Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: OUHVX/1BUbp+gqvTZOibG3yrQMYxFEMY6xvFzK5g0hE=
Subject key identifier: 3F:DD:73:A4:7E:8F:2C:04:69:F3:CB:E8:59:60:EA:9B:84:EA:73:68
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 6EE8396A2DF149926F075F9DB9E6B78914F9BF98
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
Signing time: Sat 25 Oct 2025 06:44:05 +0000
ROA not before: Sat 25 Oct 2025 06:39:05 +0000
ROA not after: Sat 24 Oct 2026 06:44:05 +0000
asID: 9304
IP address blocks: 143.20.35.0/24 maxlen: 24
143.20.36.0/24 maxlen: 24
143.20.84.0/24 maxlen: 24
143.20.120.0/24 maxlen: 24
143.20.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:e8:39:6a:2d:f1:49:92:6f:07:5f:9d:b9:e6:b7:89:14:f9:bf:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Oct 25 06:39:05 2025 GMT
Not After : Oct 24 06:44:05 2026 GMT
Subject: CN=3FDD73A47E8F2C0469F3CBE85960EA9B84EA7368
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c2:2b:3a:6e:41:11:7c:c3:8a:07:12:e0:66:
56:7d:83:97:76:d8:0d:8b:df:19:5e:a1:68:2b:e3:
b8:5b:e1:a0:fa:2e:06:25:f7:7e:cd:96:8f:0c:b3:
e5:71:d2:41:89:4e:01:32:c1:4e:32:9e:f1:3e:4d:
f2:78:94:a4:55:e2:3c:6f:8e:de:77:a7:ef:2e:16:
9b:91:85:12:fe:ff:72:f0:24:a0:ab:11:9c:80:90:
99:62:0e:df:58:01:bc:5f:d0:15:8d:29:06:41:a2:
2b:25:28:6c:56:fb:07:b1:ef:77:05:59:29:6c:5f:
b6:32:2a:da:42:bb:7d:32:21:60:50:5d:9f:62:c2:
f1:f5:5a:40:55:6d:df:47:ef:55:62:a6:58:51:9c:
45:e8:18:a6:13:82:bb:14:83:9e:2d:cc:a7:92:b9:
ac:89:1f:91:82:a7:eb:db:37:14:7a:b3:4e:1e:78:
41:f1:68:b5:c4:49:62:69:93:d6:bb:20:ea:02:3e:
d7:3e:20:db:1c:12:9b:c8:a1:47:27:80:52:19:94:
db:49:5e:64:bc:7b:50:f3:17:8d:69:8e:b9:8b:f1:
8d:6f:94:22:e9:2a:e5:72:a1:a8:71:c3:8e:13:b6:
ef:88:06:ae:62:ce:ca:e7:2d:e3:a6:ea:31:d3:33:
4c:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:DD:73:A4:7E:8F:2C:04:69:F3:CB:E8:59:60:EA:9B:84:EA:73:68
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.35.0-143.20.36.255
143.20.84.0/24
143.20.120.0/24
143.20.128.0/24
Signature Algorithm: sha256WithRSAEncryption
40:91:29:a9:f8:68:b9:80:5b:1e:05:ed:22:d9:33:1c:21:f2:
8a:63:12:90:cc:d3:8e:1b:dc:93:1f:3a:d7:30:69:91:57:49:
30:50:82:39:4a:c1:05:1f:4e:88:58:36:9d:27:15:49:65:78:
3d:65:ce:2a:e6:06:51:8b:f3:8d:9f:84:14:0e:66:c2:60:b7:
ce:ae:c4:c4:61:9b:67:e1:78:af:d5:fc:b7:02:6c:cc:79:04:
68:b6:78:03:2f:05:d6:e7:33:51:c9:60:d3:66:6c:ef:f9:d1:
9e:81:d7:d4:d6:2b:51:86:64:f7:81:80:36:25:f9:f6:4e:f3:
7f:da:b0:c4:81:0b:c2:b0:f6:e5:b3:28:82:9a:75:ad:4e:7e:
e9:92:f1:ca:64:2d:c2:92:76:bf:5b:47:ea:69:5c:77:20:29:
25:48:0a:a7:2f:e4:3c:5f:bd:6c:20:c7:7e:d3:68:ed:72:dc:
16:3a:d3:e3:23:2b:7f:fb:53:4b:3c:90:38:44:eb:1f:32:c7:
6f:bf:90:a7:0a:9a:cc:e8:c7:c8:61:0e:a8:99:b9:3e:7e:c4:
35:ef:8b:0f:f5:5d:38:a9:f8:b7:4b:a9:01:28:e9:0d:48:dd:
24:76:b1:17:f6:ae:42:38:7d:1f:c9:4c:84:92:6b:80:6d:90:
22:3c:97:f6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUbug5ai3xSZJvB1+duea3iRT5v5gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNTEwMjUwNjM5MDVaFw0yNjEwMjQwNjQ0MDVaMDMxMTAvBgNV
BAMTKDNGREQ3M0E0N0U4RjJDMDQ2OUYzQ0JFODU5NjBFQTlCODRFQTczNjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQwis6bkERfMOKBxLgZlZ9g5d2
2A2L3xleoWgr47hb4aD6LgYl937Nlo8Ms+Vx0kGJTgEywU4ynvE+TfJ4lKRV4jxv
jt53p+8uFpuRhRL+/3LwJKCrEZyAkJliDt9YAbxf0BWNKQZBoislKGxW+wex73cF
WSlsX7YyKtpCu30yIWBQXZ9iwvH1WkBVbd9H71ViplhRnEXoGKYTgrsUg54tzKeS
uayJH5GCp+vbNxR6s04eeEHxaLXESWJpk9a7IOoCPtc+INscEpvIoUcngFIZlNtJ
XmS8e1DzF41pjrmL8Y1vlCLpKuVyoahxw44Ttu+IBq5izsrnLeOm6jHTM0zPAgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUP91zpH6PLARp88voWWDqm4Tqc2gwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQAjxQj
AwQAjxQkAwQAjxRUAwQAjxR4AwQAjxSAMA0GCSqGSIb3DQEBCwUAA4IBAQBAkSmp
+Gi5gFseBe0i2TMcIfKKYxKQzNOOG9yTHzrXMGmRV0kwUII5SsEFH06IWDadJxVJ
ZXg9Zc4q5gZRi/ONn4QUDmbCYLfOrsTEYZtn4Xiv1fy3AmzMeQRotngDLwXW5zNR
yWDTZmzv+dGegdfU1itRhmT3gYA2Jfn2TvN/2rDEgQvCsPblsyiCmnWtTn7pkvHK
ZC3Ckna/W0fqaVx3ICklSAqnL+Q8X71sIMd+02jtctwWOtPjIyt/+1NLPJA4ROsf
Msdvv5CnCprM6MfIYQ6ombk+fsQ174sP9V04qfi3S6kBKOkNSN0kdrEX9q5COH0f
yUyEkmuAbZAiPJf2
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:38:35 2025 by rpki-client