Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: zmBNyYcm3cMTW1ZTeLoaABmEWeljxQ52jX1giKf0D+o=
Subject key identifier: 17:1D:81:C9:46:82:95:E0:80:E6:5D:3F:F0:95:DB:86:7A:18:DE:12
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 18675F6EB4D3FBD44369550525FF928AD076D9CD
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Sun 20 Apr 2025 00:02:03 +0000
ROA not before: Sat 19 Apr 2025 23:57:03 +0000
ROA not after: Sun 19 Apr 2026 00:02:03 +0000
asID: 9304
IP address blocks: 82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.26.118.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 07 May 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:67:5f:6e:b4:d3:fb:d4:43:69:55:05:25:ff:92:8a:d0:76:d9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 19 23:57:03 2025 GMT
Not After : Apr 19 00:02:03 2026 GMT
Subject: CN=171D81C9468295E080E65D3FF095DB867A18DE12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8d:b2:1f:04:e4:35:fa:a4:7b:fd:2a:15:7f:
a7:9d:40:d8:6c:4a:e3:b5:2a:98:bf:c4:68:9d:03:
18:29:fe:f6:99:58:07:18:d6:8d:23:77:bb:a4:db:
03:b8:e7:2a:81:d4:60:f5:63:fa:37:95:df:c7:93:
57:6e:7a:45:ab:eb:a7:77:c8:c9:de:d7:ee:ca:e8:
bd:68:60:1a:a3:18:ff:e7:7d:69:c0:5e:ca:65:9b:
2f:8e:5e:8c:19:05:c0:7b:01:fb:a5:c0:b5:74:17:
6b:91:65:fe:5f:8a:14:fd:42:d6:49:80:f2:90:24:
51:a7:ae:cd:1c:d5:96:58:f5:ad:4d:9a:a4:5d:1b:
83:81:08:9c:75:7a:c2:23:ac:90:e4:bb:28:70:26:
e3:f4:85:1c:a5:53:74:b7:51:7c:69:b9:06:40:29:
57:f1:07:1e:8c:db:50:5d:4c:f0:ab:b9:60:0f:fe:
32:ac:ed:c7:d5:ee:72:01:a8:a4:25:44:24:8a:85:
b8:6e:d5:4a:3a:3e:fc:5d:2b:7b:f7:48:31:33:01:
c7:2f:b9:5b:f6:bc:90:a6:f5:44:ad:0b:b7:a3:44:
61:7a:23:8d:8a:2e:28:42:53:6f:a8:7b:a3:ec:24:
e0:46:af:2e:3f:10:48:3b:7f:e9:c4:11:08:79:03:
a7:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:1D:81:C9:46:82:95:E0:80:E6:5D:3F:F0:95:DB:86:7A:18:DE:12
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.26.118.0/24
82.27.92.0/22
Signature Algorithm: sha256WithRSAEncryption
41:0b:d7:e5:58:6e:a8:88:20:e3:3e:7f:70:ed:54:3b:f4:3f:
50:98:a8:b4:d9:6e:44:52:60:a8:28:59:8f:3b:ee:cf:69:b0:
19:41:0b:f3:df:db:ec:31:74:89:d4:bc:e1:d6:38:98:66:8d:
1c:2a:86:a2:17:3e:da:a7:35:74:a1:4b:78:cd:60:25:0c:31:
b3:ea:a7:cc:e7:08:97:26:ab:29:38:a3:d2:f2:93:91:47:b4:
1f:b9:e1:52:d7:f4:a9:14:a6:c7:b4:d2:02:5b:c3:67:45:ec:
33:03:a9:58:5b:69:0b:31:ba:ab:61:ce:21:5c:a9:dd:8f:ab:
d3:ec:53:c8:54:a2:67:6e:25:aa:62:77:ee:ef:9d:ef:3e:5d:
17:3b:f7:aa:49:10:70:4a:5a:92:a3:24:33:9f:75:1c:03:db:
6d:2e:38:ab:4c:cb:60:8e:28:30:96:a3:94:d4:a3:3c:77:44:
1c:44:e3:9f:d7:68:ad:a1:2e:0f:a2:6f:59:e1:b0:af:05:df:
5f:ff:02:0f:d8:43:a7:4e:6a:0a:98:60:b4:11:1b:6b:8e:2c:
91:7b:94:3f:6a:3d:5d:d3:36:52:80:a8:3c:ac:82:21:18:2b:
8c:54:33:60:e7:4d:7d:46:80:2c:86:6b:bf:c5:b5:0a:c8:7e:
9e:a8:0d:75
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIUGGdfbrTT+9RDaVUFJf+SitB22c0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTkyMzU3MDNaFw0yNjA0MTkwMDAyMDNaMDMxMTAvBgNV
BAMTKDE3MUQ4MUM5NDY4Mjk1RTA4MEU2NUQzRkYwOTVEQjg2N0ExOERFMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3jbIfBOQ1+qR7/SoVf6edQNhs
SuO1Kpi/xGidAxgp/vaZWAcY1o0jd7uk2wO45yqB1GD1Y/o3ld/Hk1duekWr66d3
yMne1+7K6L1oYBqjGP/nfWnAXsplmy+OXowZBcB7AfulwLV0F2uRZf5fihT9QtZJ
gPKQJFGnrs0c1ZZY9a1NmqRdG4OBCJx1esIjrJDkuyhwJuP0hRylU3S3UXxpuQZA
KVfxBx6M21BdTPCruWAP/jKs7cfV7nIBqKQlRCSKhbhu1Uo6PvxdK3v3SDEzAccv
uVv2vJCm9UStC7ejRGF6I42KLihCU2+oe6PsJOBGry4/EEg7f+nEEQh5A6fTAgMB
AAGjggIgMIICHDAdBgNVHQ4EFgQUFx2ByUaCleCA5l0/8JXbhnoY3hIwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFIXkAME
AFIXkwMEAlIYAAMEAFIadgMEAlIbXDANBgkqhkiG9w0BAQsFAAOCAQEAQQvX5Vhu
qIgg4z5/cO1UO/Q/UJiotNluRFJgqChZjzvuz2mwGUEL89/b7DF0idS84dY4mGaN
HCqGohc+2qc1dKFLeM1gJQwxs+qnzOcIlyarKTij0vKTkUe0H7nhUtf0qRSmx7TS
AlvDZ0XsMwOpWFtpCzG6q2HOIVyp3Y+r0+xTyFSiZ24lqmJ37u+d7z5dFzv3qkkQ
cEpakqMkM591HAPbbS44q0zLYI4oMJajlNSjPHdEHETjn9doraEuD6JvWeGwrwXf
X/8CD9hDp05qCphgtBEba44skXuUP2o9XdM2UoCoPKyCIRgrjFQzYOdNfUaALIZr
v8W1Csh+nqgNdQ==
-----END CERTIFICATE-----
Generated at Tue May 6 13:40:19 2025 by rpki-client