Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: AKSsIFJ9dIsTIbmq0ZJu8nzGzMGq4ZigbVERcSndunc=
Subject key identifier: 90:0F:F6:DF:CD:76:4C:68:C7:24:53:FC:62:5A:3D:DE:AB:E2:63:96
Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Certificate serial: 6E0796C328F72DB6AE828106031FD07B16BA5A42
Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS9304.roa
Signing time: Sun 26 Oct 2025 04:41:42 +0000
ROA not before: Sun 26 Oct 2025 04:36:42 +0000
ROA not after: Sun 25 Oct 2026 04:41:42 +0000
asID: 9304
IP address blocks: 46.236.209.0/24 maxlen: 24
82.139.227.0/24 maxlen: 24
82.139.228.0/24 maxlen: 24
82.139.229.0/24 maxlen: 24
82.139.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft
rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 07:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:07:96:c3:28:f7:2d:b6:ae:82:81:06:03:1f:d0:7b:16:ba:5a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b
Validity
Not Before: Oct 26 04:36:42 2025 GMT
Not After : Oct 25 04:41:42 2026 GMT
Subject: CN=900FF6DFCD764C68C72453FC625A3DDEABE26396
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:07:7d:ac:33:e9:2e:c8:cb:eb:0c:7f:8e:87:
2a:c8:7d:73:df:83:7b:a4:aa:59:8d:95:63:54:20:
01:8a:cb:5c:61:76:28:92:ed:65:e6:88:e5:f2:56:
1e:dc:bb:64:21:1a:6e:be:e6:18:56:7d:ff:ed:10:
0c:95:1e:5b:8d:df:ed:74:78:5a:ee:b5:a4:5a:40:
7b:4e:77:ae:4c:48:4f:55:14:2a:8d:16:fc:a4:5a:
78:f9:f6:89:2d:a4:b4:a2:53:62:c7:f9:77:1b:e6:
14:a1:37:a1:50:67:26:9a:cf:69:47:f1:21:ca:4c:
49:b5:87:59:e8:d3:f6:2f:b6:66:2e:f5:67:8f:7f:
bf:03:91:58:8b:99:4d:02:df:dc:47:38:8b:2f:eb:
a8:26:de:c1:e2:af:c6:34:7d:e5:13:2f:d5:a7:4b:
36:f0:c9:71:d6:e9:cc:36:c1:9e:81:29:5b:9f:9b:
99:0c:7d:f3:e3:45:94:f7:45:d0:53:1f:be:f4:a7:
d1:d5:be:ad:d2:1c:65:df:b9:2d:5a:88:93:19:12:
71:73:ab:e8:be:21:a0:b0:ce:8e:61:5f:5c:dd:65:
63:86:92:ec:89:b4:ca:d7:b4:2f:19:f6:a8:48:8f:
29:ca:47:f1:ca:81:2d:39:c9:3a:7f:bc:0a:37:36:
fd:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:0F:F6:DF:CD:76:4C:68:C7:24:53:FC:62:5A:3D:DE:AB:E2:63:96
X509v3 Authority Key Identifier:
keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.209.0/24
82.139.227.0-82.139.229.255
82.139.232.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:9c:4d:c2:45:8c:b1:4c:54:9b:37:7f:42:06:1a:c6:03:a1:
0c:76:18:5e:02:f4:82:ff:67:c6:38:40:ca:61:07:c9:04:36:
83:aa:15:a7:79:d2:32:f1:b7:7a:c8:8c:92:93:97:98:3f:c8:
50:5e:cb:7c:f7:28:08:15:5c:84:34:ed:7e:10:14:94:ea:0a:
86:82:a3:15:a5:66:b5:18:3e:8b:82:2c:1d:3a:08:a7:b0:db:
56:c9:6e:48:be:35:f6:c2:4f:c9:eb:27:1d:4f:e8:4a:b1:19:
fc:14:83:a0:a3:60:62:47:d2:7a:bd:68:b3:75:df:5a:8c:f9:
31:7d:f1:66:e5:fa:65:2c:5d:15:2c:26:86:3d:27:86:6a:58:
9e:6c:49:05:7d:ac:83:dc:cc:41:fe:17:a6:d4:e6:73:a6:34:
a1:46:bf:da:73:27:fe:ee:ad:3f:45:0b:e3:48:de:b1:a8:98:
8d:fd:cf:46:68:e2:b3:e7:6f:da:19:b5:e9:b9:74:79:9e:96:
a8:5d:ed:bc:2a:d0:03:d2:24:df:f7:f2:80:ae:ea:7c:5c:8d:
17:eb:7e:ce:1a:c2:c7:ae:e5:8f:7d:99:23:29:b3:31:4d:72:
47:6c:a7:c6:78:ef:52:36:46:36:fb:86:f1:64:cb:b8:f6:ba:
0a:fe:79:41
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIUbgeWwyj3LbaugoEGAx/Qexa6WkIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx
ZWUyOGExYjAeFw0yNTEwMjYwNDM2NDJaFw0yNjEwMjUwNDQxNDJaMDMxMTAvBgNV
BAMTKDkwMEZGNkRGQ0Q3NjRDNjhDNzI0NTNGQzYyNUEzRERFQUJFMjYzOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuB32sM+kuyMvrDH+OhyrIfXPf
g3ukqlmNlWNUIAGKy1xhdiiS7WXmiOXyVh7cu2QhGm6+5hhWff/tEAyVHluN3+10
eFrutaRaQHtOd65MSE9VFCqNFvykWnj59oktpLSiU2LH+Xcb5hShN6FQZyaaz2lH
8SHKTEm1h1no0/YvtmYu9WePf78DkViLmU0C39xHOIsv66gm3sHir8Y0feUTL9Wn
SzbwyXHW6cw2wZ6BKVufm5kMffPjRZT3RdBTH770p9HVvq3SHGXfuS1aiJMZEnFz
q+i+IaCwzo5hX1zdZWOGkuyJtMrXtC8Z9qhIjynKR/HKgS05yTp/vAo3Nv3pAgMB
AAGjggIcMIICGDAdBgNVHQ4EFgQUkA/23812TGjHJFP8Ylo93qviY5YwHwYDVR0j
BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1
NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3
aWlocy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt
NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAzBggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAC7s0TAM
AwQAUovjAwQBUovkAwQAUovoMA0GCSqGSIb3DQEBCwUAA4IBAQBunE3CRYyxTFSb
N39CBhrGA6EMdhheAvSC/2fGOEDKYQfJBDaDqhWnedIy8bd6yIySk5eYP8hQXst8
9ygIFVyENO1+EBSU6gqGgqMVpWa1GD6LgiwdOginsNtWyW5IvjX2wk/J6ycdT+hK
sRn8FIOgo2BiR9J6vWizdd9ajPkxffFm5fplLF0VLCaGPSeGaliebEkFfayD3MxB
/hem1OZzpjShRr/acyf+7q0/RQvjSN6xqJiN/c9GaOKz52/aGbXpuXR5npaoXe28
KtAD0iTf9/KArup8XI0X637OGsLHruWPfZkjKbMxTXJHbKfGeO9SNkY2+4bxZMu4
9roK/nlB
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:34 2025 by rpki-client