Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: NaYqrRTdqUtR+72DxRcoygarUSUL6QuCeEokW/6VXXs=
Subject key identifier: 1E:3D:1B:D5:AE:C4:8A:99:8B:DC:0E:3F:D8:CD:ED:75:A5:61:8F:8B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 48AA5C8D3E68485654740525D983F1960D5EB62B
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Tue 04 Nov 2025 00:08:45 +0000
ROA not before: Tue 04 Nov 2025 00:03:45 +0000
ROA not after: Tue 03 Nov 2026 00:08:45 +0000
asID: 9304
IP address blocks: 96.62.59.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
96.62.229.0/24 maxlen: 24
136.143.243.0/24 maxlen: 24
136.143.245.0/24 maxlen: 24
136.143.246.0/24 maxlen: 24
136.143.252.0/24 maxlen: 24
136.143.254.0/24 maxlen: 24
143.14.4.0/22 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.46.0/23 maxlen: 23
143.14.50.0/23 maxlen: 23
143.14.55.0/24 maxlen: 24
143.14.76.0/23 maxlen: 23
143.14.78.0/23 maxlen: 23
143.14.87.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.111.0/24 maxlen: 24
143.14.131.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.144.0/24 maxlen: 24
143.14.181.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.184.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
147.79.18.0/23 maxlen: 23
148.135.161.0/24 maxlen: 24
148.135.194.0/24 maxlen: 24
148.135.198.0/24 maxlen: 24
148.135.202.0/24 maxlen: 24
148.135.203.0/24 maxlen: 24
148.135.255.0/24 maxlen: 24
150.241.130.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
150.241.137.0/24 maxlen: 24
150.241.138.0/24 maxlen: 24
150.241.139.0/24 maxlen: 24
150.241.140.0/24 maxlen: 24
150.241.141.0/24 maxlen: 24
150.241.142.0/24 maxlen: 24
150.241.143.0/24 maxlen: 24
155.117.4.0/23 maxlen: 24
155.117.120.0/24 maxlen: 24
155.117.138.0/24 maxlen: 24
155.117.139.0/24 maxlen: 24
155.117.143.0/24 maxlen: 24
155.117.154.0/24 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.47.0/24 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.88.0/24 maxlen: 24
162.141.90.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.106.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
162.141.108.0/24 maxlen: 24
162.141.109.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.121.0/24 maxlen: 24
162.141.123.0/24 maxlen: 24
162.141.133.0/24 maxlen: 24
162.141.139.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.160.0/24 maxlen: 24
162.141.161.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.178.0/24 maxlen: 24
162.141.181.0/24 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.2.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.42.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.118.0/23 maxlen: 23
167.148.130.0/23 maxlen: 23
167.148.136.0/24 maxlen: 24
167.148.140.0/23 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.156.0/23 maxlen: 24
167.148.168.0/24 maxlen: 24
167.148.169.0/24 maxlen: 24
167.148.170.0/24 maxlen: 24
167.148.171.0/24 maxlen: 24
167.148.180.0/23 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.200.0/24 maxlen: 24
167.148.201.0/24 maxlen: 24
167.148.208.0/24 maxlen: 24
203.100.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:aa:5c:8d:3e:68:48:56:54:74:05:25:d9:83:f1:96:0d:5e:b6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Nov 4 00:03:45 2025 GMT
Not After : Nov 3 00:08:45 2026 GMT
Subject: CN=1E3D1BD5AEC48A998BDC0E3FD8CDED75A5618F8B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:fc:9d:b8:45:97:6a:02:70:d2:76:c2:2a:8e:
28:da:58:93:0e:4a:0a:d3:4e:d1:40:a7:3b:b1:6c:
a0:8b:08:2f:86:12:57:b4:57:03:12:ab:29:94:7a:
e9:27:ec:dc:a2:95:4f:10:ff:2e:29:34:8f:78:61:
39:fa:eb:ec:c6:1a:87:78:b7:79:05:a9:67:8a:07:
88:39:23:eb:95:a0:df:79:d4:4b:cf:35:01:52:96:
46:6b:bf:8b:6d:0e:a9:d8:dc:ba:fc:c4:d8:a4:fc:
60:86:6b:34:5e:ac:9a:68:8f:11:77:81:48:58:34:
c2:cb:8a:b8:ee:60:10:8c:e2:96:8a:b2:db:27:95:
e1:35:42:f3:0a:c7:4a:05:4c:39:6f:8a:e5:80:49:
07:8e:44:66:4c:86:da:3b:c1:b1:b7:a8:38:61:be:
d7:8b:72:38:9f:76:1d:eb:08:f2:17:5b:06:d3:45:
39:27:b2:50:18:de:c9:c8:34:6d:c6:fd:62:e2:1e:
71:b4:7b:63:7b:31:fe:0e:f7:97:dd:ac:97:b7:f8:
c7:6e:13:10:54:df:41:7a:b9:34:c9:6f:bb:55:b2:
11:df:44:a4:f4:47:65:3a:38:4a:50:0d:fb:06:90:
c4:2e:84:0a:47:dc:56:32:23:b8:4c:c4:f6:3e:95:
e1:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:3D:1B:D5:AE:C4:8A:99:8B:DC:0E:3F:D8:CD:ED:75:A5:61:8F:8B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.59.0/24
96.62.156.0/22
96.62.224.0/24
96.62.229.0/24
136.143.243.0/24
136.143.245.0-136.143.246.255
136.143.252.0/24
136.143.254.0/24
143.14.4.0/22
143.14.33.0/24
143.14.46.0/23
143.14.50.0/23
143.14.55.0/24
143.14.76.0/22
143.14.87.0/24
143.14.94.0/24
143.14.111.0/24
143.14.131.0/24
143.14.133.0/24
143.14.144.0/24
143.14.181.0-143.14.182.255
143.14.184.0/22
143.14.196.0/24
143.14.214.0/24
143.14.222.0/24
147.79.4.0/24
147.79.17.0-147.79.19.255
148.135.161.0/24
148.135.194.0/24
148.135.198.0/24
148.135.202.0/23
148.135.255.0/24
150.241.130.0/23
150.241.137.0-150.241.143.255
155.117.4.0/23
155.117.120.0/24
155.117.138.0/23
155.117.143.0/24
155.117.154.0/24
162.141.19.0/24
162.141.21.0/24
162.141.24.0-162.141.35.255
162.141.40.0/22
162.141.47.0/24
162.141.56.0/21
162.141.68.0-162.141.70.255
162.141.72.0/22
162.141.88.0/24
162.141.90.0/24
162.141.97.0/24
162.141.101.0/24
162.141.106.0-162.141.109.255
162.141.116.0/24
162.141.121.0/24
162.141.123.0/24
162.141.133.0/24
162.141.139.0/24
162.141.144.0/21
162.141.160.0/23
162.141.163.0/24
162.141.166.0/24
162.141.168.0/21
162.141.178.0/24
162.141.181.0/24
162.141.184.0/21
167.148.0.0/24
167.148.2.0/24
167.148.6.0/24
167.148.16.0-167.148.28.255
167.148.42.0/23
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.99.0/24
167.148.108.0/22
167.148.118.0/23
167.148.130.0/23
167.148.136.0/24
167.148.140.0/23
167.148.152.0/24
167.148.156.0/23
167.148.168.0/22
167.148.180.0/23
167.148.188.0/24
167.148.200.0/23
167.148.208.0/24
203.100.210.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3a:f7:95:0a:03:fb:15:e0:0b:eb:f1:60:74:20:f9:46:5e:
f5:db:19:e5:b0:43:f0:80:99:22:41:56:94:89:4f:2d:96:f5:
c4:ff:c8:f4:ac:cd:ee:89:8b:59:a0:8e:c9:7a:ee:29:85:f6:
91:49:02:9a:2c:34:13:ef:69:66:ab:01:2d:dc:7b:01:ab:78:
8e:ed:37:f4:27:54:e9:21:b3:d6:b3:d5:50:c0:f8:e8:d9:d5:
f0:ec:98:43:d1:56:32:08:fa:0f:90:b3:7b:c7:54:cb:b7:de:
f4:03:1f:ff:f5:69:17:19:89:09:6c:d8:ef:e0:a9:ac:2a:0f:
40:04:a2:5c:b8:48:09:32:11:86:48:3b:7e:fa:86:7e:92:b0:
55:65:54:0d:f5:dd:1f:f0:69:31:ad:1c:b2:65:3d:a9:8a:76:
b5:1c:31:d6:9f:55:fa:d8:ec:d2:2e:42:cf:60:61:51:28:f3:
12:7d:96:68:5e:ed:ea:08:6e:a8:a5:d1:91:1f:a1:3c:ae:26:
c6:42:74:8e:9e:87:df:2d:b1:b6:3f:62:32:12:dd:81:14:36:
6d:84:af:25:eb:70:bd:66:8b:17:4a:7f:26:21:35:88:0d:6a:
01:67:dc:5d:12:3b:49:bb:d9:ce:cf:2d:7c:cd:48:2f:e3:ac:
a0:bd:45:70
-----BEGIN CERTIFICATE-----
MIIHWjCCBkKgAwIBAgIUSKpcjT5oSFZUdAUl2YPxlg1etiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTExMDQwMDAzNDVaFw0yNjExMDMwMDA4NDVaMDMxMTAvBgNV
BAMTKDFFM0QxQkQ1QUVDNDhBOTk4QkRDMEUzRkQ4Q0RFRDc1QTU2MThGOEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV/J24RZdqAnDSdsIqjijaWJMO
SgrTTtFApzuxbKCLCC+GEle0VwMSqymUeukn7NyilU8Q/y4pNI94YTn66+zGGod4
t3kFqWeKB4g5I+uVoN951EvPNQFSlkZrv4ttDqnY3Lr8xNik/GCGazRerJpojxF3
gUhYNMLLirjuYBCM4paKstsnleE1QvMKx0oFTDlviuWASQeORGZMhto7wbG3qDhh
vteLcjifdh3rCPIXWwbTRTknslAY3snING3G/WLiHnG0e2N7Mf4O95fdrJe3+Mdu
ExBU30F6uTTJb7tVshHfRKT0R2U6OEpQDfsGkMQuhApH3FYyI7hMxPY+leFjAgMB
AAGjggRkMIIEYDAdBgNVHQ4EFgQUHj0b1a7EipmL3A4/2M3tdaVhj4swHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAnkGCCsGAQUFBwEHAQH/BIICaDCCAmQwggJgBAIAATCC
AlgDBABgPjsDBAJgPpwDBABgPuADBABgPuUDBACIj/MwDAMEAIiP9QMEAIiP9gME
AIiP/AMEAIiP/gMEAo8OBAMEAI8OIQMEAY8OLgMEAY8OMgMEAI8ONwMEAo8OTAME
AI8OVwMEAI8OXgMEAI8ObwMEAI8OgwMEAI8OhQMEAI8OkDAMAwQAjw61AwQAjw62
AwQCjw64AwQAjw7EAwQAjw7WAwQAjw7eAwQAk08EMAwDBACTTxEDBAKTTxADBACU
h6EDBACUh8IDBACUh8YDBAGUh8oDBACUh/8DBAGW8YIwDAMEAJbxiQMEBJbxgAME
AZt1BAMEAJt1eAMEAZt1igMEAJt1jwMEAJt1mgMEAKKNEwMEAKKNFTAMAwQDoo0Y
AwQCoo0gAwQCoo0oAwQAoo0vAwQDoo04MAwDBAKijUQDBACijUYDBAKijUgDBACi
jVgDBACijVoDBACijWEDBACijWUwDAMEAaKNagMEAaKNbAMEAKKNdAMEAKKNeQME
AKKNewMEAKKNhQMEAKKNiwMEA6KNkAMEAaKNoAMEAKKNowMEAKKNpgMEA6KNqAME
AKKNsgMEAKKNtQMEA6KNuAMEAKeUAAMEAKeUAgMEAKeUBjAMAwQEp5QQAwQAp5Qc
AwQBp5QqMAwDBASnlDADBAKnlDgDBAKnlEADBAKnlEwDBAOnlFgDBACnlGMDBAKn
lGwDBAGnlHYDBAGnlIIDBACnlIgDBAGnlIwDBACnlJgDBAGnlJwDBAKnlKgDBAGn
lLQDBACnlLwDBAGnlMgDBACnlNADBADLZNIwDQYJKoZIhvcNAQELBQADggEBAH86
95UKA/sV4Avr8WB0IPlGXvXbGeWwQ/CAmSJBVpSJTy2W9cT/yPSsze6Ji1mgjsl6
7imF9pFJAposNBPvaWarAS3cewGreI7tN/QnVOkhs9az1VDA+OjZ1fDsmEPRVjII
+g+Qs3vHVMu33vQDH//1aRcZiQls2O/gqawqD0AEoly4SAkyEYZIO376hn6SsFVl
VA313R/waTGtHLJlPamKdrUcMdafVfrY7NIuQs9gYVEo8xJ9lmhe7eoIbqil0ZEf
oTyuJsZCdI6eh98tsbY/YjIS3YEUNm2EryXrcL1mixdKfyYhNYgNagFn3F0SO0m7
2c7PLXzNSC/jrKC9RXA=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:37:39 2025 by rpki-client