Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: l2U1/Gv6+2uW/1VA26AaZAQShAu3+D+5rDemHay0GQY=
Subject key identifier: C6:C9:60:52:47:18:10:CB:15:7C:18:AA:D4:A8:01:58:86:E6:9F:D0
Certificate issuer: /CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Certificate serial: 075EB9198DF9BDF9590C41D94A3C64706AD22DE5
Authority key identifier: 0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS9304.roa
Signing time: Tue 02 Jun 2026 08:49:57 +0000
ROA not before: Tue 02 Jun 2026 08:44:57 +0000
ROA not after: Tue 01 Jun 2027 08:49:57 +0000
asID: 9304
IP address blocks: 51.146.0.0/22 maxlen: 24
51.146.65.0/24 maxlen: 24
51.146.140.0/22 maxlen: 24
51.146.150.0/23 maxlen: 24
51.194.154.0/24 maxlen: 24
51.194.155.0/24 maxlen: 24
51.194.160.0/23 maxlen: 24
51.194.162.0/24 maxlen: 24
51.194.167.0/24 maxlen: 24
51.194.188.0/23 maxlen: 24
51.194.216.0/24 maxlen: 24
51.194.217.0/24 maxlen: 24
51.194.218.0/24 maxlen: 24
51.194.222.0/24 maxlen: 24
51.194.223.0/24 maxlen: 24
51.241.16.0/23 maxlen: 24
51.241.40.0/22 maxlen: 24
51.241.60.0/23 maxlen: 24
51.241.180.0/22 maxlen: 24
51.241.188.0/22 maxlen: 24
51.241.204.0/22 maxlen: 24
51.241.212.0/22 maxlen: 24
51.241.220.0/22 maxlen: 24
51.241.228.0/22 maxlen: 24
78.105.100.0/24 maxlen: 24
78.105.103.0/24 maxlen: 24
188.220.4.0/24 maxlen: 24
188.220.5.0/24 maxlen: 24
188.220.6.0/24 maxlen: 24
188.220.7.0/24 maxlen: 24
188.220.8.0/24 maxlen: 24
188.220.9.0/24 maxlen: 24
188.220.11.0/24 maxlen: 24
188.220.13.0/24 maxlen: 24
188.220.14.0/24 maxlen: 24
188.220.15.0/24 maxlen: 24
188.220.18.0/23 maxlen: 24
188.220.40.0/22 maxlen: 24
188.221.12.0/24 maxlen: 24
188.221.18.0/24 maxlen: 24
188.221.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.mft
rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:5e:b9:19:8d:f9:bd:f9:59:0c:41:d9:4a:3c:64:70:6a:d2:2d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e20ccf5083a63b9f5887e3ea39d04e2d62b3da5
Validity
Not Before: Jun 2 08:44:57 2026 GMT
Not After : Jun 1 08:49:57 2027 GMT
Subject: CN=C6C96052471810CB157C18AAD4A8015886E69FD0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2b:9d:b8:60:22:bf:0d:91:07:38:46:e5:d4:
e8:8a:75:64:c0:ba:9b:43:59:5a:3b:36:66:cc:f5:
0c:4b:51:d3:5f:35:de:c4:f1:12:9d:ee:d6:f6:61:
84:d0:24:6b:24:fc:b3:40:7b:d8:41:f4:f6:59:44:
83:23:73:83:fc:10:a5:1f:57:d6:f0:41:04:4a:84:
23:66:aa:64:44:72:3e:43:ce:35:53:e1:91:b9:cd:
f9:b8:93:58:55:d0:11:3c:75:ac:26:81:8c:6a:84:
fc:3f:fa:e1:ad:69:21:48:66:a1:b0:8b:6a:73:b1:
93:92:a8:fc:a5:45:7d:38:f1:3c:90:1b:b0:79:dd:
fa:87:ed:ff:c6:aa:5d:01:f8:f5:d6:aa:a1:0f:f6:
40:09:5b:67:d4:e1:13:e3:8c:32:5d:53:2a:86:87:
f8:1b:63:4f:0b:76:85:24:0f:ec:15:3e:42:bd:cb:
bc:00:f0:9e:32:8a:56:61:84:8c:79:2c:1e:8c:53:
d5:1a:fa:af:32:ed:ce:32:0f:30:2b:f1:7b:0f:dc:
0e:1c:c5:9a:44:aa:c7:6f:7e:b7:8b:7c:6b:97:ed:
4c:b7:d3:bb:9b:a5:d4:cc:da:9b:8f:3f:44:bb:e0:
99:84:6a:a6:32:60:42:6d:73:c9:a7:8d:d5:71:fc:
15:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C9:60:52:47:18:10:CB:15:7C:18:AA:D4:A8:01:58:86:E6:9F:D0
X509v3 Authority Key Identifier:
keyid:0E:20:CC:F5:08:3A:63:B9:F5:88:7E:3E:A3:9D:04:E2:D6:2B:3D:A5
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/0E20CCF5083A63B9F5887E3EA39D04E2D62B3DA5.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DiDM9Qg6Y7n1iH4-o50E4tYrPaU.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/96e4ac86-1803-494d-8a7b-c051a6310752/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.146.0.0/22
51.146.65.0/24
51.146.140.0/22
51.146.150.0/23
51.194.154.0/23
51.194.160.0-51.194.162.255
51.194.167.0/24
51.194.188.0/23
51.194.216.0-51.194.218.255
51.194.222.0/23
51.241.16.0/23
51.241.40.0/22
51.241.60.0/23
51.241.180.0/22
51.241.188.0/22
51.241.204.0/22
51.241.212.0/22
51.241.220.0/22
51.241.228.0/22
78.105.100.0/24
78.105.103.0/24
188.220.4.0-188.220.9.255
188.220.11.0/24
188.220.13.0-188.220.15.255
188.220.18.0/23
188.220.40.0/22
188.221.12.0/24
188.221.18.0/24
188.221.21.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f9:6e:b9:a8:6a:e5:98:84:ce:ae:53:be:20:f6:e0:0e:17:
d2:b0:49:a4:cb:56:cc:5b:70:8a:7f:d9:d8:a8:98:bb:af:17:
29:93:a3:e3:1b:6e:a7:bb:18:16:9c:93:d9:d9:3b:5e:c9:73:
6b:0b:ad:58:76:54:3e:78:5a:9f:2e:b1:3f:64:bb:b5:17:d6:
3d:ff:9e:7c:f9:a1:ca:67:7a:81:f4:41:a5:bb:82:47:3f:51:
97:49:fa:1d:d1:26:5b:a7:a3:ca:1f:71:42:9d:58:3a:8a:90:
8e:88:35:5c:e8:e2:34:e7:a9:97:5b:24:b8:49:78:a5:e6:10:
2a:d0:a1:6f:f9:91:be:e5:c5:cd:ec:ae:9b:80:7a:81:c2:65:
fa:78:37:e3:34:cb:4d:10:0b:b8:fb:32:e4:9a:08:97:a0:d8:
bd:eb:b0:16:0c:b1:6f:dc:63:be:e3:c2:aa:08:ff:b8:64:d8:
4a:25:3f:2d:ae:b0:9a:72:1b:b3:fd:43:55:93:5e:38:b9:1a:
f0:b5:cc:49:28:ae:ab:89:f7:77:98:1c:86:4a:9e:e5:12:0a:
0e:66:45:1b:1f:fe:24:b1:e2:74:03:9e:e2:6b:a0:fa:a3:ad:
39:45:ae:b5:d9:c8:68:07:64:cf:25:07:ea:6d:82:da:c5:ad:
f6:27:27:33
-----BEGIN CERTIFICATE-----
MIIFyzCCBLOgAwIBAgIUB165GY35vflZDEHZSjxkcGrSLeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMGUyMGNjZjUwODNhNjNiOWY1ODg3ZTNlYTM5ZDA0ZTJk
NjJiM2RhNTAeFw0yNjA2MDIwODQ0NTdaFw0yNzA2MDEwODQ5NTdaMDMxMTAvBgNV
BAMTKEM2Qzk2MDUyNDcxODEwQ0IxNTdDMThBQUQ0QTgwMTU4ODZFNjlGRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpK524YCK/DZEHOEbl1OiKdWTA
uptDWVo7NmbM9QxLUdNfNd7E8RKd7tb2YYTQJGsk/LNAe9hB9PZZRIMjc4P8EKUf
V9bwQQRKhCNmqmREcj5DzjVT4ZG5zfm4k1hV0BE8dawmgYxqhPw/+uGtaSFIZqGw
i2pzsZOSqPylRX048TyQG7B53fqH7f/Gql0B+PXWqqEP9kAJW2fU4RPjjDJdUyqG
h/gbY08LdoUkD+wVPkK9y7wA8J4yilZhhIx5LB6MU9Ua+q8y7c4yDzAr8XsP3A4c
xZpEqsdvfreLfGuX7Uy307ubpdTM2puPP0S74JmEaqYyYEJtc8mnjdVx/BVTAgMB
AAGjggLVMIIC0TAdBgNVHQ4EFgQUxslgUkcYEMsVfBiq1KgBWIbmn9AwHwYDVR0j
BBgwFoAUDiDM9Qg6Y7n1iH4+o50E4tYrPaUwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvOTZlNGFjODYtMTgwMy00OTRkLThhN2ItYzA1MWE2MzEw
NzUyLzAvMEUyMENDRjUwODNBNjNCOUY1ODg3RTNFQTM5RDA0RTJENjJCM0RBNS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0RpRE05UWc2WTduMWlINC1vNTBFNHRZ
clBhVS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzk2ZTRhYzg2LTE4MDMt
NDk0ZC04YTdiLWMwNTFhNjMxMDc1Mi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB6wYIKwYBBQUHAQcBAf8EgdswgdgwgdUEAgABMIHOAwQC
M5IAAwQAM5JBAwQCM5KMAwQBM5KWAwQBM8KaMAwDBAUzwqADBAAzwqIDBAAzwqcD
BAEzwrwwDAMEAzPC2AMEADPC2gMEATPC3gMEATPxEAMEAjPxKAMEATPxPAMEAjPx
tAMEAjPxvAMEAjPxzAMEAjPx1AMEAjPx3AMEAjPx5AMEAE5pZAMEAE5pZzAMAwQC
vNwEAwQBvNwIAwQAvNwLMAwDBAC83A0DBAS83AADBAG83BIDBAK83CgDBAC83QwD
BAC83RIDBAC83RUwDQYJKoZIhvcNAQELBQADggEBAHT5brmoauWYhM6uU74g9uAO
F9KwSaTLVsxbcIp/2diomLuvFymTo+Mbbqe7GBack9nZO17Jc2sLrVh2VD54Wp8u
sT9ku7UX1j3/nnz5ocpneoH0QaW7gkc/UZdJ+h3RJluno8ofcUKdWDqKkI6INVzo
4jTnqZdbJLhJeKXmECrQoW/5kb7lxc3srpuAeoHCZfp4N+M0y00QC7j7MuSaCJeg
2L3rsBYMsW/cY77jwqoI/7hk2EolPy2usJpyG7P9Q1WTXji5GvC1zEkorquJ93eY
HIZKnuUSCg5mRRsf/iSx4nQDnuJroPqjrTlFrrXZyGgHZM8lB+ptgtrFrfYnJzM=
-----END CERTIFICATE-----
Generated at Tue Jun 2 20:50:33 2026 by rpki-client