Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
File: AS9304.roa (raw, json)
Hash identifier: 7wqw4lgPSbeWsovuEuJK0939XPYbV6b2lxQI+ufYHJA=
Subject key identifier: C7:0C:22:6D:A2:7A:A4:88:12:5E:1C:E5:5D:2E:1E:61:FD:AC:7B:B2
Certificate issuer: /CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Certificate serial: 7390DBA93938B1E67BBE5FB2C85AF17136731150
Authority key identifier: 6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
Signing time: Wed 04 Mar 2026 08:30:28 +0000
ROA not before: Wed 04 Mar 2026 08:25:28 +0000
ROA not after: Wed 03 Mar 2027 08:30:28 +0000
asID: 9304
IP address blocks: 147.125.129.0/24 maxlen: 24
147.125.132.0/24 maxlen: 24
147.125.133.0/24 maxlen: 24
147.125.134.0/24 maxlen: 24
147.125.140.0/24 maxlen: 24
147.125.141.0/24 maxlen: 24
147.125.142.0/24 maxlen: 24
147.125.143.0/24 maxlen: 24
147.125.144.0/24 maxlen: 24
147.125.145.0/24 maxlen: 24
147.125.146.0/24 maxlen: 24
147.125.147.0/24 maxlen: 24
147.125.148.0/24 maxlen: 24
147.125.150.0/24 maxlen: 24
147.125.157.0/24 maxlen: 24
147.125.159.0/24 maxlen: 24
147.125.161.0/24 maxlen: 24
147.125.247.0/24 maxlen: 24
147.125.248.0/24 maxlen: 24
147.125.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.mft
rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:90:db:a9:39:38:b1:e6:7b:be:5f:b2:c8:5a:f1:71:36:73:11:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ccdc82bae7800f7d507c737924869bdeb5a76ea
Validity
Not Before: Mar 4 08:25:28 2026 GMT
Not After : Mar 3 08:30:28 2027 GMT
Subject: CN=C70C226DA27AA488125E1CE55D2E1E61FDAC7BB2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:bb:b6:0d:07:89:7f:6f:da:2a:b6:58:16:08:
0b:06:2d:2f:51:d3:a8:b7:72:aa:39:4e:39:f2:84:
3a:c4:3e:4e:b7:6a:55:33:7c:7d:a6:f0:be:af:6d:
63:79:67:78:40:39:d2:af:92:a9:37:eb:0f:6c:5f:
ec:5b:87:11:8a:91:61:45:7e:24:f9:eb:47:3d:a5:
61:89:e5:e1:8f:9e:05:3a:ca:20:ad:12:b3:25:ff:
b2:43:9e:e1:59:1b:67:2a:14:07:4c:a2:b6:22:ae:
c0:34:89:dd:7c:bc:a2:43:ea:75:f7:ad:53:0d:52:
ac:50:14:62:f2:74:70:ff:2d:33:d7:dd:93:37:0b:
b3:ed:32:e1:49:7a:7b:7a:e4:ee:ab:d4:a1:26:36:
80:1c:11:2c:30:11:9f:97:35:34:19:1c:ae:5d:81:
fd:d6:1c:31:9d:3f:78:70:44:66:f2:0e:37:0e:f6:
55:fe:82:a8:a9:29:aa:d4:93:37:3a:a0:42:f6:21:
67:8b:60:15:47:9e:bd:90:dd:32:00:86:f1:7d:77:
e3:86:51:90:57:9e:db:fc:b2:87:3a:e2:8d:69:b9:
24:80:13:a6:42:2a:34:09:6c:95:83:4b:89:92:f0:
47:0f:ed:93:66:f4:4c:90:c4:58:6b:f3:27:6d:cb:
71:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:0C:22:6D:A2:7A:A4:88:12:5E:1C:E5:5D:2E:1E:61:FD:AC:7B:B2
X509v3 Authority Key Identifier:
keyid:6C:CD:C8:2B:AE:78:00:F7:D5:07:C7:37:92:48:69:BD:EB:5A:76:EA
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/6CCDC82BAE7800F7D507C737924869BDEB5A76EA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bM3IK654APfVB8c3kkhpvetaduo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ccd3884a-c385-4b65-9866-4f6383172672/0/AS9304.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.125.129.0/24
147.125.132.0-147.125.134.255
147.125.140.0-147.125.148.255
147.125.150.0/24
147.125.157.0/24
147.125.159.0/24
147.125.161.0/24
147.125.247.0-147.125.249.255
Signature Algorithm: sha256WithRSAEncryption
76:2d:7d:67:c1:47:df:27:64:40:6b:d1:36:b5:cd:0c:d0:ed:
a9:b5:aa:a1:9a:52:36:e0:8b:1e:7e:5f:2b:8c:72:84:ba:51:
e6:0a:80:1e:5c:78:88:e9:13:82:33:bf:60:dd:cc:b2:1a:ea:
91:4a:b1:f4:7a:06:e5:3d:7c:b1:8d:f4:e1:14:3d:b9:cd:1f:
40:f8:4e:6a:95:88:77:88:06:c3:50:d5:9e:00:8a:51:33:03:
13:36:c2:46:85:8c:08:12:7f:90:20:b2:e7:ff:b4:10:91:cb:
a8:2b:89:6c:87:ba:83:85:8f:0f:34:a3:02:42:b6:86:df:0f:
d6:32:e4:81:0c:1c:64:7d:29:ff:03:45:08:cc:d0:09:39:b6:
89:ba:93:49:46:e4:7b:ad:db:24:b0:15:28:b5:52:34:79:8c:
4f:a0:bb:3d:c9:19:04:5e:70:3d:18:5a:ba:c0:c3:6d:d8:7a:
48:12:31:33:5e:b0:f3:74:a6:c3:2e:c3:64:f0:66:8c:0a:00:
13:ea:97:74:89:36:3f:75:7e:40:bb:1a:e3:91:e1:9b:b5:f0:
ee:95:43:c7:58:15:a2:5a:bd:09:29:00:e5:07:a9:fe:0b:d1:
37:b1:55:9a:6a:0e:e8:5d:01:92:76:bd:c0:0a:c6:f8:ba:30:
3e:38:d5:0f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIUc5DbqTk4seZ7vl+yyFrxcTZzEVAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNmNjZGM4MmJhZTc4MDBmN2Q1MDdjNzM3OTI0ODY5YmRl
YjVhNzZlYTAeFw0yNjAzMDQwODI1MjhaFw0yNzAzMDMwODMwMjhaMDMxMTAvBgNV
BAMTKEM3MEMyMjZEQTI3QUE0ODgxMjVFMUNFNTVEMkUxRTYxRkRBQzdCQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzu7YNB4l/b9oqtlgWCAsGLS9R
06i3cqo5TjnyhDrEPk63alUzfH2m8L6vbWN5Z3hAOdKvkqk36w9sX+xbhxGKkWFF
fiT560c9pWGJ5eGPngU6yiCtErMl/7JDnuFZG2cqFAdMorYirsA0id18vKJD6nX3
rVMNUqxQFGLydHD/LTPX3ZM3C7PtMuFJent65O6r1KEmNoAcESwwEZ+XNTQZHK5d
gf3WHDGdP3hwRGbyDjcO9lX+gqipKarUkzc6oEL2IWeLYBVHnr2Q3TIAhvF9d+OG
UZBXntv8soc64o1puSSAE6ZCKjQJbJWDS4mS8EcP7ZNm9EyQxFhr8ydty3EtAgMB
AAGjggJKMIICRjAdBgNVHQ4EFgQUxwwibaJ6pIgSXhzlXS4eYf2se7IwHwYDVR0j
BBgwFoAUbM3IK654APfVB8c3kkhpvetaduowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvY2NkMzg4NGEtYzM4NS00YjY1LTk4NjYtNGY2MzgzMTcy
NjcyLzAvNkNDREM4MkJBRTc4MDBGN0Q1MDdDNzM3OTI0ODY5QkRFQjVBNzZFQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2JNM0lLNjU0QVBmVkI4YzNra2hwdmV0
YWR1by5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2NjZDM4ODRhLWMzODUt
NGI2NS05ODY2LTRmNjM4MzE3MjY3Mi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBhBggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAJN9gTAM
AwQCk32EAwQAk32GMAwDBAKTfYwDBACTfZQDBACTfZYDBACTfZ0DBACTfZ8DBACT
faEwDAMEAJN99wMEAZN9+DANBgkqhkiG9w0BAQsFAAOCAQEAdi19Z8FH3ydkQGvR
NrXNDNDtqbWqoZpSNuCLHn5fK4xyhLpR5gqAHlx4iOkTgjO/YN3MshrqkUqx9HoG
5T18sY304RQ9uc0fQPhOapWId4gGw1DVngCKUTMDEzbCRoWMCBJ/kCCy5/+0EJHL
qCuJbIe6g4WPDzSjAkK2ht8P1jLkgQwcZH0p/wNFCMzQCTm2ibqTSUbke63bJLAV
KLVSNHmMT6C7PckZBF5wPRhausDDbdh6SBIxM16w83Smwy7DZPBmjAoAE+qXdIk2
P3V+QLsa45Hhm7Xw7pVDx1gVolq9CSkA5Qep/gvRN7FVmmoO6F0Bkna9wArG+Low
PjjVDw==
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:20:10 2026 by rpki-client