Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: f26Z0Q7YrCIoOPuY62e3+rxXT/3l8/r9YhXm9+VY2OI=
Subject key identifier: 4A:E0:BD:DC:A3:12:D2:70:A8:BB:69:AC:23:5D:8A:ED:8F:A2:19:AA
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 2A163109740306D4887ACE1C351D0BD6AA39FEAF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Sat 21 Feb 2026 09:50:21 +0000
ROA not before: Sat 21 Feb 2026 09:45:21 +0000
ROA not after: Sat 20 Feb 2027 09:50:21 +0000
asID: 9304
IP address blocks: 96.62.59.0/24 maxlen: 24
96.62.101.0/24 maxlen: 24
96.62.152.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.218.0/24 maxlen: 24
96.62.224.0/24 maxlen: 24
96.62.229.0/24 maxlen: 24
140.150.154.0/24 maxlen: 24
140.150.224.0/24 maxlen: 24
140.150.238.0/24 maxlen: 24
140.150.239.0/24 maxlen: 24
140.233.174.0/24 maxlen: 24
140.233.177.0/24 maxlen: 24
143.14.55.0/24 maxlen: 24
143.14.87.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.144.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
146.103.22.0/24 maxlen: 24
146.103.35.0/24 maxlen: 24
146.103.57.0/24 maxlen: 24
147.79.7.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
147.79.19.0/24 maxlen: 24
147.79.60.0/24 maxlen: 24
148.135.199.0/24 maxlen: 24
148.135.202.0/24 maxlen: 24
150.241.130.0/24 maxlen: 24
155.117.108.0/24 maxlen: 24
155.117.139.0/24 maxlen: 24
155.117.157.0/24 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.181.0/24 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.130.0/23 maxlen: 23
167.148.208.0/24 maxlen: 24
168.222.5.0/24 maxlen: 24
168.222.15.0/24 maxlen: 24
168.222.24.0/24 maxlen: 24
168.222.25.0/24 maxlen: 24
168.222.54.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:16:31:09:74:03:06:d4:88:7a:ce:1c:35:1d:0b:d6:aa:39:fe:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Feb 21 09:45:21 2026 GMT
Not After : Feb 20 09:50:21 2027 GMT
Subject: CN=4AE0BDDCA312D270A8BB69AC235D8AED8FA219AA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:aa:7a:4a:a4:a1:f1:a3:c9:16:67:5c:f5:48:
17:95:af:a4:0e:9a:a1:75:f4:07:01:80:0a:2b:6e:
0e:de:5a:d8:83:23:7a:82:56:b5:b4:7e:2d:d9:f3:
9a:d4:67:9c:d6:ee:4d:74:b0:99:02:ec:cd:6d:e3:
ae:61:6d:e8:bb:b9:75:a4:c1:06:be:e6:2e:26:fa:
fd:af:58:87:54:e0:b7:bc:03:96:71:e3:1f:1f:21:
a4:30:f8:79:21:ef:3a:9a:84:c5:3a:9a:f9:e2:73:
71:d6:85:86:c3:93:16:1f:87:23:54:9b:b1:2e:76:
4d:a7:01:be:f8:73:4a:32:6f:88:29:db:99:63:cf:
c9:4b:79:b2:f4:33:98:66:56:3c:3d:a4:30:d3:94:
e3:b1:81:cf:78:0e:86:61:cb:34:db:2f:da:e5:06:
23:42:e2:9e:3e:61:43:d2:95:c2:8c:c2:6c:70:fa:
19:3e:24:b2:fc:a9:d0:57:e0:4e:ff:c6:0f:ab:cd:
9b:7f:3d:b4:a5:1f:5b:c1:67:50:80:71:41:ad:3d:
a2:45:9f:f8:80:6e:d6:37:d5:c1:72:86:88:3b:92:
82:29:08:57:e2:c7:06:3d:12:35:98:c8:f1:17:aa:
76:c5:b4:67:13:d6:c7:01:ad:cb:82:04:ae:fc:00:
ef:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E0:BD:DC:A3:12:D2:70:A8:BB:69:AC:23:5D:8A:ED:8F:A2:19:AA
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.59.0/24
96.62.101.0/24
96.62.152.0/24
96.62.156.0/22
96.62.218.0/24
96.62.224.0/24
96.62.229.0/24
140.150.154.0/24
140.150.224.0/24
140.150.238.0/23
140.233.174.0/24
140.233.177.0/24
143.14.55.0/24
143.14.87.0/24
143.14.94.0/24
143.14.144.0/24
143.14.196.0/24
143.14.214.0/24
143.14.222.0/24
146.103.22.0/24
146.103.35.0/24
146.103.57.0/24
147.79.7.0/24
147.79.17.0/24
147.79.19.0/24
147.79.60.0/24
148.135.199.0/24
148.135.202.0/24
150.241.130.0/24
155.117.108.0/24
155.117.139.0/24
155.117.157.0/24
162.141.19.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.101.0/24
162.141.144.0/21
162.141.168.0/21
162.141.181.0/24
162.141.184.0/21
167.148.16.0/21
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.99.0/24
167.148.108.0/22
167.148.130.0/23
167.148.208.0/24
168.222.5.0/24
168.222.15.0/24
168.222.24.0/23
168.222.54.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a3:a6:63:66:65:4c:8a:19:16:ec:61:95:8e:7a:98:7d:c7:
3b:16:84:31:1b:1a:93:7d:d1:9a:98:b1:1d:40:46:b1:85:ca:
97:fd:8b:63:db:97:29:e4:aa:12:60:0e:ff:0e:2b:ad:ce:07:
01:04:e9:33:d4:8c:e5:30:75:d0:4a:c8:dc:77:8c:17:c1:50:
47:a6:5b:28:bb:ab:6b:cf:06:48:13:b7:e6:8a:98:e9:89:55:
9e:b7:ae:83:28:bf:32:a9:bc:4f:86:45:b8:bd:5e:dc:dd:90:
28:31:16:a9:e6:87:c1:d4:59:a7:95:74:ec:42:a2:77:84:c5:
a4:dd:e8:24:76:77:29:f4:b3:47:8a:eb:1d:2c:3b:25:29:04:
b0:fe:d0:01:0a:98:aa:06:f1:87:00:6e:03:48:49:ea:3d:f0:
fd:7d:10:6b:7e:7b:a4:a1:1b:99:8c:8e:52:ad:a4:96:0f:53:
80:68:39:66:93:d3:5e:9c:94:ec:bb:eb:0b:d4:50:84:74:d2:
10:9d:80:5d:fa:3f:3f:ee:11:6a:fd:4c:46:d5:d6:59:33:a0:
1c:e7:07:8b:5d:5b:f1:dd:35:f3:96:26:3f:5d:f9:d7:7e:a6:
d1:e8:fe:9b:0c:4c:79:f2:ed:80:93:2e:21:91:d7:f6:35:f7:
2c:ae:e7:fd
-----BEGIN CERTIFICATE-----
MIIGXDCCBUSgAwIBAgIUKhYxCXQDBtSIes4cNR0L1qo5/q8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAyMjEwOTQ1MjFaFw0yNzAyMjAwOTUwMjFaMDMxMTAvBgNV
BAMTKDRBRTBCRERDQTMxMkQyNzBBOEJCNjlBQzIzNUQ4QUVEOEZBMjE5QUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXqnpKpKHxo8kWZ1z1SBeVr6QO
mqF19AcBgAorbg7eWtiDI3qCVrW0fi3Z85rUZ5zW7k10sJkC7M1t465hbei7uXWk
wQa+5i4m+v2vWIdU4Le8A5Zx4x8fIaQw+Hkh7zqahMU6mvnic3HWhYbDkxYfhyNU
m7Eudk2nAb74c0oyb4gp25ljz8lLebL0M5hmVjw9pDDTlOOxgc94DoZhyzTbL9rl
BiNC4p4+YUPSlcKMwmxw+hk+JLL8qdBX4E7/xg+rzZt/PbSlH1vBZ1CAcUGtPaJF
n/iAbtY31cFyhog7koIpCFfixwY9EjWYyPEXqnbFtGcT1scBrcuCBK78AO/VAgMB
AAGjggNmMIIDYjAdBgNVHQ4EFgQUSuC93KMS0nCou2msI12K7Y+iGaowHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAXsGCCsGAQUFBwEHAQH/BIIBajCCAWYwggFiBAIAATCC
AVoDBABgPjsDBABgPmUDBABgPpgDBAJgPpwDBABgPtoDBABgPuADBABgPuUDBACM
lpoDBACMluADBAGMlu4DBACM6a4DBACM6bEDBACPDjcDBACPDlcDBACPDl4DBACP
DpADBACPDsQDBACPDtYDBACPDt4DBACSZxYDBACSZyMDBACSZzkDBACTTwcDBACT
TxEDBACTTxMDBACTTzwDBACUh8cDBACUh8oDBACW8YIDBACbdWwDBACbdYsDBACb
dZ0DBACijRMwDAMEA6KNGAMEAqKNIAMEAqKNKAMEA6KNOAMEAqKNSAMEAKKNZQME
A6KNkAMEA6KNqAMEAKKNtQMEA6KNuAMEA6eUEDAMAwQEp5QwAwQCp5Q4AwQCp5RA
AwQCp5RMAwQDp5RYAwQAp5RjAwQCp5RsAwQBp5SCAwQAp5TQAwQAqN4FAwQAqN4P
AwQBqN4YAwQAqN42MA0GCSqGSIb3DQEBCwUAA4IBAQCDo6ZjZmVMihkW7GGVjnqY
fcc7FoQxGxqTfdGamLEdQEaxhcqX/Ytj25cp5KoSYA7/DiutzgcBBOkz1IzlMHXQ
Ssjcd4wXwVBHplsou6trzwZIE7fmipjpiVWet66DKL8yqbxPhkW4vV7c3ZAoMRap
5ofB1FmnlXTsQqJ3hMWk3egkdncp9LNHiusdLDslKQSw/tABCpiqBvGHAG4DSEnq
PfD9fRBrfnukoRuZjI5SraSWD1OAaDlmk9NenJTsu+sL1FCEdNIQnYBd+j8/7hFq
/UxG1dZZM6Ac5weLXVvx3TXzliY/XfnXfqbR6P6bDEx58u2Aky4hkdf2Nfcsruf9
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:04:12 2026 by rpki-client