This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa File: AS9304.roa (raw, json) Hash identifier: tQV8PYMOSP0eUZOVM90DMpQV3iT9BzixR7+xmqktoOk= Subject key identifier: 9E:EF:70:A2:A2:47:C7:AC:9E:90:4F:DD:8F:6C:F8:21:39:59:51:37 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 70932E35D48B3AA5A2A380939CCB57E467C12815 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa Signing time: Fri 19 Dec 2025 10:59:24 +0000 ROA not before: Fri 19 Dec 2025 10:54:24 +0000 ROA not after: Fri 18 Dec 2026 10:59:24 +0000 asID: 9304 IP address blocks: 96.62.59.0/24 maxlen: 24 96.62.156.0/22 maxlen: 24 96.62.224.0/24 maxlen: 24 96.62.229.0/24 maxlen: 24 136.143.243.0/24 maxlen: 24 136.143.245.0/24 maxlen: 24 136.143.246.0/24 maxlen: 24 136.143.252.0/24 maxlen: 24 136.143.254.0/24 maxlen: 24 143.14.55.0/24 maxlen: 24 143.14.87.0/24 maxlen: 24 143.14.94.0/24 maxlen: 24 143.14.144.0/24 maxlen: 24 143.14.196.0/24 maxlen: 24 143.14.214.0/24 maxlen: 24 143.14.222.0/24 maxlen: 24 146.103.52.0/24 maxlen: 24 150.241.130.0/24 maxlen: 24 150.241.137.0/24 maxlen: 24 150.241.139.0/24 maxlen: 24 150.241.141.0/24 maxlen: 24 150.241.143.0/24 maxlen: 24 150.241.208.0/24 maxlen: 24 150.241.234.0/24 maxlen: 24 155.117.108.0/24 maxlen: 24 155.117.139.0/24 maxlen: 24 155.117.143.0/24 maxlen: 24 155.117.210.0/24 maxlen: 24 162.141.5.0/24 maxlen: 24 162.141.8.0/24 maxlen: 24 162.141.19.0/24 maxlen: 24 162.141.24.0/22 maxlen: 24 162.141.28.0/22 maxlen: 24 162.141.32.0/22 maxlen: 24 162.141.40.0/22 maxlen: 24 162.141.50.0/24 maxlen: 24 162.141.56.0/22 maxlen: 24 162.141.60.0/22 maxlen: 24 162.141.66.0/24 maxlen: 24 162.141.72.0/22 maxlen: 24 162.141.82.0/24 maxlen: 24 162.141.101.0/24 maxlen: 24 162.141.144.0/21 maxlen: 24 162.141.168.0/21 maxlen: 24 162.141.181.0/24 maxlen: 24 162.141.184.0/21 maxlen: 24 167.148.16.0/21 maxlen: 24 167.148.24.0/22 maxlen: 24 167.148.48.0/21 maxlen: 24 167.148.56.0/22 maxlen: 24 167.148.64.0/22 maxlen: 24 167.148.76.0/22 maxlen: 24 167.148.88.0/21 maxlen: 24 167.148.99.0/24 maxlen: 24 167.148.108.0/22 maxlen: 24 167.148.130.0/23 maxlen: 23 167.148.194.0/24 maxlen: 24 167.148.208.0/24 maxlen: 24 168.222.5.0/24 maxlen: 24 168.222.10.0/24 maxlen: 24 168.222.14.0/24 maxlen: 24 168.222.15.0/24 maxlen: 24 168.222.17.0/24 maxlen: 24 168.222.18.0/23 maxlen: 24 168.222.24.0/24 maxlen: 24 168.222.25.0/24 maxlen: 24 168.222.26.0/24 maxlen: 24 168.222.30.0/23 maxlen: 24 203.100.210.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 13:09:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:93:2e:35:d4:8b:3a:a5:a2:a3:80:93:9c:cb:57:e4:67:c1:28:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 19 10:54:24 2025 GMT Not After : Dec 18 10:59:24 2026 GMT Subject: CN=9EEF70A2A247C7AC9E904FDD8F6CF82139595137 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:1b:9e:a8:6e:7d:34:66:b5:c3:2a:7e:77:a6: 33:63:6f:88:40:6e:30:27:3e:30:d5:45:c5:b8:40: d3:3b:be:92:74:34:36:da:ec:2a:6c:21:d8:fd:fc: e3:f4:62:2e:db:36:90:88:42:3a:83:b7:1f:3e:09: dd:17:6f:1c:2d:77:67:ed:8b:17:0c:07:ea:b1:20: 0c:a7:8a:0b:39:09:19:ee:e4:1c:e8:48:2e:8d:23: 52:34:d5:2a:2b:a2:3d:6f:eb:29:f0:a6:6a:a9:1f: 77:09:59:1f:ac:c5:f5:89:06:27:fd:ea:17:80:07: d2:1a:db:58:4d:94:e3:33:5a:e3:55:b4:54:ec:29: cd:e2:72:90:82:4b:01:7d:3d:22:52:ee:12:46:e0: 82:c4:5f:93:93:bf:e8:2e:29:d9:93:79:1c:07:64: 40:d3:e4:33:7d:47:32:ea:f6:04:73:72:0e:af:63: cf:29:c1:60:cb:7c:77:92:f7:2e:1f:d3:d7:a9:1e: d3:1f:07:93:34:47:19:8d:3c:b6:90:37:b2:0b:1b: 0c:07:fc:79:88:c5:30:65:66:e9:8e:87:6c:71:94: dc:36:c8:20:69:b9:38:25:ca:24:ee:e4:c6:77:52: 95:d0:fe:b1:b7:50:6e:62:82:7d:76:11:55:1a:0a: da:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:EF:70:A2:A2:47:C7:AC:9E:90:4F:DD:8F:6C:F8:21:39:59:51:37 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS9304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.59.0/24 96.62.156.0/22 96.62.224.0/24 96.62.229.0/24 136.143.243.0/24 136.143.245.0-136.143.246.255 136.143.252.0/24 136.143.254.0/24 143.14.55.0/24 143.14.87.0/24 143.14.94.0/24 143.14.144.0/24 143.14.196.0/24 143.14.214.0/24 143.14.222.0/24 146.103.52.0/24 150.241.130.0/24 150.241.137.0/24 150.241.139.0/24 150.241.141.0/24 150.241.143.0/24 150.241.208.0/24 150.241.234.0/24 155.117.108.0/24 155.117.139.0/24 155.117.143.0/24 155.117.210.0/24 162.141.5.0/24 162.141.8.0/24 162.141.19.0/24 162.141.24.0-162.141.35.255 162.141.40.0/22 162.141.50.0/24 162.141.56.0/21 162.141.66.0/24 162.141.72.0/22 162.141.82.0/24 162.141.101.0/24 162.141.144.0/21 162.141.168.0/21 162.141.181.0/24 162.141.184.0/21 167.148.16.0-167.148.27.255 167.148.48.0-167.148.59.255 167.148.64.0/22 167.148.76.0/22 167.148.88.0/21 167.148.99.0/24 167.148.108.0/22 167.148.130.0/23 167.148.194.0/24 167.148.208.0/24 168.222.5.0/24 168.222.10.0/24 168.222.14.0/23 168.222.17.0-168.222.19.255 168.222.24.0-168.222.26.255 168.222.30.0/23 203.100.210.0/24 Signature Algorithm: sha256WithRSAEncryption 92:9e:91:4e:2f:3e:65:f2:1a:e5:6c:4c:24:97:53:09:0c:b8: 96:9d:17:0c:1c:e3:3b:21:08:9d:f7:c8:f9:9e:e1:3b:b9:5c: 68:7b:8f:ff:54:39:d9:a6:f1:57:d6:39:26:76:03:d0:4d:12: f8:ac:cf:24:a3:de:45:33:4f:1c:4b:8a:1d:e5:35:04:f6:f5: cc:68:31:de:6c:77:48:a2:9a:f3:90:02:ad:1e:16:6c:a6:a8: e5:70:3e:0c:c8:3f:03:b4:05:83:fd:81:7b:27:e8:3b:b3:b8: 19:33:9c:6d:43:7f:8b:3c:d6:34:a3:a8:6d:e2:9b:0e:de:55: e7:85:7d:a6:26:ac:da:5a:34:c3:65:c8:c3:a2:e2:f9:43:a2: 79:2a:c9:24:b5:2a:a8:53:41:1d:e6:55:a0:28:5d:8a:60:2e: dd:09:de:34:16:be:c3:ee:19:b2:01:44:a7:7f:62:6e:cf:0b: e6:fc:cb:d9:ee:a6:d9:45:ef:96:81:01:be:46:6a:7c:db:40: 9e:78:65:89:68:8d:cd:58:59:f8:fb:39:4c:26:9e:23:d9:20: d2:65:22:5e:51:78:2e:3e:74:1e:aa:e7:3b:31:7d:09:39:d3: 7e:36:85:29:3a:fa:80:9c:00:61:5d:e6:49:c9:1d:d4:61:1e: af:f3:36:a0 -----BEGIN CERTIFICATE----- MIIGlDCCBXygAwIBAgIUcJMuNdSLOqWio4CTnMtX5GfBKBUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMTkxMDU0MjRaFw0yNjEyMTgxMDU5MjRaMDMxMTAvBgNV BAMTKDlFRUY3MEEyQTI0N0M3QUM5RTkwNEZERDhGNkNGODIxMzk1OTUxMzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpG56obn00ZrXDKn53pjNjb4hA bjAnPjDVRcW4QNM7vpJ0NDba7CpsIdj9/OP0Yi7bNpCIQjqDtx8+Cd0Xbxwtd2ft ixcMB+qxIAynigs5CRnu5BzoSC6NI1I01Soroj1v6ynwpmqpH3cJWR+sxfWJBif9 6heAB9Ia21hNlOMzWuNVtFTsKc3icpCCSwF9PSJS7hJG4ILEX5OTv+guKdmTeRwH ZEDT5DN9RzLq9gRzcg6vY88pwWDLfHeS9y4f09epHtMfB5M0RxmNPLaQN7ILGwwH /HmIxTBlZumOh2xxlNw2yCBpuTglyiTu5MZ3UpXQ/rG3UG5ign12EVUaCtqVAgMB AAGjggOeMIIDmjAdBgNVHQ4EFgQUnu9woqJHx6yekE/dj2z4ITlZUTcwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAbMGCCsGAQUFBwEHAQH/BIIBojCCAZ4wggGaBAIAATCC AZIDBABgPjsDBAJgPpwDBABgPuADBABgPuUDBACIj/MwDAMEAIiP9QMEAIiP9gME AIiP/AMEAIiP/gMEAI8ONwMEAI8OVwMEAI8OXgMEAI8OkAMEAI8OxAMEAI8O1gME AI8O3gMEAJJnNAMEAJbxggMEAJbxiQMEAJbxiwMEAJbxjQMEAJbxjwMEAJbx0AME AJbx6gMEAJt1bAMEAJt1iwMEAJt1jwMEAJt10gMEAKKNBQMEAKKNCAMEAKKNEzAM AwQDoo0YAwQCoo0gAwQCoo0oAwQAoo0yAwQDoo04AwQAoo1CAwQCoo1IAwQAoo1S AwQAoo1lAwQDoo2QAwQDoo2oAwQAoo21AwQDoo24MAwDBASnlBADBAKnlBgwDAME BKeUMAMEAqeUOAMEAqeUQAMEAqeUTAMEA6eUWAMEAKeUYwMEAqeUbAMEAaeUggME AKeUwgMEAKeU0AMEAKjeBQMEAKjeCgMEAajeDjAMAwQAqN4RAwQCqN4QMAwDBAOo 3hgDBACo3hoDBAGo3h4DBADLZNIwDQYJKoZIhvcNAQELBQADggEBAJKekU4vPmXy GuVsTCSXUwkMuJadFwwc4zshCJ33yPme4Tu5XGh7j/9UOdmm8VfWOSZ2A9BNEvis zySj3kUzTxxLih3lNQT29cxoMd5sd0iimvOQAq0eFmymqOVwPgzIPwO0BYP9gXsn 6DuzuBkznG1Df4s81jSjqG3imw7eVeeFfaYmrNpaNMNlyMOi4vlDonkqySS1KqhT QR3mVaAoXYpgLt0J3jQWvsPuGbIBRKd/Ym7PC+b8y9nuptlF75aBAb5GanzbQJ54 ZYlojc1YWfj7OUwmniPZINJlIl5ReC4+dB6q5zsxfQk50342hSk6+oCcAGFd5knJ HdRhHq/zNqA= -----END CERTIFICATE-----Generated at Sun Dec 21 05:49:13 2025 by rpki-client