Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: jh5FQwo4j24kKa7GWWy2QK2US0IyATuAGkW79xgssj8=
Subject key identifier: A0:11:40:7C:B1:E2:82:61:27:CC:E7:74:93:75:11:3D:B5:56:70:2F
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3C513CD2796FAAE526D03E05C4A354E10FAF6F62
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Sun 27 Jul 2025 00:02:02 +0000
ROA not before: Sat 26 Jul 2025 23:57:02 +0000
ROA not after: Sun 26 Jul 2026 00:02:02 +0000
asID: 9304
IP address blocks: 82.21.138.0/24 maxlen: 24
82.22.190.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.171.0/24 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.31.0/24 maxlen: 24
82.24.144.0/23 maxlen: 24
82.24.181.0/24 maxlen: 24
82.25.36.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.94.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.174.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
82.29.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 08:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:51:3c:d2:79:6f:aa:e5:26:d0:3e:05:c4:a3:54:e1:0f:af:6f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jul 26 23:57:02 2025 GMT
Not After : Jul 26 00:02:02 2026 GMT
Subject: CN=A011407CB1E2826127CCE7749375113DB556702F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:9d:1a:d1:ec:48:91:55:09:f8:8a:90:d9:bd:
dc:96:3b:68:ab:d3:e0:99:f3:7f:1e:f9:5d:29:fb:
0f:f7:50:90:40:ef:5d:a2:76:b0:91:9c:9c:46:19:
0d:1d:33:ec:4e:b1:b6:51:dd:ae:df:92:e9:e3:44:
f9:cc:4a:94:1e:f4:72:62:d4:cd:d6:cf:25:9c:9d:
5d:65:d9:ba:2a:96:d7:14:96:2c:20:56:39:eb:08:
c4:95:d0:95:72:5f:5f:b5:61:3f:e3:06:9b:98:d0:
05:80:e5:1a:9d:8b:d0:da:8a:67:59:11:a5:62:8e:
3c:a9:e2:44:e9:8d:36:2e:5d:17:96:fa:cf:6b:68:
22:92:f3:f2:40:89:ce:95:6c:a6:d4:c9:3a:f2:b9:
bb:05:30:d7:fe:3e:44:58:f1:d7:bf:67:14:a3:ab:
cc:38:19:6d:3e:16:47:a4:64:77:ee:6a:36:5e:ec:
33:a9:7d:66:3d:4f:78:b7:53:46:c4:c8:b3:73:e1:
64:8a:06:59:96:eb:4b:d3:ce:e1:d4:35:ef:7c:cb:
33:50:0b:b7:be:1d:36:85:69:cd:9e:72:ed:dc:ec:
4b:89:4e:c6:06:c9:2a:3d:39:2f:c8:14:d6:67:a9:
ae:00:91:96:85:65:b9:19:38:39:f3:32:52:f4:0a:
cd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:11:40:7C:B1:E2:82:61:27:CC:E7:74:93:75:11:3D:B5:56:70:2F
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.138.0/24
82.22.190.0/24
82.23.144.0/24
82.23.147.0/24
82.23.162.0/23
82.23.171.0/24
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.31.0/24
82.24.144.0/23
82.24.181.0/24
82.25.36.0/24
82.25.41.0/24
82.25.161.0/24
82.25.205.0/24
82.26.87.0/24
82.26.94.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.152.0/24
82.26.171.0/24
82.26.174.0/24
82.27.92.0/22
82.27.116.0/23
82.29.41.0/24
82.29.48.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
82.29.107.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:6a:f0:36:01:58:8e:5e:0b:66:c0:5b:3a:26:e1:ba:96:4a:
af:ed:dd:00:4d:d0:ed:75:d5:a0:8a:8f:4e:de:77:f4:e6:f6:
ab:06:d4:e1:a7:90:68:07:dd:2e:32:e6:a2:89:c9:79:c0:82:
99:cb:36:61:96:59:b2:81:20:91:15:e6:97:0d:6b:c9:e6:65:
18:f1:b0:37:3b:0c:7f:fa:a7:32:e0:6d:22:54:09:39:97:75:
a2:e5:4f:e0:5d:66:ab:c8:89:7b:9c:0f:cd:55:70:59:16:2d:
e2:60:43:9c:3c:52:c5:54:fa:19:3f:c4:1e:b9:29:60:1a:70:
41:af:46:1a:43:ed:f1:26:ef:4c:95:69:47:56:91:9b:8d:f3:
41:1b:82:df:38:cb:4a:10:ba:bb:0d:8d:68:a3:2e:26:a0:51:
b8:26:c6:6f:e6:54:1d:3a:f9:83:2f:9b:86:4d:16:c8:b8:b3:
69:19:4b:a4:56:1e:7f:3a:68:b9:6f:cc:7e:62:03:95:b9:ef:
71:c9:03:e7:c0:bc:94:fe:28:bb:d4:02:61:0e:44:c0:ad:e2:
67:a2:8c:5d:36:54:76:da:db:4f:d3:b9:73:68:5e:50:8e:19:
82:40:5d:82:4c:9c:0c:00:ef:4b:13:f7:46:c8:a1:3f:5c:05:
d6:a6:e6:64
-----BEGIN CERTIFICATE-----
MIIFxTCCBK2gAwIBAgIUPFE80nlvquUm0D4FxKNU4Q+vb2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA3MjYyMzU3MDJaFw0yNjA3MjYwMDAyMDJaMDMxMTAvBgNV
BAMTKEEwMTE0MDdDQjFFMjgyNjEyN0NDRTc3NDkzNzUxMTNEQjU1NjcwMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCynRrR7EiRVQn4ipDZvdyWO2ir
0+CZ838e+V0p+w/3UJBA712idrCRnJxGGQ0dM+xOsbZR3a7fkunjRPnMSpQe9HJi
1M3WzyWcnV1l2boqltcUliwgVjnrCMSV0JVyX1+1YT/jBpuY0AWA5Rqdi9DaimdZ
EaVijjyp4kTpjTYuXReW+s9raCKS8/JAic6VbKbUyTryubsFMNf+PkRY8de/ZxSj
q8w4GW0+FkekZHfuajZe7DOpfWY9T3i3U0bEyLNz4WSKBlmW60vTzuHUNe98yzNQ
C7e+HTaFac2ecu3c7EuJTsYGySo9OS/IFNZnqa4AkZaFZbkZODnzMlL0Cs0VAgMB
AAGjggLPMIICyzAdBgNVHQ4EFgQUoBFAfLHigmEnzOd0k3URPbVWcC8wHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB5QYIKwYBBQUHAQcBAf8EgdUwgdIwgc8EAgABMIHIAwQA
UhWKAwQAUha+AwQAUheQAwQAUheTAwQBUheiAwQAUherMAwDBANSF/gDBABSF/oD
BAJSGAADBABSGBADBABSGB8DBAFSGJADBABSGLUDBABSGSQDBABSGSkDBABSGaED
BABSGc0DBABSGlcDBABSGl4DBABSGnMDBABSGnYDBABSGn0DBABSGpgDBABSGqsD
BABSGq4DBAJSG1wDBAFSG3QDBABSHSkDBABSHTADBABSHUoDBABSHVgDBABSHWcD
BABSHWswDQYJKoZIhvcNAQELBQADggEBAH9q8DYBWI5eC2bAWzom4bqWSq/t3QBN
0O111aCKj07ed/Tm9qsG1OGnkGgH3S4y5qKJyXnAgpnLNmGWWbKBIJEV5pcNa8nm
ZRjxsDc7DH/6pzLgbSJUCTmXdaLlT+BdZqvIiXucD81VcFkWLeJgQ5w8UsVU+hk/
xB65KWAacEGvRhpD7fEm70yVaUdWkZuN80Ebgt84y0oQursNjWijLiagUbgmxm/m
VB06+YMvm4ZNFsi4s2kZS6RWHn86aLlvzH5iA5W573HJA+fAvJT+KLvUAmEORMCt
4meijF02VHba20/TuXNoXlCOGYJAXYJMnAwA70sT90bIoT9cBdam5mQ=
-----END CERTIFICATE-----
Generated at Mon Aug 4 13:56:06 2025 by rpki-client