Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: TQuO4fXQFD3h99+upNt6Q5FNqfAFF0LWU3qnV3o5AhM=
Subject key identifier: B5:37:E4:A6:A1:94:30:4F:EC:F2:CD:8D:B7:09:4F:EB:CD:2E:E9:8B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 55D2C931E9AE180902033779A74CA00028B209FF
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Tue 31 Mar 2026 05:13:07 +0000
ROA not before: Tue 31 Mar 2026 05:08:07 +0000
ROA not after: Tue 30 Mar 2027 05:13:07 +0000
asID: 9304
IP address blocks: 96.62.0.0/19 maxlen: 24
96.62.59.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
96.62.229.0/24 maxlen: 24
143.14.55.0/24 maxlen: 24
143.14.87.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.144.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
146.103.29.0/24 maxlen: 24
147.79.8.0/23 maxlen: 24
150.241.130.0/24 maxlen: 24
155.117.139.0/24 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.181.0/24 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.130.0/23 maxlen: 23
167.148.208.0/24 maxlen: 24
168.222.12.0/24 maxlen: 24
168.222.83.0/24 maxlen: 24
168.222.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:d2:c9:31:e9:ae:18:09:02:03:37:79:a7:4c:a0:00:28:b2:09:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Mar 31 05:08:07 2026 GMT
Not After : Mar 30 05:13:07 2027 GMT
Subject: CN=B537E4A6A194304FECF2CD8DB7094FEBCD2EE98B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:66:a9:87:23:92:a7:f1:ed:a0:ac:19:e7:c9:
86:cb:04:f1:96:9c:a6:01:71:77:bd:f9:84:64:3e:
05:8e:e4:43:95:e0:21:14:1d:72:03:1f:61:59:a3:
2e:2a:7b:bc:fd:ae:4e:57:d6:13:8d:a0:20:8a:08:
ee:9c:01:c4:f0:ce:82:ec:d5:47:53:e1:1f:74:94:
25:a6:59:72:6c:27:21:d2:6d:ae:29:f4:80:b0:e9:
75:ae:a7:06:89:f3:06:00:db:92:e0:26:16:ed:d5:
c7:fb:e7:39:cf:ce:a0:6e:59:94:3b:c4:78:33:fa:
7d:e4:89:e7:db:10:5d:ea:07:cc:d6:ff:36:6d:2e:
1c:61:ca:c0:f4:dc:3e:88:c2:67:4b:05:c4:ce:38:
59:20:de:ee:7f:5a:f8:81:67:d8:03:07:31:ce:dd:
d2:f9:f1:89:ed:6c:31:25:9e:dd:ec:5e:93:21:9d:
4b:53:8c:d9:c5:63:e6:81:5b:e5:f9:1f:5b:ab:a4:
a9:17:f2:ea:ff:9c:aa:7a:29:d1:e6:bd:ef:77:19:
b5:f4:e1:f2:ff:3a:10:9f:ce:41:0c:17:2a:28:95:
19:ce:77:1d:9e:4c:65:f8:a1:d3:d5:7c:34:16:23:
87:16:a8:07:77:0c:0e:ee:2f:97:16:e6:97:31:b5:
4d:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:37:E4:A6:A1:94:30:4F:EC:F2:CD:8D:B7:09:4F:EB:CD:2E:E9:8B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.0.0/19
96.62.59.0/24
96.62.156.0/22
96.62.224.0/24
96.62.229.0/24
143.14.55.0/24
143.14.87.0/24
143.14.94.0/24
143.14.144.0/24
143.14.196.0/24
143.14.214.0/24
143.14.222.0/24
146.103.29.0/24
147.79.8.0/23
150.241.130.0/24
155.117.139.0/24
162.141.19.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.56.0/21
162.141.72.0/22
162.141.101.0/24
162.141.144.0/21
162.141.168.0/21
162.141.181.0/24
162.141.184.0/21
167.148.16.0/21
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.99.0/24
167.148.108.0/22
167.148.130.0/23
167.148.208.0/24
168.222.12.0/24
168.222.83.0/24
168.222.89.0/24
Signature Algorithm: sha256WithRSAEncryption
92:d9:d0:b6:74:0f:30:cf:6a:fe:b6:2f:b4:05:76:d1:d4:20:
d8:b6:44:b5:b9:3e:e7:c4:a6:e1:5c:b7:1a:45:39:fe:21:5d:
da:9c:62:0f:91:86:2a:79:d3:a0:34:2b:05:12:23:a8:f5:54:
72:c6:17:86:df:4e:43:f3:56:4a:80:3c:f3:81:52:34:b4:2a:
96:ab:13:cb:ef:de:38:03:1f:13:ca:25:c2:8a:9d:47:2d:51:
65:1e:c9:5e:9c:50:9c:9a:92:11:96:1b:69:ba:a5:ab:87:8f:
31:47:a2:f3:6d:50:60:aa:49:20:a4:37:17:c2:86:93:60:c0:
d3:6c:51:f0:a2:8f:2e:73:98:fb:e2:a5:65:01:68:bb:e1:ad:
c4:58:24:7f:46:9e:46:00:27:19:f9:7e:a2:33:c6:05:be:48:
87:52:dd:e5:0a:fe:4f:b7:73:fe:7c:68:30:7f:39:2c:f4:ad:
df:af:fb:e4:4c:fb:ac:63:12:e0:b1:61:5d:4b:68:52:c6:40:
72:49:f0:87:48:3c:95:18:cf:84:55:bf:37:be:80:05:26:dd:
f2:9c:9f:13:08:dd:be:00:51:8d:f1:6d:73:d3:d7:3f:8d:4a:
5f:10:39:2e:3a:53:13:0f:8c:2f:7a:f1:87:47:e6:09:90:47:
4a:47:5a:26
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgIUVdLJMemuGAkCAzd5p0ygACiyCf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNjAzMzEwNTA4MDdaFw0yNzAzMzAwNTEzMDdaMDMxMTAvBgNV
BAMTKEI1MzdFNEE2QTE5NDMwNEZFQ0YyQ0Q4REI3MDk0RkVCQ0QyRUU5OEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmZqmHI5Kn8e2grBnnyYbLBPGW
nKYBcXe9+YRkPgWO5EOV4CEUHXIDH2FZoy4qe7z9rk5X1hONoCCKCO6cAcTwzoLs
1UdT4R90lCWmWXJsJyHSba4p9ICw6XWupwaJ8wYA25LgJhbt1cf75znPzqBuWZQ7
xHgz+n3kiefbEF3qB8zW/zZtLhxhysD03D6IwmdLBcTOOFkg3u5/WviBZ9gDBzHO
3dL58YntbDElnt3sXpMhnUtTjNnFY+aBW+X5H1urpKkX8ur/nKp6KdHmve93GbX0
4fL/OhCfzkEMFyoolRnOdx2eTGX4odPVfDQWI4cWqAd3DA7uL5cW5pcxtU0ZAgMB
AAGjggL9MIIC+TAdBgNVHQ4EFgQUtTfkpqGUME/s8s2NtwlP680u6YswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCARIGCCsGAQUFBwEHAQH/BIIBATCB/jCB+wQCAAEwgfQD
BAVgPgADBABgPjsDBAJgPpwDBABgPuADBABgPuUDBACPDjcDBACPDlcDBACPDl4D
BACPDpADBACPDsQDBACPDtYDBACPDt4DBACSZx0DBAGTTwgDBACW8YIDBACbdYsD
BACijRMwDAMEA6KNGAMEAqKNIAMEAqKNKAMEA6KNOAMEAqKNSAMEAKKNZQMEA6KN
kAMEA6KNqAMEAKKNtQMEA6KNuAMEA6eUEDAMAwQEp5QwAwQCp5Q4AwQCp5RAAwQC
p5RMAwQDp5RYAwQAp5RjAwQCp5RsAwQBp5SCAwQAp5TQAwQAqN4MAwQAqN5TAwQA
qN5ZMA0GCSqGSIb3DQEBCwUAA4IBAQCS2dC2dA8wz2r+ti+0BXbR1CDYtkS1uT7n
xKbhXLcaRTn+IV3anGIPkYYqedOgNCsFEiOo9VRyxheG305D81ZKgDzzgVI0tCqW
qxPL7944Ax8TyiXCip1HLVFlHslenFCcmpIRlhtpuqWrh48xR6LzbVBgqkkgpDcX
woaTYMDTbFHwoo8uc5j74qVlAWi74a3EWCR/Rp5GACcZ+X6iM8YFvkiHUt3lCv5P
t3P+fGgwfzks9K3fr/vkTPusYxLgsWFdS2hSxkBySfCHSDyVGM+EVb83voAFJt3y
nJ8TCN2+AFGN8W1z09c/jUpfEDkuOlMTD4wvevGHR+YJkEdKR1om
-----END CERTIFICATE-----
Generated at Fri Apr 17 05:51:47 2026 by rpki-client