Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: uOBWNXId3ksCscXmg4Tzwwg8iWv5qi7GP0fsyoUkuu8=
Subject key identifier: 07:B9:77:06:FF:13:99:43:55:06:7D:93:75:A8:11:38:E8:E8:F0:E3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3D34477C5FDDCDFDA945D8EDE5554EFD8119B50A
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Fri 15 Aug 2025 15:35:58 +0000
ROA not before: Fri 15 Aug 2025 15:30:58 +0000
ROA not after: Fri 14 Aug 2026 15:35:58 +0000
asID: 9304
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.171.0/24 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.112.0/23 maxlen: 24
82.24.144.0/23 maxlen: 24
82.24.181.0/24 maxlen: 24
82.25.36.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.61.0/24 maxlen: 24
82.25.62.0/24 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.94.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.150.0/24 maxlen: 24
82.26.151.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.26.193.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
82.27.118.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:34:47:7c:5f:dd:cd:fd:a9:45:d8:ed:e5:55:4e:fd:81:19:b5:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Aug 15 15:30:58 2025 GMT
Not After : Aug 14 15:35:58 2026 GMT
Subject: CN=07B97706FF13994355067D9375A81138E8E8F0E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:56:9b:1d:fe:52:5c:92:cd:02:00:c6:de:96:
f8:92:5d:3d:4e:06:de:83:c4:51:54:ce:49:88:e1:
5d:82:30:aa:09:52:db:11:56:52:2e:2f:7d:3d:d6:
13:e9:3d:fa:83:fe:b4:fe:d1:7d:92:06:d9:7d:f7:
3e:4c:ed:b9:93:2e:96:ed:35:b6:eb:4e:19:14:b0:
e3:b6:d0:60:d4:c9:f8:6d:7c:57:e5:2b:fe:1a:e3:
ac:fb:d6:5a:c1:47:b6:d9:3f:c3:4d:64:ac:e8:ac:
37:ac:bc:c6:ae:c0:b8:b2:cf:d1:f9:cc:38:05:78:
c3:2a:8a:ed:85:1f:b3:17:46:b6:8d:02:b6:9e:c0:
2a:9e:32:ca:eb:e0:3f:95:35:67:74:00:a7:e5:34:
8b:60:ea:44:54:f2:78:09:fa:b3:09:65:99:dd:af:
c0:f1:a7:a8:49:96:5d:fa:f0:c3:5a:d5:0e:83:b0:
c8:9f:79:45:e3:06:ea:94:d5:5c:c6:20:56:d3:c1:
fb:67:6b:cb:37:ec:83:06:2f:78:48:73:fb:18:2b:
ee:62:c8:d2:ed:b6:77:17:e4:0f:b3:a1:a4:17:05:
ad:a8:e8:b3:3d:9b:0a:63:2d:e4:53:ad:6d:e1:b5:
b4:0b:2b:78:9f:24:5d:81:19:89:44:f0:aa:3e:5d:
1d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:B9:77:06:FF:13:99:43:55:06:7D:93:75:A8:11:38:E8:E8:F0:E3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.190.0/24
82.22.196.0/24
82.23.144.0/24
82.23.147.0/24
82.23.162.0/23
82.23.171.0/24
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.31.0/24
82.24.112.0/23
82.24.144.0/23
82.24.181.0/24
82.25.36.0/24
82.25.41.0/24
82.25.59.0/24
82.25.61.0-82.25.62.255
82.25.161.0/24
82.25.205.0/24
82.26.87.0/24
82.26.94.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.150.0-82.26.152.255
82.26.171.0/24
82.26.174.0/24
82.26.193.0/24
82.27.92.0/22
82.27.116.0-82.27.118.255
82.29.41.0/24
82.29.48.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:24:d2:40:3d:11:a9:1c:4d:23:bc:bd:2f:ff:c1:c8:19:a6:
55:46:e5:ee:bd:e7:e3:71:92:e9:7c:ad:50:84:ba:51:e4:54:
a9:ba:80:dc:34:3b:7b:7e:90:66:31:ac:8b:ce:33:a1:42:ff:
e7:ff:32:00:67:04:e2:36:72:fd:ec:9b:28:5e:64:f6:b4:94:
87:53:08:07:4d:e9:96:5e:ec:1f:d9:67:af:00:c8:be:6c:98:
6d:fd:4b:f6:76:68:56:84:f3:fb:9f:75:27:31:50:fe:2e:38:
41:ee:cb:60:62:a9:db:50:23:7b:ff:8c:bf:f0:b3:22:bb:e7:
0c:54:8a:ec:ca:a3:c8:c2:ea:20:42:85:3d:e2:6b:35:78:e4:
3a:f3:ee:05:b4:0b:bb:39:7d:68:70:16:ad:40:1a:9f:4e:47:
0a:ab:52:ab:43:f6:15:f7:4d:c0:6f:0e:09:ec:a2:8a:f7:c2:
2f:ca:59:ad:a8:cf:6c:e2:7d:90:05:d4:f5:4f:b5:22:62:86:
d6:0e:a5:fd:21:f0:33:6d:e0:31:e1:4e:b8:fb:18:eb:80:7a:
cd:47:a5:ac:2f:8e:0b:7a:5c:81:d0:70:16:71:0f:eb:4e:30:
15:62:cb:49:74:eb:08:d2:f3:47:06:f1:4c:48:d5:d0:59:5e:
8b:33:f2:55
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgIUPTRHfF/dzf2pRdjt5VVO/YEZtQowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA4MTUxNTMwNThaFw0yNjA4MTQxNTM1NThaMDMxMTAvBgNV
BAMTKDA3Qjk3NzA2RkYxMzk5NDM1NTA2N0Q5Mzc1QTgxMTM4RThFOEYwRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClVpsd/lJcks0CAMbelviSXT1O
Bt6DxFFUzkmI4V2CMKoJUtsRVlIuL3091hPpPfqD/rT+0X2SBtl99z5M7bmTLpbt
NbbrThkUsOO20GDUyfhtfFflK/4a46z71lrBR7bZP8NNZKzorDesvMauwLiyz9H5
zDgFeMMqiu2FH7MXRraNAraewCqeMsrr4D+VNWd0AKflNItg6kRU8ngJ+rMJZZnd
r8Dxp6hJll368MNa1Q6DsMifeUXjBuqU1VzGIFbTwftna8s37IMGL3hIc/sYK+5i
yNLttncX5A+zoaQXBa2o6LM9mwpjLeRTrW3htbQLK3ifJF2BGYlE8Ko+XR0DAgMB
AAGjggMJMIIDBTAdBgNVHQ4EFgQUB7l3Bv8TmUNVBn2TdagROOjo8OMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAR4GCCsGAQUFBwEHAQH/BIIBDTCCAQkwggEFBAIAATCB
/gMEAFIVigMEAFIWvgMEAFIWxAMEAFIXkAMEAFIXkwMEAVIXogMEAFIXqzAMAwQD
Uhf4AwQAUhf6AwQCUhgAAwQAUhgQAwQAUhgfAwQBUhhwAwQBUhiQAwQAUhi1AwQA
UhkkAwQAUhkpAwQAUhk7MAwDBABSGT0DBABSGT4DBABSGaEDBABSGc0DBABSGlcD
BABSGl4DBABSGnMDBABSGnYDBABSGn0wDAMEAVIalgMEAFIamAMEAFIaqwMEAFIa
rgMEAFIawQMEAlIbXDAMAwQCUht0AwQAUht2AwQAUh0pAwQAUh0wAwQAUh1KAwQA
Uh1YAwQAUh1nAwQAUh1rMA0GCSqGSIb3DQEBCwUAA4IBAQCiJNJAPRGpHE0jvL0v
/8HIGaZVRuXuvefjcZLpfK1QhLpR5FSpuoDcNDt7fpBmMayLzjOhQv/n/zIAZwTi
NnL97JsoXmT2tJSHUwgHTemWXuwf2WevAMi+bJht/Uv2dmhWhPP7n3UnMVD+LjhB
7stgYqnbUCN7/4y/8LMiu+cMVIrsyqPIwuogQoU94ms1eOQ68+4FtAu7OX1ocBat
QBqfTkcKq1KrQ/YV903Abw4J7KKK98IvylmtqM9s4n2QBdT1T7UiYobWDqX9IfAz
beAx4U64+xjrgHrNR6WsL44LelyB0HAWcQ/rTjAVYstJdOsI0vNHBvFMSNXQWV6L
M/JV
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:44:34 2025 by rpki-client