Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 8WIkDDzz/vYzd7WSbYqC07GJZF62+G433RlZHe1/ctg=
Subject key identifier: 81:AB:2D:AE:5F:2B:45:F5:3A:43:67:AC:C1:04:CF:C9:1A:E2:D0:7B
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 797C8E27B6899AA16FCDE53FD25AB4294B39FA58
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Mon 18 Aug 2025 16:06:57 +0000
ROA not before: Mon 18 Aug 2025 16:01:57 +0000
ROA not after: Mon 17 Aug 2026 16:06:57 +0000
asID: 9304
IP address blocks: 45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
179.61.226.0/24 maxlen: 24
179.61.227.0/24 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.124.0/24 maxlen: 24
181.214.125.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.237.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.23.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.141.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/24 maxlen: 24
191.96.181.0/24 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:7c:8e:27:b6:89:9a:a1:6f:cd:e5:3f:d2:5a:b4:29:4b:39:fa:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 18 16:01:57 2025 GMT
Not After : Aug 17 16:06:57 2026 GMT
Subject: CN=81AB2DAE5F2B45F53A4367ACC104CFC91AE2D07B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:33:bc:0b:99:de:f5:5e:fc:e7:e9:f8:b0:57:
b5:43:c3:56:5b:e8:6d:d5:d7:da:79:ff:c4:1e:fd:
23:29:86:dc:c1:d2:53:25:79:6c:b6:ab:89:01:76:
6d:b6:7c:6c:12:18:0c:0e:7c:93:a6:f8:ac:18:be:
cd:8f:22:07:f1:80:47:d8:b1:66:51:1d:a6:46:16:
98:bc:a2:38:3e:25:4b:a0:6e:d7:31:fa:9a:56:e2:
f3:e1:8b:b2:7a:98:b5:73:77:b7:14:65:a3:2e:1b:
42:42:89:90:d1:3b:4c:71:d3:ed:99:53:7c:eb:b0:
a3:e2:84:fb:b8:f4:92:81:95:5c:9d:ed:02:7f:83:
28:ae:db:8e:39:07:3e:59:88:e4:7b:94:bf:dc:cc:
de:16:28:d1:d3:c4:a3:85:25:76:e9:97:67:60:00:
e8:4b:dd:27:78:e3:04:5d:6e:a7:63:b5:62:86:22:
1e:3e:0b:23:f4:71:39:4c:3e:8a:bd:50:9a:e1:3b:
76:5f:80:d6:c0:34:c8:66:af:ff:9c:83:9d:89:48:
3c:a7:28:dc:dc:6c:32:23:67:a7:d3:3c:42:8b:84:
da:cf:77:e8:69:3a:12:bd:05:21:8f:4f:6a:04:55:
43:ee:a2:76:0a:64:30:48:53:b7:b2:34:12:5f:35:
c0:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:AB:2D:AE:5F:2B:45:F5:3A:43:67:AC:C1:04:CF:C9:1A:E2:D0:7B
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/23
92.118.162.0/24
92.119.33.0/24
109.106.3.0/24
179.61.226.0/23
179.61.229.0/24
179.61.241.0/24
179.61.243.0/24
181.41.196.0/24
181.41.211.0/24
181.214.119.0-181.214.121.255
181.214.124.0/23
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.216.0/24
181.214.236.0/23
181.214.248.0/24
181.215.22.0/23
181.215.41.0/24
181.215.58.0/24
181.215.88.0/24
181.215.186.0/23
185.137.15.0/24
185.142.25.0/24
185.158.135.0/24
191.96.3.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.136.0/24
191.96.140.0/23
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0-191.96.182.255
191.96.222.0/24
191.101.20.0/24
191.101.22.0/24
191.101.58.0/24
191.101.76.0/24
191.101.82.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.177.0/24
191.101.180.0/24
191.101.187.0/24
191.101.236.0/24
191.101.240.0/24
191.101.247.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:a3:75:a5:c3:5d:a1:76:8a:c1:f2:a6:3b:fc:01:f2:de:1c:
d1:fa:3b:77:66:16:06:e5:75:28:d3:96:d1:0d:ab:95:5f:2a:
7a:19:be:f0:5f:e3:6f:bf:44:ea:fc:05:c9:95:f2:cc:2f:5f:
e9:90:56:78:1d:fb:8a:82:6c:2a:56:a9:00:63:d0:71:fd:ab:
e8:ad:a2:b8:2d:e2:0e:90:15:01:84:ea:17:15:a9:37:05:56:
1c:e6:3e:2d:cb:c4:4b:4c:c2:16:3c:48:7e:e1:f8:e1:c2:31:
b7:5e:44:9c:41:0f:49:6b:83:5f:e5:48:b0:ee:79:47:39:ae:
31:14:cc:a0:9b:55:99:52:c3:8c:32:16:51:ae:f5:f8:02:8f:
65:68:3d:5a:9f:4d:99:e0:ba:fa:9d:f8:e8:91:c6:31:71:f8:
a2:fd:96:57:40:36:c5:e9:c7:aa:c6:41:85:51:4f:c7:54:0a:
3e:bc:86:ee:6e:00:59:63:90:6c:7c:17:b7:90:98:ee:5f:d1:
ef:8f:16:ba:b5:a7:10:ac:32:ed:9c:b3:30:ac:b8:bf:02:c3:
39:06:57:ab:fc:0d:c0:f0:5e:8a:23:c6:4a:c8:cb:a8:34:2a:
ba:b8:d1:9b:f0:da:e4:52:a3:8f:c6:8e:ba:8a:de:93:67:ad:
35:04:3d:4f
-----BEGIN CERTIFICATE-----
MIIGejCCBWKgAwIBAgIUeXyOJ7aJmqFvzeU/0lq0KUs5+lgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MTgxNjAxNTdaFw0yNjA4MTcxNjA2NTdaMDMxMTAvBgNV
BAMTKDgxQUIyREFFNUYyQjQ1RjUzQTQzNjdBQ0MxMDRDRkM5MUFFMkQwN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdM7wLmd71Xvzn6fiwV7VDw1Zb
6G3V19p5/8Qe/SMphtzB0lMleWy2q4kBdm22fGwSGAwOfJOm+KwYvs2PIgfxgEfY
sWZRHaZGFpi8ojg+JUugbtcx+ppW4vPhi7J6mLVzd7cUZaMuG0JCiZDRO0xx0+2Z
U3zrsKPihPu49JKBlVyd7QJ/gyiu2445Bz5ZiOR7lL/czN4WKNHTxKOFJXbpl2dg
AOhL3Sd44wRdbqdjtWKGIh4+CyP0cTlMPoq9UJrhO3ZfgNbANMhmr/+cg52JSDyn
KNzcbDIjZ6fTPEKLhNrPd+hpOhK9BSGPT2oEVUPuonYKZDBIU7eyNBJfNcALAgMB
AAGjggOEMIIDgDAdBgNVHQ4EFgQUgastrl8rRfU6Q2eswQTPyRri0HswHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZkGCCsGAQUFBwEHAQH/BIIBiDCCAYQwggGABAIAATCC
AXgDBAEti7YDBABcdqIDBABcdyEDBABtagMDBAGzPeIDBACzPeUDBACzPfEDBACz
PfMDBAC1KcQDBAC1KdMwDAMEALXWdwMEAbXWeAMEAbXWfAMEALXWlAMEALXWmgME
ALXWoQMEALXWyQMEALXW1AMEALXW2AMEAbXW7AMEALXW+AMEAbXXFgMEALXXKQME
ALXXOgMEALXXWAMEAbXXugMEALmJDwMEALmOGQMEALmehwMEAL9gAwMEAb9gWAME
AL9gWwMEAL9gYwMEAL9gaQMEAL9gdAMEAL9geAMEAL9gfgMEAL9giAMEAb9gjAME
AL9gjwMEAL9glQMEAL9gnQMEAL9gpDAMAwQCv2C0AwQAv2C2AwQAv2DeAwQAv2UU
AwQAv2UWAwQAv2U6AwQAv2VMAwQAv2VSAwQAv2VhAwQAv2VmAwQAv2V0AwQAv2V4
AwQAv2V8AwQAv2WxAwQAv2W0AwQAv2W7AwQAv2XsAwQAv2XwAwQAv2X3MA0GCSqG
SIb3DQEBCwUAA4IBAQAeo3Wlw12hdorB8qY7/AHy3hzR+jt3ZhYG5XUo05bRDauV
Xyp6Gb7wX+Nvv0Tq/AXJlfLML1/pkFZ4HfuKgmwqVqkAY9Bx/avoraK4LeIOkBUB
hOoXFak3BVYc5j4ty8RLTMIWPEh+4fjhwjG3XkScQQ9Ja4Nf5Uiw7nlHOa4xFMyg
m1WZUsOMMhZRrvX4Ao9laD1an02Z4Lr6nfjokcYxcfii/ZZXQDbF6ceqxkGFUU/H
VAo+vIbubgBZY5BsfBe3kJjuX9Hvjxa6tacQrDLtnLMwrLi/AsM5Bler/A3A8F6K
I8ZKyMuoNCq6uNGb8NrkUqOPxo66it6TZ601BD1P
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:36:43 2025 by rpki-client