Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: zeBUWBKWzK9jShX6Ty8m7cPwjzididwzn2gwGaywqDo=
Subject key identifier: 13:A3:FB:C0:72:02:EA:6B:99:76:BD:DB:7C:46:02:19:16:65:EA:9B
Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Certificate serial: 3391A9B56EF97CFFC74B0D780F76FB2EAA9F20DA
Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa
Signing time: Mon 18 Aug 2025 16:06:53 +0000
ROA not before: Mon 18 Aug 2025 16:01:53 +0000
ROA not after: Mon 17 Aug 2026 16:06:53 +0000
asID: 9304
IP address blocks: 193.32.205.0/24 maxlen: 24
194.93.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft
rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 01:33:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:91:a9:b5:6e:f9:7c:ff:c7:4b:0d:78:0f:76:fb:2e:aa:9f:20:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b
Validity
Not Before: Aug 18 16:01:53 2025 GMT
Not After : Aug 17 16:06:53 2026 GMT
Subject: CN=13A3FBC07202EA6B9976BDDB7C4602191665EA9B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:59:d4:04:f0:99:6b:3a:35:36:a7:91:a3:b0:
ef:b5:ba:4f:85:91:e6:90:5a:3d:a6:16:41:b8:fa:
cb:9a:d4:b8:63:0c:ee:1a:8a:3e:40:cd:f9:87:77:
eb:fc:ed:80:cf:95:71:60:e6:86:e6:81:a6:c4:6c:
14:1d:a6:fa:fd:28:a4:a9:7a:88:16:df:3a:d1:e2:
bc:e4:fc:6e:24:b6:b6:de:ca:86:a8:5b:b3:e5:ac:
70:89:23:11:f2:f3:09:88:64:51:e8:9d:90:c2:ac:
c3:cf:97:de:8a:e1:a7:ae:6e:c5:72:cf:68:6a:f5:
40:f8:e8:fc:d6:e2:ad:4d:39:e6:62:94:a9:d9:1a:
7b:54:fe:17:b8:03:0e:50:71:47:70:ac:7d:fb:ee:
93:45:6a:ab:1f:10:15:d0:e4:90:c1:eb:af:2f:1a:
6e:d4:fc:6e:80:0d:f3:19:0a:51:5e:41:38:41:0b:
f2:8c:99:24:6d:22:e7:4f:8b:9a:07:3a:3f:c2:7d:
b2:56:81:45:18:e8:cc:d4:4d:84:df:90:bd:f4:6e:
b8:19:39:34:ea:7c:cc:bb:cc:ac:79:1a:0d:9b:0c:
d2:1a:03:26:81:29:1e:6a:d9:ea:01:fd:75:2f:c6:
c2:8b:2a:dd:54:a8:98:08:6e:82:f7:90:45:2b:2f:
a2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A3:FB:C0:72:02:EA:6B:99:76:BD:DB:7C:46:02:19:16:65:EA:9B
X509v3 Authority Key Identifier:
keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.205.0/24
194.93.62.0/24
Signature Algorithm: sha256WithRSAEncryption
28:12:68:cf:e5:27:15:45:a0:e4:9d:ba:29:33:47:36:02:78:
f3:63:f4:66:81:36:89:dc:52:c5:74:57:bd:e0:b0:8f:28:12:
78:98:ce:49:b9:82:d7:cd:30:55:2e:71:a3:5d:a2:ee:88:e5:
80:86:03:f0:bd:e7:37:1f:49:69:8f:e5:55:ed:e0:08:e2:09:
e6:f6:be:cc:58:cd:71:38:ab:49:c3:38:36:57:8a:74:6e:86:
6f:e5:97:a1:ef:90:4e:55:e6:2a:95:11:a6:68:d4:c0:b5:d6:
dd:03:2a:54:c4:69:24:2f:5b:1b:d9:6e:9f:fa:57:fc:8a:1b:
3b:53:10:a4:cf:e5:66:da:d4:41:51:fe:79:55:c7:f3:3a:54:
09:7d:c8:93:31:36:fc:31:4c:c1:45:2e:68:ba:cf:85:fa:4e:
9b:83:61:3a:fd:eb:6b:2e:93:05:3f:a5:10:c2:55:8d:1b:c7:
5f:5e:c6:98:0d:d8:6e:73:ed:30:a9:e1:e5:b6:3c:4d:13:16:
6f:e1:f3:d6:13:0c:18:14:60:7e:5f:66:cd:b3:a1:a3:b4:36:
ce:74:02:89:f6:3a:ac:38:99:c8:ba:6e:c2:0d:77:83:5a:bb:
14:de:14:59:2f:2a:9e:5d:4c:30:80:be:f1:f6:b7:86:25:04:
6f:3e:91:ba
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIUM5GptW75fP/HSw14D3b7LqqfINowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy
ZjJmNDE1YjAeFw0yNTA4MTgxNjAxNTNaFw0yNjA4MTcxNjA2NTNaMDMxMTAvBgNV
BAMTKDEzQTNGQkMwNzIwMkVBNkI5OTc2QkREQjdDNDYwMjE5MTY2NUVBOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRWdQE8JlrOjU2p5GjsO+1uk+F
keaQWj2mFkG4+sua1LhjDO4aij5AzfmHd+v87YDPlXFg5obmgabEbBQdpvr9KKSp
eogW3zrR4rzk/G4ktrbeyoaoW7PlrHCJIxHy8wmIZFHonZDCrMPPl96K4aeubsVy
z2hq9UD46PzW4q1NOeZilKnZGntU/he4Aw5QcUdwrH377pNFaqsfEBXQ5JDB668v
Gm7U/G6ADfMZClFeQThBC/KMmSRtIudPi5oHOj/CfbJWgUUY6MzUTYTfkL30brgZ
OTTqfMy7zKx5Gg2bDNIaAyaBKR5q2eoB/XUvxsKLKt1UqJgIboL3kEUrL6KZAgMB
AAGjggIOMIICCjAdBgNVHQ4EFgQUE6P7wHIC6muZdr3bfEYCGRZl6pswHwYDVR0j
BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0
ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4
dlFWcy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt
NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMEgzQME
AMJdPjANBgkqhkiG9w0BAQsFAAOCAQEAKBJoz+UnFUWg5J26KTNHNgJ482P0ZoE2
idxSxXRXveCwjygSeJjOSbmC180wVS5xo12i7ojlgIYD8L3nNx9JaY/lVe3gCOIJ
5va+zFjNcTirScM4NleKdG6Gb+WXoe+QTlXmKpURpmjUwLXW3QMqVMRpJC9bG9lu
n/pX/IobO1MQpM/lZtrUQVH+eVXH8zpUCX3IkzE2/DFMwUUuaLrPhfpOm4NhOv3r
ay6TBT+lEMJVjRvHX17GmA3YbnPtMKnh5bY8TRMWb+Hz1hMMGBRgfl9mzbOho7Q2
znQCifY6rDiZyLpuwg13g1q7FN4UWS8qnl1MMIC+8fa3hiUEbz6Rug==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:35:50 2025 by rpki-client