Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 7X/3bG9+PejOeRi8sN8PBBYWkLhKchVcgTpBFjybv/w=
Subject key identifier: 13:11:83:A4:BC:60:63:10:B5:2A:D8:A3:04:EA:2D:7A:0A:6E:57:1B
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 5508D9C4DE0141D58739C67F7EFD6B5555679CA6
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Tue 29 Jul 2025 00:00:18 +0000
ROA not before: Mon 28 Jul 2025 23:55:18 +0000
ROA not after: Tue 28 Jul 2026 00:00:18 +0000
asID: 9304
IP address blocks: 96.62.59.0/24 maxlen: 24
96.62.71.0/24 maxlen: 24
96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.223.0/24 maxlen: 24
96.62.224.0/24 maxlen: 24
96.62.228.0/24 maxlen: 24
96.62.229.0/24 maxlen: 24
96.62.231.0/24 maxlen: 24
96.62.243.0/24 maxlen: 24
96.62.250.0/24 maxlen: 24
136.143.243.0/24 maxlen: 24
136.143.245.0/24 maxlen: 24
136.143.246.0/24 maxlen: 24
136.143.252.0/24 maxlen: 24
136.143.254.0/24 maxlen: 24
140.150.232.0/24 maxlen: 24
140.150.233.0/24 maxlen: 24
140.233.173.0/24 maxlen: 24
140.233.174.0/24 maxlen: 24
140.233.175.0/24 maxlen: 24
143.14.4.0/22 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.46.0/23 maxlen: 23
143.14.50.0/23 maxlen: 23
143.14.65.0/24 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.144.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.181.0/24 maxlen: 24
143.14.182.0/24 maxlen: 24
143.14.184.0/24 maxlen: 24
143.14.185.0/24 maxlen: 24
143.14.186.0/24 maxlen: 24
143.14.187.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
146.103.27.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.16.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
147.79.18.0/23 maxlen: 23
147.79.60.0/23 maxlen: 24
148.135.161.0/24 maxlen: 24
148.135.171.0/24 maxlen: 24
148.135.194.0/24 maxlen: 24
150.241.130.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
155.117.4.0/23 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.194.0/24 maxlen: 24
155.117.208.0/23 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.224.0/23 maxlen: 24
162.141.17.0/24 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.47.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.80.0/24 maxlen: 24
162.141.90.0/24 maxlen: 24
162.141.92.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.98.0/24 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.106.0/24 maxlen: 24
162.141.107.0/24 maxlen: 24
162.141.108.0/24 maxlen: 24
162.141.109.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.131.0/24 maxlen: 24
162.141.136.0/22 maxlen: 24
162.141.142.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.152.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.161.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.40.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.96.0/24 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.118.0/23 maxlen: 23
167.148.120.0/22 maxlen: 24
167.148.130.0/23 maxlen: 23
167.148.136.0/24 maxlen: 24
167.148.140.0/23 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.156.0/23 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.180.0/23 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.190.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.208.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
203.100.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:08:d9:c4:de:01:41:d5:87:39:c6:7f:7e:fd:6b:55:55:67:9c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jul 28 23:55:18 2025 GMT
Not After : Jul 28 00:00:18 2026 GMT
Subject: CN=131183A4BC606310B52AD8A304EA2D7A0A6E571B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:02:48:98:dc:28:70:24:64:9d:59:9d:bf:1f:
62:1c:e5:bb:36:b9:c4:f6:80:dc:fb:ca:c3:7b:eb:
a3:45:e4:4a:a1:6c:05:26:e9:80:cb:9c:e8:35:7a:
b0:21:bc:16:af:11:7e:e9:e5:44:5c:85:ce:11:d1:
6e:ec:de:c8:96:96:69:0b:ea:b1:a2:19:55:94:05:
3e:19:a1:97:93:67:44:67:7c:53:64:b3:a7:c9:57:
75:86:2a:60:d3:a9:38:2c:bc:87:d1:c3:bc:88:76:
8f:39:4d:5e:ed:1e:27:0a:47:e9:b5:ce:2e:2f:06:
8e:aa:cd:90:36:0c:07:16:f8:b7:d7:aa:b5:4c:9c:
82:e6:d7:04:4f:07:34:eb:64:c6:f1:42:ba:f1:dd:
88:11:6f:83:8f:bb:61:8c:e1:95:ac:b2:26:0a:74:
db:fc:d9:0b:d3:95:d3:8a:8c:eb:51:14:e3:74:87:
58:48:6e:e3:5a:8a:04:d7:9b:64:74:74:bf:2c:6c:
83:02:8e:c9:56:61:92:48:d9:16:f8:28:c9:13:d7:
ca:c5:fb:2f:ec:d8:d1:e1:34:fe:43:2e:a2:c5:46:
28:e2:be:0f:ab:21:e0:2f:65:bf:bc:75:a0:ce:da:
d1:2b:15:e1:3b:ac:1d:b1:f1:f3:6b:6d:98:04:07:
ea:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:11:83:A4:BC:60:63:10:B5:2A:D8:A3:04:EA:2D:7A:0A:6E:57:1B
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.59.0/24
96.62.71.0/24
96.62.73.0-96.62.74.255
96.62.100.0/24
96.62.156.0/22
96.62.223.0-96.62.224.255
96.62.228.0/23
96.62.231.0/24
96.62.243.0/24
96.62.250.0/24
136.143.243.0/24
136.143.245.0-136.143.246.255
136.143.252.0/24
136.143.254.0/24
140.150.232.0/23
140.233.173.0-140.233.175.255
143.14.4.0/22
143.14.16.0/21
143.14.33.0/24
143.14.46.0/23
143.14.50.0/23
143.14.65.0-143.14.66.255
143.14.92.0/24
143.14.94.0/24
143.14.133.0/24
143.14.144.0/24
143.14.152.0/24
143.14.181.0-143.14.182.255
143.14.184.0/22
143.14.196.0/24
143.14.208.0/23
143.14.214.0/24
143.14.222.0/24
143.14.245.0/24
146.103.27.0/24
147.79.4.0/24
147.79.16.0/22
147.79.60.0/23
148.135.161.0/24
148.135.171.0/24
148.135.194.0/24
150.241.130.0/23
150.241.228.0/24
155.117.4.0/23
155.117.171.0/24
155.117.186.0/24
155.117.194.0/24
155.117.208.0/23
155.117.218.0/24
155.117.224.0/23
162.141.17.0/24
162.141.19.0/24
162.141.21.0/24
162.141.24.0-162.141.35.255
162.141.40.0-162.141.44.255
162.141.47.0/24
162.141.55.0-162.141.63.255
162.141.67.0-162.141.70.255
162.141.72.0/22
162.141.80.0/24
162.141.90.0/24
162.141.92.0/24
162.141.97.0-162.141.98.255
162.141.101.0/24
162.141.106.0-162.141.109.255
162.141.115.0-162.141.116.255
162.141.131.0/24
162.141.136.0/22
162.141.142.0/24
162.141.144.0-162.141.153.255
162.141.161.0/24
162.141.163.0/24
162.141.166.0/24
162.141.168.0/21
162.141.184.0/21
167.148.0.0/24
167.148.6.0/24
167.148.16.0-167.148.28.255
167.148.36.0-167.148.40.255
167.148.43.0/24
167.148.48.0-167.148.59.255
167.148.64.0-167.148.68.255
167.148.76.0/22
167.148.88.0-167.148.96.255
167.148.99.0/24
167.148.108.0/22
167.148.118.0-167.148.123.255
167.148.130.0/23
167.148.136.0/24
167.148.140.0/23
167.148.149.0/24
167.148.152.0/24
167.148.156.0/23
167.148.175.0/24
167.148.180.0/23
167.148.188.0/24
167.148.190.0/24
167.148.197.0/24
167.148.208.0/23
203.100.210.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ef:3e:dc:2a:5e:2b:f5:c1:73:83:05:39:41:e9:67:cf:2c:
45:67:33:bd:e2:9c:40:6f:3e:d1:f5:42:71:ab:f0:f5:25:a4:
53:98:d3:0d:54:d8:fd:df:f1:a9:86:0a:6f:6c:7f:92:20:67:
4f:9e:0e:20:d3:15:ed:82:ea:af:31:d1:89:14:37:fa:51:dd:
6f:2a:83:4c:25:80:cd:63:a0:b8:6d:07:0a:2c:42:dc:29:eb:
92:23:0f:b7:48:c8:0e:16:4f:8f:be:fe:14:e7:c2:34:3a:9e:
fe:ba:f7:c0:a7:f7:c2:e4:a3:5d:30:96:24:9c:55:66:84:35:
77:00:59:ff:ac:53:f3:b7:e1:8a:76:a2:6e:90:b7:75:7b:c9:
07:cc:21:69:27:9e:30:af:83:f7:2b:cf:05:d6:10:01:ed:90:
a2:90:32:4d:f3:2f:11:5c:fc:45:09:3a:28:74:ce:60:48:dc:
ba:2e:c6:80:29:47:ed:b3:7c:af:17:47:02:3c:8b:46:ba:b0:
57:19:b7:ac:ae:22:f3:7f:3d:92:2a:db:41:81:d6:bb:0e:00:
7f:b3:1f:f2:e6:5b:d3:31:b4:8c:23:ce:84:92:24:19:9a:5f:
56:bd:8e:e0:8f:3b:0c:65:55:23:1c:7b:b7:56:39:5d:43:6d:
bf:fb:61:4e
-----BEGIN CERTIFICATE-----
MIIH+jCCBuKgAwIBAgIUVQjZxN4BQdWHOcZ/fv1rVVVnnKYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA3MjgyMzU1MThaFw0yNjA3MjgwMDAwMThaMDMxMTAvBgNV
BAMTKDEzMTE4M0E0QkM2MDYzMTBCNTJBRDhBMzA0RUEyRDdBMEE2RTU3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAAkiY3ChwJGSdWZ2/H2Ic5bs2
ucT2gNz7ysN766NF5EqhbAUm6YDLnOg1erAhvBavEX7p5URchc4R0W7s3siWlmkL
6rGiGVWUBT4ZoZeTZ0RnfFNks6fJV3WGKmDTqTgsvIfRw7yIdo85TV7tHicKR+m1
zi4vBo6qzZA2DAcW+LfXqrVMnILm1wRPBzTrZMbxQrrx3YgRb4OPu2GM4ZWssiYK
dNv82QvTldOKjOtRFON0h1hIbuNaigTXm2R0dL8sbIMCjslWYZJI2Rb4KMkT18rF
+y/s2NHhNP5DLqLFRijivg+rIeAvZb+8daDO2tErFeE7rB2x8fNrbZgEB+p1AgMB
AAGjggUEMIIFADAdBgNVHQ4EFgQUExGDpLxgYxC1KtijBOotegpuVxswHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAxkGCCsGAQUFBwEHAQH/BIIDCDCCAwQwggMABAIAATCC
AvgDBABgPjsDBABgPkcwDAMEAGA+SQMEAGA+SgMEAGA+ZAMEAmA+nDAMAwQAYD7f
AwQAYD7gAwQBYD7kAwQAYD7nAwQAYD7zAwQAYD76AwQAiI/zMAwDBACIj/UDBACI
j/YDBACIj/wDBACIj/4DBAGMlugwDAMEAIzprQMEBIzpoAMEAo8OBAMEA48OEAME
AI8OIQMEAY8OLgMEAY8OMjAMAwQAjw5BAwQAjw5CAwQAjw5cAwQAjw5eAwQAjw6F
AwQAjw6QAwQAjw6YMAwDBACPDrUDBACPDrYDBAKPDrgDBACPDsQDBAGPDtADBACP
DtYDBACPDt4DBACPDvUDBACSZxsDBACTTwQDBAKTTxADBAGTTzwDBACUh6EDBACU
h6sDBACUh8IDBAGW8YIDBACW8eQDBAGbdQQDBACbdasDBACbdboDBACbdcIDBAGb
ddADBACbddoDBAGbdeADBACijREDBACijRMDBACijRUwDAMEA6KNGAMEAqKNIDAM
AwQDoo0oAwQAoo0sAwQAoo0vMAwDBACijTcDBAaijQAwDAMEAKKNQwMEAKKNRgME
AqKNSAMEAKKNUAMEAKKNWgMEAKKNXDAMAwQAoo1hAwQAoo1iAwQAoo1lMAwDBAGi
jWoDBAGijWwwDAMEAKKNcwMEAKKNdAMEAKKNgwMEAqKNiAMEAKKNjjAMAwQEoo2Q
AwQBoo2YAwQAoo2hAwQAoo2jAwQAoo2mAwQDoo2oAwQDoo24AwQAp5QAAwQAp5QG
MAwDBASnlBADBACnlBwwDAMEAqeUJAMEAKeUKAMEAKeUKzAMAwQEp5QwAwQCp5Q4
MAwDBAanlEADBACnlEQDBAKnlEwwDAMEA6eUWAMEAKeUYAMEAKeUYwMEAqeUbDAM
AwQBp5R2AwQCp5R4AwQBp5SCAwQAp5SIAwQBp5SMAwQAp5SVAwQAp5SYAwQBp5Sc
AwQAp5SvAwQBp5S0AwQAp5S8AwQAp5S+AwQAp5TFAwQBp5TQAwQAy2TSMA0GCSqG
SIb3DQEBCwUAA4IBAQA77z7cKl4r9cFzgwU5QelnzyxFZzO94pxAbz7R9UJxq/D1
JaRTmNMNVNj93/GphgpvbH+SIGdPng4g0xXtguqvMdGJFDf6Ud1vKoNMJYDNY6C4
bQcKLELcKeuSIw+3SMgOFk+Pvv4U58I0Op7+uvfAp/fC5KNdMJYknFVmhDV3AFn/
rFPzt+GKdqJukLd1e8kHzCFpJ54wr4P3K88F1hAB7ZCikDJN8y8RXPxFCToodM5g
SNy6LsaAKUfts3yvF0cCPItGurBXGbesriLzfz2SKttBgda7DgB/sx/y5lvTMbSM
I86EkiQZml9WvY7gjzsMZVUjHHu3VjldQ22/+2FO
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:57:59 2025 by rpki-client