQBUiYmAwQCUiZMAwQBUifCAwQBUifSMAwD
BAJSKDQDBABSKDYDBAFSKYAwDAMEAFIp6QMEAFIp6jAMAwQCUinsAwQAUinuAwQB
Ui8AAwQAVEuXAwQBslOSMA0GCSqGSIb3DQEBCwUAA4IBAQBO408OpIupbC9qYLP4
5XJXZJ8mwmMCB4zCpimgiWHHXAiWCvrcn/ANE3ajhYUPeHUGg1rAoH7+66LJMS26
7uZCVJkHSYONBw2HjL3RvjXMeUckUQhgMEJ1qLfaiyriURfCrtZvQ/BgxkZz7z+X
fh47917g8RomyYJv5IqNiqoUI5hnzfstQsHL5RyL5xWTBOJPlPxMryIKuCuZ+AdG
P3sfY6gPTD4FUzCgz2Mn2XcoCzmS5Mv9/QC97y4g3SmBvyOKZFwqgRTxNFECMG/i
u2jHMdWlzoJ9Xcy5vbR7DC8VhJe8WtdQbYZIlXTYD8EiRM6t1johXB81cfJAUXlQ
5zdP
-----END CERTIFICATE-----
Generated at Tue May 12 22:23:46 2026 by rpki-client