Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: dmMzXK9SstzWtJvLMyCRgt4N0NSjbNwjy3kqqhTLC88=
Subject key identifier: 7A:CF:60:28:C9:60:0D:7C:0C:E9:76:F8:16:C3:4D:6E:74:EF:9F:DF
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 738D0469D3A821F24F98840F565726C79E3C7065
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Wed 11 Jun 2025 19:55:33 +0000
ROA not before: Wed 11 Jun 2025 19:50:33 +0000
ROA not after: Wed 10 Jun 2026 19:55:33 +0000
asID: 9304
IP address blocks: 96.62.152.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
136.143.243.0/24 maxlen: 24
136.143.245.0/24 maxlen: 24
136.143.246.0/24 maxlen: 24
136.143.252.0/24 maxlen: 24
136.143.254.0/24 maxlen: 24
140.233.167.0/24 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.65.0/24 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.60.0/23 maxlen: 24
147.79.62.0/23 maxlen: 23
150.241.130.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
155.117.4.0/23 maxlen: 24
155.117.64.0/21 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.194.0/24 maxlen: 24
155.117.208.0/23 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.224.0/23 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.47.0/24 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.80.0/24 maxlen: 24
162.141.90.0/24 maxlen: 24
162.141.92.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.98.0/24 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.131.0/24 maxlen: 24
162.141.142.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.152.0/24 maxlen: 24
162.141.161.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.40.0/24 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.120.0/22 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.180.0/23 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.190.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.208.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
203.100.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:8d:04:69:d3:a8:21:f2:4f:98:84:0f:56:57:26:c7:9e:3c:70:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 11 19:50:33 2025 GMT
Not After : Jun 10 19:55:33 2026 GMT
Subject: CN=7ACF6028C9600D7C0CE976F816C34D6E74EF9FDF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:33:d3:86:79:18:cd:a4:a8:3b:e4:c2:b2:1c:
2a:fa:c4:1b:18:4b:44:cc:0c:d6:bd:ac:4f:9a:fe:
2c:6b:2e:36:a9:0a:24:9f:4e:e4:77:2a:e3:16:e1:
ca:0c:c0:af:1f:bb:4a:fb:a0:6b:62:d9:d1:8c:a7:
a2:a7:c7:01:c3:e9:c2:db:01:3f:be:69:b2:ca:0a:
ce:f6:b4:a7:33:19:39:f4:85:42:9d:b2:b3:10:69:
9b:32:cd:e3:90:0a:fa:5a:c3:58:93:4f:e4:eb:af:
6f:b3:3c:8e:1e:3a:34:6e:85:2d:a1:dd:2a:70:f8:
50:b8:54:f7:a4:e2:1f:27:47:47:82:d5:e9:88:9e:
c6:72:d4:a1:14:06:cb:a2:26:2b:17:1b:c4:e3:e5:
a3:34:29:6c:cb:eb:ad:52:f3:7b:d7:1a:8d:37:21:
31:59:ec:97:e6:39:ca:a4:3d:f3:ce:3c:f4:da:22:
77:9b:6b:7e:1f:53:ae:78:42:af:63:3d:ed:10:92:
27:76:61:9c:5c:04:cf:31:48:9f:4f:2b:c4:85:80:
35:0a:3a:d1:d8:ff:9b:ad:fb:66:9d:19:fe:0c:ba:
44:0d:c9:ef:a1:fd:7e:de:b0:f2:e8:c4:39:f4:d6:
8f:64:ec:e5:65:9f:95:85:b7:d6:da:e0:7e:4d:63:
e8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:CF:60:28:C9:60:0D:7C:0C:E9:76:F8:16:C3:4D:6E:74:EF:9F:DF
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.152.0/24
96.62.156.0/22
96.62.224.0/24
136.143.243.0/24
136.143.245.0-136.143.246.255
136.143.252.0/24
136.143.254.0/24
140.233.167.0/24
143.14.16.0/21
143.14.33.0/24
143.14.65.0-143.14.66.255
143.14.92.0/24
143.14.94.0/24
143.14.133.0/24
143.14.152.0/24
143.14.196.0/24
143.14.208.0/23
143.14.214.0/24
143.14.222.0/24
143.14.245.0/24
147.79.4.0/24
147.79.60.0/22
150.241.130.0/24
150.241.228.0/24
155.117.4.0/23
155.117.64.0/21
155.117.171.0/24
155.117.186.0/24
155.117.194.0/24
155.117.208.0/23
155.117.218.0/24
155.117.224.0/23
162.141.19.0/24
162.141.21.0/24
162.141.24.0-162.141.35.255
162.141.40.0-162.141.44.255
162.141.47.0/24
162.141.56.0/21
162.141.67.0-162.141.70.255
162.141.72.0/22
162.141.80.0/24
162.141.90.0/24
162.141.92.0/24
162.141.97.0-162.141.98.255
162.141.101.0/24
162.141.115.0-162.141.116.255
162.141.131.0/24
162.141.142.0/24
162.141.144.0-162.141.152.255
162.141.161.0/24
162.141.163.0/24
162.141.168.0/21
162.141.184.0/21
167.148.16.0-167.148.27.255
167.148.36.0-167.148.40.255
167.148.48.0-167.148.59.255
167.148.64.0/22
167.148.76.0/22
167.148.88.0/21
167.148.99.0/24
167.148.108.0/22
167.148.120.0/22
167.148.149.0/24
167.148.175.0/24
167.148.180.0/23
167.148.188.0/24
167.148.190.0/24
167.148.197.0/24
167.148.208.0/23
203.100.210.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:7e:ed:ff:da:a9:49:45:06:55:01:07:74:c7:a8:ec:fb:a7:
2e:6f:77:02:6a:c9:05:94:75:65:0e:bc:91:af:a3:05:cb:05:
ef:5e:8e:27:ff:2d:b6:f9:ec:c3:25:80:df:b2:e6:fc:6d:87:
aa:e1:63:a4:e9:2d:a0:55:98:e9:9a:54:1c:73:5e:40:1c:2f:
7f:41:a6:bb:2c:a3:23:7a:f9:87:b1:9b:74:d2:c6:b7:c2:79:
31:da:3b:69:13:76:97:d6:29:1a:bb:ef:d2:c0:55:7e:06:aa:
51:ef:db:fa:fb:b7:bb:68:ab:34:16:0b:d2:21:38:61:e5:95:
82:b2:10:48:6f:d1:21:45:a3:5e:03:62:7e:ca:04:a3:d8:04:
eb:1c:d8:4a:4d:c1:f5:fa:53:e0:19:35:2a:c7:6d:b5:28:b7:
3c:c0:93:3e:f6:2b:1c:c4:af:cc:73:67:a5:1b:c1:f7:b5:50:
77:86:5e:64:1c:68:8a:d3:04:e1:ad:39:01:08:9b:ab:b5:58:
c7:ae:59:55:d7:1d:bf:5f:ac:88:b7:88:de:2e:63:1e:7e:31:
f8:c6:d0:8f:e1:a4:70:ab:f2:4b:55:83:cc:08:de:93:15:e4:
ec:ec:08:fe:e2:19:d9:55:a0:ed:4e:32:5d:1e:e0:8d:55:a0:
7f:f0:c6:11
-----BEGIN CERTIFICATE-----
MIIG/jCCBeagAwIBAgIUc40EadOoIfJPmIQPVlcmx548cGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MTExOTUwMzNaFw0yNjA2MTAxOTU1MzNaMDMxMTAvBgNV
BAMTKDdBQ0Y2MDI4Qzk2MDBEN0MwQ0U5NzZGODE2QzM0RDZFNzRFRjlGREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiM9OGeRjNpKg75MKyHCr6xBsY
S0TMDNa9rE+a/ixrLjapCiSfTuR3KuMW4coMwK8fu0r7oGti2dGMp6KnxwHD6cLb
AT++abLKCs72tKczGTn0hUKdsrMQaZsyzeOQCvpaw1iTT+Trr2+zPI4eOjRuhS2h
3Spw+FC4VPek4h8nR0eC1emInsZy1KEUBsuiJisXG8Tj5aM0KWzL661S83vXGo03
ITFZ7JfmOcqkPfPOPPTaIneba34fU654Qq9jPe0Qkid2YZxcBM8xSJ9PK8SFgDUK
OtHY/5ut+2adGf4MukQNye+h/X7esPLoxDn01o9k7OVln5WFt9ba4H5NY+gPAgMB
AAGjggQIMIIEBDAdBgNVHQ4EFgQUes9gKMlgDXwM6Xb4FsNNbnTvn98wHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAh0GCCsGAQUFBwEHAQH/BIICDDCCAggwggIEBAIAATCC
AfwDBABgPpgDBAJgPpwDBABgPuADBACIj/MwDAMEAIiP9QMEAIiP9gMEAIiP/AME
AIiP/gMEAIzppwMEA48OEAMEAI8OITAMAwQAjw5BAwQAjw5CAwQAjw5cAwQAjw5e
AwQAjw6FAwQAjw6YAwQAjw7EAwQBjw7QAwQAjw7WAwQAjw7eAwQAjw71AwQAk08E
AwQCk088AwQAlvGCAwQAlvHkAwQBm3UEAwQDm3VAAwQAm3WrAwQAm3W6AwQAm3XC
AwQBm3XQAwQAm3XaAwQBm3XgAwQAoo0TAwQAoo0VMAwDBAOijRgDBAKijSAwDAME
A6KNKAMEAKKNLAMEAKKNLwMEA6KNODAMAwQAoo1DAwQAoo1GAwQCoo1IAwQAoo1Q
AwQAoo1aAwQAoo1cMAwDBACijWEDBACijWIDBACijWUwDAMEAKKNcwMEAKKNdAME
AKKNgwMEAKKNjjAMAwQEoo2QAwQAoo2YAwQAoo2hAwQAoo2jAwQDoo2oAwQDoo24
MAwDBASnlBADBAKnlBgwDAMEAqeUJAMEAKeUKDAMAwQEp5QwAwQCp5Q4AwQCp5RA
AwQCp5RMAwQDp5RYAwQAp5RjAwQCp5RsAwQCp5R4AwQAp5SVAwQAp5SvAwQBp5S0
AwQAp5S8AwQAp5S+AwQAp5TFAwQBp5TQAwQAy2TSMA0GCSqGSIb3DQEBCwUAA4IB
AQCufu3/2qlJRQZVAQd0x6js+6cub3cCaskFlHVlDryRr6MFywXvXo4n/y22+ezD
JYDfsub8bYeq4WOk6S2gVZjpmlQcc15AHC9/Qaa7LKMjevmHsZt00sa3wnkx2jtp
E3aX1ikau+/SwFV+BqpR79v6+7e7aKs0FgvSIThh5ZWCshBIb9EhRaNeA2J+ygSj
2ATrHNhKTcH1+lPgGTUqx221KLc8wJM+9iscxK/Mc2elG8H3tVB3hl5kHGiK0wTh
rTkBCJurtVjHrllV1x2/X6yIt4jeLmMefjH4xtCP4aRwq/JLVYPMCN6TFeTs7Aj+
4hnZVaDtTjJdHuCNVaB/8MYR
-----END CERTIFICATE-----
Generated at Sun Jun 15 06:13:00 2025 by rpki-client