Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: FN79ugXbCr94Pd1Z0HXOxoZ1ved2gyzYOKsLuNGHDGE=
Subject key identifier: 4A:96:9C:8E:C6:A4:D0:BD:58:32:D3:30:B4:FE:65:9D:0E:8F:CA:DF
Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Certificate serial: 16A8CA16C8DD553E1A16E7BE5C44EE171A965F92
Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
Signing time: Fri 13 Jun 2025 16:53:23 +0000
ROA not before: Fri 13 Jun 2025 16:48:23 +0000
ROA not after: Fri 12 Jun 2026 16:53:23 +0000
asID: 9304
IP address blocks: 46.202.32.0/24 maxlen: 24
46.202.41.0/24 maxlen: 24
46.202.45.0/24 maxlen: 24
46.202.46.0/24 maxlen: 24
46.203.83.0/24 maxlen: 24
46.203.84.0/24 maxlen: 24
46.203.87.0/24 maxlen: 24
46.203.126.0/24 maxlen: 24
46.203.135.0/24 maxlen: 24
46.203.139.0/24 maxlen: 24
46.203.149.0/24 maxlen: 24
46.203.172.0/24 maxlen: 24
46.203.175.0/24 maxlen: 24
46.203.176.0/24 maxlen: 24
46.203.183.0/24 maxlen: 24
46.203.200.0/24 maxlen: 24
91.124.185.0/24 maxlen: 24
91.124.200.0/24 maxlen: 24
91.124.241.0/24 maxlen: 24
92.113.62.0/24 maxlen: 24
92.113.172.0/24 maxlen: 24
92.113.228.0/24 maxlen: 24
95.134.0.0/22 maxlen: 24
95.134.4.0/24 maxlen: 24
95.134.7.0/24 maxlen: 24
95.134.16.0/22 maxlen: 24
95.134.32.0/22 maxlen: 24
95.134.43.0/24 maxlen: 24
95.134.48.0/24 maxlen: 24
95.134.84.0/24 maxlen: 24
95.134.85.0/24 maxlen: 24
95.134.116.0/22 maxlen: 24
95.134.124.0/22 maxlen: 24
95.134.136.0/22 maxlen: 24
95.134.175.0/24 maxlen: 24
95.134.177.0/24 maxlen: 24
95.134.195.0/24 maxlen: 24
95.134.205.0/24 maxlen: 24
95.134.213.0/24 maxlen: 24
95.135.50.0/24 maxlen: 24
95.135.70.0/24 maxlen: 24
95.135.193.0/24 maxlen: 24
178.92.22.0/24 maxlen: 24
178.92.40.0/22 maxlen: 24
178.92.78.0/23 maxlen: 24
178.92.88.0/24 maxlen: 24
178.92.99.0/24 maxlen: 24
178.92.120.0/22 maxlen: 24
178.92.134.0/24 maxlen: 24
178.92.141.0/24 maxlen: 24
178.92.150.0/24 maxlen: 24
178.92.152.0/24 maxlen: 24
178.92.160.0/24 maxlen: 24
178.92.164.0/24 maxlen: 24
178.92.218.0/24 maxlen: 24
178.92.254.0/24 maxlen: 24
178.93.100.0/22 maxlen: 24
178.93.109.0/24 maxlen: 24
178.93.111.0/24 maxlen: 24
178.93.189.0/24 maxlen: 24
178.93.190.0/24 maxlen: 24
178.93.215.0/24 maxlen: 24
178.93.241.0/24 maxlen: 24
178.94.169.0/24 maxlen: 24
178.94.176.0/22 maxlen: 24
178.94.183.0/24 maxlen: 24
178.94.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft
rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
16:a8:ca:16:c8:dd:55:3e:1a:16:e7:be:5c:44:ee:17:1a:96:5f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f
Validity
Not Before: Jun 13 16:48:23 2025 GMT
Not After : Jun 12 16:53:23 2026 GMT
Subject: CN=4A969C8EC6A4D0BD5832D330B4FE659D0E8FCADF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:32:03:28:1a:7c:25:d3:61:31:bf:18:f4:
ae:20:2d:49:41:fd:11:d6:e8:d4:61:76:23:73:67:
35:01:e9:47:ce:06:e6:84:48:1c:e9:aa:47:8b:b8:
66:d7:0e:80:a9:23:0b:02:4a:de:4d:66:94:85:1d:
59:26:90:a0:1a:9c:6a:e2:3c:19:52:d2:d6:32:87:
3b:47:bb:a9:cb:1c:b4:73:ce:d1:1c:ab:de:c4:4c:
e9:8e:8b:4d:ba:66:74:13:05:7b:f9:d1:9d:e2:fd:
88:87:1e:37:72:86:6a:28:1b:ed:f2:d7:66:0b:98:
8b:84:5a:ae:0a:6a:68:e4:84:af:0f:ca:9f:74:a1:
89:f2:e3:8f:57:72:e7:a3:b4:b5:ba:f0:f8:a4:ed:
b4:c5:c3:66:6f:1b:49:a4:cc:c0:62:b3:86:74:f5:
aa:20:c9:0c:12:c2:b2:4e:a3:f7:ba:e3:72:5c:c0:
c1:34:5e:8c:50:84:0d:d8:d8:53:12:ab:33:d1:08:
6e:6e:43:e7:e2:e2:5b:db:3d:c3:82:b8:60:3f:0e:
59:5f:2d:69:97:9e:5d:39:07:02:18:5c:7a:92:0c:
ba:04:ca:a8:87:32:46:77:d7:d1:42:13:bf:de:d2:
a5:ad:aa:b8:6e:d2:a4:3f:2e:3d:fa:76:ad:f8:67:
07:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:96:9C:8E:C6:A4:D0:BD:58:32:D3:30:B4:FE:65:9D:0E:8F:CA:DF
X509v3 Authority Key Identifier:
keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.202.32.0/24
46.202.41.0/24
46.202.45.0-46.202.46.255
46.203.83.0-46.203.84.255
46.203.87.0/24
46.203.126.0/24
46.203.135.0/24
46.203.139.0/24
46.203.149.0/24
46.203.172.0/24
46.203.175.0-46.203.176.255
46.203.183.0/24
46.203.200.0/24
91.124.185.0/24
91.124.200.0/24
91.124.241.0/24
92.113.62.0/24
92.113.172.0/24
92.113.228.0/24
95.134.0.0-95.134.4.255
95.134.7.0/24
95.134.16.0/22
95.134.32.0/22
95.134.43.0/24
95.134.48.0/24
95.134.84.0/23
95.134.116.0/22
95.134.124.0/22
95.134.136.0/22
95.134.175.0/24
95.134.177.0/24
95.134.195.0/24
95.134.205.0/24
95.134.213.0/24
95.135.50.0/24
95.135.70.0/24
95.135.193.0/24
178.92.22.0/24
178.92.40.0/22
178.92.78.0/23
178.92.88.0/24
178.92.99.0/24
178.92.120.0/22
178.92.134.0/24
178.92.141.0/24
178.92.150.0/24
178.92.152.0/24
178.92.160.0/24
178.92.164.0/24
178.92.218.0/24
178.92.254.0/24
178.93.100.0/22
178.93.109.0/24
178.93.111.0/24
178.93.189.0-178.93.190.255
178.93.215.0/24
178.93.241.0/24
178.94.169.0/24
178.94.176.0/22
178.94.183.0/24
178.94.237.0/24
Signature Algorithm: sha256WithRSAEncryption
13:91:f1:65:47:ca:84:27:d4:0a:af:d8:05:3b:74:ea:6b:88:
ac:f4:9b:2e:28:f4:cc:a2:71:cb:24:f2:cd:37:3e:45:65:62:
9a:71:61:e5:0c:d1:22:11:29:83:a2:50:4a:16:4a:6d:32:7f:
9f:b9:d7:6b:05:05:9a:0d:bd:e8:90:83:17:01:29:95:0a:29:
ab:37:ab:0c:28:f1:b0:df:70:3c:9f:b8:20:c2:39:27:66:ff:
b5:cf:c3:74:70:bc:a7:25:86:a5:76:f2:5e:df:38:b7:9a:98:
33:43:23:b9:3e:2f:88:94:c3:21:94:aa:ad:45:bb:d8:d8:f6:
ee:7c:b4:c6:b8:90:b4:ac:b6:b2:9c:71:78:fc:7e:32:e0:1c:
af:9e:ed:3e:b4:52:01:e6:c0:ee:00:3b:96:57:c9:12:b2:11:
3b:fb:93:05:ad:2e:ec:1d:9e:53:80:ac:ba:7e:71:47:d0:6b:
2e:44:62:80:57:0c:ee:9b:8f:1d:4a:1a:1f:47:10:2c:60:0a:
f8:9b:ce:7a:7a:8e:33:44:32:bd:93:5e:6f:62:1b:49:5d:66:
68:62:8a:52:3e:ac:1b:c2:82:d6:aa:b4:a0:d2:cd:f5:86:7c:
07:92:0a:c0:ca:7c:c0:44:ee:4c:12:e2:8e:0a:59:6c:e5:58:
d7:4e:1b:20
-----BEGIN CERTIFICATE-----
MIIGlzCCBX+gAwIBAgIUFqjKFsjdVT4aFue+XETuFxqWX5IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk
NWMxM2I1ZjAeFw0yNTA2MTMxNjQ4MjNaFw0yNjA2MTIxNjUzMjNaMDMxMTAvBgNV
BAMTKDRBOTY5QzhFQzZBNEQwQkQ1ODMyRDMzMEI0RkU2NTlEMEU4RkNBREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZETIDKBp8JdNhMb8Y9K4gLUlB
/RHW6NRhdiNzZzUB6UfOBuaESBzpqkeLuGbXDoCpIwsCSt5NZpSFHVkmkKAanGri
PBlS0tYyhztHu6nLHLRzztEcq97ETOmOi026ZnQTBXv50Z3i/YiHHjdyhmooG+3y
12YLmIuEWq4KamjkhK8Pyp90oYny449XcuejtLW68Pik7bTFw2ZvG0mkzMBis4Z0
9aogyQwSwrJOo/e643JcwME0XoxQhA3Y2FMSqzPRCG5uQ+fi4lvbPcOCuGA/Dllf
LWmXnl05BwIYXHqSDLoEyqiHMkZ319FCE7/e0qWtqrhu0qQ/Lj36dq34ZwdHAgMB
AAGjggOhMIIDnTAdBgNVHQ4EFgQUSpacjsak0L1YMtMwtP5lnQ6Pyt8wHwYDVR0j
BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm
NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y
Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt
NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAbYGCCsGAQUFBwEHAQH/BIIBpTCCAaEwggGdBAIAATCC
AZUDBAAuyiADBAAuyikwDAMEAC7KLQMEAC7KLjAMAwQALstTAwQALstUAwQALstX
AwQALst+AwQALsuHAwQALsuLAwQALsuVAwQALsusMAwDBAAuy68DBAAuy7ADBAAu
y7cDBAAuy8gDBABbfLkDBABbfMgDBABbfPEDBABccT4DBABccawDBABcceQwCwMD
AV+GAwQAX4YEAwQAX4YHAwQCX4YQAwQCX4YgAwQAX4YrAwQAX4YwAwQBX4ZUAwQC
X4Z0AwQCX4Z8AwQCX4aIAwQAX4avAwQAX4axAwQAX4bDAwQAX4bNAwQAX4bVAwQA
X4cyAwQAX4dGAwQAX4fBAwQAslwWAwQCslwoAwQBslxOAwQAslxYAwQAslxjAwQC
slx4AwQAslyGAwQAslyNAwQAslyWAwQAslyYAwQAslygAwQAslykAwQAslzaAwQA
slz+AwQCsl1kAwQAsl1tAwQAsl1vMAwDBACyXb0DBACyXb4DBACyXdcDBACyXfED
BACyXqkDBAKyXrADBACyXrcDBACyXu0wDQYJKoZIhvcNAQELBQADggEBABOR8WVH
yoQn1Aqv2AU7dOpriKz0my4o9Myiccsk8s03PkVlYppxYeUM0SIRKYOiUEoWSm0y
f5+512sFBZoNveiQgxcBKZUKKas3qwwo8bDfcDyfuCDCOSdm/7XPw3RwvKclhqV2
8l7fOLeamDNDI7k+L4iUwyGUqq1Fu9jY9u58tMa4kLSstrKccXj8fjLgHK+e7T60
UgHmwO4AO5ZXyRKyETv7kwWtLuwdnlOArLp+cUfQay5EYoBXDO6bjx1KGh9HECxg
Cvibznp6jjNEMr2TXm9iG0ldZmhiilI+rBvCgtaqtKDSzfWGfAeSCsDKfMBE7kwS
4o4KWWzlWNdOGyA=
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:50 2025 by rpki-client