Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: MNgayqFE2qcnGaL3c8H/7IJbyNPA6Ry8+XMsmd0AqqI=
Subject key identifier: 12:B1:E4:64:19:F7:FB:40:2F:12:DC:00:48:A2:D7:34:A8:4B:A7:35
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 20768312AACAD94DDA923F61B2817FCF38213A1F
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
Signing time: Tue 02 Jun 2026 03:04:26 +0000
ROA not before: Tue 02 Jun 2026 02:59:26 +0000
ROA not after: Tue 01 Jun 2027 03:04:26 +0000
asID: 9304
IP address blocks: 82.21.28.0/24 maxlen: 24
82.21.50.0/24 maxlen: 24
82.22.14.0/24 maxlen: 24
82.22.124.0/24 maxlen: 24
82.23.144.0/24 maxlen: 24
82.23.147.0/24 maxlen: 24
82.24.0.0/22 maxlen: 23
82.24.16.0/24 maxlen: 24
82.24.105.0/24 maxlen: 24
82.24.107.0/24 maxlen: 24
82.24.108.0/24 maxlen: 24
82.25.30.0/24 maxlen: 24
82.26.66.0/24 maxlen: 24
82.26.115.0/24 maxlen: 24
82.26.118.0/24 maxlen: 24
82.26.125.0/24 maxlen: 24
82.26.130.0/24 maxlen: 24
82.27.3.0/24 maxlen: 24
82.27.131.0/24 maxlen: 24
82.27.135.0/24 maxlen: 24
82.29.45.0/24 maxlen: 24
82.29.76.0/24 maxlen: 24
82.38.38.0/23 maxlen: 24
82.38.76.0/22 maxlen: 24
82.39.194.0/23 maxlen: 24
82.39.207.0/24 maxlen: 24
82.39.221.0/24 maxlen: 24
82.40.36.0/24 maxlen: 24
82.40.52.0/24 maxlen: 24
82.40.53.0/24 maxlen: 24
82.40.54.0/24 maxlen: 24
82.41.21.0/24 maxlen: 24
82.41.128.0/23 maxlen: 24
82.41.233.0/24 maxlen: 24
82.41.234.0/24 maxlen: 24
82.41.236.0/24 maxlen: 24
82.41.237.0/24 maxlen: 24
82.41.238.0/24 maxlen: 24
82.47.0.0/23 maxlen: 24
82.47.23.0/24 maxlen: 24
82.47.26.0/24 maxlen: 24
82.47.28.0/24 maxlen: 24
82.47.31.0/24 maxlen: 24
82.47.52.0/24 maxlen: 24
82.47.56.0/24 maxlen: 24
82.47.96.0/24 maxlen: 24
82.47.100.0/24 maxlen: 24
82.47.103.0/24 maxlen: 24
82.47.109.0/24 maxlen: 24
82.47.123.0/24 maxlen: 24
82.47.124.0/24 maxlen: 24
82.47.125.0/24 maxlen: 24
82.47.128.0/24 maxlen: 24
82.47.129.0/24 maxlen: 24
82.47.130.0/24 maxlen: 24
82.47.134.0/24 maxlen: 24
82.47.136.0/24 maxlen: 24
82.47.137.0/24 maxlen: 24
82.47.144.0/24 maxlen: 24
82.47.148.0/24 maxlen: 24
82.47.160.0/24 maxlen: 24
82.47.162.0/24 maxlen: 24
82.47.172.0/24 maxlen: 24
82.47.174.0/24 maxlen: 24
82.47.176.0/24 maxlen: 24
84.75.8.0/24 maxlen: 24
84.75.9.0/24 maxlen: 24
84.75.10.0/24 maxlen: 24
84.75.27.0/24 maxlen: 24
84.75.40.0/24 maxlen: 24
84.75.77.0/24 maxlen: 24
84.75.78.0/24 maxlen: 24
84.75.130.0/24 maxlen: 24
84.75.135.0/24 maxlen: 24
84.75.151.0/24 maxlen: 24
84.75.152.0/23 maxlen: 24
84.75.182.0/24 maxlen: 24
84.75.193.0/24 maxlen: 24
84.75.199.0/24 maxlen: 24
84.75.201.0/24 maxlen: 24
178.83.28.0/24 maxlen: 24
178.83.34.0/24 maxlen: 24
178.83.63.0/24 maxlen: 24
178.83.108.0/24 maxlen: 24
178.83.109.0/24 maxlen: 24
178.83.111.0/24 maxlen: 24
178.83.128.0/22 maxlen: 24
178.83.138.0/24 maxlen: 24
178.83.143.0/24 maxlen: 24
178.83.145.0/24 maxlen: 24
178.83.146.0/23 maxlen: 24
178.83.149.0/24 maxlen: 24
178.83.167.0/24 maxlen: 24
178.83.197.0/24 maxlen: 24
178.83.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:76:83:12:aa:ca:d9:4d:da:92:3f:61:b2:81:7f:cf:38:21:3a:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Jun 2 02:59:26 2026 GMT
Not After : Jun 1 03:04:26 2027 GMT
Subject: CN=12B1E46419F7FB402F12DC0048A2D734A84BA735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:f3:96:e3:7d:59:b2:c6:76:a2:31:d3:30:cc:
0d:a1:41:7e:d4:57:a3:95:14:e8:11:5d:67:16:2b:
90:6f:b8:69:37:fb:40:5d:a7:34:c1:cf:6e:c9:50:
f9:10:97:49:f8:6a:d8:5a:fb:32:3f:61:85:3b:d5:
f8:ec:0a:28:2f:ef:dd:a1:24:95:37:5b:fc:62:81:
f6:43:18:bd:15:3d:55:a1:de:46:9c:4b:53:c9:5e:
27:80:55:c2:67:4d:da:19:5a:78:4e:df:f9:21:0f:
6f:48:57:a4:66:4c:e7:40:fe:20:d4:d8:46:82:d8:
a8:cb:65:24:08:a2:5c:06:49:67:6b:af:fc:d7:21:
62:fa:e1:59:23:f9:88:91:75:28:a5:38:ec:29:07:
cf:aa:d7:57:0f:ce:ff:a3:94:62:24:a6:3e:98:3d:
5b:e8:b0:23:72:ba:3b:5d:9c:23:c1:a4:5b:af:75:
1d:61:01:6b:56:48:f7:89:23:7e:61:82:13:67:28:
11:69:57:d9:94:ef:00:6f:d4:d1:28:c6:61:f5:42:
ca:d1:c6:09:f5:5b:2e:69:e1:2f:c0:77:c9:24:f7:
10:d7:1c:ac:99:51:eb:63:13:c1:5e:72:c9:28:ca:
70:1f:11:05:5f:ea:5c:16:68:91:6a:4a:f8:38:ff:
78:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B1:E4:64:19:F7:FB:40:2F:12:DC:00:48:A2:D7:34:A8:4B:A7:35
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.28.0/24
82.21.50.0/24
82.22.14.0/24
82.22.124.0/24
82.23.144.0/24
82.23.147.0/24
82.24.0.0/22
82.24.16.0/24
82.24.105.0/24
82.24.107.0-82.24.108.255
82.25.30.0/24
82.26.66.0/24
82.26.115.0/24
82.26.118.0/24
82.26.125.0/24
82.26.130.0/24
82.27.3.0/24
82.27.131.0/24
82.27.135.0/24
82.29.45.0/24
82.29.76.0/24
82.38.38.0/23
82.38.76.0/22
82.39.194.0/23
82.39.207.0/24
82.39.221.0/24
82.40.36.0/24
82.40.52.0-82.40.54.255
82.41.21.0/24
82.41.128.0/23
82.41.233.0-82.41.234.255
82.41.236.0-82.41.238.255
82.47.0.0/23
82.47.23.0/24
82.47.26.0/24
82.47.28.0/24
82.47.31.0/24
82.47.52.0/24
82.47.56.0/24
82.47.96.0/24
82.47.100.0/24
82.47.103.0/24
82.47.109.0/24
82.47.123.0-82.47.125.255
82.47.128.0-82.47.130.255
82.47.134.0/24
82.47.136.0/23
82.47.144.0/24
82.47.148.0/24
82.47.160.0/24
82.47.162.0/24
82.47.172.0/24
82.47.174.0/24
82.47.176.0/24
84.75.8.0-84.75.10.255
84.75.27.0/24
84.75.40.0/24
84.75.77.0-84.75.78.255
84.75.130.0/24
84.75.135.0/24
84.75.151.0-84.75.153.255
84.75.182.0/24
84.75.193.0/24
84.75.199.0/24
84.75.201.0/24
178.83.28.0/24
178.83.34.0/24
178.83.63.0/24
178.83.108.0/23
178.83.111.0/24
178.83.128.0/22
178.83.138.0/24
178.83.143.0/24
178.83.145.0-178.83.147.255
178.83.149.0/24
178.83.167.0/24
178.83.197.0-178.83.198.255
Signature Algorithm: sha256WithRSAEncryption
56:b5:2f:ad:41:3c:47:1e:56:93:95:d3:6b:2b:51:84:33:d6:
45:1b:dc:91:2c:f4:88:87:cb:72:d4:47:fd:18:f9:2e:70:69:
38:66:b1:b2:2f:b8:99:a9:69:68:d6:60:2c:a8:54:4c:46:a5:
fb:83:b5:ef:fd:19:1f:1e:a1:6d:fe:af:82:fb:2d:5f:2e:02:
2b:24:47:9c:03:cc:c6:4e:73:ab:5f:e7:ba:9a:7b:35:2d:27:
24:07:d2:ef:de:f7:82:43:c7:26:22:16:d0:a9:f8:ad:24:6c:
0e:88:40:ed:57:96:f9:83:03:13:a9:7a:c5:13:6a:1e:86:c2:
4e:07:1b:04:24:fe:10:f2:cd:b7:fb:80:0d:b8:66:a4:eb:f4:
4f:88:81:a5:c9:83:cb:ba:49:14:3e:05:92:7e:9c:b9:66:08:
f6:03:fe:84:51:ba:5a:82:86:94:e1:76:06:77:0d:a7:37:9f:
32:98:2f:8b:50:5d:74:01:e4:8c:d7:50:57:3d:b6:ee:79:60:
1c:f1:eb:50:33:f9:10:11:c0:15:88:67:2c:ed:e4:5f:4b:22:
87:da:2d:8b:e9:8f:26:65:05:c2:53:92:fa:c3:81:3e:55:f2:
c2:9f:0d:c3:9f:5b:dd:6b:6c:3e:fa:09:bb:0f:de:57:1d:c8:
c0:5a:5d:58
-----BEGIN CERTIFICATE-----
MIIHKDCCBhCgAwIBAgIUIHaDEqrK2U3akj9hsoF/zzghOh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA2MDIwMjU5MjZaFw0yNzA2MDEwMzA0MjZaMDMxMTAvBgNV
BAMTKDEyQjFFNDY0MTlGN0ZCNDAyRjEyREMwMDQ4QTJENzM0QTg0QkE3MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX85bjfVmyxnaiMdMwzA2hQX7U
V6OVFOgRXWcWK5BvuGk3+0BdpzTBz27JUPkQl0n4atha+zI/YYU71fjsCigv792h
JJU3W/xigfZDGL0VPVWh3kacS1PJXieAVcJnTdoZWnhO3/khD29IV6RmTOdA/iDU
2EaC2KjLZSQIolwGSWdrr/zXIWL64Vkj+YiRdSilOOwpB8+q11cPzv+jlGIkpj6Y
PVvosCNyujtdnCPBpFuvdR1hAWtWSPeJI35hghNnKBFpV9mU7wBv1NEoxmH1QsrR
xgn1Wy5p4S/Ad8kk9xDXHKyZUetjE8FecskoynAfEQVf6lwWaJFqSvg4/3g1AgMB
AAGjggQyMIIELjAdBgNVHQ4EFgQUErHkZBn3+0AvEtwASKLXNKhLpzUwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAkcGCCsGAQUFBwEHAQH/BIICNjCCAjIwggIuBAIAATCC
AiYDBABSFRwDBABSFTIDBABSFg4DBABSFnwDBABSF5ADBABSF5MDBAJSGAADBABS
GBADBABSGGkwDAMEAFIYawMEAFIYbAMEAFIZHgMEAFIaQgMEAFIacwMEAFIadgME
AFIafQMEAFIaggMEAFIbAwMEAFIbgwMEAFIbhwMEAFIdLQMEAFIdTAMEAVImJgME
AlImTAMEAVInwgMEAFInzwMEAFIn3QMEAFIoJDAMAwQCUig0AwQAUig2AwQAUikV
AwQBUimAMAwDBABSKekDBABSKeowDAMEAlIp7AMEAFIp7gMEAVIvAAMEAFIvFwME
AFIvGgMEAFIvHAMEAFIvHwMEAFIvNAMEAFIvOAMEAFIvYAMEAFIvZAMEAFIvZwME
AFIvbTAMAwQAUi97AwQBUi98MAwDBAdSL4ADBABSL4IDBABSL4YDBAFSL4gDBABS
L5ADBABSL5QDBABSL6ADBABSL6IDBABSL6wDBABSL64DBABSL7AwDAMEA1RLCAME
AFRLCgMEAFRLGwMEAFRLKDAMAwQAVEtNAwQAVEtOAwQAVEuCAwQAVEuHMAwDBABU
S5cDBAFUS5gDBABUS7YDBABUS8EDBABUS8cDBABUS8kDBACyUxwDBACyUyIDBACy
Uz8DBAGyU2wDBACyU28DBAKyU4ADBACyU4oDBACyU48wDAMEALJTkQMEArJTkAME
ALJTlQMEALJTpzAMAwQAslPFAwQAslPGMA0GCSqGSIb3DQEBCwUAA4IBAQBWtS+t
QTxHHlaTldNrK1GEM9ZFG9yRLPSIh8ty1Ef9GPkucGk4ZrGyL7iZqWlo1mAsqFRM
RqX7g7Xv/RkfHqFt/q+C+y1fLgIrJEecA8zGTnOrX+e6mns1LSckB9Lv3veCQ8cm
IhbQqfitJGwOiEDtV5b5gwMTqXrFE2oehsJOBxsEJP4Q8s23+4ANuGak6/RPiIGl
yYPLukkUPgWSfpy5Zgj2A/6EUbpagoaU4XYGdw2nN58ymC+LUF10AeSM11BXPbbu
eWAc8etQM/kQEcAViGcs7eRfSyKH2i2L6Y8mZQXCU5L6w4E+VfLCnw3Dn1vda2w+
+gm7D95XHcjAWl1Y
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:51:30 2026 by rpki-client