Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 5K4snwZvsRxj4ZgbHQ/DCp6Zfjn/EQG7/vKltw8MNOA=
Subject key identifier: 7B:53:61:DF:11:74:96:81:60:3E:70:F0:B9:E1:06:51:78:A9:B2:31
Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Certificate serial: 46B98F74512E418C08849A082A4FF32B72480B0A
Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS9304.roa
Signing time: Sun 27 Jul 2025 00:02:02 +0000
ROA not before: Sat 26 Jul 2025 23:57:02 +0000
ROA not after: Sun 26 Jul 2026 00:02:02 +0000
asID: 9304
IP address blocks: 91.206.2.0/24 maxlen: 24
194.5.147.0/24 maxlen: 24
194.147.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 00:02:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:b9:8f:74:51:2e:41:8c:08:84:9a:08:2a:4f:f3:2b:72:48:0b:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d
Validity
Not Before: Jul 26 23:57:02 2025 GMT
Not After : Jul 26 00:02:02 2026 GMT
Subject: CN=7B5361DF11749681603E70F0B9E1065178A9B231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:af:70:c2:70:34:34:70:32:42:d4:2d:2d:51:
57:8d:f9:bd:35:df:24:5e:d7:38:20:ea:39:ba:a8:
7e:d2:11:68:a9:be:36:a9:53:47:84:24:18:7f:7a:
bb:b0:7c:7c:22:e2:9e:69:f1:8b:7c:f8:a9:ff:7c:
1f:24:a8:4a:d2:05:77:86:5f:9e:fe:0f:f4:2e:df:
4e:82:77:14:5e:e1:ec:f4:37:a2:66:47:49:cc:f7:
36:bc:63:40:6a:76:6f:22:64:67:66:b5:11:f8:3d:
41:d5:8d:1c:7d:ca:d0:81:ad:6f:82:52:50:71:e4:
87:70:7f:27:f8:8c:08:b4:e9:5a:c9:3a:db:18:73:
1b:66:f0:8d:1a:1f:81:88:ac:43:f4:88:c1:ce:5f:
ba:6c:68:b7:68:b4:87:05:a4:fe:20:bb:ef:1c:f4:
33:f7:3b:79:b8:29:1c:71:14:47:1b:40:9c:fe:db:
bd:1f:53:85:c6:39:a3:0e:78:82:60:57:4e:4c:1f:
54:4c:e7:38:cd:38:6b:09:90:9b:2a:2f:0b:fa:0c:
f2:c9:c4:d7:9f:25:b4:fa:9d:94:41:34:54:96:ec:
fb:f2:6b:cb:0c:04:4a:66:26:a9:14:87:1e:53:b3:
be:e2:89:93:de:1a:5d:dc:fc:20:06:aa:87:4b:08:
3a:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:53:61:DF:11:74:96:81:60:3E:70:F0:B9:E1:06:51:78:A9:B2:31
X509v3 Authority Key Identifier:
keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.2.0/24
194.5.147.0/24
194.147.4.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:4d:2a:38:50:41:e4:e5:50:b4:08:79:ab:0c:29:4c:8c:eb:
a4:b9:da:eb:c1:88:26:72:cf:0e:7c:4a:aa:68:dc:44:48:93:
d6:7c:8d:a7:cc:4b:49:53:ab:97:c0:f3:f4:46:ba:d0:7f:56:
c9:62:20:66:ce:ca:0a:f8:dc:fa:ab:61:14:f3:d0:ad:02:6a:
b9:fe:40:64:f5:eb:96:b5:45:7a:04:71:bd:7a:d0:13:26:c7:
db:d0:33:cf:70:b1:3b:ef:53:f2:1c:e3:40:1f:b6:88:86:94:
c1:53:88:97:d0:3e:3c:5d:4d:62:e4:75:86:a4:7c:d4:c2:85:
48:c4:1b:ef:d4:3d:36:69:9e:38:01:91:f0:5e:9e:c7:10:c0:
b9:37:17:21:87:2b:6b:99:a2:ae:0a:80:c4:69:47:45:3a:3e:
e6:0d:22:62:b6:24:ec:0f:49:d5:81:92:d1:92:64:e2:0f:3c:
15:4d:76:88:9b:d0:07:61:88:34:49:fb:96:d6:79:e7:49:b6:
8a:da:03:27:f1:37:51:f1:cb:3a:a2:ab:90:a2:a0:49:55:90:
47:93:f3:75:42:53:fb:52:b9:b4:61:ce:37:fe:16:82:48:1e:
dc:ec:fe:3b:30:05:6b:05:58:6e:61:16:22:8e:37:af:da:a5:
88:59:fe:e7
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIURrmPdFEuQYwIhJoIKk/zK3JICwowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi
MmQ2ZWQ5ZDAeFw0yNTA3MjYyMzU3MDJaFw0yNjA3MjYwMDAyMDJaMDMxMTAvBgNV
BAMTKDdCNTM2MURGMTE3NDk2ODE2MDNFNzBGMEI5RTEwNjUxNzhBOUIyMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAr3DCcDQ0cDJC1C0tUVeN+b01
3yRe1zgg6jm6qH7SEWipvjapU0eEJBh/eruwfHwi4p5p8Yt8+Kn/fB8kqErSBXeG
X57+D/Qu306CdxRe4ez0N6JmR0nM9za8Y0Bqdm8iZGdmtRH4PUHVjRx9ytCBrW+C
UlBx5Idwfyf4jAi06VrJOtsYcxtm8I0aH4GIrEP0iMHOX7psaLdotIcFpP4gu+8c
9DP3O3m4KRxxFEcbQJz+270fU4XGOaMOeIJgV05MH1RM5zjNOGsJkJsqLwv6DPLJ
xNefJbT6nZRBNFSW7Pvya8sMBEpmJqkUhx5Ts77iiZPeGl3c/CAGqodLCDqzAgMB
AAGjggIUMIICEDAdBgNVHQ4EFgQUe1Nh3xF0loFgPnDwueEGUXipsjEwHwYDVR0j
BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi
ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM
VzdaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct
NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFvOAgME
AMIFkwMEAMKTBDANBgkqhkiG9w0BAQsFAAOCAQEAoU0qOFBB5OVQtAh5qwwpTIzr
pLna68GIJnLPDnxKqmjcREiT1nyNp8xLSVOrl8Dz9Ea60H9WyWIgZs7KCvjc+qth
FPPQrQJquf5AZPXrlrVFegRxvXrQEybH29Azz3CxO+9T8hzjQB+2iIaUwVOIl9A+
PF1NYuR1hqR81MKFSMQb79Q9NmmeOAGR8F6exxDAuTcXIYcra5mirgqAxGlHRTo+
5g0iYrYk7A9J1YGS0ZJk4g88FU12iJvQB2GINEn7ltZ550m2itoDJ/E3UfHLOqKr
kKKgSVWQR5PzdUJT+1K5tGHON/4Wgkge3Oz+OzAFawVYbmEWIo43r9qliFn+5w==
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:39:01 2025 by rpki-client