Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: V8Qw94Exd5IvaX5QkhVQ4AbljQAcjaIWJulNgPQAsAw=
Subject key identifier: D9:F4:E3:C1:A0:BB:05:D5:3C:51:D5:09:40:C6:87:72:38:9A:67:93
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 7F0CAAC1C125EC9AE9523831E5A4F640320828F9
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Thu 02 Apr 2026 17:19:43 +0000
ROA not before: Thu 02 Apr 2026 17:14:43 +0000
ROA not after: Thu 01 Apr 2027 17:19:43 +0000
asID: 9304
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.108.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.130.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.26.202.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.38.38.0/23 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.210.0/23 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.128.0/23 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.235.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.41.241.0/24 maxlen: 24
82.47.0.0/23 maxlen: 24
84.75.40.0/24 maxlen: 24
84.75.151.0/24 maxlen: 24
178.83.146.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:0c:aa:c1:c1:25:ec:9a:e9:52:38:31:e5:a4:f6:40:32:08:28:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 2 17:14:43 2026 GMT
Not After : Apr 1 17:19:43 2027 GMT
Subject: CN=D9F4E3C1A0BB05D53C51D50940C68772389A6793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:83:16:88:1a:02:f2:23:5b:aa:2a:e2:d6:20:
0d:bf:d8:01:cc:84:ad:3a:b0:d5:12:32:d0:bf:f3:
46:f9:15:c9:6a:fd:4c:3c:69:03:1d:41:61:5d:29:
c2:d4:c4:26:c9:d1:a5:33:de:b5:6d:ce:27:30:42:
ce:a3:a6:84:c5:72:ae:82:44:ee:87:7a:f1:aa:db:
f7:b1:ae:42:fb:d5:f7:d2:17:23:c4:d0:43:af:bf:
4f:9b:e7:aa:aa:87:00:52:c9:97:3b:39:4c:5c:31:
3b:9e:8f:94:cd:8f:f2:df:23:d0:ef:e5:ce:e0:81:
e6:31:00:7a:59:4a:3b:7b:34:22:7a:df:78:e6:7b:
b6:da:07:fb:09:d2:57:a5:0c:8b:77:9c:51:f3:8e:
b3:6c:63:f5:63:b7:99:b9:74:1c:d7:e9:93:cf:0a:
7a:2a:9d:7c:53:81:e2:c7:64:0a:b4:ad:df:5e:83:
7b:5b:7e:6a:8e:d0:51:b6:ea:20:96:02:86:a8:0f:
ad:fe:11:e9:80:8a:87:a0:ac:8c:60:aa:3f:e6:eb:
d2:fe:37:14:83:47:e8:46:68:4e:a9:8f:ad:b8:d0:
37:7f:69:2d:cf:60:49:0f:f1:02:fa:8b:29:f2:d7:
27:57:cf:44:c4:1f:b3:01:ab:f5:ae:26:cd:f1:e2:
e8:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:F4:E3:C1:A0:BB:05:D5:3C:51:D5:09:40:C6:87:72:38:9A:67:93
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.14.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.108.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.130.0/24
82.26.147.0/24
82.26.175.0/24
82.26.202.0/24
82.27.131.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.38.38.0/23
82.38.76.0/22
82.39.194.0/23
82.39.210.0/23
82.40.52.0-82.40.54.255
82.41.128.0/23
82.41.233.0-82.41.238.255
82.41.241.0/24
82.47.0.0/23
84.75.40.0/24
84.75.151.0/24
178.83.146.0/23
Signature Algorithm: sha256WithRSAEncryption
08:45:93:12:91:e7:bd:88:14:e8:3f:17:72:b1:06:ec:6e:98:
59:a8:6c:93:2a:a1:eb:87:06:35:ac:cd:37:8f:af:d0:df:90:
7f:12:2d:39:2c:ba:2c:e3:72:a9:93:e0:17:e6:e3:7c:51:7a:
e1:88:50:08:78:f1:2e:56:48:8c:09:cf:9a:b4:59:33:1f:a9:
58:27:31:cf:ae:e7:aa:36:60:3c:d5:50:10:7d:11:a2:a1:a3:
e4:fc:3d:7c:14:ea:f4:8e:12:70:bf:3d:c8:d4:65:c7:eb:28:
cd:af:12:c8:4d:be:77:80:08:cb:6f:ff:af:32:4d:b2:c0:c1:
da:90:f2:b4:3b:57:79:3a:f6:3d:96:2d:ad:c6:35:6d:c3:de:
b9:7a:09:8f:32:21:a8:03:10:c2:47:7d:cd:82:73:56:46:6d:
41:c3:c9:77:64:ac:c8:be:8f:4e:b7:fa:44:ff:8f:ac:89:45:
81:a1:f1:a3:46:73:9b:0e:dc:36:52:bf:bc:a0:a9:e0:fb:8d:
57:8f:34:60:91:5a:d4:6c:42:65:ac:fc:f9:6b:ee:d1:af:b8:
32:4e:74:3f:8a:75:6d:05:8c:74:51:e5:f8:5e:f6:de:19:93:
51:c0:54:10:ae:a8:8b:82:fe:6d:05:e0:0c:04:3b:90:bc:09:
66:67:63:06
-----BEGIN CERTIFICATE-----
MIIF3zCCBMegAwIBAgIUfwyqwcEl7JrpUjgx5aT2QDIIKPkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDIxNzE0NDNaFw0yNzA0MDExNzE5NDNaMDMxMTAvBgNV
BAMTKEQ5RjRFM0MxQTBCQjA1RDUzQzUxRDUwOTQwQzY4NzcyMzg5QTY3OTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1gxaIGgLyI1uqKuLWIA2/2AHM
hK06sNUSMtC/80b5Fclq/Uw8aQMdQWFdKcLUxCbJ0aUz3rVtzicwQs6jpoTFcq6C
RO6HevGq2/exrkL71ffSFyPE0EOvv0+b56qqhwBSyZc7OUxcMTuej5TNj/LfI9Dv
5c7ggeYxAHpZSjt7NCJ633jme7baB/sJ0lelDIt3nFHzjrNsY/Vjt5m5dBzX6ZPP
CnoqnXxTgeLHZAq0rd9eg3tbfmqO0FG26iCWAoaoD63+EemAioegrIxgqj/m69L+
NxSDR+hGaE6pj6240Dd/aS3PYEkP8QL6iyny1ydXz0TEH7MBq/WuJs3x4uhZAgMB
AAGjggLpMIIC5TAdBgNVHQ4EFgQU2fTjwaC7BdU8UdUJQMaHcjiaZ5MwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB/wYIKwYBBQUHAQcBAf8Ege8wgewwgekEAgABMIHiAwQA
UhVLAwQAUhYOAwQAUheQAwQAUheTAwQCUhgAAwQAUhhsAwQAUhpzAwQAUhp2AwQA
Uhp9AwQAUhqCAwQAUhqTAwQAUhqvAwQAUhrKAwQAUhuDAwQAUh0kAwQAUh0nAwQA
Uh0tAwQAUh0xAwQAUh0zAwQAUh1GAwQAUh1JAwQAUh1MAwQAUh1PAwQBUiYmAwQC
UiZMAwQBUifCAwQBUifSMAwDBAJSKDQDBABSKDYDBAFSKYAwDAMEAFIp6QMEAFIp
7gMEAFIp8QMEAVIvAAMEAFRLKAMEAFRLlwMEAbJTkjANBgkqhkiG9w0BAQsFAAOC
AQEACEWTEpHnvYgU6D8XcrEG7G6YWahskyqh64cGNazNN4+v0N+QfxItOSy6LONy
qZPgF+bjfFF64YhQCHjxLlZIjAnPmrRZMx+pWCcxz67nqjZgPNVQEH0RoqGj5Pw9
fBTq9I4ScL89yNRlx+soza8SyE2+d4AIy2//rzJNssDB2pDytDtXeTr2PZYtrcY1
bcPeuXoJjzIhqAMQwkd9zYJzVkZtQcPJd2SsyL6PTrf6RP+PrIlFgaHxo0Zzmw7c
NlK/vKCp4PuNV480YJFa1GxCZaz8+Wvu0a+4Mk50P4p1bQWMdFHl+F723hmTUcBU
EK6oi4L+bQXgDAQ7kLwJZmdjBg==
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:55:36 2026 by rpki-client