Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: GTYlmeQzKnyUNM4XqRmM8q1iXxcZl56XOwcsZTPUeHc=
Subject key identifier: 81:18:3D:4F:51:34:41:DA:25:1D:BB:37:B9:A7:E3:21:C2:36:64:BD
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 7769DA946F6CA7CA1A0AD7958D46D4CF11DB7126
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Thu 10 Jul 2025 05:20:43 +0000
ROA not before: Thu 10 Jul 2025 05:15:43 +0000
ROA not after: Thu 09 Jul 2026 05:20:43 +0000
asID: 9304
IP address blocks: 45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
85.208.72.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.237.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:69:da:94:6f:6c:a7:ca:1a:0a:d7:95:8d:46:d4:cf:11:db:71:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Jul 10 05:15:43 2025 GMT
Not After : Jul 9 05:20:43 2026 GMT
Subject: CN=81183D4F513441DA251DBB37B9A7E321C23664BD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:90:7d:71:e4:24:a2:ec:68:47:5b:2e:f7:8b:
68:8d:f8:4c:a3:e4:cb:09:a4:32:65:ee:a7:51:5c:
9c:3e:b5:de:d4:45:53:c0:e4:48:06:b2:14:ed:db:
ab:c6:9d:62:cf:96:4c:10:ca:97:fa:2c:26:c1:96:
6c:79:fd:6b:7e:0c:8f:30:a8:71:66:73:45:56:ab:
38:4a:f2:75:9f:e0:aa:46:01:10:3a:04:45:bb:5a:
23:6e:d0:01:82:55:1a:19:11:0a:1e:1a:db:99:7a:
bb:60:fa:b9:85:41:9b:4b:ce:bb:af:9d:f8:54:53:
8f:76:82:00:94:11:d6:d9:22:ad:1b:45:0e:1b:e8:
21:60:9c:68:69:2e:17:42:96:39:4f:36:b8:4f:90:
76:e6:8f:e6:21:51:63:59:7d:11:ed:c2:1f:7b:da:
2d:81:e4:82:78:a1:1a:42:7a:b9:2e:27:4c:23:2c:
1c:61:0c:3a:47:9d:f4:cf:17:2d:0f:9d:ab:57:d3:
7f:83:28:7f:a1:43:19:db:5a:b3:c6:55:7b:34:46:
9e:8f:b8:77:8e:b7:d8:9c:bc:02:8a:47:4a:ee:24:
02:16:26:f6:55:95:46:ef:de:fe:d3:ab:9e:4f:1e:
42:ab:35:93:94:69:4e:cf:64:83:11:97:ce:b3:a9:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:18:3D:4F:51:34:41:DA:25:1D:BB:37:B9:A7:E3:21:C2:36:64:BD
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/23
85.208.72.0/24
92.118.162.0/24
92.119.33.0/24
179.61.241.0/24
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.236.0/23
181.214.248.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.101.76.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:fe:5f:7e:fa:f2:03:6c:8d:40:7c:7f:4a:b7:24:af:95:85:
8d:28:65:ba:2d:58:97:3a:04:02:a3:ca:71:1b:39:4c:74:72:
5e:5f:af:f6:5b:3c:44:9c:25:91:86:b5:5e:dc:80:02:97:53:
54:5d:89:80:4e:89:07:44:2c:64:73:e3:7f:72:f8:fa:73:17:
d1:68:5e:79:9b:6d:81:04:66:22:fa:e5:e2:ea:a0:f6:06:fe:
36:d2:1a:cd:22:71:52:c0:d4:da:37:ec:19:8d:e9:cb:86:1e:
88:e7:5f:ce:bb:ef:8b:d1:72:e9:91:3c:ac:97:28:3d:0a:3a:
89:59:fe:12:a2:3d:93:14:04:7d:a9:c5:5a:5e:4e:2b:66:b6:
9e:84:3d:5a:55:06:7d:82:39:ce:9b:b8:9b:a2:aa:11:4d:a6:
39:de:6a:79:91:c2:c4:03:75:c0:78:a7:45:94:09:f6:5e:23:
10:d5:0b:18:10:c9:88:64:66:9e:27:7f:b7:64:65:8a:b6:c2:
63:2f:54:10:1a:ee:07:12:d8:de:b6:40:88:32:6a:ad:fe:fb:
a2:80:c7:27:db:d9:38:73:e6:ff:3d:22:cf:4b:7d:7d:c1:07:
40:86:da:8e:3a:35:f5:4a:69:45:97:9f:e1:11:31:96:b6:b1:
6a:fa:e4:d3
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgIUd2nalG9sp8oaCteVjUbUzxHbcSYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA3MTAwNTE1NDNaFw0yNjA3MDkwNTIwNDNaMDMxMTAvBgNV
BAMTKDgxMTgzRDRGNTEzNDQxREEyNTFEQkIzN0I5QTdFMzIxQzIzNjY0QkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGkH1x5CSi7GhHWy73i2iN+Eyj
5MsJpDJl7qdRXJw+td7URVPA5EgGshTt26vGnWLPlkwQypf6LCbBlmx5/Wt+DI8w
qHFmc0VWqzhK8nWf4KpGARA6BEW7WiNu0AGCVRoZEQoeGtuZertg+rmFQZtLzruv
nfhUU492ggCUEdbZIq0bRQ4b6CFgnGhpLhdCljlPNrhPkHbmj+YhUWNZfRHtwh97
2i2B5IJ4oRpCerkuJ0wjLBxhDDpHnfTPFy0PnatX03+DKH+hQxnbWrPGVXs0Rp6P
uHeOt9icvAKKR0ruJAIWJvZVlUbv3v7Tq55PHkKrNZOUaU7PZIMRl86zqQD/AgMB
AAGjggKXMIICkzAdBgNVHQ4EFgQUgRg9T1E0QdolHbs3uafjIcI2ZL0wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBrQYIKwYBBQUHAQcBAf8EgZ0wgZowgZcEAgABMIGQAwQB
LYu2AwQAVdBIAwQAXHaiAwQAXHchAwQAsz3xAwQAtdaUAwQAtdaaAwQAtdahAwQA
tdbJAwQAtdbUAwQBtdbsAwQAtdb4AwQBv2BYAwQAv2BbAwQAv2BjAwQAv2BpAwQA
v2B0AwQAv2B4AwQAv2B+AwQAv2VMAwQAv2VmAwQAv2V0AwQAv2V4AwQAv2V8MA0G
CSqGSIb3DQEBCwUAA4IBAQCa/l9++vIDbI1AfH9KtySvlYWNKGW6LViXOgQCo8px
GzlMdHJeX6/2WzxEnCWRhrVe3IACl1NUXYmATokHRCxkc+N/cvj6cxfRaF55m22B
BGYi+uXi6qD2Bv420hrNInFSwNTaN+wZjenLhh6I51/Ou++L0XLpkTyslyg9CjqJ
Wf4Soj2TFAR9qcVaXk4rZraehD1aVQZ9gjnOm7iboqoRTaY53mp5kcLEA3XAeKdF
lAn2XiMQ1QsYEMmIZGaeJ3+3ZGWKtsJjL1QQGu4HEtjetkCIMmqt/vuigMcn29k4
c+b/PSLPS319wQdAhtqOOjX1SmlFl5/hETGWtrFq+uTT
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:07:51 2025 by rpki-client