Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: qgV7BKdGE8Y+Ip1OM58bflSMDK31dZSW5mxw4JUi58Q=
Subject key identifier: 4F:3D:18:60:26:9C:76:F4:1C:96:87:51:92:63:2D:4F:C3:C6:F4:14
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 59170ADEF799EF62011E3B27DCF765B39A826BB3
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Fri 10 Oct 2025 11:38:34 +0000
ROA not before: Fri 10 Oct 2025 11:33:34 +0000
ROA not after: Fri 09 Oct 2026 11:38:34 +0000
asID: 9304
IP address blocks: 82.21.5.0/24 maxlen: 24
82.21.53.0/24 maxlen: 24
82.22.3.0/24 maxlen: 24
82.22.4.0/24 maxlen: 24
82.22.5.0/24 maxlen: 24
82.22.6.0/24 maxlen: 24
82.22.125.0/24 maxlen: 24
82.22.196.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.171.0/24 maxlen: 24
82.23.248.0/23 maxlen: 24
82.23.250.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.16.0/24 maxlen: 24
82.24.24.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.181.0/24 maxlen: 24
82.25.36.0/24 maxlen: 24
82.25.41.0/24 maxlen: 24
82.25.59.0/24 maxlen: 24
82.25.61.0/24 maxlen: 24
82.25.62.0/24 maxlen: 24
82.25.161.0/24 maxlen: 24
82.25.187.0/24 maxlen: 24
82.25.200.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
82.26.87.0/24 maxlen: 24
82.26.94.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.137.0/24 maxlen: 24
82.26.150.0/24 maxlen: 24
82.26.151.0/24 maxlen: 24
82.26.152.0/24 maxlen: 24
82.26.171.0/24 maxlen: 24
82.26.193.0/24 maxlen: 24
82.26.198.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
82.27.116.0/23 maxlen: 24
82.27.118.0/24 maxlen: 24
82.27.197.0/24 maxlen: 24
82.29.41.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.74.0/24 maxlen: 24
82.29.88.0/24 maxlen: 24
82.29.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:17:0a:de:f7:99:ef:62:01:1e:3b:27:dc:f7:65:b3:9a:82:6b:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Oct 10 11:33:34 2025 GMT
Not After : Oct 9 11:38:34 2026 GMT
Subject: CN=4F3D1860269C76F41C96875192632D4FC3C6F414
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0c:52:23:c8:fb:72:09:37:a9:25:67:8b:3f:
c2:69:48:12:99:6b:23:5a:ac:8c:a3:19:49:97:a1:
4c:e1:e7:85:7d:aa:d2:1a:b0:ac:a8:fe:05:86:4c:
09:b3:c8:df:3f:3c:1e:ed:bb:e1:a8:78:47:15:1e:
32:41:f2:c9:1f:d2:14:b2:c5:a7:1f:cd:37:65:5d:
a0:81:e5:c6:3c:59:ed:6c:97:6e:b2:9b:f0:64:96:
9c:24:2a:e5:87:fa:92:06:19:3a:cb:94:98:15:ed:
60:84:94:d5:f3:c3:fb:3e:b3:c6:56:77:62:73:af:
32:c2:33:32:9c:c8:59:91:2f:0e:98:29:b8:47:64:
3f:83:86:fa:f7:0f:ac:31:51:4a:ef:c4:04:71:0c:
40:33:f9:fe:10:00:4f:12:ce:cb:d7:7d:1e:06:21:
5e:54:d4:f3:f6:55:e9:9a:13:76:bc:0b:90:d0:b1:
b1:fd:79:6f:1e:92:a3:e4:9f:d6:78:63:2a:bb:fe:
22:0f:ba:e4:8d:2a:a9:83:1d:5d:dd:5a:95:11:26:
82:f0:a6:84:61:84:30:af:c2:d2:3e:27:83:38:7f:
41:40:08:0b:5b:19:57:b1:df:94:89:e4:cc:72:94:
fa:c6:8f:c9:31:02:5f:64:74:bd:56:a0:6d:b5:94:
f2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:3D:18:60:26:9C:76:F4:1C:96:87:51:92:63:2D:4F:C3:C6:F4:14
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.5.0/24
82.21.53.0/24
82.22.3.0-82.22.6.255
82.22.125.0/24
82.22.196.0/24
82.23.144.0/24
82.23.147.0/24
82.23.171.0/24
82.23.248.0-82.23.250.255
82.24.0.0/22
82.24.16.0/24
82.24.24.0/24
82.24.107.0/24
82.24.181.0/24
82.25.36.0/24
82.25.41.0/24
82.25.59.0/24
82.25.61.0-82.25.62.255
82.25.161.0/24
82.25.187.0/24
82.25.200.0/24
82.25.205.0/24
82.26.87.0/24
82.26.94.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.137.0/24
82.26.150.0-82.26.152.255
82.26.171.0/24
82.26.193.0/24
82.26.198.0/24
82.27.92.0/22
82.27.116.0-82.27.118.255
82.27.197.0/24
82.29.41.0/24
82.29.48.0/24
82.29.74.0/24
82.29.88.0/24
82.29.103.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:12:7c:4a:d9:a6:c3:ac:f2:99:9e:e5:9a:0f:f7:39:44:61:
4a:f5:38:33:d2:72:98:1e:cc:ad:31:17:b2:48:f5:7a:71:b8:
e7:97:31:b2:4e:fb:71:a3:bb:0e:1c:8c:b1:49:dd:52:a2:09:
8f:02:2a:34:92:33:74:4e:54:7f:33:65:d4:d6:ec:5b:39:3e:
44:26:a7:4e:f6:af:e5:61:19:ca:ef:98:5e:37:1b:2d:28:76:
65:87:9d:74:52:e8:c4:92:fb:78:71:b8:e0:6a:40:63:9d:aa:
02:8a:a5:1d:dc:03:de:79:14:20:1e:9e:79:cd:5e:4d:5f:dd:
4c:1a:d9:24:71:3c:9e:9e:c3:cc:67:2c:f8:81:c7:0c:b9:6a:
26:74:d3:5e:3c:26:98:a1:b8:8b:a2:31:c6:29:46:74:9a:b8:
24:8c:91:ea:62:38:72:89:74:4b:1b:f5:d3:b3:83:0b:0a:6b:
90:b0:d6:69:cb:9f:97:e6:ac:30:dc:e9:4e:eb:b7:76:18:d1:
3f:e3:c1:a7:e8:9e:35:a9:29:14:7a:62:f1:86:e7:39:92:13:
42:cb:79:a0:e4:0d:82:0c:cb:eb:3a:83:7b:b9:31:ae:3a:e9:
d6:3d:9e:a3:26:a7:4f:d9:e3:73:7b:52:8d:d6:56:ff:dd:a1:
61:07:1b:e7
-----BEGIN CERTIFICATE-----
MIIGGjCCBQKgAwIBAgIUWRcK3veZ72IBHjsn3Pdls5qCa7MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTEwMTAxMTMzMzRaFw0yNjEwMDkxMTM4MzRaMDMxMTAvBgNV
BAMTKDRGM0QxODYwMjY5Qzc2RjQxQzk2ODc1MTkyNjMyRDRGQzNDNkY0MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJDFIjyPtyCTepJWeLP8JpSBKZ
ayNarIyjGUmXoUzh54V9qtIasKyo/gWGTAmzyN8/PB7tu+GoeEcVHjJB8skf0hSy
xacfzTdlXaCB5cY8We1sl26ym/BklpwkKuWH+pIGGTrLlJgV7WCElNXzw/s+s8ZW
d2JzrzLCMzKcyFmRLw6YKbhHZD+Dhvr3D6wxUUrvxARxDEAz+f4QAE8SzsvXfR4G
IV5U1PP2VemaE3a8C5DQsbH9eW8ekqPkn9Z4Yyq7/iIPuuSNKqmDHV3dWpURJoLw
poRhhDCvwtI+J4M4f0FACAtbGVex35SJ5MxylPrGj8kxAl9kdL1WoG21lPKTAgMB
AAGjggMkMIIDIDAdBgNVHQ4EFgQUTz0YYCacdvQclodRkmMtT8PG9BQwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCATkGCCsGAQUFBwEHAQH/BIIBKDCCASQwggEgBAIAATCC
ARgDBABSFQUDBABSFTUwDAMEAFIWAwMEAFIWBgMEAFIWfQMEAFIWxAMEAFIXkAME
AFIXkwMEAFIXqzAMAwQDUhf4AwQAUhf6AwQCUhgAAwQAUhgQAwQAUhgYAwQAUhhr
AwQAUhi1AwQAUhkkAwQAUhkpAwQAUhk7MAwDBABSGT0DBABSGT4DBABSGaEDBABS
GbsDBABSGcgDBABSGc0DBABSGlcDBABSGl4DBABSGnMDBABSGnYDBABSGn0DBABS
GokwDAMEAVIalgMEAFIamAMEAFIaqwMEAFIawQMEAFIaxgMEAlIbXDAMAwQCUht0
AwQAUht2AwQAUhvFAwQAUh0pAwQAUh0wAwQAUh1KAwQAUh1YAwQAUh1nMA0GCSqG
SIb3DQEBCwUAA4IBAQCPEnxK2abDrPKZnuWaD/c5RGFK9Tgz0nKYHsytMReySPV6
cbjnlzGyTvtxo7sOHIyxSd1SogmPAio0kjN0TlR/M2XU1uxbOT5EJqdO9q/lYRnK
75heNxstKHZlh510UujEkvt4cbjgakBjnaoCiqUd3APeeRQgHp55zV5NX91MGtkk
cTyensPMZyz4gccMuWomdNNePCaYobiLojHGKUZ0mrgkjJHqYjhyiXRLG/XTs4ML
CmuQsNZpy5+X5qww3OlO67d2GNE/48Gn6J41qSkUemLxhuc5khNCy3mg5A2CDMvr
OoN7uTGuOunWPZ6jJqdP2eNze1KN1lb/3aFhBxvn
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:35:07 2025 by rpki-client