This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa File: AS9304.roa (raw, json) Hash identifier: 6m1rIbKiUT5daEUpYz6AcIg1rh4nSu+JkgaTp9+NSZk= Subject key identifier: DD:27:60:D9:88:D9:20:80:9F:7A:06:84:D3:DB:A9:E2:AE:36:BA:6D Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 64E98BA33F0F7217463A36550B451D06A03A5DAA Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa Signing time: Tue 09 Dec 2025 00:06:31 +0000 ROA not before: Tue 09 Dec 2025 00:01:31 +0000 ROA not after: Tue 08 Dec 2026 00:06:31 +0000 asID: 9304 IP address blocks: 143.20.16.0/24 maxlen: 24 143.20.17.0/24 maxlen: 24 143.20.18.0/24 maxlen: 24 143.20.73.0/24 maxlen: 24 143.20.84.0/24 maxlen: 24 143.20.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:e9:8b:a3:3f:0f:72:17:46:3a:36:55:0b:45:1d:06:a0:3a:5d:aa Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 9 00:01:31 2025 GMT Not After : Dec 8 00:06:31 2026 GMT Subject: CN=DD2760D988D920809F7A0684D3DBA9E2AE36BA6D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:0c:18:87:28:50:e4:c5:28:c6:3f:a6:0d:25: ed:3c:f7:f5:f3:81:5a:5b:85:fc:c7:fd:2f:2d:58: 53:e9:27:de:52:af:db:7e:25:bb:1d:76:7d:b6:1c: 12:6b:a7:46:eb:0a:27:4e:2c:69:f3:06:41:d7:cc: 7e:7e:32:38:3c:6d:b5:14:f3:0c:56:98:9d:ba:75: 0d:7a:49:2c:32:d6:96:58:05:2a:d4:ca:77:e8:12: c7:6a:87:67:1c:3b:05:0c:a5:e4:f7:dd:84:e8:58: 82:83:f0:d9:d3:57:b2:a6:57:bb:fe:a9:8c:5d:1d: a6:a8:6f:64:a4:ba:db:0d:08:63:84:13:a1:0a:3c: cd:4a:07:79:53:67:66:1f:65:0f:09:34:92:47:68: ca:bd:e7:37:2d:8b:3f:a2:6f:44:65:86:94:91:55: 1a:58:80:40:b4:2c:1a:5e:dd:e8:30:ba:e3:f9:6f: 7b:e0:fd:b8:8b:f6:f8:41:72:b5:a4:1a:da:0c:c8: 30:fa:e2:be:53:e9:08:bf:d4:32:0c:28:47:c3:db: 52:6c:89:b9:23:9c:9f:ff:69:0a:89:f9:a5:fd:03: 1c:3b:af:18:52:a1:53:3a:7a:c1:5c:1a:b3:8b:b1: 76:77:3a:36:dd:f2:34:6c:6a:29:63:16:05:3d:58: ef:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:27:60:D9:88:D9:20:80:9F:7A:06:84:D3:DB:A9:E2:AE:36:BA:6D X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.16.0-143.20.18.255 143.20.73.0/24 143.20.84.0/24 143.20.132.0/24 Signature Algorithm: sha256WithRSAEncryption ac:36:0d:5a:ac:e4:16:53:90:9c:2e:37:81:c5:89:31:69:86: 93:50:09:f9:22:dd:0b:bc:d6:f3:e5:2d:79:0f:fb:2f:79:49: 82:aa:93:44:77:80:c7:4a:be:43:14:8b:0c:2e:e9:c8:99:41: 5b:e0:3c:98:32:69:c5:14:1f:86:65:91:b8:cb:0f:c1:fc:7f: 92:2b:0c:77:a1:da:24:4c:ec:0f:af:fb:8f:68:0c:b1:95:9c: 07:20:cf:6c:cd:53:de:fe:0e:27:7e:65:5b:e7:b4:8a:ac:ae: 14:55:c0:27:8d:13:49:eb:51:7d:ee:f6:0f:57:0b:ea:48:d4: c3:3a:42:6a:51:42:4e:8e:f2:b0:66:3b:05:62:37:5c:d5:3e: 83:88:46:6a:4f:be:18:fc:66:b8:36:5a:47:dd:ef:6f:d2:3a: c0:60:1c:09:46:ca:63:0a:ca:6d:43:5c:e3:77:d7:3a:9f:44: 96:a2:79:24:bd:28:47:e6:cf:c9:a5:56:c8:a0:1b:ad:80:70: 5f:d6:8b:05:ae:51:c4:fd:48:86:ab:c5:cc:84:50:65:db:d0: fc:19:ca:2a:68:19:f4:79:92:cf:e0:7e:d4:42:63:79:2b:8c: 78:28:fe:c8:b5:63:86:84:bf:ba:d6:af:e8:78:a8:25:90:89: 78:0c:7a:7c -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUZOmLoz8PchdGOjZVC0UdBqA6XaowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMDkwMDAxMzFaFw0yNjEyMDgwMDA2MzFaMDMxMTAvBgNV BAMTKEREMjc2MEQ5ODhEOTIwODA5RjdBMDY4NEQzREJBOUUyQUUzNkJBNkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjDBiHKFDkxSjGP6YNJe089/Xz gVpbhfzH/S8tWFPpJ95Sr9t+Jbsddn22HBJrp0brCidOLGnzBkHXzH5+Mjg8bbUU 8wxWmJ26dQ16SSwy1pZYBSrUynfoEsdqh2ccOwUMpeT33YToWIKD8NnTV7KmV7v+ qYxdHaaob2SkutsNCGOEE6EKPM1KB3lTZ2YfZQ8JNJJHaMq95zctiz+ib0RlhpSR VRpYgEC0LBpe3egwuuP5b3vg/biL9vhBcrWkGtoMyDD64r5T6Qi/1DIMKEfD21Js ibkjnJ//aQqJ+aX9Axw7rxhSoVM6esFcGrOLsXZ3Ojbd8jRsailjFgU9WO9/AgMB AAGjggIiMIICHjAdBgNVHQ4EFgQU3Sdg2YjZIICfegaE09up4q42um0wHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQEjxQQ AwQAjxQSAwQAjxRJAwQAjxRUAwQAjxSEMA0GCSqGSIb3DQEBCwUAA4IBAQCsNg1a rOQWU5CcLjeBxYkxaYaTUAn5It0LvNbz5S15D/sveUmCqpNEd4DHSr5DFIsMLunI mUFb4DyYMmnFFB+GZZG4yw/B/H+SKwx3odokTOwPr/uPaAyxlZwHIM9szVPe/g4n fmVb57SKrK4UVcAnjRNJ61F97vYPVwvqSNTDOkJqUUJOjvKwZjsFYjdc1T6DiEZq T74Y/Ga4NlpH3e9v0jrAYBwJRspjCsptQ1zjd9c6n0SWonkkvShH5s/JpVbIoBut gHBf1osFrlHE/UiGq8XMhFBl29D8GcoqaBn0eZLP4H7UQmN5K4x4KP7ItWOGhL+6 1q/oeKglkIl4DHp8 -----END CERTIFICATE-----Generated at Sat Dec 20 22:11:35 2025 by rpki-client