Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: g3nshFteH0vi5z7Giv/1D0ZWriGWGEo+LGQ+DRkUoOs=
Subject key identifier: 8A:2D:77:B6:2B:47:77:12:8F:3D:40:A1:2A:D6:0D:31:4F:28:E0:70
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 377BD0C828D212B1F825F4D196A2CBA1CF7BA626
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 03 Jun 2025 06:36:38 +0000
ROA not before: Tue 03 Jun 2025 06:31:38 +0000
ROA not after: Tue 02 Jun 2026 06:36:38 +0000
asID: 9304
IP address blocks: 82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.162.0/23 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.24.16.0/24 maxlen: 24
82.24.127.0/24 maxlen: 24
82.24.189.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 10:57:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:7b:d0:c8:28:d2:12:b1:f8:25:f4:d1:96:a2:cb:a1:cf:7b:a6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 3 06:31:38 2025 GMT
Not After : Jun 2 06:36:38 2026 GMT
Subject: CN=8A2D77B62B4777128F3D40A12AD60D314F28E070
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c8:99:1d:70:47:86:87:ac:4f:d4:0a:de:84:
fe:19:f0:e0:8a:38:02:26:0c:a0:a8:08:af:4d:c6:
a7:b8:53:73:47:f8:f0:fd:c7:c8:bb:06:03:e2:22:
3a:6c:ac:8c:a4:8f:c0:c3:3b:a9:49:73:8e:0e:61:
7d:33:01:b8:3d:1c:6a:47:db:64:dc:0d:26:98:40:
f5:ff:aa:ba:60:de:ad:23:de:cb:f9:7d:dd:ca:86:
5a:89:c8:d3:db:ea:4e:ba:cc:2a:c0:8f:64:3f:84:
53:96:a7:76:60:b5:a5:bb:2e:df:a7:58:1c:e5:d2:
d4:4b:98:fa:fe:7c:5c:da:14:fc:ad:b4:80:f8:11:
65:e9:cb:23:49:26:16:08:7c:d8:bf:86:11:0c:53:
36:ec:8a:88:0e:35:87:50:01:8f:f0:bb:28:da:3c:
72:1d:ea:01:1b:15:2d:e3:4d:64:cb:9c:a8:ec:70:
11:eb:98:a4:98:79:60:03:2e:d3:c3:6e:cc:2c:89:
3c:a3:6a:98:1e:aa:ab:27:99:fb:f6:26:5f:cb:36:
52:1d:c0:a0:a1:06:85:ba:9e:37:51:17:f4:84:7e:
84:e6:48:e2:4c:5d:53:19:34:92:0e:ce:36:d1:a2:
74:c2:70:c8:b4:f6:2e:cd:fd:7a:aa:39:48:22:78:
18:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:2D:77:B6:2B:47:77:12:8F:3D:40:A1:2A:D6:0D:31:4F:28:E0:70
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.144.0/24
82.23.147.0/24
82.23.162.0/23
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.127.0/24
82.24.189.0/24
82.26.118.0/24
82.26.152.0/24
82.27.92.0/22
82.27.116.0/23
Signature Algorithm: sha256WithRSAEncryption
06:93:a3:35:24:e0:bc:05:17:05:cd:98:d6:45:6a:df:b6:1b:
82:a0:7e:2e:a0:68:4d:c7:da:f4:b0:7a:00:a0:15:cd:e8:10:
06:86:3f:b5:5c:56:d6:99:92:01:69:92:9f:5d:1a:87:90:2f:
6c:37:2e:a5:92:b0:56:e1:73:04:78:21:36:8a:02:52:92:2a:
c3:1f:0a:16:74:6b:1a:a1:6f:f2:85:fa:73:db:75:22:a4:b8:
8b:ed:df:2d:82:5e:86:16:49:9a:a1:92:ad:ff:9c:fc:1d:86:
db:9d:85:bf:d0:29:81:ec:47:77:d4:35:3b:fb:e6:58:5e:e1:
e3:47:4d:0b:cd:06:98:22:8b:7c:32:ae:f2:27:83:2d:66:d7:
6e:fb:63:dd:b1:b4:89:04:d0:69:dc:c8:38:54:79:26:0c:38:
05:db:fc:44:8b:cc:e6:22:b9:0d:56:a1:33:3d:19:9a:9d:56:
4a:ec:10:77:c7:86:11:c6:7f:ca:4c:8b:85:ea:71:7f:ac:a6:
31:d8:89:4c:76:2b:2e:82:73:55:60:56:2a:76:97:4d:96:6d:
11:e5:de:16:0c:7d:df:49:50:22:8f:ea:ca:b5:d5:37:c5:a4:
1f:b4:97:d2:05:8a:3b:c1:2f:9f:d8:4c:4e:09:d1:ac:4b:90:
74:10:e9:a2
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUN3vQyCjSErH4JfTRlqLLoc97piYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA2MDMwNjMxMzhaFw0yNjA2MDIwNjM2MzhaMDMxMTAvBgNV
BAMTKDhBMkQ3N0I2MkI0Nzc3MTI4RjNENDBBMTJBRDYwRDMxNEYyOEUwNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYyJkdcEeGh6xP1ArehP4Z8OCK
OAImDKCoCK9Nxqe4U3NH+PD9x8i7BgPiIjpsrIykj8DDO6lJc44OYX0zAbg9HGpH
22TcDSaYQPX/qrpg3q0j3sv5fd3KhlqJyNPb6k66zCrAj2Q/hFOWp3ZgtaW7Lt+n
WBzl0tRLmPr+fFzaFPyttID4EWXpyyNJJhYIfNi/hhEMUzbsiogONYdQAY/wuyja
PHId6gEbFS3jTWTLnKjscBHrmKSYeWADLtPDbswsiTyjapgeqqsnmfv2Jl/LNlId
wKChBoW6njdRF/SEfoTmSOJMXVMZNJIOzjbRonTCcMi09i7N/XqqOUgieBhHAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUii13titHdxKPPUChKtYNMU8o4HAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBpBggrBgEFBQcBBwEB/wRaMFgwVgQCAAEwUAMEAFIXkAME
AFIXkwMEAVIXojAMAwQDUhf4AwQAUhf6AwQCUhgAAwQAUhgQAwQAUhh/AwQAUhi9
AwQAUhp2AwQAUhqYAwQCUhtcAwQBUht0MA0GCSqGSIb3DQEBCwUAA4IBAQAGk6M1
JOC8BRcFzZjWRWrfthuCoH4uoGhNx9r0sHoAoBXN6BAGhj+1XFbWmZIBaZKfXRqH
kC9sNy6lkrBW4XMEeCE2igJSkirDHwoWdGsaoW/yhfpz23UipLiL7d8tgl6GFkma
oZKt/5z8HYbbnYW/0CmB7Ed31DU7++ZYXuHjR00LzQaYIot8Mq7yJ4MtZtdu+2Pd
sbSJBNBp3Mg4VHkmDDgF2/xEi8zmIrkNVqEzPRmanVZK7BB3x4YRxn/KTIuF6nF/
rKYx2IlMdisugnNVYFYqdpdNlm0R5d4WDH3fSVAij+rKtdU3xaQftJfSBYo7wS+f
2ExOCdGsS5B0EOmi
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:10:04 2025 by rpki-client