Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: rgIHVSIjguOq/Sqe2mdbWR1GBOFzqe0jjIAFw/HAKcY=
Subject key identifier: 44:A2:B9:0B:4E:FD:56:F1:FD:39:27:48:06:CF:05:9D:5F:BE:81:95
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1B112DF581F71F263FF032D862F1DA09E98ABC15
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Tue 22 Jul 2025 00:01:06 +0000
ROA not before: Mon 21 Jul 2025 23:56:06 +0000
ROA not after: Tue 21 Jul 2026 00:01:06 +0000
asID: 9304
IP address blocks: 45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.237.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:11:2d:f5:81:f7:1f:26:3f:f0:32:d8:62:f1:da:09:e9:8a:bc:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 21 23:56:06 2025 GMT
Not After : Jul 21 00:01:06 2026 GMT
Subject: CN=44A2B90B4EFD56F1FD39274806CF059D5FBE8195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:85:70:bd:26:ae:1e:aa:aa:5a:56:d7:1f:
12:26:34:3b:c0:06:88:28:66:e5:25:a5:8c:47:18:
2f:d2:16:67:e7:c3:8e:9e:a0:d5:5d:b9:43:30:e7:
4f:30:7c:1b:e3:5d:d5:e4:7f:79:33:73:97:be:9c:
e9:56:55:23:e6:ed:63:8d:b9:3f:0c:6d:a4:b7:71:
b5:90:1e:ba:3f:bc:10:96:42:a0:ec:9f:03:83:21:
74:5d:08:de:f7:2f:18:28:06:8f:2f:d8:8b:02:33:
c6:a4:0f:e7:24:fa:b8:79:f4:06:25:70:df:4d:31:
eb:ff:ee:87:38:8e:08:b8:3b:87:be:92:37:84:53:
43:25:27:cd:90:c0:4d:2c:d4:7c:a2:ca:ec:38:ee:
5e:b5:8c:f6:19:32:3c:a3:8b:e9:52:21:80:21:d7:
8c:1b:c4:3d:fd:89:a1:fc:da:fa:5d:c6:60:ec:cf:
79:f8:c0:5e:9d:84:ec:4b:53:0a:67:9a:2f:e3:ef:
d0:bc:a6:ad:d1:29:be:6a:29:12:2a:77:16:f6:9e:
a2:8d:99:56:96:fa:45:18:ec:17:ba:54:60:3a:82:
c5:ef:23:cf:47:9b:12:77:0c:69:12:c0:63:75:c6:
3a:24:5f:21:90:7f:25:bf:c8:51:e9:2a:85:81:1a:
42:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:A2:B9:0B:4E:FD:56:F1:FD:39:27:48:06:CF:05:9D:5F:BE:81:95
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/23
92.118.162.0/24
92.119.33.0/24
179.61.241.0/24
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.236.0/23
181.214.248.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.101.76.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:d1:3e:7a:1f:56:fd:83:bd:fb:57:1b:ff:a1:07:4e:45:7f:
1e:23:84:78:46:b6:3a:3b:21:93:ea:da:24:4b:40:68:3c:36:
22:61:8f:29:d7:24:60:10:31:e9:7d:79:26:ce:e8:51:2e:3e:
98:32:3d:2d:dc:bc:d9:14:6f:ab:c3:91:cc:9e:b2:88:88:fb:
5e:b7:87:2b:45:bc:f2:8e:b1:c0:f5:27:f1:84:7f:c2:d0:ad:
6f:6a:02:e9:48:9b:c2:92:8d:0a:89:a2:b9:e9:59:95:5a:d2:
5c:95:91:73:df:ab:5c:4b:50:d9:63:10:24:28:9d:5c:71:58:
90:c8:82:4e:ee:df:45:3b:e5:6c:f3:36:7a:75:d2:c1:91:c1:
8c:b6:94:19:ab:ef:0f:39:2a:d4:74:be:25:b8:c7:27:3e:c5:
a8:fc:f5:6a:b1:4e:8d:9b:2c:61:f9:36:5e:9e:73:50:5b:6c:
d2:f3:c9:ce:5e:2a:e5:38:00:1b:5b:d8:2b:aa:d0:cf:9e:24:
25:3c:0c:8b:43:d2:ed:09:11:ff:40:26:d8:7f:2a:f5:4f:99:
aa:2f:05:10:c3:28:ec:39:4b:cd:8c:fb:ac:a4:d6:ca:d8:93:
89:74:55:50:2f:04:bd:be:27:4b:9c:b5:92:8f:96:74:d6:18:
29:ef:b6:47
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgIUGxEt9YH3HyY/8DLYYvHaCemKvBUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MjEyMzU2MDZaFw0yNjA3MjEwMDAxMDZaMDMxMTAvBgNV
BAMTKDQ0QTJCOTBCNEVGRDU2RjFGRDM5Mjc0ODA2Q0YwNTlENUZCRTgxOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEaIVwvSauHqqqWlbXHxImNDvA
BogoZuUlpYxHGC/SFmfnw46eoNVduUMw508wfBvjXdXkf3kzc5e+nOlWVSPm7WON
uT8MbaS3cbWQHro/vBCWQqDsnwODIXRdCN73LxgoBo8v2IsCM8akD+ck+rh59AYl
cN9NMev/7oc4jgi4O4e+kjeEU0MlJ82QwE0s1Hyiyuw47l61jPYZMjyji+lSIYAh
14wbxD39iaH82vpdxmDsz3n4wF6dhOxLUwpnmi/j79C8pq3RKb5qKRIqdxb2nqKN
mVaW+kUY7Be6VGA6gsXvI89HmxJ3DGkSwGN1xjokXyGQfyW/yFHpKoWBGkLHAgMB
AAGjggKRMIICjTAdBgNVHQ4EFgQURKK5C079VvH9OSdIBs8FnV++gZUwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpwYIKwYBBQUHAQcBAf8EgZcwgZQwgZEEAgABMIGKAwQB
LYu2AwQAXHaiAwQAXHchAwQAsz3xAwQAtdaUAwQAtdaaAwQAtdahAwQAtdbJAwQA
tdbUAwQBtdbsAwQAtdb4AwQBv2BYAwQAv2BbAwQAv2BjAwQAv2BpAwQAv2B0AwQA
v2B4AwQAv2B+AwQAv2VMAwQAv2VmAwQAv2V0AwQAv2V4AwQAv2V8MA0GCSqGSIb3
DQEBCwUAA4IBAQB/0T56H1b9g737Vxv/oQdORX8eI4R4RrY6OyGT6tokS0BoPDYi
YY8p1yRgEDHpfXkmzuhRLj6YMj0t3LzZFG+rw5HMnrKIiPtet4crRbzyjrHA9Sfx
hH/C0K1vagLpSJvCko0KiaK56VmVWtJclZFz36tcS1DZYxAkKJ1ccViQyIJO7t9F
O+Vs8zZ6ddLBkcGMtpQZq+8POSrUdL4luMcnPsWo/PVqsU6Nmyxh+TZennNQW2zS
88nOXirlOAAbW9grqtDPniQlPAyLQ9LtCRH/QCbYfyr1T5mqLwUQwyjsOUvNjPus
pNbK2JOJdFVQLwS9vidLnLWSj5Z01hgp77ZH
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:58:10 2025 by rpki-client