Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: xJ7QGbRctrZoev8Buv0YK5i2s0NXltsy8gRlfa3+jps=
Subject key identifier: DA:5C:3F:9C:7D:A5:8C:63:65:08:D8:92:BB:4F:81:33:E3:25:D5:DD
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 420BB7D0480753E3FE3967F57AB66450056EC610
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 04 Nov 2025 00:08:40 +0000
ROA not before: Tue 04 Nov 2025 00:03:40 +0000
ROA not after: Tue 03 Nov 2026 00:08:40 +0000
asID: 9304
IP address blocks: 82.21.5.0/24 maxlen: 24
82.21.53.0/24 maxlen: 24
82.22.3.0/24 maxlen: 24
82.22.4.0/24 maxlen: 24
82.22.5.0/24 maxlen: 24
82.22.6.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.22.125.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.171.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.25.187.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.94.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.235.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.41.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:0b:b7:d0:48:07:53:e3:fe:39:67:f5:7a:b6:64:50:05:6e:c6:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Nov 4 00:03:40 2025 GMT
Not After : Nov 3 00:08:40 2026 GMT
Subject: CN=DA5C3F9C7DA58C636508D892BB4F8133E325D5DD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:76:28:94:04:9d:bf:fe:89:25:29:0e:e1:
ee:b5:3c:c6:00:fd:82:a5:db:68:3e:81:72:44:0e:
46:64:50:0c:c7:7b:a3:db:ba:85:12:60:89:79:7c:
80:52:ab:8a:ff:99:7f:24:37:b8:11:1f:d2:dd:e9:
05:ac:9a:85:3d:46:77:20:4c:f8:b8:73:53:a4:72:
b2:fe:bb:55:22:05:76:67:b7:7b:92:b5:c5:56:28:
ca:89:6d:fd:cd:a0:dc:c9:31:98:d1:d6:da:44:d9:
38:30:56:40:67:37:9b:c5:d0:5b:a0:fc:35:d4:a2:
8b:d2:4f:99:93:a9:9f:df:01:a1:f4:0e:68:33:52:
ba:ee:d8:19:d6:f4:2a:e6:be:22:22:fd:0c:de:bf:
15:a2:11:91:2d:7c:34:c6:8f:ae:46:93:d8:5f:a5:
25:51:e3:27:03:cd:21:fd:78:3d:19:7b:bf:cf:9d:
23:b1:55:3b:fb:dd:e0:f5:7d:e5:2e:91:fb:42:71:
28:94:de:1e:11:91:16:e4:9e:da:c2:af:60:b3:1e:
29:93:38:6d:eb:38:c0:7d:b2:85:c8:29:86:51:2d:
a8:ee:9b:57:02:c1:a1:eb:87:0d:00:d0:0d:01:3a:
c0:c7:0e:86:52:ee:2e:10:93:26:08:c9:ed:18:23:
4b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5C:3F:9C:7D:A5:8C:63:65:08:D8:92:BB:4F:81:33:E3:25:D5:DD
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.5.0/24
82.21.53.0/24
82.22.3.0-82.22.6.255
82.22.14.0/24
82.22.125.0/24
82.23.144.0/24
82.23.147.0/24
82.23.171.0/24
82.24.0.0/22
82.25.187.0/24
82.25.205.0/24
82.26.87.0/24
82.26.94.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.27.92.0/22
82.41.233.0-82.41.238.255
82.41.241.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:0c:47:1b:dc:1d:17:26:98:f8:55:35:16:15:db:c8:8f:75:
09:b0:d9:96:9c:05:72:ea:e7:34:24:0a:aa:22:4b:f3:6d:da:
dc:68:d6:20:9d:99:a2:a4:35:10:7a:04:b9:ce:7c:73:d3:c0:
6a:5b:ff:73:99:32:f9:17:aa:1c:2b:df:52:c4:9b:a2:df:10:
cf:29:b6:e1:2b:d4:5c:ef:41:8d:8b:88:09:ba:fc:c5:a0:16:
da:3a:cb:00:5f:35:c9:7a:e5:f9:1a:9e:02:93:5b:96:2d:6b:
8b:fe:f3:1d:60:2e:7f:b9:88:78:ae:66:64:04:5d:8d:42:24:
19:36:02:12:d8:f3:12:be:9f:5a:02:a8:3a:eb:01:31:03:47:
05:5c:04:1b:3f:03:2f:96:a4:b9:23:9f:96:08:f1:31:52:f0:
0d:0b:c8:cc:82:bb:b1:ec:0f:10:6a:ea:07:09:9d:5f:82:de:
26:fc:c3:70:94:01:e2:d8:2d:a9:ff:b1:e4:a7:50:e2:14:bf:
00:c9:54:55:33:c7:82:c2:44:7e:4a:8f:f2:8f:8f:57:99:85:
7f:52:ca:68:ab:cf:8a:8b:b7:fe:85:15:0b:8b:be:78:72:ac:
4e:74:7c:cb:06:e8:48:3a:19:14:57:ab:41:72:d9:4b:a2:f6:
c1:b3:3e:7d
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUQgu30EgHU+P+OWf1erZkUAVuxhAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTExMDQwMDAzNDBaFw0yNjExMDMwMDA4NDBaMDMxMTAvBgNV
BAMTKERBNUMzRjlDN0RBNThDNjM2NTA4RDg5MkJCNEY4MTMzRTMyNUQ1REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6/nYolASdv/6JJSkO4e61PMYA
/YKl22g+gXJEDkZkUAzHe6PbuoUSYIl5fIBSq4r/mX8kN7gRH9Ld6QWsmoU9Rncg
TPi4c1OkcrL+u1UiBXZnt3uStcVWKMqJbf3NoNzJMZjR1tpE2TgwVkBnN5vF0Fug
/DXUoovST5mTqZ/fAaH0DmgzUrru2BnW9CrmviIi/QzevxWiEZEtfDTGj65Gk9hf
pSVR4ycDzSH9eD0Ze7/PnSOxVTv73eD1feUukftCcSiU3h4RkRbkntrCr2CzHimT
OG3rOMB9soXIKYZRLajum1cCwaHrhw0A0A0BOsDHDoZS7i4QkyYIye0YI0vxAgMB
AAGjggKJMIIChTAdBgNVHQ4EFgQU2lw/nH2ljGNlCNiSu0+BM+Ml1d0wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBnwYIKwYBBQUHAQcBAf8EgY8wgYwwgYkEAgABMIGCAwQA
UhUFAwQAUhU1MAwDBABSFgMDBABSFgYDBABSFg4DBABSFn0DBABSF5ADBABSF5MD
BABSF6sDBAJSGAADBABSGbsDBABSGc0DBABSGlcDBABSGl4DBABSGnMDBABSGnYD
BABSGn0DBAJSG1wwDAMEAFIp6QMEAFIp7gMEAFIp8TANBgkqhkiG9w0BAQsFAAOC
AQEAfQxHG9wdFyaY+FU1FhXbyI91CbDZlpwFcurnNCQKqiJL823a3GjWIJ2ZoqQ1
EHoEuc58c9PAalv/c5ky+ReqHCvfUsSbot8Qzym24SvUXO9BjYuICbr8xaAW2jrL
AF81yXrl+RqeApNbli1ri/7zHWAuf7mIeK5mZARdjUIkGTYCEtjzEr6fWgKoOusB
MQNHBVwEGz8DL5akuSOflgjxMVLwDQvIzIK7sewPEGrqBwmdX4LeJvzDcJQB4tgt
qf+x5KdQ4hS/AMlUVTPHgsJEfkqP8o+PV5mFf1LKaKvPiou3/oUVC4u+eHKsTnR8
ywboSDoZFFerQXLZS6L2wbM+fQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 20:28:32 2025 by rpki-client