Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: Iznsn1Ap3urTqmWBr3IQkd3m3SLqSt9CAg5oVL+/4xY=
Subject key identifier: D0:79:AD:58:B8:C2:DC:35:76:7C:BA:CE:8B:A5:28:CA:E1:F7:4E:26
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 44BCFD472F52401D213785C0310A5781CA02C8EB
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Wed 26 Mar 2025 00:00:26 +0000
ROA not before: Tue 25 Mar 2025 23:55:26 +0000
ROA not after: Wed 25 Mar 2026 00:00:26 +0000
asID: 9304
IP address blocks: 82.21.156.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.145.0/24 maxlen: 24
82.23.146.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.23.148.0/24 maxlen: 24
82.24.0.0/22 maxlen: 24
82.25.21.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.27.92.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:bc:fd:47:2f:52:40:1d:21:37:85:c0:31:0a:57:81:ca:02:c8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Mar 25 23:55:26 2025 GMT
Not After : Mar 25 00:00:26 2026 GMT
Subject: CN=D079AD58B8C2DC35767CBACE8BA528CAE1F74E26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:dc:e4:b1:e3:11:42:d6:3b:2e:57:ec:87:f3:
46:8e:2f:53:35:ff:80:7f:25:8f:a8:39:da:d2:ea:
ef:2f:23:64:33:f1:fc:3b:9a:0a:ae:eb:5a:6f:32:
4d:f1:be:91:ec:13:7a:f3:37:54:1e:12:2a:19:a0:
7e:01:37:dc:74:51:35:69:51:74:f3:20:99:bc:5a:
f8:5c:9a:9f:23:51:55:8f:8b:3a:03:33:d9:e1:58:
10:3a:30:95:b1:27:06:b9:dc:2f:54:7b:97:2e:be:
33:75:1e:a7:70:aa:c7:0f:6a:22:c8:4c:72:d8:58:
31:87:fe:0e:06:e3:9c:71:20:ed:3a:03:4f:60:85:
f5:26:a4:76:38:03:f7:04:d7:5a:a0:ca:34:c5:cd:
93:7e:4b:9c:ba:70:d5:7c:78:9d:ff:d1:54:4d:fd:
15:5e:1b:c3:fd:76:05:9f:bc:c7:3a:ce:f5:1b:1b:
08:14:66:e8:8f:a7:1f:59:ec:82:19:8a:60:f4:ec:
36:0d:8d:0f:97:c2:6e:15:d4:5e:06:4f:fa:fb:83:
02:7b:26:3e:fa:3f:09:22:6c:c6:d7:b7:c7:02:d6:
ee:49:40:44:e7:5a:59:24:ce:6e:fb:4f:d6:f3:7c:
82:2c:8b:c7:d2:95:85:c5:ef:10:40:dd:28:c4:02:
88:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:79:AD:58:B8:C2:DC:35:76:7C:BA:CE:8B:A5:28:CA:E1:F7:4E:26
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.156.0/24
82.23.144.0-82.23.148.255
82.24.0.0/22
82.25.21.0/24
82.26.118.0/24
82.27.92.0/22
Signature Algorithm: sha256WithRSAEncryption
7f:3d:5a:ad:d5:5e:2a:00:c9:a7:15:b0:ef:54:e1:ea:e5:0f:
d2:fa:e1:49:29:4b:97:5c:a6:c7:3c:43:20:ba:3a:52:d8:be:
e8:76:4d:44:e6:3f:c3:da:29:2e:3d:35:93:33:59:89:2c:9c:
6e:e9:b0:1d:70:ff:9d:bd:3a:f6:03:ff:f4:b5:89:41:28:57:
71:2c:83:31:43:d9:9c:ed:82:27:2d:90:c3:2a:d3:43:73:b8:
97:03:b9:28:43:59:8d:8f:98:a8:60:5b:76:5d:df:02:05:e8:
5f:91:66:56:22:d7:98:b9:9f:5f:f2:29:8b:96:ec:cb:d3:79:
2c:36:eb:22:79:64:93:c7:f3:af:7d:e5:26:54:ce:66:b7:9e:
1e:de:c2:f0:16:56:1f:59:f2:eb:49:b8:cf:53:01:f9:1b:0e:
5b:bb:81:fe:be:be:3b:54:91:81:23:f2:62:4f:35:78:16:68:
d6:c4:f8:2b:83:c3:63:58:43:b8:77:4f:3a:0a:12:47:58:79:
62:59:0f:c3:22:61:8c:18:08:5a:3f:e4:0f:d1:eb:29:96:67:
ae:2d:63:e5:f3:62:5a:f7:ad:ca:64:73:18:c2:0e:ce:97:95:
a6:3e:ba:e6:99:e0:8e:f7:f8:72:94:c3:fd:14:96:6b:45:23:
a9:c8:53:b1
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIURLz9Ry9SQB0hN4XAMQpXgcoCyOswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAzMjUyMzU1MjZaFw0yNjAzMjUwMDAwMjZaMDMxMTAvBgNV
BAMTKEQwNzlBRDU4QjhDMkRDMzU3NjdDQkFDRThCQTUyOENBRTFGNzRFMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO3OSx4xFC1jsuV+yH80aOL1M1
/4B/JY+oOdrS6u8vI2Qz8fw7mgqu61pvMk3xvpHsE3rzN1QeEioZoH4BN9x0UTVp
UXTzIJm8Wvhcmp8jUVWPizoDM9nhWBA6MJWxJwa53C9Ue5cuvjN1HqdwqscPaiLI
THLYWDGH/g4G45xxIO06A09ghfUmpHY4A/cE11qgyjTFzZN+S5y6cNV8eJ3/0VRN
/RVeG8P9dgWfvMc6zvUbGwgUZuiPpx9Z7IIZimD07DYNjQ+Xwm4V1F4GT/r7gwJ7
Jj76PwkibMbXt8cC1u5JQETnWlkkzm77T9bzfIIsi8fSlYXF7xBA3SjEAojrAgMB
AAGjggIuMIICKjAdBgNVHQ4EFgQU0HmtWLjC3DV2fLrOi6UoyuH3TiYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBFBggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAFIVnDAM
AwQEUheQAwQAUheUAwQCUhgAAwQAUhkVAwQAUhp2AwQCUhtcMA0GCSqGSIb3DQEB
CwUAA4IBAQB/PVqt1V4qAMmnFbDvVOHq5Q/S+uFJKUuXXKbHPEMgujpS2L7odk1E
5j/D2ikuPTWTM1mJLJxu6bAdcP+dvTr2A//0tYlBKFdxLIMxQ9mc7YInLZDDKtND
c7iXA7koQ1mNj5ioYFt2Xd8CBehfkWZWIteYuZ9f8imLluzL03ksNusieWSTx/Ov
feUmVM5mt54e3sLwFlYfWfLrSbjPUwH5Gw5bu4H+vr47VJGBI/JiTzV4FmjWxPgr
g8NjWEO4d086ChJHWHliWQ/DImGMGAhaP+QP0esplmeuLWPl82Ja963KZHMYwg7O
l5WmPrrmmeCO9/hylMP9FJZrRSOpyFOx
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:34:27 2025 by rpki-client on console.sobornost.net