Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: hamQ+Xy40dRI/annFrG6BRtnl/1CCKKsDlf4sI+h2zE=
Subject key identifier: C1:CD:8D:6D:25:4F:F7:31:87:99:DD:19:2C:0F:9F:4C:CB:47:E0:18
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 50BC0A7BF6320611D2830508DFCFEF3CB6E41AC0
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Wed 11 Jun 2025 10:46:55 +0000
ROA not before: Wed 11 Jun 2025 10:41:55 +0000
ROA not after: Wed 10 Jun 2026 10:46:55 +0000
asID: 9304
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.127.0/24 maxlen: 24
82.24.189.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:bc:0a:7b:f6:32:06:11:d2:83:05:08:df:cf:ef:3c:b6:e4:1a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 11 10:41:55 2025 GMT
Not After : Jun 10 10:46:55 2026 GMT
Subject: CN=C1CD8D6D254FF7318799DD192C0F9F4CCB47E018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:b7:77:c9:48:b2:c7:2c:b1:0b:41:aa:b7:65:
41:d0:d5:f1:71:c5:bb:84:01:65:1d:9d:85:cb:39:
26:4f:29:14:1b:09:2a:aa:2f:fe:3b:73:59:c4:7b:
e2:b3:db:5a:34:12:5c:78:fc:13:b6:8b:58:01:00:
15:a5:35:ab:02:ec:a5:ba:f2:87:e2:f1:5f:b9:f4:
35:71:e2:c4:3c:e1:94:2c:6d:aa:01:47:b4:78:9d:
34:f3:c2:ad:8b:23:1c:95:23:b0:fc:a4:b5:36:a3:
fe:64:08:cb:d2:d2:c0:eb:72:80:7a:9f:05:98:62:
3b:46:a8:17:ea:b0:40:2c:f1:fe:e3:8c:3c:f8:38:
4b:1a:f1:ef:17:c5:63:85:42:03:91:bb:78:92:3e:
b8:b3:9b:80:4d:6c:a6:1c:26:a0:c2:8d:d2:0f:5e:
5a:c2:15:0c:d3:70:ed:49:97:2c:b0:7f:78:1a:d9:
d0:36:8d:d1:38:87:99:39:46:c9:90:7b:de:37:3d:
99:5e:af:31:28:ac:24:81:39:a9:5f:d1:c8:fe:74:
72:5d:e0:a2:73:71:15:5b:50:d9:30:b1:9c:1b:f0:
82:e9:ca:20:3f:11:b4:8c:66:eb:1b:c2:29:8f:c5:
8a:71:77:03:d5:5a:df:36:d5:73:b6:0f:2f:45:54:
d1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:CD:8D:6D:25:4F:F7:31:87:99:DD:19:2C:0F:9F:4C:CB:47:E0:18
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.190.0/24
82.23.144.0/24
82.23.147.0/24
82.23.162.0/23
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.31.0/24
82.24.127.0/24
82.24.189.0/24
82.26.118.0/24
82.26.152.0/24
82.26.174.0/24
82.27.92.0/22
82.27.116.0/23
Signature Algorithm: sha256WithRSAEncryption
93:33:9f:b6:b7:98:04:ac:4a:02:90:0f:65:36:77:29:5f:2f:
e8:ff:f9:03:a5:1e:cf:da:5a:b4:65:6a:2d:77:5e:ee:4f:11:
d3:ac:a4:70:6c:9e:12:23:0a:03:56:ff:ac:7d:62:ef:80:56:
65:54:9a:7c:d2:d7:39:ec:da:04:72:c2:db:47:8c:8f:f5:06:
85:de:00:6d:e7:d6:63:32:b4:61:37:bc:55:8d:8f:0e:a0:db:
a2:55:1e:ac:a4:0a:cb:f1:0e:73:09:06:a8:7d:ce:82:09:8b:
7c:25:9f:70:d4:c1:cc:2a:d1:59:77:59:b3:06:ef:35:45:5a:
52:21:a7:28:ef:fe:01:d4:92:db:e2:5b:8d:b2:61:2a:f2:a7:
a3:ff:ff:08:db:f7:af:e3:c7:f9:8f:5e:6e:26:43:7f:29:3a:
aa:f6:83:55:4c:7c:69:2d:e4:b2:7b:95:90:b2:d1:ad:a9:4b:
b1:da:7f:37:b6:48:60:0b:21:6e:08:a0:0b:6d:27:b5:15:fc:
b9:c2:26:80:ab:e0:7d:7a:00:d0:50:4a:f6:a9:b6:55:82:c2:
6d:b7:b3:9a:ca:91:b8:be:0f:48:f2:d3:14:75:c8:57:28:79:
89:5e:91:16:c8:46:28:65:9e:89:c8:55:5d:e6:c8:05:52:ad:
b4:04:a9:0d
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUULwKe/YyBhHSgwUI38/vPLbkGsAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MTExMDQxNTVaFw0yNjA2MTAxMDQ2NTVaMDMxMTAvBgNV
BAMTKEMxQ0Q4RDZEMjU0RkY3MzE4Nzk5REQxOTJDMEY5RjRDQ0I0N0UwMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUt3fJSLLHLLELQaq3ZUHQ1fFx
xbuEAWUdnYXLOSZPKRQbCSqqL/47c1nEe+Kz21o0Elx4/BO2i1gBABWlNasC7KW6
8ofi8V+59DVx4sQ84ZQsbaoBR7R4nTTzwq2LIxyVI7D8pLU2o/5kCMvS0sDrcoB6
nwWYYjtGqBfqsEAs8f7jjDz4OEsa8e8XxWOFQgORu3iSPrizm4BNbKYcJqDCjdIP
XlrCFQzTcO1Jlyywf3ga2dA2jdE4h5k5RsmQe943PZlerzEorCSBOalf0cj+dHJd
4KJzcRVbUNkwsZwb8ILpyiA/EbSMZusbwimPxYpxdwPVWt821XO2Dy9FVNETAgMB
AAGjggJrMIICZzAdBgNVHQ4EFgQUwc2NbSVP9zGHmd0ZLA+fTMtH4BgwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBgQYIKwYBBQUHAQcBAf8EcjBwMG4EAgABMGgDBABSFYoD
BABSFr4DBABSF5ADBABSF5MDBAFSF6IwDAMEA1IX+AMEAFIX+gMEAlIYAAMEAFIY
EAMEAFIYHwMEAFIYfwMEAFIYvQMEAFIadgMEAFIamAMEAFIargMEAlIbXAMEAVIb
dDANBgkqhkiG9w0BAQsFAAOCAQEAkzOftreYBKxKApAPZTZ3KV8v6P/5A6Uez9pa
tGVqLXde7k8R06ykcGyeEiMKA1b/rH1i74BWZVSafNLXOezaBHLC20eMj/UGhd4A
befWYzK0YTe8VY2PDqDbolUerKQKy/EOcwkGqH3OggmLfCWfcNTBzCrRWXdZswbv
NUVaUiGnKO/+AdSS2+JbjbJhKvKno///CNv3r+PH+Y9ebiZDfyk6qvaDVUx8aS3k
snuVkLLRralLsdp/N7ZIYAshbgigC20ntRX8ucImgKvgfXoA0FBK9qm2VYLCbbez
msqRuL4PSPLTFHXIVyh5iV6RFshGKGWeichVXebIBVKttASpDQ==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:22 2025 by rpki-client