
Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: Z4S/38RcZwSA1Ubjo1ecUOEy3QVINFGK3HdlLa//52E=
Subject key identifier: 5D:B5:47:5B:3D:44:F0:83:24:83:EF:72:97:71:B0:2A:39:4D:FF:36
Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Certificate serial: 5FA971952E64343CFF44C4687EE10A8B0FCF07DC
Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
Signing time: Sun 05 Jul 2026 06:25:26 +0000
ROA not before: Sun 05 Jul 2026 06:20:26 +0000
ROA not after: Sun 04 Jul 2027 06:25:26 +0000
asID: 9304
IP address blocks: 143.20.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft
rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Jul 2026 17:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:a9:71:95:2e:64:34:3c:ff:44:c4:68:7e:e1:0a:8b:0f:cf:07:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d
Validity
Not Before: Jul 5 06:20:26 2026 GMT
Not After : Jul 4 06:25:26 2027 GMT
Subject: CN=5DB5475B3D44F0832483EF729771B02A394DFF36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:71:42:d3:1d:ea:41:9c:d5:96:0c:74:dc:34:
f1:ef:c9:f6:d7:c1:b6:b1:5d:e5:f7:c5:69:c4:31:
49:32:32:90:1f:2e:3b:fc:57:7c:04:99:dd:de:10:
da:f0:52:92:cb:5c:96:fe:9f:13:ec:47:be:11:23:
b4:b9:6d:6e:ea:c2:cf:0f:f6:92:60:fe:c1:1f:c4:
60:d2:72:eb:fb:c3:2e:49:dd:79:28:ff:bb:66:cc:
60:a2:67:4e:1b:2c:52:0f:83:1b:e0:05:34:6b:18:
3e:e4:e7:63:5a:80:95:d0:d4:41:dd:ad:85:eb:54:
08:df:5d:03:10:35:8a:5f:29:eb:b9:36:81:56:2d:
9e:0d:f4:1d:9c:0b:86:99:97:0f:5f:6f:a1:1d:92:
f0:66:28:bf:ce:1a:46:76:b2:81:0f:b9:bf:8e:ff:
2d:a6:bd:41:9c:f8:01:09:11:5b:b2:85:48:64:4a:
b5:db:ba:bf:8e:fc:a9:31:a2:e0:ad:05:41:fa:a6:
55:cb:4f:6d:44:7e:c5:77:a2:9d:13:6e:65:39:3a:
70:15:3b:20:60:13:7f:3f:1a:0f:c9:11:12:82:e8:
99:ea:1a:6b:6d:c5:03:1a:df:f7:92:d0:09:e6:88:
fa:fa:13:34:a9:61:15:40:0f:fe:76:f8:f5:4e:41:
e9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B5:47:5B:3D:44:F0:83:24:83:EF:72:97:71:B0:2A:39:4D:FF:36
X509v3 Authority Key Identifier:
keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.20.84.0/24
Signature Algorithm: sha256WithRSAEncryption
71:a4:dd:a3:1b:c8:ab:84:d3:1d:53:f3:f7:f4:b4:23:1e:62:
b8:d0:63:cc:72:c6:51:63:28:b0:23:cc:0e:36:51:15:fc:44:
ca:03:e7:87:c2:07:b2:d5:eb:9b:64:be:1e:94:57:1d:09:97:
73:6a:05:c6:8e:64:61:c9:3a:ad:b9:40:8c:8b:78:23:3f:da:
09:08:b1:e6:a4:97:f8:64:03:6e:f6:bb:84:9e:14:aa:7f:a8:
c1:a0:cd:95:24:d1:31:dc:ee:07:9f:9e:40:50:35:a6:db:40:
db:3f:62:fb:a4:cd:d5:46:12:b6:de:9f:39:9a:6d:59:30:f8:
4a:5b:9f:d4:bd:0e:b3:a9:e2:69:8b:73:80:bc:f0:98:56:64:
a0:83:ad:fd:04:97:fb:92:7c:e8:83:8a:5c:24:f9:9a:dd:8b:
68:1c:43:37:1d:72:81:48:a0:32:0d:30:50:52:b5:97:5e:59:
2e:06:18:77:c5:a3:35:29:49:ea:9b:79:4d:29:2a:68:16:80:
0e:8d:8f:fa:38:bf:99:4d:3d:62:e7:32:9f:af:e8:f2:7a:c0:
c7:c6:68:64:0c:ef:2f:c5:d8:8d:21:b3:8e:88:ff:d0:59:28:
a0:89:7b:bf:c2:ac:2a:e7:9b:c7:34:b1:82:b3:a3:19:c2:79:
d2:b8:cc:31
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIUX6lxlS5kNDz/RMRofuEKiw/PB9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk
ZWI5M2Q5ZDAeFw0yNjA3MDUwNjIwMjZaFw0yNzA3MDQwNjI1MjZaMDMxMTAvBgNV
BAMTKDVEQjU0NzVCM0Q0NEYwODMyNDgzRUY3Mjk3NzFCMDJBMzk0REZGMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2cULTHepBnNWWDHTcNPHvyfbX
wbaxXeX3xWnEMUkyMpAfLjv8V3wEmd3eENrwUpLLXJb+nxPsR74RI7S5bW7qws8P
9pJg/sEfxGDScuv7wy5J3Xko/7tmzGCiZ04bLFIPgxvgBTRrGD7k52NagJXQ1EHd
rYXrVAjfXQMQNYpfKeu5NoFWLZ4N9B2cC4aZlw9fb6EdkvBmKL/OGkZ2soEPub+O
/y2mvUGc+AEJEVuyhUhkSrXbur+O/KkxouCtBUH6plXLT21EfsV3op0TbmU5OnAV
OyBgE38/Gg/JERKC6JnqGmttxQMa3/eS0AnmiPr6EzSpYRVAD/52+PVOQen5AgMB
AAGjggIIMIICBDAdBgNVHQ4EFgQUXbVHWz1E8IMkg+9yl3GwKjlN/zYwHwYDVR0j
BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2
MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2
NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt
NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAI8UVDAN
BgkqhkiG9w0BAQsFAAOCAQEAcaTdoxvIq4TTHVPz9/S0Ix5iuNBjzHLGUWMosCPM
DjZRFfxEygPnh8IHstXrm2S+HpRXHQmXc2oFxo5kYck6rblAjIt4Iz/aCQix5qSX
+GQDbva7hJ4Uqn+owaDNlSTRMdzuB5+eQFA1pttA2z9i+6TN1UYStt6fOZptWTD4
Sluf1L0Os6niaYtzgLzwmFZkoIOt/QSX+5J86IOKXCT5mt2LaBxDNx1ygUigMg0w
UFK1l15ZLgYYd8WjNSlJ6pt5TSkqaBaADo2P+ji/mU09Yucyn6/o8nrAx8ZoZAzv
L8XYjSGzjoj/0FkooIl7v8KsKuebxzSxgrOjGcJ50rjMMQ==
-----END CERTIFICATE-----
Generated at Sat Jul 18 01:48:45 2026 by rpki-client