Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: rx63uz87tPhBy4CEiU0S9ZGlk6OF84ndgtaiNywiUJQ=
Subject key identifier: B3:1C:E0:56:60:03:1D:04:D5:6D:21:13:CF:A3:B1:E1:52:6B:52:8E
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 65C49F90937A18AB5496556D79C12348DCC61F6A
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
Signing time: Sat 30 Aug 2025 15:28:38 +0000
ROA not before: Sat 30 Aug 2025 15:23:38 +0000
ROA not after: Sat 29 Aug 2026 15:28:38 +0000
asID: 9304
IP address blocks: 45.139.182.0/24 maxlen: 24
45.139.183.0/24 maxlen: 24
92.118.162.0/24 maxlen: 24
92.119.33.0/24 maxlen: 24
109.106.3.0/24 maxlen: 24
130.185.127.0/24 maxlen: 24
179.61.226.0/24 maxlen: 24
179.61.227.0/24 maxlen: 24
179.61.229.0/24 maxlen: 24
179.61.241.0/24 maxlen: 24
179.61.243.0/24 maxlen: 24
181.41.196.0/24 maxlen: 24
181.41.211.0/24 maxlen: 24
181.214.119.0/24 maxlen: 24
181.214.120.0/24 maxlen: 24
181.214.121.0/24 maxlen: 24
181.214.124.0/24 maxlen: 24
181.214.125.0/24 maxlen: 24
181.214.148.0/24 maxlen: 24
181.214.154.0/24 maxlen: 24
181.214.161.0/24 maxlen: 24
181.214.201.0/24 maxlen: 24
181.214.212.0/24 maxlen: 24
181.214.216.0/24 maxlen: 24
181.214.236.0/24 maxlen: 24
181.214.237.0/24 maxlen: 24
181.214.248.0/24 maxlen: 24
181.215.22.0/24 maxlen: 24
181.215.23.0/24 maxlen: 24
181.215.41.0/24 maxlen: 24
181.215.58.0/24 maxlen: 24
181.215.88.0/24 maxlen: 24
181.215.186.0/23 maxlen: 24
185.137.15.0/24 maxlen: 24
185.142.25.0/24 maxlen: 24
185.158.135.0/24 maxlen: 24
191.96.3.0/24 maxlen: 24
191.96.88.0/24 maxlen: 24
191.96.89.0/24 maxlen: 24
191.96.91.0/24 maxlen: 24
191.96.99.0/24 maxlen: 24
191.96.105.0/24 maxlen: 24
191.96.116.0/24 maxlen: 24
191.96.120.0/24 maxlen: 24
191.96.126.0/24 maxlen: 24
191.96.136.0/24 maxlen: 24
191.96.140.0/24 maxlen: 24
191.96.141.0/24 maxlen: 24
191.96.143.0/24 maxlen: 24
191.96.149.0/24 maxlen: 24
191.96.157.0/24 maxlen: 24
191.96.164.0/24 maxlen: 24
191.96.180.0/24 maxlen: 24
191.96.181.0/24 maxlen: 24
191.96.182.0/24 maxlen: 24
191.96.222.0/24 maxlen: 24
191.101.20.0/24 maxlen: 24
191.101.22.0/24 maxlen: 24
191.101.58.0/24 maxlen: 24
191.101.76.0/24 maxlen: 24
191.101.82.0/24 maxlen: 24
191.101.97.0/24 maxlen: 24
191.101.102.0/24 maxlen: 24
191.101.116.0/24 maxlen: 24
191.101.120.0/24 maxlen: 24
191.101.124.0/24 maxlen: 24
191.101.177.0/24 maxlen: 24
191.101.180.0/24 maxlen: 24
191.101.187.0/24 maxlen: 24
191.101.236.0/24 maxlen: 24
191.101.240.0/24 maxlen: 24
191.101.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Sep 2025 21:34:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:c4:9f:90:93:7a:18:ab:54:96:55:6d:79:c1:23:48:dc:c6:1f:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Aug 30 15:23:38 2025 GMT
Not After : Aug 29 15:28:38 2026 GMT
Subject: CN=B31CE05660031D04D56D2113CFA3B1E1526B528E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b6:3e:61:bd:b0:e8:4d:ae:7a:4c:6e:ab:b3:
dc:e5:10:28:5e:cd:55:66:4b:1e:33:c4:6b:35:30:
05:03:bf:c0:af:12:b9:94:0d:a0:d8:f1:3f:fc:35:
27:d0:78:cb:62:54:43:56:31:fb:3b:f2:0b:94:63:
ac:21:eb:a6:71:65:85:54:4a:aa:13:54:fb:5d:b7:
a8:7a:5b:38:a9:26:d7:f8:32:f3:1b:2a:63:cf:a5:
c3:8b:47:9e:fc:dc:a5:5d:13:24:51:0d:00:dc:a1:
dd:0f:83:34:6a:df:17:b3:5b:11:5b:74:a8:8a:0e:
a9:26:d1:da:45:31:02:ee:1d:5a:3a:70:f9:0e:b8:
0a:23:1c:df:43:91:3a:e4:0a:a5:63:8d:ec:10:41:
87:4a:77:0e:75:86:8e:6b:7c:4a:7f:f8:38:3c:79:
4d:8b:ba:fd:d2:a4:a8:ca:6a:17:09:c6:2a:2e:e7:
56:6b:08:af:0f:90:5a:04:3f:ed:5e:33:a7:55:7b:
b4:59:b3:e6:6b:dc:f4:33:f1:ef:fa:06:4d:a6:86:
4a:b0:d7:e4:4d:f9:c2:3d:b5:d4:c8:cd:b3:40:dd:
d0:36:17:0c:0b:e5:81:41:cd:aa:89:fc:f9:c4:25:
78:82:b1:7e:4b:60:73:38:5d:40:79:7f:d1:ce:fa:
9e:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1C:E0:56:60:03:1D:04:D5:6D:21:13:CF:A3:B1:E1:52:6B:52:8E
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.182.0/23
92.118.162.0/24
92.119.33.0/24
109.106.3.0/24
130.185.127.0/24
179.61.226.0/23
179.61.229.0/24
179.61.241.0/24
179.61.243.0/24
181.41.196.0/24
181.41.211.0/24
181.214.119.0-181.214.121.255
181.214.124.0/23
181.214.148.0/24
181.214.154.0/24
181.214.161.0/24
181.214.201.0/24
181.214.212.0/24
181.214.216.0/24
181.214.236.0/23
181.214.248.0/24
181.215.22.0/23
181.215.41.0/24
181.215.58.0/24
181.215.88.0/24
181.215.186.0/23
185.137.15.0/24
185.142.25.0/24
185.158.135.0/24
191.96.3.0/24
191.96.88.0/23
191.96.91.0/24
191.96.99.0/24
191.96.105.0/24
191.96.116.0/24
191.96.120.0/24
191.96.126.0/24
191.96.136.0/24
191.96.140.0/23
191.96.143.0/24
191.96.149.0/24
191.96.157.0/24
191.96.164.0/24
191.96.180.0-191.96.182.255
191.96.222.0/24
191.101.20.0/24
191.101.22.0/24
191.101.58.0/24
191.101.76.0/24
191.101.82.0/24
191.101.97.0/24
191.101.102.0/24
191.101.116.0/24
191.101.120.0/24
191.101.124.0/24
191.101.177.0/24
191.101.180.0/24
191.101.187.0/24
191.101.236.0/24
191.101.240.0/24
191.101.247.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ce:e3:0a:d0:ee:4c:af:a0:42:ef:6e:c8:8a:2d:cf:38:f8:
57:48:44:cb:5d:8a:6c:19:0b:f7:46:63:7b:c8:76:08:21:5d:
aa:56:5e:12:48:5c:03:e5:dd:d6:57:dc:a2:67:b8:85:11:6a:
44:8d:5d:a6:cf:d3:f2:c4:48:83:2a:e8:70:5a:13:ac:de:0d:
c8:52:2b:e5:d5:29:fc:1d:cb:bf:4b:a3:03:9a:ef:2f:54:18:
b4:01:3c:61:de:ed:e0:3a:78:bd:fa:e3:80:a5:1d:ae:05:95:
09:32:ec:86:98:bd:ba:fa:83:bc:57:3c:03:0b:28:e8:c4:42:
03:94:83:c6:cb:c7:35:ee:b9:c1:a8:fa:bb:1c:29:f3:45:60:
78:31:4f:85:2c:7b:3e:6f:35:c0:d3:a3:2f:a0:5a:67:9d:d8:
87:a0:03:92:b3:f7:6e:df:2e:8e:ec:0a:99:1a:98:a8:3f:ea:
91:97:37:61:9c:08:5e:2d:55:81:06:e3:01:6e:bc:5d:78:3d:
f5:bb:8f:9f:e7:ac:f6:8f:af:94:c8:9c:dc:00:1e:cc:a1:98:
bd:1f:11:ee:7f:19:9e:a4:cc:c6:b6:77:90:2e:49:0f:ce:85:
f8:fa:95:42:ad:57:22:86:30:f6:5d:ad:4a:bb:c8:39:87:c2:
24:eb:33:cd
-----BEGIN CERTIFICATE-----
MIIGgDCCBWigAwIBAgIUZcSfkJN6GKtUllVtecEjSNzGH2owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNTA4MzAxNTIzMzhaFw0yNjA4MjkxNTI4MzhaMDMxMTAvBgNV
BAMTKEIzMUNFMDU2NjAwMzFEMDRENTZEMjExM0NGQTNCMUUxNTI2QjUyOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAtj5hvbDoTa56TG6rs9zlEChe
zVVmSx4zxGs1MAUDv8CvErmUDaDY8T/8NSfQeMtiVENWMfs78guUY6wh66ZxZYVU
SqoTVPtdt6h6WzipJtf4MvMbKmPPpcOLR5783KVdEyRRDQDcod0PgzRq3xezWxFb
dKiKDqkm0dpFMQLuHVo6cPkOuAojHN9DkTrkCqVjjewQQYdKdw51ho5rfEp/+Dg8
eU2Luv3SpKjKahcJxiou51ZrCK8PkFoEP+1eM6dVe7RZs+Zr3PQz8e/6Bk2mhkqw
1+RN+cI9tdTIzbNA3dA2FwwL5YFBzaqJ/PnEJXiCsX5LYHM4XUB5f9HO+p5xAgMB
AAGjggOKMIIDhjAdBgNVHQ4EFgQUsxzgVmADHQTVbSETz6Ox4VJrUo4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAZ8GCCsGAQUFBwEHAQH/BIIBjjCCAYowggGGBAIAATCC
AX4DBAEti7YDBABcdqIDBABcdyEDBABtagMDBACCuX8DBAGzPeIDBACzPeUDBACz
PfEDBACzPfMDBAC1KcQDBAC1KdMwDAMEALXWdwMEAbXWeAMEAbXWfAMEALXWlAME
ALXWmgMEALXWoQMEALXWyQMEALXW1AMEALXW2AMEAbXW7AMEALXW+AMEAbXXFgME
ALXXKQMEALXXOgMEALXXWAMEAbXXugMEALmJDwMEALmOGQMEALmehwMEAL9gAwME
Ab9gWAMEAL9gWwMEAL9gYwMEAL9gaQMEAL9gdAMEAL9geAMEAL9gfgMEAL9giAME
Ab9gjAMEAL9gjwMEAL9glQMEAL9gnQMEAL9gpDAMAwQCv2C0AwQAv2C2AwQAv2De
AwQAv2UUAwQAv2UWAwQAv2U6AwQAv2VMAwQAv2VSAwQAv2VhAwQAv2VmAwQAv2V0
AwQAv2V4AwQAv2V8AwQAv2WxAwQAv2W0AwQAv2W7AwQAv2XsAwQAv2XwAwQAv2X3
MA0GCSqGSIb3DQEBCwUAA4IBAQBrzuMK0O5Mr6BC727Iii3POPhXSETLXYpsGQv3
RmN7yHYIIV2qVl4SSFwD5d3WV9yiZ7iFEWpEjV2mz9PyxEiDKuhwWhOs3g3IUivl
1Sn8Hcu/S6MDmu8vVBi0ATxh3u3gOni9+uOApR2uBZUJMuyGmL26+oO8VzwDCyjo
xEIDlIPGy8c17rnBqPq7HCnzRWB4MU+FLHs+bzXA06MvoFpnndiHoAOSs/du3y6O
7AqZGpioP+qRlzdhnAheLVWBBuMBbrxdeD31u4+f56z2j6+UyJzcAB7MoZi9HxHu
fxmepMzGtneQLkkPzoX4+pVCrVcihjD2Xa1Ku8g5h8Ik6zPN
-----END CERTIFICATE-----
Generated at Fri Sep 5 09:55:57 2025 by rpki-client