Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 0ILvVjEkoGpl4bbUC24QK0omT8tRDyu0oBnEPV3u4iw=
Subject key identifier: 9F:C8:7E:F7:42:F4:27:8A:08:C2:EE:71:B4:F6:E1:92:74:9E:55:F0
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 472236E656F50C1C5CCE799494D48C923F271AD2
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 03 Mar 2026 03:41:32 +0000
ROA not before: Tue 03 Mar 2026 03:36:32 +0000
ROA not after: Tue 02 Mar 2027 03:41:32 +0000
asID: 9304
IP address blocks: 82.21.75.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.108.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.147.0/24 maxlen: 24
82.26.175.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.29.36.0/24 maxlen: 24
82.29.39.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.49.0/24 maxlen: 24
82.29.51.0/24 maxlen: 24
82.29.70.0/24 maxlen: 24
82.29.73.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.29.79.0/24 maxlen: 24
82.38.62.0/24 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.205.0/24 maxlen: 24
82.39.210.0/23 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.235.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.41.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:22:36:e6:56:f5:0c:1c:5c:ce:79:94:94:d4:8c:92:3f:27:1a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 3 03:36:32 2026 GMT
Not After : Mar 2 03:41:32 2027 GMT
Subject: CN=9FC87EF742F4278A08C2EE71B4F6E192749E55F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:87:2d:74:75:6a:52:f1:cb:ab:c1:88:08:60:
f8:89:68:bc:0e:da:63:be:4b:37:32:c7:7a:f0:bd:
50:b5:c7:57:23:9d:68:e0:fa:b4:29:e3:7c:b9:7c:
1e:52:af:e0:2b:7c:2f:cf:d3:b8:b9:99:67:ab:40:
be:38:b9:10:fa:dc:24:d0:76:f8:75:11:29:b9:55:
c1:66:7e:81:65:df:8e:7b:b3:30:22:d0:f0:35:fc:
ab:d1:ec:0b:c0:74:34:46:be:fd:e7:70:d9:90:97:
b1:cc:b5:dd:94:5e:4a:57:bf:75:f7:bb:5b:35:6e:
dd:2c:d4:50:2e:aa:19:10:c9:58:e2:fc:c8:3c:e9:
b7:66:20:f8:0d:77:48:93:13:5d:60:b1:fc:4d:19:
0d:ae:3e:71:ea:dc:20:fe:8d:4a:11:5a:14:be:0a:
08:d7:73:64:93:33:b3:1f:74:22:57:97:82:39:42:
27:e5:75:37:e3:7c:6d:f2:87:86:ff:53:58:ad:8f:
9c:83:e1:b9:2e:6d:75:c7:74:88:c0:61:89:31:9c:
18:76:97:96:38:89:1b:69:fd:95:eb:13:94:c5:41:
65:8c:7f:25:ee:94:45:6d:29:97:61:e3:c7:d9:bb:
ff:1e:e0:ae:28:69:8d:90:0b:b0:42:55:12:6c:5f:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:C8:7E:F7:42:F4:27:8A:08:C2:EE:71:B4:F6:E1:92:74:9E:55:F0
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.75.0/24
82.22.14.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.108.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.147.0/24
82.26.175.0/24
82.27.131.0/24
82.29.36.0/24
82.29.39.0/24
82.29.45.0/24
82.29.49.0/24
82.29.51.0/24
82.29.70.0/24
82.29.73.0/24
82.29.76.0/24
82.29.79.0/24
82.38.62.0/24
82.38.76.0/22
82.39.205.0/24
82.39.210.0/23
82.40.52.0-82.40.54.255
82.41.233.0-82.41.238.255
82.41.241.0/24
Signature Algorithm: sha256WithRSAEncryption
27:5a:3e:a2:9a:4c:d9:77:d4:71:05:9b:11:ad:75:a6:d1:47:
48:32:5b:3d:0a:c2:11:47:a2:4d:bf:31:fc:d0:d4:c5:6d:39:
1a:d7:08:b1:97:65:c9:0d:af:d3:9b:eb:7b:24:8e:52:5e:b0:
f6:97:9b:5f:56:39:30:20:17:e7:7a:e9:46:ad:3f:60:40:f0:
5c:73:07:32:bc:f1:5b:96:2f:3b:a6:9f:58:04:30:75:86:df:
78:7f:e4:28:dc:5c:f1:63:f0:a4:a1:51:25:fa:20:5e:28:b8:
77:c2:94:00:b9:e7:4b:7d:6d:ab:6b:8a:48:13:4e:0d:8a:2d:
ba:a4:27:b7:a0:2a:d3:83:fa:51:00:6c:e4:73:d9:df:87:f0:
91:60:24:20:93:51:79:e7:bd:a0:a3:52:81:94:22:bd:1b:26:
d0:15:16:4f:5b:a6:84:94:f3:64:d1:03:ea:20:87:98:0c:f4:
82:a5:82:66:81:76:8a:91:78:02:1c:d8:89:70:b7:bb:13:f7:
ce:bf:87:a4:ec:f7:82:20:3a:17:e6:dd:00:89:cf:c2:47:10:
ac:97:4c:59:5f:c3:90:ec:76:98:1e:d9:b1:41:63:61:30:7a:
bc:cd:f4:4b:47:85:53:b0:37:1e:48:cc:fa:f2:93:b6:d8:be:
69:3f:8b:a2
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgIURyI25lb1DBxcznmUlNSMkj8nGtIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjAzMDMwMzM2MzJaFw0yNzAzMDIwMzQxMzJaMDMxMTAvBgNV
BAMTKDlGQzg3RUY3NDJGNDI3OEEwOEMyRUU3MUI0RjZFMTkyNzQ5RTU1RjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwhy10dWpS8curwYgIYPiJaLwO
2mO+Szcyx3rwvVC1x1cjnWjg+rQp43y5fB5Sr+ArfC/P07i5mWerQL44uRD63CTQ
dvh1ESm5VcFmfoFl3457szAi0PA1/KvR7AvAdDRGvv3ncNmQl7HMtd2UXkpXv3X3
u1s1bt0s1FAuqhkQyVji/Mg86bdmIPgNd0iTE11gsfxNGQ2uPnHq3CD+jUoRWhS+
CgjXc2STM7MfdCJXl4I5QifldTfjfG3yh4b/U1itj5yD4bkubXXHdIjAYYkxnBh2
l5Y4iRtp/ZXrE5TFQWWMfyXulEVtKZdh48fZu/8e4K4oaY2QC7BCVRJsX/fNAgMB
AAGjggK/MIICuzAdBgNVHQ4EFgQUn8h+90L0J4oIwu5xtPbhknSeVfAwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB1QYIKwYBBQUHAQcBAf8EgcUwgcIwgb8EAgABMIG4AwQA
UhVLAwQAUhYOAwQAUheQAwQAUheTAwQCUhgAAwQAUhhsAwQAUhpzAwQAUhp2AwQA
Uhp9AwQAUhqTAwQAUhqvAwQAUhuDAwQAUh0kAwQAUh0nAwQAUh0tAwQAUh0xAwQA
Uh0zAwQAUh1GAwQAUh1JAwQAUh1MAwQAUh1PAwQAUiY+AwQCUiZMAwQAUifNAwQB
UifSMAwDBAJSKDQDBABSKDYwDAMEAFIp6QMEAFIp7gMEAFIp8TANBgkqhkiG9w0B
AQsFAAOCAQEAJ1o+oppM2XfUcQWbEa11ptFHSDJbPQrCEUeiTb8x/NDUxW05GtcI
sZdlyQ2v05vreySOUl6w9pebX1Y5MCAX53rpRq0/YEDwXHMHMrzxW5YvO6afWAQw
dYbfeH/kKNxc8WPwpKFRJfogXii4d8KUALnnS31tq2uKSBNODYotuqQnt6Aq04P6
UQBs5HPZ34fwkWAkIJNReee9oKNSgZQivRsm0BUWT1umhJTzZNED6iCHmAz0gqWC
ZoF2ipF4AhzYiXC3uxP3zr+HpOz3giA6F+bdAInPwkcQrJdMWV/DkOx2mB7ZsUFj
YTB6vM30S0eFU7A3HkjM+vKTtti+aT+Log==
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:21:10 2026 by rpki-client