Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: I2sYpuNsJ+ORA5G/QojJi4BZdJR+t9lwjnvDPnW9jYw=
Subject key identifier: A4:0D:60:69:B3:95:19:FC:CC:E0:8F:2B:EA:2E:0B:FB:53:01:CF:77
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: F1823EFD330E9AACD2E1E2E94A411C9109EAB4
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
Signing time: Fri 25 Apr 2025 07:22:47 +0000
ROA not before: Fri 25 Apr 2025 07:17:47 +0000
ROA not after: Fri 24 Apr 2026 07:22:47 +0000
asID: 9304
IP address blocks: 46.203.83.0/24 maxlen: 24
46.203.84.0/24 maxlen: 24
46.203.87.0/24 maxlen: 24
46.203.126.0/24 maxlen: 24
46.203.135.0/24 maxlen: 24
46.203.139.0/24 maxlen: 24
46.203.172.0/24 maxlen: 24
46.203.176.0/24 maxlen: 24
46.203.183.0/24 maxlen: 24
46.203.200.0/24 maxlen: 24
91.124.42.0/23 maxlen: 23
92.113.212.0/22 maxlen: 22
95.134.0.0/22 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.32.0/22 maxlen: 24
95.134.84.0/24 maxlen: 24
95.134.85.0/24 maxlen: 24
95.134.116.0/22 maxlen: 24
95.134.124.0/22 maxlen: 24
95.134.136.0/22 maxlen: 24
95.134.140.0/22 maxlen: 22
95.135.70.0/24 maxlen: 24
95.135.193.0/24 maxlen: 24
95.135.200.0/23 maxlen: 23
95.135.202.0/23 maxlen: 23
95.135.246.0/24 maxlen: 24
95.135.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
f1:82:3e:fd:33:0e:9a:ac:d2:e1:e2:e9:4a:41:1c:91:09:ea:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Apr 25 07:17:47 2025 GMT
Not After : Apr 24 07:22:47 2026 GMT
Subject: CN=A40D6069B39519FCCCE08F2BEA2E0BFB5301CF77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:98:6a:fc:77:77:40:b3:c6:2f:6f:64:54:ae:
4c:17:b3:15:23:a5:90:20:4a:41:50:b2:4b:fa:26:
04:65:eb:03:d6:d6:3e:fd:cc:1c:56:f8:58:70:31:
90:d1:73:8a:bc:7f:31:2f:74:30:c5:83:bb:97:e1:
72:26:14:6e:f2:31:6e:38:b8:09:3a:0b:4b:9b:a0:
72:03:5e:e9:84:6f:a5:83:b6:57:52:80:86:b2:11:
f7:b4:75:2e:ea:3d:e7:4b:29:6a:4b:3b:d6:43:ef:
c3:69:f7:ae:5a:25:90:8b:82:14:18:57:e3:25:37:
2d:a6:39:84:0b:86:47:cb:25:ba:5c:06:96:f0:b0:
a0:87:b0:73:69:7d:b1:d8:5e:83:b7:dd:3a:26:74:
e4:af:86:b5:78:48:2a:fe:0a:bc:2c:2a:ed:5d:10:
58:7e:61:6e:d3:6e:24:50:9a:a9:eb:8f:34:40:53:
8d:8f:b5:1d:cc:36:64:f5:0b:a9:29:0b:7d:44:52:
df:01:74:43:3d:1a:c0:a1:ba:04:2c:cc:f2:61:69:
d6:8d:5d:43:59:fd:14:12:03:96:10:19:b6:dd:b7:
9a:9c:dc:1a:24:b8:56:6d:6b:02:8e:bd:ff:e4:28:
e8:3c:88:a9:7d:a8:b5:dc:65:80:a2:d6:0b:c3:af:
c2:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:0D:60:69:B3:95:19:FC:CC:E0:8F:2B:EA:2E:0B:FB:53:01:CF:77
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.203.83.0-46.203.84.255
46.203.87.0/24
46.203.126.0/24
46.203.135.0/24
46.203.139.0/24
46.203.172.0/24
46.203.176.0/24
46.203.183.0/24
46.203.200.0/24
91.124.42.0/23
92.113.212.0/22
95.134.0.0/22
95.134.16.0/22
95.134.32.0/22
95.134.84.0/23
95.134.116.0/22
95.134.124.0/22
95.134.136.0/21
95.135.70.0/24
95.135.193.0/24
95.135.200.0/22
95.135.246.0/24
95.135.250.0/24
Signature Algorithm: sha256WithRSAEncryption
65:84:9a:c7:5d:82:80:f2:a8:e8:5c:63:0f:5d:47:6c:9e:c0:
b8:c2:5e:0a:f3:18:69:a1:84:2d:0f:7e:f4:ff:eb:83:cc:63:
67:1f:f3:7c:b4:b5:7d:48:ff:2e:ab:02:ed:bc:e7:37:37:be:
b0:fc:8a:4d:0a:67:bd:ca:08:2e:6f:e4:78:63:84:42:2c:92:
b6:96:66:b5:22:55:95:b8:57:55:03:ae:ba:d0:78:3c:d0:b8:
30:be:42:6d:b5:50:c5:38:66:d9:cf:2b:be:09:6b:15:d8:a1:
cd:b6:33:0d:36:02:c9:56:e6:91:55:53:3e:bb:07:bf:8b:bb:
c4:07:27:8d:79:1b:9d:a2:b4:b2:c3:69:3d:40:0d:53:bb:1a:
39:75:82:52:b6:62:b4:8d:19:4f:72:6b:2c:39:20:5e:f5:70:
d9:38:cc:de:3f:82:5e:8b:26:bd:b0:71:dc:25:08:5f:88:33:
09:34:6d:a3:c3:fc:d8:81:02:38:da:c8:0a:2a:5b:15:50:91:
ab:41:57:b4:f8:d7:3b:16:34:32:3d:bd:87:05:ee:55:e5:9e:
05:a2:b8:ba:76:30:5e:d4:d0:9f:58:25:bc:10:20:5b:fa:c4:
3b:d6:c8:1b:f9:c2:ce:bd:d6:11:67:9f:a6:20:d8:02:cb:68:
f1:50:96:c2
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgIUAPGCPv0zDpqs0uHi6UpBHJEJ6rQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA0MjUwNzE3NDdaFw0yNjA0MjQwNzIyNDdaMDMxMTAvBgNV
BAMTKEE0MEQ2MDY5QjM5NTE5RkNDQ0UwOEYyQkVBMkUwQkZCNTMwMUNGNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFmGr8d3dAs8Yvb2RUrkwXsxUj
pZAgSkFQskv6JgRl6wPW1j79zBxW+FhwMZDRc4q8fzEvdDDFg7uX4XImFG7yMW44
uAk6C0uboHIDXumEb6WDtldSgIayEfe0dS7qPedLKWpLO9ZD78Np965aJZCLghQY
V+MlNy2mOYQLhkfLJbpcBpbwsKCHsHNpfbHYXoO33TomdOSvhrV4SCr+CrwsKu1d
EFh+YW7TbiRQmqnrjzRAU42PtR3MNmT1C6kpC31EUt8BdEM9GsChugQszPJhadaN
XUNZ/RQSA5YQGbbdt5qc3BokuFZtawKOvf/kKOg8iKl9qLXcZYCi1gvDr8IZAgMB
AAGjggKZMIIClTAdBgNVHQ4EFgQUpA1gabOVGfzM4I8r6i4L+1MBz3cwHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrwYIKwYBBQUHAQcBAf8EgZ8wgZwwgZkEAgABMIGSMAwD
BAAuy1MDBAAuy1QDBAAuy1cDBAAuy34DBAAuy4cDBAAuy4sDBAAuy6wDBAAuy7AD
BAAuy7cDBAAuy8gDBAFbfCoDBAJccdQDBAJfhgADBAJfhhADBAJfhiADBAFfhlQD
BAJfhnQDBAJfhnwDBANfhogDBABfh0YDBABfh8EDBAJfh8gDBABfh/YDBABfh/ow
DQYJKoZIhvcNAQELBQADggEBAGWEmsddgoDyqOhcYw9dR2yewLjCXgrzGGmhhC0P
fvT/64PMY2cf83y0tX1I/y6rAu285zc3vrD8ik0KZ73KCC5v5HhjhEIskraWZrUi
VZW4V1UDrrrQeDzQuDC+Qm21UMU4ZtnPK74JaxXYoc22Mw02AslW5pFVUz67B7+L
u8QHJ415G52itLLDaT1ADVO7Gjl1glK2YrSNGU9yayw5IF71cNk4zN4/gl6LJr2w
cdwlCF+IMwk0baPD/NiBAjjayAoqWxVQkatBV7T41zsWNDI9vYcF7lXlngWiuLp2
MF7U0J9YJbwQIFv6xDvWyBv5ws691hFnn6Yg2ALLaPFQlsI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:14 2025 by rpki-client