Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: Ph9F+4rzunzV0ouhUhyBthp45oI5UbLzdgs891kWfl8=
Subject key identifier: 30:E7:33:0B:D3:BC:09:4A:04:EA:93:63:43:EE:4F:04:A8:05:C8:14
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 425A70D3C09637787D80C15E5375AC3EEEBDB1AB
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Mon 09 Feb 2026 10:47:53 +0000
ROA not before: Mon 09 Feb 2026 10:42:53 +0000
ROA not after: Mon 08 Feb 2027 10:47:53 +0000
asID: 9304
IP address blocks: 5.252.74.0/24 maxlen: 24
89.19.50.0/24 maxlen: 24
179.61.140.0/24 maxlen: 24
179.61.150.0/24 maxlen: 24
191.96.111.0/24 maxlen: 24
191.101.29.0/24 maxlen: 24
191.101.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:5a:70:d3:c0:96:37:78:7d:80:c1:5e:53:75:ac:3e:ee:bd:b1:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Feb 9 10:42:53 2026 GMT
Not After : Feb 8 10:47:53 2027 GMT
Subject: CN=30E7330BD3BC094A04EA936343EE4F04A805C814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:54:25:67:78:ca:a5:26:c4:e3:17:fd:83:27:
de:f4:2e:89:96:4f:94:79:8c:97:0b:9a:d0:af:8c:
42:f2:05:d5:5a:3d:e6:b4:55:5d:54:59:c6:e7:70:
5e:e8:e6:c8:1c:c8:b3:88:da:b6:78:5e:38:03:ee:
6c:d1:00:c4:75:e3:68:59:60:ab:8e:cc:6c:7d:1f:
12:29:74:ea:41:61:e5:43:66:70:a5:48:d1:06:60:
55:d8:b2:57:73:93:3d:15:0d:cc:0d:bf:3f:36:b9:
a3:68:d7:11:d2:14:6b:ce:e7:34:98:d0:18:e9:5d:
69:e8:14:60:cd:5d:99:59:10:fa:2c:b3:b9:9a:8b:
ff:ef:a2:01:94:bf:60:52:ce:94:30:db:a7:d4:ee:
ad:03:83:a0:d0:3a:65:0f:43:ad:8c:4c:b9:9f:85:
c2:91:e7:93:b4:7d:78:81:c9:b9:ad:5c:41:06:3a:
56:be:75:1c:ef:da:0f:62:86:8c:c3:8f:c6:0c:19:
fd:12:6d:02:bd:9e:3e:4a:e8:58:cb:98:04:44:9f:
af:a7:3a:8a:59:33:b6:e2:ed:8b:f9:7e:a1:4b:1d:
4c:97:1b:57:15:07:18:eb:e2:b7:c9:17:f1:60:94:
55:0d:a9:48:20:03:d7:fb:cf:cb:ec:72:20:04:64:
fe:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E7:33:0B:D3:BC:09:4A:04:EA:93:63:43:EE:4F:04:A8:05:C8:14
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.74.0/24
89.19.50.0/24
179.61.140.0/24
179.61.150.0/24
191.96.111.0/24
191.101.29.0/24
191.101.83.0/24
Signature Algorithm: sha256WithRSAEncryption
04:9f:5e:b4:bc:77:3c:62:11:33:42:4d:47:11:65:08:ae:79:
9b:fc:1e:e9:6c:53:d1:cf:b9:d8:f2:63:24:43:64:7a:9e:02:
56:82:6a:07:47:2d:b6:51:2f:1f:82:7f:9d:bb:59:c5:0b:9d:
6b:94:89:37:70:aa:9f:e3:cb:ba:c9:b4:c7:ff:b0:ca:20:b3:
55:7d:c9:62:5f:19:8c:5e:bf:bd:78:39:e6:cd:d7:6f:a9:32:
30:c5:be:b5:64:62:a0:25:97:ca:5c:da:b5:30:53:96:58:e4:
29:e8:4c:2c:fd:92:59:88:dd:a1:b9:99:01:97:fe:3a:4c:dd:
fe:e1:1e:a1:e5:9c:3d:19:83:3e:f6:15:45:c6:2b:58:04:4a:
d3:20:cb:45:d9:7c:53:5e:b7:6a:4d:5d:7d:8f:ee:1f:f4:0b:
44:7e:38:36:99:22:8e:8e:66:1c:0e:69:33:83:3f:bf:9f:27:
23:06:f4:47:31:b6:45:36:c9:bf:09:ae:c9:1e:b0:f3:95:8e:
56:4c:0f:5e:40:45:93:d6:6d:92:9f:6a:fb:53:46:f4:b9:32:
78:b0:86:3d:65:cf:8e:a8:d2:c9:4a:83:30:0a:e4:93:67:fd:
e1:f0:08:64:b5:26:e5:33:e7:9a:3f:51:af:63:14:04:30:59:
af:00:36:7a
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIUQlpw08CWN3h9gMFeU3WsPu69saswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAyMDkxMDQyNTNaFw0yNzAyMDgxMDQ3NTNaMDMxMTAvBgNV
BAMTKDMwRTczMzBCRDNCQzA5NEEwNEVBOTM2MzQzRUU0RjA0QTgwNUM4MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSVCVneMqlJsTjF/2DJ970LomW
T5R5jJcLmtCvjELyBdVaPea0VV1UWcbncF7o5sgcyLOI2rZ4XjgD7mzRAMR142hZ
YKuOzGx9HxIpdOpBYeVDZnClSNEGYFXYsldzkz0VDcwNvz82uaNo1xHSFGvO5zSY
0BjpXWnoFGDNXZlZEPoss7mai//vogGUv2BSzpQw26fU7q0Dg6DQOmUPQ62MTLmf
hcKR55O0fXiBybmtXEEGOla+dRzv2g9ihozDj8YMGf0SbQK9nj5K6FjLmAREn6+n
OopZM7bi7Yv5fqFLHUyXG1cVBxjr4rfJF/FglFUNqUggA9f7z8vsciAEZP6FAgMB
AAGjggIsMIICKDAdBgNVHQ4EFgQUMOczC9O8CUoE6pNjQ+5PBKgFyBQwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAAX8SgME
AFkTMgMEALM9jAMEALM9lgMEAL9gbwMEAL9lHQMEAL9lUzANBgkqhkiG9w0BAQsF
AAOCAQEABJ9etLx3PGIRM0JNRxFlCK55m/we6WxT0c+52PJjJENkep4CVoJqB0ct
tlEvH4J/nbtZxQuda5SJN3Cqn+PLusm0x/+wyiCzVX3JYl8ZjF6/vXg55s3Xb6ky
MMW+tWRioCWXylzatTBTlljkKehMLP2SWYjdobmZAZf+Okzd/uEeoeWcPRmDPvYV
RcYrWARK0yDLRdl8U163ak1dfY/uH/QLRH44Npkijo5mHA5pM4M/v58nIwb0RzG2
RTbJvwmuyR6w85WOVkwPXkBFk9Ztkp9q+1NG9LkyeLCGPWXPjqjSyUqDMArkk2f9
4fAIZLUm5TPnmj9Rr2MUBDBZrwA2eg==
-----END CERTIFICATE-----
Generated at Sun Mar 1 23:38:56 2026 by rpki-client