Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 0icuYbAyYUXzgK+CrkIhDLrRRlMcd6aAnzdVPQlpvDg=
Subject key identifier: 8D:0F:E0:69:8D:F2:6A:58:6B:68:19:23:46:D3:1E:D0:3B:39:C4:DA
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 1AD67C28DBE939EE454700AD063B16291B6EB1A7
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Mon 08 Jun 2026 05:21:31 +0000
ROA not before: Mon 08 Jun 2026 05:16:31 +0000
ROA not after: Mon 07 Jun 2027 05:21:31 +0000
asID: 9304
IP address blocks: 82.21.28.0/24 maxlen: 24
82.21.50.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.22.124.0/24 maxlen: 24
82.22.160.0/24 maxlen: 24
82.22.200.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.16.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.108.0/24 maxlen: 24
82.25.30.0/24 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.130.0/24 maxlen: 24
82.27.3.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.27.135.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.38.38.0/23 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.207.0/24 maxlen: 24
82.39.221.0/24 maxlen: 24
82.40.36.0/24 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.21.0/24 maxlen: 24
82.41.128.0/23 maxlen: 24
82.41.202.0/24 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.47.0.0/23 maxlen: 24
82.47.23.0/24 maxlen: 24
82.47.26.0/24 maxlen: 24
82.47.28.0/24 maxlen: 24
82.47.31.0/24 maxlen: 24
82.47.50.0/24 maxlen: 24
82.47.52.0/24 maxlen: 24
82.47.56.0/24 maxlen: 24
82.47.96.0/24 maxlen: 24
82.47.100.0/24 maxlen: 24
82.47.103.0/24 maxlen: 24
82.47.109.0/24 maxlen: 24
82.47.123.0/24 maxlen: 24
82.47.124.0/24 maxlen: 24
82.47.125.0/24 maxlen: 24
82.47.128.0/24 maxlen: 24
82.47.129.0/24 maxlen: 24
82.47.130.0/24 maxlen: 24
82.47.134.0/24 maxlen: 24
82.47.136.0/24 maxlen: 24
82.47.137.0/24 maxlen: 24
82.47.144.0/24 maxlen: 24
82.47.148.0/24 maxlen: 24
82.47.160.0/24 maxlen: 24
82.47.162.0/24 maxlen: 24
82.47.172.0/24 maxlen: 24
82.47.174.0/24 maxlen: 24
82.47.176.0/24 maxlen: 24
82.47.194.0/24 maxlen: 24
82.47.206.0/24 maxlen: 24
84.75.8.0/24 maxlen: 24
84.75.9.0/24 maxlen: 24
84.75.10.0/24 maxlen: 24
84.75.27.0/24 maxlen: 24
84.75.40.0/24 maxlen: 24
84.75.77.0/24 maxlen: 24
84.75.78.0/24 maxlen: 24
84.75.130.0/24 maxlen: 24
84.75.135.0/24 maxlen: 24
84.75.151.0/24 maxlen: 24
84.75.152.0/23 maxlen: 24
84.75.166.0/24 maxlen: 24
84.75.182.0/24 maxlen: 24
84.75.184.0/24 maxlen: 24
84.75.185.0/24 maxlen: 24
84.75.187.0/24 maxlen: 24
84.75.193.0/24 maxlen: 24
84.75.199.0/24 maxlen: 24
84.75.201.0/24 maxlen: 24
84.75.246.0/24 maxlen: 24
178.83.28.0/24 maxlen: 24
178.83.34.0/24 maxlen: 24
178.83.63.0/24 maxlen: 24
178.83.70.0/24 maxlen: 24
178.83.108.0/24 maxlen: 24
178.83.109.0/24 maxlen: 24
178.83.111.0/24 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.133.0/24 maxlen: 24
178.83.138.0/24 maxlen: 24
178.83.143.0/24 maxlen: 24
178.83.145.0/24 maxlen: 24
178.83.146.0/23 maxlen: 24
178.83.149.0/24 maxlen: 24
178.83.150.0/24 maxlen: 24
178.83.151.0/24 maxlen: 24
178.83.167.0/24 maxlen: 24
178.83.197.0/24 maxlen: 24
178.83.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:d6:7c:28:db:e9:39:ee:45:47:00:ad:06:3b:16:29:1b:6e:b1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 8 05:16:31 2026 GMT
Not After : Jun 7 05:21:31 2027 GMT
Subject: CN=8D0FE0698DF26A586B68192346D31ED03B39C4DA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:49:63:bc:38:1d:24:22:dd:7b:86:92:7a:c3:
b0:6c:43:e8:98:db:96:38:95:7b:1c:1e:95:e6:c4:
7e:53:1c:84:3f:54:07:10:ae:59:85:08:18:30:85:
3b:3d:b4:29:5d:69:bc:80:e1:6c:35:d1:4c:5f:c3:
d4:28:09:64:a1:c5:21:4f:30:34:29:d5:6b:75:62:
84:a1:4d:96:f0:93:88:ef:af:de:7f:f9:4e:32:96:
11:ec:a7:af:9e:22:e9:97:42:e8:ab:6b:61:d5:5c:
02:6c:5b:78:c2:17:02:b1:30:03:d7:78:7c:67:32:
02:dd:a1:e3:0d:0d:dc:55:68:4e:18:4c:2c:63:45:
b0:be:cc:0a:99:70:df:c6:70:66:04:82:be:ab:30:
7b:d0:2a:fd:ee:4a:3b:a3:37:b6:0f:ce:66:5b:bd:
ad:4b:f6:a2:3f:d3:38:dc:fe:9f:95:7a:c1:99:07:
90:8d:09:35:14:1b:f9:5b:d0:69:bd:4f:20:3d:fc:
9b:d4:a7:0c:b7:33:5d:17:91:e3:5d:ed:66:85:c9:
59:7e:43:93:2a:99:d7:68:14:bc:3e:7d:53:0e:f6:
1e:51:21:6d:a6:a8:ff:36:27:5f:7e:11:da:d2:25:
48:80:3a:6a:36:e9:08:0f:44:ba:cc:a2:97:d3:87:
17:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:0F:E0:69:8D:F2:6A:58:6B:68:19:23:46:D3:1E:D0:3B:39:C4:DA
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/24
82.21.50.0/24
82.22.14.0/24
82.22.124.0/24
82.22.160.0/24
82.22.200.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.16.0/24
82.24.105.0/24
82.24.107.0-82.24.108.255
82.25.30.0/24
82.26.66.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.130.0/24
82.27.3.0/24
82.27.131.0/24
82.27.135.0/24
82.29.45.0/24
82.29.76.0/24
82.38.38.0/23
82.38.76.0/22
82.39.194.0/23
82.39.207.0/24
82.39.221.0/24
82.40.36.0/24
82.40.52.0-82.40.54.255
82.41.21.0/24
82.41.128.0/23
82.41.202.0/24
82.41.233.0-82.41.234.255
82.41.236.0-82.41.238.255
82.47.0.0/23
82.47.23.0/24
82.47.26.0/24
82.47.28.0/24
82.47.31.0/24
82.47.50.0/24
82.47.52.0/24
82.47.56.0/24
82.47.96.0/24
82.47.100.0/24
82.47.103.0/24
82.47.109.0/24
82.47.123.0-82.47.125.255
82.47.128.0-82.47.130.255
82.47.134.0/24
82.47.136.0/23
82.47.144.0/24
82.47.148.0/24
82.47.160.0/24
82.47.162.0/24
82.47.172.0/24
82.47.174.0/24
82.47.176.0/24
82.47.194.0/24
82.47.206.0/24
84.75.8.0-84.75.10.255
84.75.27.0/24
84.75.40.0/24
84.75.77.0-84.75.78.255
84.75.130.0/24
84.75.135.0/24
84.75.151.0-84.75.153.255
84.75.166.0/24
84.75.182.0/24
84.75.184.0/23
84.75.187.0/24
84.75.193.0/24
84.75.199.0/24
84.75.201.0/24
84.75.246.0/24
178.83.28.0/24
178.83.34.0/24
178.83.63.0/24
178.83.70.0/24
178.83.108.0/23
178.83.111.0/24
178.83.128.0/22
178.83.133.0/24
178.83.138.0/24
178.83.143.0/24
178.83.145.0-178.83.147.255
178.83.149.0-178.83.151.255
178.83.167.0/24
178.83.197.0-178.83.198.255
Signature Algorithm: sha256WithRSAEncryption
35:34:1b:d0:c9:e6:e1:36:1e:56:4c:5f:3f:3a:9d:35:c6:86:
0b:1e:82:b1:b3:e2:0a:6c:ca:3e:2e:d8:b6:c9:6d:b4:65:56:
e1:ad:06:a5:df:6b:e2:cd:f3:a2:19:e7:eb:b1:60:75:26:52:
f8:bd:e8:d0:a6:0a:d2:4b:4d:12:9e:a8:82:5e:04:f0:4d:ed:
f5:1b:35:5e:04:e4:bd:99:76:61:7a:6f:06:eb:96:c2:11:18:
5c:78:21:55:15:9b:bb:44:d9:d3:8b:eb:6c:02:f8:87:a7:79:
c0:e9:f4:8c:22:08:ff:1c:ae:8d:3c:5f:b7:82:92:b8:7f:11:
d9:5e:af:4e:45:fe:4d:44:de:73:e2:11:77:3a:0e:d4:bf:29:
b0:2c:2f:47:3e:b7:91:f5:53:e1:91:67:b7:59:e6:c4:35:bb:
b2:68:08:94:ee:b2:91:9e:ec:8c:11:f3:00:69:bd:8f:38:65:
54:56:d2:87:48:e9:65:8b:0c:3f:f5:30:46:67:d2:9a:ff:83:
ec:f0:2e:9d:b4:37:2d:69:cd:17:ac:9e:0c:26:e1:1d:49:d8:
37:15:b6:a0:26:10:31:a0:53:30:4a:1d:6d:67:a3:07:37:2c:
78:4d:3d:8e:91:39:e5:2f:1b:20:48:c1:91:9e:5c:b9:d8:9b:
37:4c:ae:60
-----BEGIN CERTIFICATE-----
MIIHeDCCBmCgAwIBAgIUGtZ8KNvpOe5FRwCtBjsWKRtusacwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDgwNTE2MzFaFw0yNzA2MDcwNTIxMzFaMDMxMTAvBgNV
BAMTKDhEMEZFMDY5OERGMjZBNTg2QjY4MTkyMzQ2RDMxRUQwM0IzOUM0REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCSWO8OB0kIt17hpJ6w7BsQ+iY
25Y4lXscHpXmxH5THIQ/VAcQrlmFCBgwhTs9tCldabyA4Ww10Uxfw9QoCWShxSFP
MDQp1Wt1YoShTZbwk4jvr95/+U4ylhHsp6+eIumXQuira2HVXAJsW3jCFwKxMAPX
eHxnMgLdoeMNDdxVaE4YTCxjRbC+zAqZcN/GcGYEgr6rMHvQKv3uSjujN7YPzmZb
va1L9qI/0zjc/p+VesGZB5CNCTUUG/lb0Gm9TyA9/JvUpwy3M10XkeNd7WaFyVl+
Q5MqmddoFLw+fVMO9h5RIW2mqP82J19+EdrSJUiAOmo26QgPRLrMopfThxdjAgMB
AAGjggSCMIIEfjAdBgNVHQ4EFgQUjQ/gaY3yalhraBkjRtMe0Ds5xNowHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCApcGCCsGAQUFBwEHAQH/BIIChjCCAoIwggJ+BAIAATCC
AnYDBABSFRwDBABSFTIDBABSFg4DBABSFnwDBABSFqADBABSFsgDBABSF5ADBABS
F5MDBAJSGAADBABSGBADBABSGGkwDAMEAFIYawMEAFIYbAMEAFIZHgMEAFIaQgME
AFIacwMEAFIadgMEAFIafQMEAFIaggMEAFIbAwMEAFIbgwMEAFIbhwMEAFIdLQME
AFIdTAMEAVImJgMEAlImTAMEAVInwgMEAFInzwMEAFIn3QMEAFIoJDAMAwQCUig0
AwQAUig2AwQAUikVAwQBUimAAwQAUinKMAwDBABSKekDBABSKeowDAMEAlIp7AME
AFIp7gMEAVIvAAMEAFIvFwMEAFIvGgMEAFIvHAMEAFIvHwMEAFIvMgMEAFIvNAME
AFIvOAMEAFIvYAMEAFIvZAMEAFIvZwMEAFIvbTAMAwQAUi97AwQBUi98MAwDBAdS
L4ADBABSL4IDBABSL4YDBAFSL4gDBABSL5ADBABSL5QDBABSL6ADBABSL6IDBABS
L6wDBABSL64DBABSL7ADBABSL8IDBABSL84wDAMEA1RLCAMEAFRLCgMEAFRLGwME
AFRLKDAMAwQAVEtNAwQAVEtOAwQAVEuCAwQAVEuHMAwDBABUS5cDBAFUS5gDBABU
S6YDBABUS7YDBAFUS7gDBABUS7sDBABUS8EDBABUS8cDBABUS8kDBABUS/YDBACy
UxwDBACyUyIDBACyUz8DBACyU0YDBAGyU2wDBACyU28DBAKyU4ADBACyU4UDBACy
U4oDBACyU48wDAMEALJTkQMEArJTkDAMAwQAslOVAwQDslOQAwQAslOnMAwDBACy
U8UDBACyU8YwDQYJKoZIhvcNAQELBQADggEBADU0G9DJ5uE2HlZMXz86nTXGhgse
grGz4gpsyj4u2LbJbbRlVuGtBqXfa+LN86IZ5+uxYHUmUvi96NCmCtJLTRKeqIJe
BPBN7fUbNV4E5L2ZdmF6bwbrlsIRGFx4IVUVm7tE2dOL62wC+IenecDp9IwiCP8c
ro08X7eCkrh/Edler05F/k1E3nPiEXc6DtS/KbAsL0c+t5H1U+GRZ7dZ5sQ1u7Jo
CJTuspGe7IwR8wBpvY84ZVRW0odI6WWLDD/1MEZn0pr/g+zwLp20Ny1pzResngwm
4R1J2DcVtqAmEDGgUzBKHW1nowc3LHhNPY6ROeUvGyBIwZGeXLnYmzdMrmA=
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:25:37 2026 by rpki-client