Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: lqs4IHawyGgkw/8j1H/7+K2UfaHn4LJqbX9KaM6xvNU=
Subject key identifier: 65:C8:D2:8D:24:2E:F3:BE:29:74:78:36:08:38:67:EA:23:84:E4:45
Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Certificate serial: 1B3DEC9A63362E5CBE591380D78F45D0AF1753E2
Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
Signing time: Sun 29 Jun 2025 00:00:39 +0000
ROA not before: Sat 28 Jun 2025 23:55:39 +0000
ROA not after: Sun 28 Jun 2026 00:00:39 +0000
asID: 9304
IP address blocks: 96.62.71.0/24 maxlen: 24
96.62.73.0/24 maxlen: 24
96.62.74.0/24 maxlen: 24
96.62.100.0/24 maxlen: 24
96.62.156.0/22 maxlen: 24
96.62.224.0/24 maxlen: 24
136.143.243.0/24 maxlen: 24
136.143.245.0/24 maxlen: 24
136.143.246.0/24 maxlen: 24
136.143.252.0/24 maxlen: 24
136.143.254.0/24 maxlen: 24
143.14.4.0/22 maxlen: 24
143.14.16.0/21 maxlen: 24
143.14.33.0/24 maxlen: 24
143.14.46.0/23 maxlen: 23
143.14.50.0/23 maxlen: 23
143.14.65.0/24 maxlen: 24
143.14.66.0/24 maxlen: 24
143.14.92.0/24 maxlen: 24
143.14.94.0/24 maxlen: 24
143.14.133.0/24 maxlen: 24
143.14.152.0/24 maxlen: 24
143.14.188.0/24 maxlen: 24
143.14.196.0/24 maxlen: 24
143.14.208.0/23 maxlen: 24
143.14.214.0/24 maxlen: 24
143.14.222.0/24 maxlen: 24
143.14.245.0/24 maxlen: 24
147.79.4.0/24 maxlen: 24
147.79.17.0/24 maxlen: 24
147.79.18.0/23 maxlen: 23
147.79.60.0/23 maxlen: 24
147.79.62.0/23 maxlen: 23
150.241.130.0/24 maxlen: 24
150.241.131.0/24 maxlen: 24
150.241.228.0/24 maxlen: 24
155.117.4.0/23 maxlen: 24
155.117.96.0/22 maxlen: 24
155.117.171.0/24 maxlen: 24
155.117.186.0/24 maxlen: 24
155.117.194.0/24 maxlen: 24
155.117.208.0/23 maxlen: 24
155.117.218.0/24 maxlen: 24
155.117.224.0/23 maxlen: 24
162.141.19.0/24 maxlen: 24
162.141.21.0/24 maxlen: 24
162.141.24.0/22 maxlen: 24
162.141.28.0/22 maxlen: 24
162.141.32.0/22 maxlen: 24
162.141.40.0/22 maxlen: 24
162.141.44.0/24 maxlen: 24
162.141.47.0/24 maxlen: 24
162.141.55.0/24 maxlen: 24
162.141.56.0/22 maxlen: 24
162.141.60.0/22 maxlen: 24
162.141.67.0/24 maxlen: 24
162.141.68.0/23 maxlen: 24
162.141.70.0/24 maxlen: 24
162.141.72.0/22 maxlen: 24
162.141.80.0/24 maxlen: 24
162.141.90.0/24 maxlen: 24
162.141.91.0/24 maxlen: 24
162.141.92.0/24 maxlen: 24
162.141.97.0/24 maxlen: 24
162.141.98.0/24 maxlen: 24
162.141.101.0/24 maxlen: 24
162.141.115.0/24 maxlen: 24
162.141.116.0/24 maxlen: 24
162.141.131.0/24 maxlen: 24
162.141.142.0/24 maxlen: 24
162.141.144.0/21 maxlen: 24
162.141.152.0/24 maxlen: 24
162.141.153.0/24 maxlen: 24
162.141.161.0/24 maxlen: 24
162.141.163.0/24 maxlen: 24
162.141.166.0/24 maxlen: 24
162.141.168.0/21 maxlen: 24
162.141.184.0/21 maxlen: 24
167.148.0.0/24 maxlen: 24
167.148.6.0/24 maxlen: 24
167.148.16.0/21 maxlen: 24
167.148.24.0/22 maxlen: 24
167.148.28.0/24 maxlen: 24
167.148.36.0/22 maxlen: 24
167.148.40.0/24 maxlen: 24
167.148.43.0/24 maxlen: 24
167.148.48.0/21 maxlen: 24
167.148.56.0/22 maxlen: 24
167.148.64.0/22 maxlen: 24
167.148.68.0/24 maxlen: 24
167.148.76.0/22 maxlen: 24
167.148.88.0/21 maxlen: 24
167.148.96.0/24 maxlen: 24
167.148.99.0/24 maxlen: 24
167.148.108.0/22 maxlen: 24
167.148.118.0/23 maxlen: 23
167.148.120.0/22 maxlen: 24
167.148.130.0/23 maxlen: 23
167.148.136.0/24 maxlen: 24
167.148.140.0/23 maxlen: 24
167.148.149.0/24 maxlen: 24
167.148.152.0/24 maxlen: 24
167.148.156.0/23 maxlen: 24
167.148.162.0/24 maxlen: 24
167.148.175.0/24 maxlen: 24
167.148.180.0/23 maxlen: 24
167.148.188.0/24 maxlen: 24
167.148.190.0/24 maxlen: 24
167.148.197.0/24 maxlen: 24
167.148.208.0/24 maxlen: 24
167.148.209.0/24 maxlen: 24
203.100.210.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft
rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:3d:ec:9a:63:36:2e:5c:be:59:13:80:d7:8f:45:d0:af:17:53:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc
Validity
Not Before: Jun 28 23:55:39 2025 GMT
Not After : Jun 28 00:00:39 2026 GMT
Subject: CN=65C8D28D242EF3BE29747836083867EA2384E445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:05:4d:87:33:fd:a5:d7:ec:a7:02:50:43:23:
18:ba:06:6f:43:54:4a:63:c6:4c:43:e2:b6:98:57:
ef:3b:62:25:83:29:d2:de:b4:d9:8a:c4:99:22:d6:
11:a0:ab:0b:c2:a0:9e:f5:88:6a:7c:30:a6:a3:d9:
1c:41:f3:6c:f7:05:ab:d7:c7:fb:1d:40:b2:d4:db:
1e:60:4c:b6:0b:5b:9e:4a:f8:5b:63:3d:d1:10:8c:
1a:98:14:29:61:f4:47:3b:90:6d:19:e9:1a:66:1f:
04:2d:96:77:a3:4c:92:70:40:f5:2c:d6:6a:f1:c5:
21:b8:28:77:6a:d1:9f:51:65:75:7e:35:aa:3c:5b:
53:99:46:5d:03:1f:0c:2c:95:5b:59:50:8a:fd:fd:
49:70:59:e0:48:74:9f:d4:0f:91:bb:a9:ae:7f:16:
8a:80:8b:40:cf:d4:a6:df:3f:46:e9:d5:04:0c:ba:
6f:21:29:b9:d3:f7:ea:41:d6:0c:69:59:53:4a:d2:
e3:f7:49:d6:e5:96:a0:18:73:c4:06:ad:01:3f:5a:
c1:21:68:d2:74:48:36:e1:5e:66:29:01:fd:37:a4:
59:30:27:e4:97:bb:43:04:18:9b:44:63:0e:0f:d1:
cc:d4:8d:a8:d0:09:bb:6a:f7:d8:61:9c:be:99:63:
88:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C8:D2:8D:24:2E:F3:BE:29:74:78:36:08:38:67:EA:23:84:E4:45
X509v3 Authority Key Identifier:
keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
96.62.71.0/24
96.62.73.0-96.62.74.255
96.62.100.0/24
96.62.156.0/22
96.62.224.0/24
136.143.243.0/24
136.143.245.0-136.143.246.255
136.143.252.0/24
136.143.254.0/24
143.14.4.0/22
143.14.16.0/21
143.14.33.0/24
143.14.46.0/23
143.14.50.0/23
143.14.65.0-143.14.66.255
143.14.92.0/24
143.14.94.0/24
143.14.133.0/24
143.14.152.0/24
143.14.188.0/24
143.14.196.0/24
143.14.208.0/23
143.14.214.0/24
143.14.222.0/24
143.14.245.0/24
147.79.4.0/24
147.79.17.0-147.79.19.255
147.79.60.0/22
150.241.130.0/23
150.241.228.0/24
155.117.4.0/23
155.117.96.0/22
155.117.171.0/24
155.117.186.0/24
155.117.194.0/24
155.117.208.0/23
155.117.218.0/24
155.117.224.0/23
162.141.19.0/24
162.141.21.0/24
162.141.24.0-162.141.35.255
162.141.40.0-162.141.44.255
162.141.47.0/24
162.141.55.0-162.141.63.255
162.141.67.0-162.141.70.255
162.141.72.0/22
162.141.80.0/24
162.141.90.0-162.141.92.255
162.141.97.0-162.141.98.255
162.141.101.0/24
162.141.115.0-162.141.116.255
162.141.131.0/24
162.141.142.0/24
162.141.144.0-162.141.153.255
162.141.161.0/24
162.141.163.0/24
162.141.166.0/24
162.141.168.0/21
162.141.184.0/21
167.148.0.0/24
167.148.6.0/24
167.148.16.0-167.148.28.255
167.148.36.0-167.148.40.255
167.148.43.0/24
167.148.48.0-167.148.59.255
167.148.64.0-167.148.68.255
167.148.76.0/22
167.148.88.0-167.148.96.255
167.148.99.0/24
167.148.108.0/22
167.148.118.0-167.148.123.255
167.148.130.0/23
167.148.136.0/24
167.148.140.0/23
167.148.149.0/24
167.148.152.0/24
167.148.156.0/23
167.148.162.0/24
167.148.175.0/24
167.148.180.0/23
167.148.188.0/24
167.148.190.0/24
167.148.197.0/24
167.148.208.0/23
203.100.210.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:94:4d:41:4b:ab:3d:d7:97:a8:a6:10:79:9f:81:22:7e:60:
ff:11:d4:df:44:aa:0c:54:9e:8c:2c:4c:05:08:67:15:c0:c2:
8f:56:f6:63:37:d0:27:34:bf:04:17:f7:2a:b6:4a:ed:3f:10:
38:28:50:8d:2b:f1:3c:c1:d2:13:a2:b4:ce:00:03:8f:f2:74:
b2:54:d9:c3:14:1d:4b:7b:07:a6:40:e2:83:06:8e:a6:eb:23:
c1:da:e4:e4:db:3d:63:b7:eb:f9:fa:10:c1:8d:73:1b:18:67:
fb:59:11:73:cc:9f:fd:ff:1a:ac:99:64:64:0e:3d:b3:2d:a4:
ad:9d:24:63:ad:04:7e:8b:2f:b0:e3:44:d5:cd:1b:5e:09:10:
f3:c7:75:f0:b5:5a:00:e4:e4:31:11:d4:b9:a5:74:62:08:0f:
a3:34:45:0e:65:90:2b:6e:a3:7f:0e:84:3a:67:9d:a7:cb:c9:
49:58:5f:2b:ca:96:54:dd:5b:c7:7e:ab:ee:51:cc:bb:ac:6c:
07:9f:ea:bc:31:58:6c:f9:d1:3c:49:e1:52:2c:2a:5b:ee:75:
75:36:e4:6f:2c:47:d0:7c:1d:cf:6d:45:a4:77:ef:12:80:a8:
65:cd:9a:bd:40:44:2a:f2:1e:ef:cd:6f:f0:6c:b0:9d:e5:da:
d0:dd:f1:41
-----BEGIN CERTIFICATE-----
MIIHkDCCBnigAwIBAgIUGz3smmM2Lly+WROA149F0K8XU+IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi
MjQ2YmZjYzAeFw0yNTA2MjgyMzU1MzlaFw0yNjA2MjgwMDAwMzlaMDMxMTAvBgNV
BAMTKDY1QzhEMjhEMjQyRUYzQkUyOTc0NzgzNjA4Mzg2N0VBMjM4NEU0NDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUBU2HM/2l1+ynAlBDIxi6Bm9D
VEpjxkxD4raYV+87YiWDKdLetNmKxJki1hGgqwvCoJ71iGp8MKaj2RxB82z3BavX
x/sdQLLU2x5gTLYLW55K+FtjPdEQjBqYFClh9Ec7kG0Z6RpmHwQtlnejTJJwQPUs
1mrxxSG4KHdq0Z9RZXV+Nao8W1OZRl0DHwwslVtZUIr9/UlwWeBIdJ/UD5G7qa5/
FoqAi0DP1KbfP0bp1QQMum8hKbnT9+pB1gxpWVNK0uP3SdbllqAYc8QGrQE/WsEh
aNJ0SDbhXmYpAf03pFkwJ+SXu0MEGJtEYw4P0czUjajQCbtq99hhnL6ZY4iZAgMB
AAGjggSaMIIEljAdBgNVHQ4EFgQUZcjSjSQu874pdHg2CDhn6iOE5EUwHwYDVR0j
BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy
NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK
R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt
NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAq8GCCsGAQUFBwEHAQH/BIICnjCCApowggKWBAIAATCC
Ao4DBABgPkcwDAMEAGA+SQMEAGA+SgMEAGA+ZAMEAmA+nAMEAGA+4AMEAIiP8zAM
AwQAiI/1AwQAiI/2AwQAiI/8AwQAiI/+AwQCjw4EAwQDjw4QAwQAjw4hAwQBjw4u
AwQBjw4yMAwDBACPDkEDBACPDkIDBACPDlwDBACPDl4DBACPDoUDBACPDpgDBACP
DrwDBACPDsQDBAGPDtADBACPDtYDBACPDt4DBACPDvUDBACTTwQwDAMEAJNPEQME
ApNPEAMEApNPPAMEAZbxggMEAJbx5AMEAZt1BAMEApt1YAMEAJt1qwMEAJt1ugME
AJt1wgMEAZt10AMEAJt12gMEAZt14AMEAKKNEwMEAKKNFTAMAwQDoo0YAwQCoo0g
MAwDBAOijSgDBACijSwDBACijS8wDAMEAKKNNwMEBqKNADAMAwQAoo1DAwQAoo1G
AwQCoo1IAwQAoo1QMAwDBAGijVoDBACijVwwDAMEAKKNYQMEAKKNYgMEAKKNZTAM
AwQAoo1zAwQAoo10AwQAoo2DAwQAoo2OMAwDBASijZADBAGijZgDBACijaEDBACi
jaMDBACijaYDBAOijagDBAOijbgDBACnlAADBACnlAYwDAMEBKeUEAMEAKeUHDAM
AwQCp5QkAwQAp5QoAwQAp5QrMAwDBASnlDADBAKnlDgwDAMEBqeUQAMEAKeURAME
AqeUTDAMAwQDp5RYAwQAp5RgAwQAp5RjAwQCp5RsMAwDBAGnlHYDBAKnlHgDBAGn
lIIDBACnlIgDBAGnlIwDBACnlJUDBACnlJgDBAGnlJwDBACnlKIDBACnlK8DBAGn
lLQDBACnlLwDBACnlL4DBACnlMUDBAGnlNADBADLZNIwDQYJKoZIhvcNAQELBQAD
ggEBAKqUTUFLqz3Xl6imEHmfgSJ+YP8R1N9EqgxUnowsTAUIZxXAwo9W9mM30Cc0
vwQX9yq2Su0/EDgoUI0r8TzB0hOitM4AA4/ydLJU2cMUHUt7B6ZA4oMGjqbrI8Ha
5OTbPWO36/n6EMGNcxsYZ/tZEXPMn/3/GqyZZGQOPbMtpK2dJGOtBH6LL7DjRNXN
G14JEPPHdfC1WgDk5DER1LmldGIID6M0RQ5lkCtuo38OhDpnnafLyUlYXyvKllTd
W8d+q+5RzLusbAef6rwxWGz50TxJ4VIsKlvudXU25G8sR9B8Hc9tRaR37xKAqGXN
mr1ARCryHu/Nb/BssJ3l2tDd8UE=
-----END CERTIFICATE-----
Generated at Sun Jun 29 02:56:31 2025 by rpki-client