Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: KJgO6QNye9nKBe5kQlnUEDCsZ23EgTNvY22PXqlL0hU=
Subject key identifier: B6:09:08:91:E7:3B:B4:74:EC:EA:72:E9:9B:34:87:86:8B:E6:1A:14
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 075B195B672FD2CEABBC32485608CC65F62B0B22
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Sun 01 Mar 2026 13:28:27 +0000
ROA not before: Sun 01 Mar 2026 13:23:27 +0000
ROA not after: Sun 28 Feb 2027 13:28:27 +0000
asID: 9304
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.108.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.38.62.0/24 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.205.0/24 maxlen: 24
82.39.210.0/23 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.232.0/24 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.235.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.41.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 09:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:5b:19:5b:67:2f:d2:ce:ab:bc:32:48:56:08:cc:65:f6:2b:0b:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 1 13:23:27 2026 GMT
Not After : Feb 28 13:28:27 2027 GMT
Subject: CN=B6090891E73BB474ECEA72E99B3487868BE61A14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b4:71:09:29:de:21:8a:45:2f:7a:e7:9f:0a:
5f:05:6b:27:b4:4e:3b:4e:79:2e:09:18:b5:d7:2f:
79:fe:28:72:1d:89:b0:9c:8b:5c:34:0f:cc:b2:bf:
ca:c3:8a:74:72:aa:26:59:c9:6f:22:58:15:18:c3:
6a:e0:44:e4:5d:15:30:27:26:92:d8:07:3c:64:04:
67:46:98:a0:7a:ac:40:af:81:3e:9d:5d:4d:89:3b:
65:0a:fc:a9:17:8c:40:81:25:10:36:cb:30:11:00:
00:99:62:78:cb:f8:2f:55:47:f1:ca:ae:63:47:19:
92:b6:d1:6a:91:48:11:87:7c:e9:82:43:42:16:05:
b8:33:31:6d:15:4d:94:7a:5b:3f:79:72:57:15:14:
e9:36:c2:13:b2:d7:a2:c7:ae:fd:bf:4b:90:a9:ee:
93:c5:be:d7:92:e9:3f:2d:15:d9:2c:48:d5:5f:5e:
4e:04:99:e1:2c:9d:c2:67:a8:35:80:8d:c7:45:f2:
2e:91:e3:4e:05:53:85:7b:7c:3b:c1:09:6b:af:8b:
6b:a2:fb:6f:4a:d0:b7:06:c8:49:10:5c:a6:3c:b8:
17:0a:ce:b1:fc:b8:29:17:6b:fc:4d:5b:45:bd:37:
42:f8:0a:ac:0f:bc:0f:93:ca:8a:7d:3a:b7:e5:90:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:09:08:91:E7:3B:B4:74:EC:EA:72:E9:9B:34:87:86:8B:E6:1A:14
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.14.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.108.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.147.0/24
82.26.175.0/24
82.27.131.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.38.62.0/24
82.38.76.0/22
82.39.205.0/24
82.39.210.0/23
82.40.52.0-82.40.54.255
82.41.232.0-82.41.238.255
82.41.241.0/24
Signature Algorithm: sha256WithRSAEncryption
40:6f:4f:77:7c:85:67:50:96:ed:21:4a:b4:55:da:11:b1:19:
11:e2:88:50:89:c3:c9:12:91:42:e1:40:96:56:1b:44:9b:e1:
67:7e:87:00:c1:52:45:70:0b:7f:80:93:3b:46:01:ff:db:ad:
e5:a0:cd:8f:22:20:fe:a1:2e:87:4a:21:ef:43:20:81:2a:fa:
a2:73:3d:72:88:16:29:bf:72:98:c5:bf:6a:94:47:d2:79:4b:
97:55:a9:af:e9:d1:b2:5b:56:f6:35:34:e2:7a:86:e4:5c:a0:
38:57:71:fd:4b:64:25:5d:29:29:3f:b9:fb:4b:29:a6:16:14:
d2:7d:72:21:f7:4f:67:b2:53:29:8e:f7:33:2f:b6:41:bb:b4:
38:e2:0d:37:f3:70:f3:a0:c1:b4:27:d2:1a:a6:45:7a:98:7d:
18:36:fe:ab:aa:a3:cc:8a:26:d1:1c:42:4e:23:b5:0f:85:6f:
80:56:75:42:33:6f:16:a0:3e:59:91:79:4c:b3:ab:cc:03:3a:
e2:0b:59:5f:19:62:f9:9e:44:de:70:4c:f4:ee:03:3c:da:bd:
cc:75:47:9b:22:49:ec:22:f9:56:0d:43:50:67:a7:38:5a:9b:
f7:d5:d8:1d:c6:b5:f0:4c:1d:d8:77:f5:f7:fd:00:fe:ea:f3:
ca:cc:7e:ec
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIUB1sZW2cv0s6rvDJIVgjMZfYrCyIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDExMzIzMjdaFw0yNzAyMjgxMzI4MjdaMDMxMTAvBgNV
BAMTKEI2MDkwODkxRTczQkI0NzRFQ0VBNzJFOTlCMzQ4Nzg2OEJFNjFBMTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDtHEJKd4hikUveuefCl8Faye0
TjtOeS4JGLXXL3n+KHIdibCci1w0D8yyv8rDinRyqiZZyW8iWBUYw2rgRORdFTAn
JpLYBzxkBGdGmKB6rECvgT6dXU2JO2UK/KkXjECBJRA2yzARAACZYnjL+C9VR/HK
rmNHGZK20WqRSBGHfOmCQ0IWBbgzMW0VTZR6Wz95clcVFOk2whOy16LHrv2/S5Cp
7pPFvteS6T8tFdksSNVfXk4EmeEsncJnqDWAjcdF8i6R404FU4V7fDvBCWuvi2ui
+29K0LcGyEkQXKY8uBcKzrH8uCkXa/xNW0W9N0L4CqwPvA+Tyop9OrflkAQDAgMB
AAGjggK/MIICuzAdBgNVHQ4EFgQUtgkIkec7tHTs6nLpmzSHhovmGhQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB1QYIKwYBBQUHAQcBAf8EgcUwgcIwgb8EAgABMIG4AwQA
UhVLAwQAUhYOAwQAUheQAwQAUheTAwQCUhgAAwQAUhhsAwQAUhpzAwQAUhp2AwQA
Uhp9AwQAUhqTAwQAUhqvAwQAUhuDAwQAUh0kAwQAUh0nAwQAUh0tAwQAUh0xAwQA
Uh0zAwQAUh1GAwQAUh1JAwQAUh1MAwQAUh1PAwQAUiY+AwQCUiZMAwQAUifNAwQB
UifSMAwDBAJSKDQDBABSKDYwDAMEA1Ip6AMEAFIp7gMEAFIp8TANBgkqhkiG9w0B
AQsFAAOCAQEAQG9Pd3yFZ1CW7SFKtFXaEbEZEeKIUInDyRKRQuFAllYbRJvhZ36H
AMFSRXALf4CTO0YB/9ut5aDNjyIg/qEuh0oh70MggSr6onM9cogWKb9ymMW/apRH
0nlLl1Wpr+nRsltW9jU04nqG5FygOFdx/UtkJV0pKT+5+0spphYU0n1yIfdPZ7JT
KY73My+2Qbu0OOINN/Nw86DBtCfSGqZFeph9GDb+q6qjzIom0RxCTiO1D4VvgFZ1
QjNvFqA+WZF5TLOrzAM64gtZXxli+Z5E3nBM9O4DPNq9zHVHmyJJ7CL5Vg1DUGen
OFqb99XYHca18Ewd2Hf19/0A/urzysx+7A==
-----END CERTIFICATE-----
Generated at Sun Mar 1 18:13:01 2026 by rpki-client