Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: LSPsFZCR6mdCawqQgpAvI4aSDdl1TX29rqIEd+MQL3w=
Subject key identifier: 3A:BC:B1:8B:3D:B8:EA:77:4B:E0:DD:1A:B7:03:4A:95:21:22:87:49
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 1B633F004C4D2CE98BC438D91157AB4C9045513A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Sun 19 Oct 2025 12:52:22 +0000
ROA not before: Sun 19 Oct 2025 12:47:22 +0000
ROA not after: Sun 18 Oct 2026 12:52:22 +0000
asID: 9304
IP address blocks: 5.182.110.0/24 maxlen: 24
5.252.74.0/24 maxlen: 24
45.139.180.0/24 maxlen: 24
45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
89.19.50.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
103.141.68.0/24 maxlen: 24
103.141.69.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.226.0/24 maxlen: 24
179.61.227.0/24 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.124.0/24 maxlen: 24
181.214.125.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.237.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.215.12.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.23.0/24 maxlen: 24
181.215.31.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.84.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.110.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
181.215.190.0/24 maxlen: 24
181.215.196.0/24 maxlen: 24
181.215.210.0/24 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.151.58.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
185.158.151.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.141.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/24 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.9.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.88.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.148.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.212.0/22 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.238.0/23 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:63:3f:00:4c:4d:2c:e9:8b:c4:38:d9:11:57:ab:4c:90:45:51:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Oct 19 12:47:22 2025 GMT
Not After : Oct 18 12:52:22 2026 GMT
Subject: CN=3ABCB18B3DB8EA774BE0DD1AB7034A9521228749
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:57:ba:a4:c6:06:4c:61:4c:42:0c:d3:76:dd:
84:8f:d5:f5:3f:0b:67:7e:28:5e:f3:95:f5:e1:f6:
ec:73:03:99:ee:51:5f:ab:a5:ef:b7:e0:e9:75:36:
aa:6c:e6:5a:4b:f4:1a:c7:29:96:f2:25:09:7b:a4:
ea:9c:c5:8b:0f:57:2e:b3:44:3a:75:57:a3:91:b3:
75:76:88:d3:1c:f2:c2:c4:05:f8:34:28:f2:69:04:
8e:08:fb:6a:1f:f4:e2:5f:86:dd:29:f4:78:d9:f5:
87:24:53:95:86:7e:21:cd:2b:c6:95:c5:e5:e9:af:
72:a7:f3:41:d2:5a:f5:f3:4b:45:9a:60:76:2e:1d:
ca:5d:1b:99:21:44:8c:f9:3e:44:7e:a3:e7:be:f4:
64:a1:f2:e0:8b:12:67:9e:05:43:31:f3:0f:a6:49:
dd:68:c3:a5:6c:79:75:b6:19:c2:61:df:bf:5e:c7:
32:87:ce:0e:3c:1d:be:bd:6d:79:6a:11:04:08:c0:
ad:8b:01:56:ab:df:3c:5a:70:ab:62:f6:01:ae:e7:
77:7f:16:8d:68:fa:da:60:91:44:fe:c0:0c:f7:fa:
9d:2a:98:0e:96:f3:17:c3:a2:99:c1:2f:4d:d0:4f:
12:af:ea:79:6f:8c:29:74:51:33:4a:07:e8:9d:d3:
cf:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:BC:B1:8B:3D:B8:EA:77:4B:E0:DD:1A:B7:03:4A:95:21:22:87:49
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.110.0/24
5.252.74.0/24
45.139.180.0/24
45.139.182.0/23
89.19.50.0/24
92.118.162.0/24
92.119.33.0/24
103.141.68.0/23
109.106.3.0/24
130.185.127.0/24
179.61.226.0/23
179.61.229.0/24
179.61.241.0/24
179.61.243.0/24
181.41.196.0/24
181.41.211.0/24
181.214.119.0-181.214.121.255
181.214.124.0/23
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.216.0/24
181.214.236.0/23
181.214.248.0/24
181.215.12.0/24
181.215.22.0/23
181.215.31.0/24
181.215.41.0/24
181.215.58.0/24
181.215.84.0/24
181.215.88.0/24
181.215.110.0/24
181.215.186.0/23
181.215.190.0/24
181.215.196.0/24
181.215.210.0/24
185.137.15.0/24
185.142.25.0/24
185.151.58.0/24
185.158.135.0/24
185.158.151.0/24
191.96.3.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.136.0/24
191.96.140.0/23
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0/24
191.96.182.0/24
191.96.222.0/24
191.101.9.0/24
191.101.20.0/24
191.101.22.0/24
191.101.58.0/24
191.101.76.0/24
191.101.82.0/24
191.101.88.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.148.0/24
191.101.177.0/24
191.101.180.0/24
191.101.187.0/24
191.101.212.0/22
191.101.236.0/24
191.101.238.0-191.101.240.255
191.101.247.0/24
Signature Algorithm: sha256WithRSAEncryption
81:b2:02:d2:fd:f5:e1:17:32:85:0b:a2:a7:35:ac:eb:2d:25:
bd:15:cf:4b:83:7f:51:d9:ab:6c:53:92:d2:e0:a7:2a:06:02:
e4:c4:64:47:84:bb:a2:77:9a:00:97:99:9c:60:95:bf:06:2d:
a3:f1:e2:07:21:4e:9b:58:53:ba:78:e8:61:ad:67:f6:e1:3e:
e5:93:87:dc:73:b5:20:d8:36:16:69:c1:32:85:c9:15:69:e6:
aa:c2:5b:97:70:fe:de:b6:d7:55:ae:6c:25:09:a9:a7:29:ab:
4c:bd:ac:8b:53:65:f2:07:83:df:48:8c:7f:5b:a3:eb:15:47:
c1:c7:4c:9a:ec:0b:95:19:d0:b8:1e:60:2b:58:9e:38:3d:db:
73:ac:bf:87:13:ed:5f:96:5a:f1:47:5c:97:c1:2a:5f:b7:2e:
d6:d5:d3:ef:0e:b9:14:aa:9a:9e:d1:35:80:a8:76:db:d6:bd:
12:55:47:9b:81:a7:a0:6e:53:98:f8:93:42:36:68:04:0d:00:
08:70:13:54:ef:5f:f5:63:fd:e5:90:aa:b8:af:be:d9:d6:c8:
85:8b:44:1c:f9:08:ba:b1:92:f7:de:19:59:57:62:98:e1:0c:
ba:f4:fb:51:35:1f:00:96:6f:28:76:74:dc:08:4d:a3:b5:63:
1b:f5:6d:31
-----BEGIN CERTIFICATE-----
MIIG8jCCBdqgAwIBAgIUG2M/AExNLOmLxDjZEVerTJBFUTowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTEwMTkxMjQ3MjJaFw0yNjEwMTgxMjUyMjJaMDMxMTAvBgNV
BAMTKDNBQkNCMThCM0RCOEVBNzc0QkUwREQxQUI3MDM0QTk1MjEyMjg3NDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCRV7qkxgZMYUxCDNN23YSP1fU/
C2d+KF7zlfXh9uxzA5nuUV+rpe+34Ol1Nqps5lpL9BrHKZbyJQl7pOqcxYsPVy6z
RDp1V6ORs3V2iNMc8sLEBfg0KPJpBI4I+2of9OJfht0p9HjZ9YckU5WGfiHNK8aV
xeXpr3Kn80HSWvXzS0WaYHYuHcpdG5khRIz5PkR+o+e+9GSh8uCLEmeeBUMx8w+m
Sd1ow6VseXW2GcJh379exzKHzg48Hb69bXlqEQQIwK2LAVar3zxacKti9gGu53d/
Fo1o+tpgkUT+wAz3+p0qmA6W8xfDopnBL03QTxKv6nlvjCl0UTNKB+id089PAgMB
AAGjggP8MIID+DAdBgNVHQ4EFgQUOryxiz246ndL4N0atwNKlSEih0kwHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAhEGCCsGAQUFBwEHAQH/BIICADCCAfwwggH4BAIAATCC
AfADBAAFtm4DBAAF/EoDBAAti7QDBAEti7YDBABZEzIDBABcdqIDBABcdyEDBAFn
jUQDBABtagMDBACCuX8DBAGzPeIDBACzPeUDBACzPfEDBACzPfMDBAC1KcQDBAC1
KdMwDAMEALXWdwMEAbXWeAMEAbXWfAMEALXWlAMEALXWmgMEALXWoQMEALXWyQME
ALXW1AMEALXW2AMEAbXW7AMEALXW+AMEALXXDAMEAbXXFgMEALXXHwMEALXXKQME
ALXXOgMEALXXVAMEALXXWAMEALXXbgMEAbXXugMEALXXvgMEALXXxAMEALXX0gME
ALmJDwMEALmOGQMEALmXOgMEALmehwMEALmelwMEAL9gAwMEAb9gWAMEAL9gWwME
AL9gYwMEAL9gaQMEAL9gdAMEAL9geAMEAL9gfgMEAL9giAMEAb9gjAMEAL9gjwME
AL9glQMEAL9gnQMEAL9gpAMEAL9gtAMEAL9gtgMEAL9g3gMEAL9lCQMEAL9lFAME
AL9lFgMEAL9lOgMEAL9lTAMEAL9lUgMEAL9lWAMEAL9lYQMEAL9lZgMEAL9ldAME
AL9leAMEAL9lfAMEAL9llAMEAL9lsQMEAL9ltAMEAL9luwMEAr9l1AMEAL9l7DAM
AwQBv2XuAwQAv2XwAwQAv2X3MA0GCSqGSIb3DQEBCwUAA4IBAQCBsgLS/fXhFzKF
C6KnNazrLSW9Fc9Lg39R2atsU5LS4KcqBgLkxGRHhLuid5oAl5mcYJW/Bi2j8eIH
IU6bWFO6eOhhrWf24T7lk4fcc7Ug2DYWacEyhckVaeaqwluXcP7ettdVrmwlCamn
KatMvayLU2XyB4PfSIx/W6PrFUfBx0ya7AuVGdC4HmArWJ44PdtzrL+HE+1fllrx
R1yXwSpfty7W1dPvDrkUqpqe0TWAqHbb1r0SVUebgaegblOY+JNCNmgEDQAIcBNU
71/1Y/3lkKq4r77Z1siFi0Qc+Qi6sZL33hlZV2KY4Qy69PtRNR8Alm8odnTcCE2j
tWMb9W0x
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:00:26 2025 by rpki-client