Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 9IEG26bNJwNj/HkMm2FQmrlCme2NMwKLcuaNedkVCKM=
Subject key identifier: 13:DE:C6:DE:6A:E6:9F:8E:BA:39:01:78:34:8E:35:77:2A:6E:82:71
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 70F72286A78AF26EFFF7AA8E57B55BDBDE79F6E6
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 15 Apr 2025 14:50:28 +0000
ROA not before: Tue 15 Apr 2025 14:45:28 +0000
ROA not after: Tue 14 Apr 2026 14:50:28 +0000
asID: 9304
IP address blocks: 82.23.144.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.148.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.26.118.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f7:22:86:a7:8a:f2:6e:ff:f7:aa:8e:57:b5:5b:db:de:79:f6:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 15 14:45:28 2025 GMT
Not After : Apr 14 14:50:28 2026 GMT
Subject: CN=13DEC6DE6AE69F8EBA390178348E35772A6E8271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e8:41:b6:a4:f1:42:f0:c9:23:6c:d5:d1:5a:
e0:a7:40:85:aa:fa:74:9d:33:70:21:26:e6:6e:80:
d0:ec:6e:36:15:cc:64:55:dd:03:00:88:b5:a0:20:
b9:36:a3:fc:8d:34:68:0d:07:6e:87:be:19:b2:74:
b5:af:5b:55:bd:ee:91:fa:55:7c:e4:aa:8c:ac:7e:
71:8a:af:e0:d3:e4:5b:fd:a3:23:8a:17:4d:2f:e6:
65:cc:30:e4:2c:03:55:ed:6e:2b:97:00:17:14:2b:
ae:86:32:12:2f:f7:21:1c:d1:0a:9d:5b:18:ae:52:
33:c3:44:6d:d0:82:a0:7b:4b:31:eb:b8:9e:8b:0c:
3d:b8:36:19:64:b3:b4:8f:8d:31:51:5f:f8:10:3d:
b6:0b:4d:df:c9:88:f2:32:cd:d3:14:c9:47:3c:8a:
8d:9b:9b:a0:92:5d:58:0c:be:97:04:dd:f4:1a:7b:
7a:3f:23:d1:a2:10:6d:db:28:c9:34:af:9a:92:22:
07:98:c9:b3:95:66:3f:d5:ca:ce:8d:40:22:3f:1c:
6b:15:3d:3c:0a:54:31:57:08:9c:a9:ab:6d:81:59:
9b:70:31:05:3f:e1:44:c6:fe:19:6e:b5:29:ba:80:
29:57:2f:8e:b2:81:23:0a:ec:94:88:63:e3:ae:48:
67:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:DE:C6:DE:6A:E6:9F:8E:BA:39:01:78:34:8E:35:77:2A:6E:82:71
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.23.144.0-82.23.148.255
82.24.0.0/22
82.26.118.0/24
82.27.92.0/22
Signature Algorithm: sha256WithRSAEncryption
88:d9:a5:ec:4c:0f:14:20:43:d0:f7:bf:7f:93:12:41:55:35:
b2:2c:bb:78:e3:0e:00:10:e7:68:95:3a:23:9b:c1:43:31:12:
03:6e:3c:19:74:69:ad:c1:ba:71:76:43:35:56:66:65:cd:e6:
52:23:df:ab:b4:61:5f:ff:86:73:b1:04:a7:c9:82:f5:bd:84:
ad:62:27:bf:b0:a1:39:c0:0e:39:57:ad:28:03:d4:68:c6:9f:
b0:c2:66:2e:90:eb:bc:0a:f6:09:f6:1e:53:a8:f7:3a:1c:ff:
7d:43:e8:27:6d:60:80:2b:c7:11:12:a2:e5:f7:91:4a:cb:0a:
e4:ff:d3:49:62:60:eb:ce:32:53:35:a5:12:b7:7f:41:95:1d:
44:d1:4f:93:cb:66:2a:81:27:bc:ed:c3:47:13:5a:ac:71:b3:
7b:be:d3:94:9c:d5:1a:4b:b7:dd:62:01:2b:55:56:82:ce:e3:
24:96:2c:b6:20:8e:64:d2:3f:d3:b2:13:6a:20:5a:0f:ac:99:
eb:f3:b1:f3:81:b4:03:f8:1a:46:36:39:9e:14:2d:bf:e6:27:
9e:95:c5:d3:cd:f8:d2:93:a6:fc:8b:1f:b8:3c:1f:c2:f0:35:
81:35:3e:c0:57:07:ed:2f:61:e7:68:be:9d:ed:70:3b:f5:4d:
45:57:36:53
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIUcPcihqeK8m7/96qOV7Vb29559uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTA0MTUxNDQ1MjhaFw0yNjA0MTQxNDUwMjhaMDMxMTAvBgNV
BAMTKDEzREVDNkRFNkFFNjlGOEVCQTM5MDE3ODM0OEUzNTc3MkE2RTgyNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg6EG2pPFC8MkjbNXRWuCnQIWq
+nSdM3AhJuZugNDsbjYVzGRV3QMAiLWgILk2o/yNNGgNB26HvhmydLWvW1W97pH6
VXzkqoysfnGKr+DT5Fv9oyOKF00v5mXMMOQsA1XtbiuXABcUK66GMhIv9yEc0Qqd
WxiuUjPDRG3QgqB7SzHruJ6LDD24Nhlks7SPjTFRX/gQPbYLTd/JiPIyzdMUyUc8
io2bm6CSXVgMvpcE3fQae3o/I9GiEG3bKMk0r5qSIgeYybOVZj/Vys6NQCI/HGsV
PTwKVDFXCJypq22BWZtwMQU/4UTG/hlutSm6gClXL46ygSMK7JSIY+OuSGf7AgMB
AAGjggIiMIICHjAdBgNVHQ4EFgQUE97G3mrmn466OQF4NI41dypugnEwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQEUheQ
AwQAUheUAwQCUhgAAwQAUhp2AwQCUhtcMA0GCSqGSIb3DQEBCwUAA4IBAQCI2aXs
TA8UIEPQ979/kxJBVTWyLLt44w4AEOdolTojm8FDMRIDbjwZdGmtwbpxdkM1VmZl
zeZSI9+rtGFf/4ZzsQSnyYL1vYStYie/sKE5wA45V60oA9Roxp+wwmYukOu8CvYJ
9h5TqPc6HP99Q+gnbWCAK8cREqLl95FKywrk/9NJYmDrzjJTNaUSt39BlR1E0U+T
y2YqgSe87cNHE1qscbN7vtOUnNUaS7fdYgErVVaCzuMkliy2II5k0j/TshNqIFoP
rJnr87HzgbQD+BpGNjmeFC2/5ieelcXTzfjSk6b8ix+4PB/C8DWBNT7AVwftL2Hn
aL6d7XA79U1FVzZT
-----END CERTIFICATE-----
Generated at Tue Apr 15 23:18:41 2025 by rpki-client