Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: ClAFyij6QIJ3VaSPfqyXj7qB+A8CyGt9fkK151xrVI8=
Subject key identifier: 76:C5:D5:B6:DD:93:75:E7:BA:BA:CE:93:D6:A0:3C:23:30:48:9A:FB
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 56A463F3C8B3C5D234E12D6A483CE4F3A2DE55B4
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Sun 02 Feb 2025 05:31:38 +0000
ROA not before: Sun 02 Feb 2025 05:26:38 +0000
ROA not after: Sun 01 Feb 2026 05:31:38 +0000
asID: 9304
IP address blocks: 82.21.101.0/24 maxlen: 24
82.21.144.0/24 maxlen: 24
82.21.156.0/24 maxlen: 24
82.21.187.0/24 maxlen: 24
82.22.200.0/24 maxlen: 24
82.23.143.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.148.0/24 maxlen: 24
82.23.196.0/24 maxlen: 24
82.24.17.0/24 maxlen: 24
82.24.57.0/24 maxlen: 24
82.24.175.0/24 maxlen: 24
82.24.183.0/24 maxlen: 24
82.27.109.0/24 maxlen: 24
82.27.199.0/24 maxlen: 24
82.29.26.0/24 maxlen: 24
82.29.48.0/24 maxlen: 24
82.29.75.0/24 maxlen: 24
82.29.78.0/24 maxlen: 24
82.29.93.0/24 maxlen: 24
82.29.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a4:63:f3:c8:b3:c5:d2:34:e1:2d:6a:48:3c:e4:f3:a2:de:55:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 2 05:26:38 2025 GMT
Not After : Feb 1 05:31:38 2026 GMT
Subject: CN=76C5D5B6DD9375E7BABACE93D6A03C2330489AFB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:0c:ae:f7:0f:b6:ff:ef:05:ec:3c:85:fc:
8e:64:6f:fc:82:7b:0a:2f:91:a6:4a:e1:10:06:0d:
6e:b4:4c:dc:5a:d9:3f:ad:ef:e4:a8:7b:7e:f9:24:
f4:bc:8a:7d:c6:aa:d8:fc:bf:bc:f5:b3:5d:51:5f:
cc:95:73:43:f7:85:33:11:d8:b3:23:8e:e0:d9:fa:
8e:11:c3:d1:18:c8:c6:b3:d5:24:8f:30:4b:05:b2:
3a:96:aa:53:26:4b:e2:56:ca:db:92:e7:ef:25:a8:
cd:ab:75:c9:23:ef:8b:fa:a3:16:2a:e2:82:76:0c:
ae:a0:fd:73:25:fd:ca:81:ba:76:3e:ed:c7:ad:90:
61:98:21:24:ac:49:48:ca:78:b6:c8:d9:9b:8c:2e:
d4:8c:a0:bd:0a:5d:57:61:d8:34:ef:bd:95:15:f0:
3b:0c:3e:77:38:db:68:cd:b1:42:e5:b9:79:6c:79:
30:64:ed:8c:77:7c:9b:d8:f8:d6:6b:a0:e0:e0:3c:
a6:e9:9b:20:e4:16:6e:01:42:17:16:3e:f2:fb:48:
60:19:9e:ec:0a:c7:43:e4:9d:16:d5:97:03:d5:de:
60:d2:a6:0b:68:1c:fb:d0:49:29:6d:c9:32:35:62:
18:52:98:cf:3b:18:6a:67:c1:17:ac:41:66:d1:ae:
95:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:C5:D5:B6:DD:93:75:E7:BA:BA:CE:93:D6:A0:3C:23:30:48:9A:FB
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.101.0/24
82.21.144.0/24
82.21.156.0/24
82.21.187.0/24
82.22.200.0/24
82.23.143.0-82.23.148.255
82.23.196.0/24
82.24.17.0/24
82.24.57.0/24
82.24.175.0/24
82.24.183.0/24
82.27.109.0/24
82.27.199.0/24
82.29.26.0/24
82.29.48.0/24
82.29.75.0/24
82.29.78.0/24
82.29.93.0/24
82.29.127.0/24
Signature Algorithm: sha256WithRSAEncryption
85:d1:59:30:97:33:1f:9c:10:0e:cb:85:4e:24:6c:fb:6b:46:
3b:36:7f:24:1c:8d:f4:58:0c:92:ea:f7:f9:0c:9f:da:bf:8d:
41:11:24:29:77:94:55:93:6c:35:86:2f:b6:30:83:96:27:5a:
32:d6:19:f7:6f:7d:64:f5:51:ae:dc:da:24:de:70:23:00:9a:
10:d0:b6:4b:de:6c:f6:fa:09:63:a0:4b:e5:60:db:bc:37:88:
11:cb:5c:d8:e1:78:39:82:ff:97:6b:58:5e:08:1d:c8:4e:62:
f7:99:65:5b:38:8f:b4:7f:81:8a:9e:99:00:fc:85:1a:b0:7b:
a7:67:4b:ac:7f:6f:3b:dd:dd:a5:36:1e:d4:e1:3d:a8:06:50:
94:51:0a:a3:57:5e:ba:a4:99:b5:78:bc:bd:56:32:b3:b8:f3:
20:36:cf:28:c3:02:0c:ef:4d:b8:42:0f:58:c5:c7:fe:af:87:
25:5a:75:4c:9e:c5:bf:02:6f:c4:93:9d:92:19:bf:86:af:7e:
8d:49:c4:37:3f:1f:33:40:8a:3e:b8:34:56:52:b8:49:a2:3f:
46:e5:6f:75:67:f6:96:e5:68:40:0f:27:3d:2e:dc:f7:93:59:
78:88:55:8f:e4:73:53:cd:c6:bb:74:f6:0a:40:76:30:cd:21:
f7:dd:1d:bf
-----BEGIN CERTIFICATE-----
MIIFdjCCBF6gAwIBAgIUVqRj88izxdI04S1qSDzk86LeVbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDIwNTI2MzhaFw0yNjAyMDEwNTMxMzhaMDMxMTAvBgNV
BAMTKDc2QzVENUI2REQ5Mzc1RTdCQUJBQ0U5M0Q2QTAzQzIzMzA0ODlBRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvMQyu9w+2/+8F7DyF/I5kb/yC
ewovkaZK4RAGDW60TNxa2T+t7+Soe375JPS8in3Gqtj8v7z1s11RX8yVc0P3hTMR
2LMjjuDZ+o4Rw9EYyMaz1SSPMEsFsjqWqlMmS+JWytuS5+8lqM2rdckj74v6oxYq
4oJ2DK6g/XMl/cqBunY+7cetkGGYISSsSUjKeLbI2ZuMLtSMoL0KXVdh2DTvvZUV
8DsMPnc422jNsULluXlseTBk7Yx3fJvY+NZroODgPKbpmyDkFm4BQhcWPvL7SGAZ
nuwKx0PknRbVlwPV3mDSpgtoHPvQSSltyTI1YhhSmM87GGpnwResQWbRrpW1AgMB
AAGjggKAMIICfDAdBgNVHQ4EFgQUdsXVtt2Tdee6us6T1qA8IzBImvswHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBlgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHoDBABS
FWUDBABSFZADBABSFZwDBABSFbsDBABSFsgwDAMEAFIXjwMEAFIXlAMEAFIXxAME
AFIYEQMEAFIYOQMEAFIYrwMEAFIYtwMEAFIbbQMEAFIbxwMEAFIdGgMEAFIdMAME
AFIdSwMEAFIdTgMEAFIdXQMEAFIdfzANBgkqhkiG9w0BAQsFAAOCAQEAhdFZMJcz
H5wQDsuFTiRs+2tGOzZ/JByN9FgMkur3+Qyf2r+NQREkKXeUVZNsNYYvtjCDlida
MtYZ9299ZPVRrtzaJN5wIwCaENC2S95s9voJY6BL5WDbvDeIEctc2OF4OYL/l2tY
XggdyE5i95llWziPtH+Bip6ZAPyFGrB7p2dLrH9vO93dpTYe1OE9qAZQlFEKo1de
uqSZtXi8vVYys7jzIDbPKMMCDO9NuEIPWMXH/q+HJVp1TJ7FvwJvxJOdkhm/hq9+
jUnENz8fM0CKPrg0VlK4SaI/RuVvdWf2luVoQA8nPS7c95NZeIhVj+RzU83Gu3T2
CkB2MM0h990dvw==
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:34 2025 by rpki-client