Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: i3DTzU8KZ5Bixb2QFysGdd8rwKi04DNeodxbEUT7DwA=
Subject key identifier: 5F:31:C1:4B:22:2B:F2:E9:5C:4B:05:BC:39:61:7F:4E:EC:15:1B:98
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 4F84B1E9DF76AB7D60CA99353859B37BC611280E
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Tue 04 Nov 2025 00:08:40 +0000
ROA not before: Tue 04 Nov 2025 00:03:40 +0000
ROA not after: Tue 03 Nov 2026 00:08:40 +0000
asID: 9304
IP address blocks: 5.182.110.0/24 maxlen: 24
5.252.74.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
89.19.46.0/24 maxlen: 24
89.19.50.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
103.141.68.0/24 maxlen: 24
103.141.69.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.215.12.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.23.0/24 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.196.0/24 maxlen: 24
181.215.210.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
185.158.151.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.141.0/24 maxlen: 24
191.96.180.0/24 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.212.0/22 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/23 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:84:b1:e9:df:76:ab:7d:60:ca:99:35:38:59:b3:7b:c6:11:28:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Nov 4 00:03:40 2025 GMT
Not After : Nov 3 00:08:40 2026 GMT
Subject: CN=5F31C14B222BF2E95C4B05BC39617F4EEC151B98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:89:23:4e:12:57:6d:4e:ca:aa:a4:29:a5:aa:
ba:58:49:e0:f0:7e:e6:8e:c1:d8:3b:41:d5:2e:ee:
26:89:34:92:85:43:07:cb:03:fb:20:f9:8e:11:0e:
da:84:9e:dd:28:8a:f4:c9:02:e1:b2:38:e2:15:de:
c7:09:8f:99:d5:e6:47:89:17:e4:a7:e4:04:84:42:
07:ba:bd:5d:45:ee:f6:eb:b5:6f:7a:1e:7d:f9:10:
34:3c:94:4a:c8:9d:6f:8e:42:3e:d9:35:57:37:38:
d4:c3:c3:91:a7:62:ab:5a:4a:61:9a:97:de:fa:95:
07:5c:3b:af:69:3e:93:2c:59:aa:4d:c9:9a:ea:08:
a8:37:f6:d6:17:0b:77:98:a3:33:69:66:97:5c:9f:
ac:3f:aa:3e:20:ba:61:25:7b:27:00:19:13:f4:28:
49:36:3a:02:7c:25:65:ab:70:0d:81:77:8b:46:bc:
53:ed:3e:5f:85:66:1a:53:47:4b:5c:a2:ee:6b:f5:
86:c7:96:e7:b0:7b:2c:b1:06:b9:ea:9a:52:18:e6:
18:2b:72:0d:09:2a:b2:c6:ae:59:fb:83:82:96:50:
c7:1c:ba:77:91:49:02:83:03:e5:bf:46:57:80:5c:
82:9e:3c:06:c4:59:4a:fd:10:5e:14:38:87:8e:e1:
dd:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:31:C1:4B:22:2B:F2:E9:5C:4B:05:BC:39:61:7F:4E:EC:15:1B:98
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
5.252.74.0/24
45.139.180.0/24
45.139.182.0/23
89.19.46.0/24
89.19.50.0/24
92.118.162.0/24
92.119.33.0/24
103.141.68.0/23
109.106.3.0/24
179.61.241.0/24
181.41.211.0/24
181.214.119.0/24
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.216.0/24
181.215.12.0/24
181.215.22.0/23
181.215.31.0/24
181.215.41.0/24
181.215.58.0/24
181.215.84.0/24
181.215.88.0/24
181.215.110.0/24
181.215.186.0/23
181.215.190.0/24
181.215.196.0/24
181.215.210.0/24
185.151.58.0/24
185.158.151.0/24
191.96.3.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.136.0/24
191.96.140.0/23
191.96.180.0/24
191.96.182.0/24
191.96.222.0/24
191.101.9.0/24
191.101.20.0/24
191.101.22.0/24
191.101.58.0/24
191.101.76.0/24
191.101.82.0/24
191.101.88.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.148.0/24
191.101.177.0/24
191.101.180.0/24
191.101.187.0/24
191.101.212.0/22
191.101.236.0/24
191.101.238.0-191.101.240.255
191.101.247.0/24
Signature Algorithm: sha256WithRSAEncryption
69:91:32:dd:f6:01:dc:a6:e6:e5:6d:11:d6:58:19:b5:84:5f:
19:8c:31:07:e3:1c:32:96:ee:31:ec:e8:3d:ac:99:fc:49:01:
62:92:4c:6a:a1:de:56:92:92:02:ea:c3:70:45:2a:7d:29:5e:
dc:d4:a0:44:2b:c4:8b:db:48:03:2a:c6:45:2b:eb:4c:36:a3:
ea:6e:9b:af:a0:51:7c:42:ec:33:23:31:1f:f3:b7:3b:f6:97:
4e:29:4a:6c:b3:6c:4a:b7:c0:88:84:3d:5a:51:6d:a2:ea:48:
5b:7b:48:56:ce:d4:8e:55:42:f2:9b:70:8e:fa:c6:22:a2:8a:
d3:d9:2f:10:d8:e5:0d:20:00:ed:d3:18:1e:04:ef:50:6c:4b:
a1:e6:61:39:75:5a:f0:d9:46:71:80:86:91:6b:79:6f:d9:09:
7b:a1:fd:65:ac:11:3c:4e:60:c2:ed:9b:71:1b:d3:d1:11:e1:
f3:c7:f6:b9:4a:41:55:b6:05:9d:00:a1:62:1b:6b:8f:c9:23:
7f:37:b1:10:56:58:3f:85:74:70:ff:86:2f:82:8d:69:c6:57:
0a:d7:99:15:e1:e3:6d:2b:8d:a1:bb:6d:a7:e2:2c:46:a9:bf:
f1:26:61:40:9b:84:35:a4:43:77:a5:bc:73:43:68:86:18:c7:
33:7d:27:77
-----BEGIN CERTIFICATE-----
MIIGeDCCBWCgAwIBAgIUT4Sx6d92q31gypk1OFmze8YRKA4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTExMDQwMDAzNDBaFw0yNjExMDMwMDA4NDBaMDMxMTAvBgNV
BAMTKDVGMzFDMTRCMjIyQkYyRTk1QzRCMDVCQzM5NjE3RjRFRUMxNTFCOTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeiSNOEldtTsqqpCmlqrpYSeDw
fuaOwdg7QdUu7iaJNJKFQwfLA/sg+Y4RDtqEnt0oivTJAuGyOOIV3scJj5nV5keJ
F+Sn5ASEQge6vV1F7vbrtW96Hn35EDQ8lErInW+OQj7ZNVc3ONTDw5GnYqtaSmGa
l976lQdcO69pPpMsWapNyZrqCKg39tYXC3eYozNpZpdcn6w/qj4gumEleycAGRP0
KEk2OgJ8JWWrcA2Bd4tGvFPtPl+FZhpTR0tcou5r9YbHlueweyyxBrnqmlIY5hgr
cg0JKrLGrln7g4KWUMccuneRSQKDA+W/RleAXIKePAbEWUr9EF4UOIeO4d0FAgMB
AAGjggOCMIIDfjAdBgNVHQ4EFgQUXzHBSyIr8ulcSwW8OWF/TuwVG5gwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZcGCCsGAQUFBwEHAQH/BIIBhjCCAYIwggF+BAIAATCC
AXYDBAAFtm4DBAAF/EoDBAAti7QDBAEti7YDBABZEy4DBABZEzIDBABcdqIDBABc
dyEDBAFnjUQDBABtagMDBACzPfEDBAC1KdMDBAC11ncDBAC11pQDBAC11poDBAC1
1qEDBAC11skDBAC11tgDBAC11wwDBAG11xYDBAC11x8DBAC11ykDBAC11zoDBAC1
11QDBAC111gDBAC1124DBAG117oDBAC1174DBAC118QDBAC119IDBAC5lzoDBAC5
npcDBAC/YAMDBAG/YFgDBAC/YFsDBAC/YGMDBAC/YIgDBAG/YIwDBAC/YLQDBAC/
YLYDBAC/YN4DBAC/ZQkDBAC/ZRQDBAC/ZRYDBAC/ZToDBAC/ZUwDBAC/ZVIDBAC/
ZVgDBAC/ZWEDBAC/ZWYDBAC/ZXQDBAC/ZXgDBAC/ZXwDBAC/ZZQDBAC/ZbEDBAC/
ZbQDBAC/ZbsDBAK/ZdQDBAC/ZewwDAMEAb9l7gMEAL9l8AMEAL9l9zANBgkqhkiG
9w0BAQsFAAOCAQEAaZEy3fYB3Kbm5W0R1lgZtYRfGYwxB+McMpbuMezoPayZ/EkB
YpJMaqHeVpKSAurDcEUqfSle3NSgRCvEi9tIAyrGRSvrTDaj6m6br6BRfELsMyMx
H/O3O/aXTilKbLNsSrfAiIQ9WlFtoupIW3tIVs7UjlVC8ptwjvrGIqKK09kvENjl
DSAA7dMYHgTvUGxLoeZhOXVa8NlGcYCGkWt5b9kJe6H9ZawRPE5gwu2bcRvT0RHh
88f2uUpBVbYFnQChYhtrj8kjfzexEFZYP4V0cP+GL4KNacZXCteZFeHjbSuNobtt
p+IsRqm/8SZhQJuENaRDd6W8c0NohhjHM30ndw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:08:57 2025 by rpki-client