Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: YfnpkckiSsWFd2jf8Qu6GXJEkGITtyOUCl4NWdOt0Sc=
Subject key identifier: 94:A1:A0:F6:22:0F:B2:66:DB:A6:1B:0A:BB:3F:5E:77:D6:7D:66:97
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 6085867C5E39D15EF07F440CA9D2E21CA8E5E0A5
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
Signing time: Tue 10 Mar 2026 07:51:44 +0000
ROA not before: Tue 10 Mar 2026 07:46:44 +0000
ROA not after: Tue 09 Mar 2027 07:51:44 +0000
asID: 9304
IP address blocks: 147.125.129.0/24 maxlen: 24
147.125.132.0/24 maxlen: 24
147.125.133.0/24 maxlen: 24
147.125.134.0/24 maxlen: 24
147.125.140.0/24 maxlen: 24
147.125.141.0/24 maxlen: 24
147.125.142.0/24 maxlen: 24
147.125.143.0/24 maxlen: 24
147.125.144.0/24 maxlen: 24
147.125.145.0/24 maxlen: 24
147.125.146.0/24 maxlen: 24
147.125.147.0/24 maxlen: 24
147.125.148.0/24 maxlen: 24
147.125.150.0/24 maxlen: 24
147.125.157.0/24 maxlen: 24
147.125.159.0/24 maxlen: 24
147.125.247.0/24 maxlen: 24
147.125.248.0/24 maxlen: 24
147.125.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 19:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:85:86:7c:5e:39:d1:5e:f0:7f:44:0c:a9:d2:e2:1c:a8:e5:e0:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 10 07:46:44 2026 GMT
Not After : Mar 9 07:51:44 2027 GMT
Subject: CN=94A1A0F6220FB266DBA61B0ABB3F5E77D67D6697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a0:c2:86:66:15:46:40:fd:b7:16:d7:08:8c:
15:66:b3:f0:13:92:09:ca:74:dc:30:b1:8a:ef:98:
6b:a2:59:b4:08:d6:76:fe:79:c5:91:90:37:c5:0c:
f1:c1:9c:ba:8f:bb:22:c8:85:3e:3d:4e:30:1f:b8:
3e:4a:70:f2:38:49:93:f1:f3:03:1d:71:b7:71:b2:
2e:d6:f5:f8:1d:e2:16:49:ee:3f:c2:bf:35:4d:d3:
62:b5:16:ff:65:7c:dd:fc:a2:de:36:a9:39:ec:c5:
7b:fe:22:1c:95:fc:c3:38:61:9f:38:1c:f1:a7:3d:
61:03:23:94:07:7d:8a:7b:8a:01:13:4d:be:fe:a0:
94:a6:44:4b:c6:91:47:fa:a5:62:44:bc:22:7e:cd:
1e:08:62:d8:25:d6:c8:7e:b3:3a:28:da:2d:52:a2:
bf:e4:0b:05:7f:15:e4:8d:4d:bd:ea:32:ef:50:17:
cf:24:ff:ac:54:85:48:57:e9:eb:6d:d5:b5:14:0d:
65:35:8c:85:15:82:88:c5:26:66:a1:ca:21:89:d9:
45:0b:ee:83:a6:bd:7a:8d:08:31:ba:14:24:07:b3:
62:7d:8f:7c:c5:68:57:22:6e:3b:78:2d:40:5b:5a:
e1:fa:fb:0a:e7:68:21:da:7b:c4:09:35:c3:49:f3:
4a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A1:A0:F6:22:0F:B2:66:DB:A6:1B:0A:BB:3F:5E:77:D6:7D:66:97
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.129.0/24
147.125.132.0-147.125.134.255
147.125.140.0-147.125.148.255
147.125.150.0/24
147.125.157.0/24
147.125.159.0/24
147.125.247.0-147.125.249.255
Signature Algorithm: sha256WithRSAEncryption
31:13:10:3a:d9:58:66:69:1c:e3:20:06:4b:44:0c:62:2a:d6:
8c:ca:af:bf:09:01:83:c8:56:4b:94:12:dc:e9:27:cf:4c:c1:
cc:33:84:19:26:bb:b8:7d:c3:74:b2:27:ae:d3:d3:bd:31:51:
06:15:b3:ae:f3:96:1a:d9:f5:73:eb:13:ea:c3:d8:9d:24:ce:
4a:90:12:01:de:07:cc:3d:8d:60:11:e9:ab:83:b9:4a:e0:c2:
9d:49:4f:88:1d:3c:0c:f4:55:91:9e:2f:ba:e2:01:37:48:c0:
e3:64:99:5f:38:d8:38:16:cf:67:42:9b:49:57:aa:6b:7b:79:
10:dd:cb:56:d2:66:d5:85:00:c8:df:b3:06:eb:1f:37:9e:a4:
1c:6a:b0:e8:44:11:01:05:7b:67:22:59:ba:5d:33:80:4b:ed:
42:ad:61:54:05:4c:8e:49:71:29:44:10:3a:70:8c:8f:3c:94:
50:5f:5f:6a:8e:b3:aa:3e:e8:9b:56:ee:62:a2:0a:f1:54:8b:
c7:26:44:6a:86:50:fd:23:b4:30:25:9b:39:9d:e4:c4:42:76:
8b:1c:0b:9f:29:a4:8b:ec:24:1a:e3:de:48:0f:f3:51:2a:d1:
ae:e1:a0:1b:64:ff:24:d4:fa:ff:ce:3e:8d:98:4d:af:31:08:
f5:6f:ae:1d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIUYIWGfF450V7wf0QMqdLiHKjl4KUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMTAwNzQ2NDRaFw0yNzAzMDkwNzUxNDRaMDMxMTAvBgNV
BAMTKDk0QTFBMEY2MjIwRkIyNjZEQkE2MUIwQUJCM0Y1RTc3RDY3RDY2OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFoMKGZhVGQP23FtcIjBVms/AT
kgnKdNwwsYrvmGuiWbQI1nb+ecWRkDfFDPHBnLqPuyLIhT49TjAfuD5KcPI4SZPx
8wMdcbdxsi7W9fgd4hZJ7j/CvzVN02K1Fv9lfN38ot42qTnsxXv+IhyV/MM4YZ84
HPGnPWEDI5QHfYp7igETTb7+oJSmREvGkUf6pWJEvCJ+zR4IYtgl1sh+szoo2i1S
or/kCwV/FeSNTb3qMu9QF88k/6xUhUhX6ett1bUUDWU1jIUVgojFJmahyiGJ2UUL
7oOmvXqNCDG6FCQHs2J9j3zFaFcibjt4LUBbWuH6+wrnaCHae8QJNcNJ80rLAgMB
AAGjggJEMIICQDAdBgNVHQ4EFgQUlKGg9iIPsmbbphsKuz9ed9Z9ZpcwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBbBggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAJN9gTAM
AwQCk32EAwQAk32GMAwDBAKTfYwDBACTfZQDBACTfZYDBACTfZ0DBACTfZ8wDAME
AJN99wMEAZN9+DANBgkqhkiG9w0BAQsFAAOCAQEAMRMQOtlYZmkc4yAGS0QMYirW
jMqvvwkBg8hWS5QS3Oknz0zBzDOEGSa7uH3DdLInrtPTvTFRBhWzrvOWGtn1c+sT
6sPYnSTOSpASAd4HzD2NYBHpq4O5SuDCnUlPiB08DPRVkZ4vuuIBN0jA42SZXzjY
OBbPZ0KbSVeqa3t5EN3LVtJm1YUAyN+zBusfN56kHGqw6EQRAQV7ZyJZul0zgEvt
Qq1hVAVMjklxKUQQOnCMjzyUUF9fao6zqj7om1buYqIK8VSLxyZEaoZQ/SO0MCWb
OZ3kxEJ2ixwLnymki+wkGuPeSA/zUSrRruGgG2T/JNT6/84+jZhNrzEI9W+uHQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 14:04:22 2026 by rpki-client