This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa File: AS9304.roa (raw, json) Hash identifier: IXqMU75VZWAY4rcPH9WphBoXYNolpP+2goaGDw+Poc4= Subject key identifier: 74:B8:F3:07:D0:AE:3F:CA:E3:B3:F1:C4:4D:33:9D:D2:70:B9:15:94 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 7EBE94FA4BA726695AE5FDC3E1ADE5769ECC6441 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa Signing time: Sun 30 Nov 2025 15:16:04 +0000 ROA not before: Sun 30 Nov 2025 15:11:04 +0000 ROA not after: Sun 29 Nov 2026 15:16:04 +0000 asID: 9304 IP address blocks: 82.21.53.0/24 maxlen: 24 82.21.75.0/24 maxlen: 24 82.22.3.0/24 maxlen: 24 82.22.4.0/24 maxlen: 24 82.22.5.0/24 maxlen: 24 82.22.6.0/24 maxlen: 24 82.22.14.0/24 maxlen: 24 82.23.144.0/24 maxlen: 24 82.23.147.0/24 maxlen: 24 82.24.0.0/22 maxlen: 23 82.25.187.0/24 maxlen: 24 82.26.87.0/24 maxlen: 24 82.26.115.0/24 maxlen: 24 82.26.118.0/24 maxlen: 24 82.26.125.0/24 maxlen: 24 82.27.92.0/22 maxlen: 24 82.27.131.0/24 maxlen: 24 82.38.46.0/24 maxlen: 24 82.38.47.0/24 maxlen: 24 82.38.51.0/24 maxlen: 24 82.38.76.0/22 maxlen: 24 82.38.98.0/24 maxlen: 24 82.38.104.0/24 maxlen: 24 82.38.105.0/24 maxlen: 24 82.38.107.0/24 maxlen: 24 82.38.108.0/24 maxlen: 24 82.38.109.0/24 maxlen: 24 82.38.111.0/24 maxlen: 24 82.38.120.0/24 maxlen: 24 82.38.122.0/24 maxlen: 24 82.38.132.0/24 maxlen: 24 82.38.133.0/24 maxlen: 24 82.41.233.0/24 maxlen: 24 82.41.234.0/24 maxlen: 24 82.41.235.0/24 maxlen: 24 82.41.236.0/24 maxlen: 24 82.41.237.0/24 maxlen: 24 82.41.238.0/24 maxlen: 24 82.41.241.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:be:94:fa:4b:a7:26:69:5a:e5:fd:c3:e1:ad:e5:76:9e:cc:64:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 30 15:11:04 2025 GMT Not After : Nov 29 15:16:04 2026 GMT Subject: CN=74B8F307D0AE3FCAE3B3F1C44D339DD270B91594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1e:35:17:f1:9b:52:95:6b:cb:f2:81:3d:39: fa:1b:ba:cc:04:a4:04:1e:85:cf:9b:ab:de:51:ee: 97:52:18:fe:70:d6:d1:6c:9d:ef:6c:a6:22:67:6e: cd:4b:50:57:76:8b:e5:5c:7c:c3:2c:15:69:2a:45: 55:18:df:49:3f:59:c0:37:90:65:43:e2:dc:fa:c3: 1c:ef:05:9a:6a:82:94:00:7e:be:ce:5d:6d:89:14: eb:d8:36:d0:66:ff:ae:9f:b2:3b:14:d3:0f:cd:2a: 5d:0c:2f:a6:5c:be:fa:29:14:80:49:d2:f7:10:62: bc:74:03:e2:56:7e:f3:16:87:ff:a4:a1:04:4d:70: ef:2c:26:12:5d:e7:3c:f1:82:88:e8:78:d6:49:08: e9:47:9b:db:93:51:2a:b7:82:3f:5a:91:5f:31:f9: 74:d5:47:8a:df:fc:81:fa:a6:5d:44:a8:61:c9:06: 8a:df:e5:53:20:e8:27:b6:fb:ad:65:f2:0e:4c:ae: e5:7e:2f:e8:47:9e:4a:9a:26:5b:cd:76:07:51:ec: 3b:20:38:9b:7c:cd:fd:b6:0f:14:88:d1:96:38:50: 04:e7:b6:93:61:42:4c:d3:a1:11:8c:58:c9:07:2a: 34:a8:ac:e5:0a:94:90:95:8b:f3:5f:4b:dd:5b:de: b2:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:B8:F3:07:D0:AE:3F:CA:E3:B3:F1:C4:4D:33:9D:D2:70:B9:15:94 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS9304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.53.0/24 82.21.75.0/24 82.22.3.0-82.22.6.255 82.22.14.0/24 82.23.144.0/24 82.23.147.0/24 82.24.0.0/22 82.25.187.0/24 82.26.87.0/24 82.26.115.0/24 82.26.118.0/24 82.26.125.0/24 82.27.92.0/22 82.27.131.0/24 82.38.46.0/23 82.38.51.0/24 82.38.76.0/22 82.38.98.0/24 82.38.104.0/23 82.38.107.0-82.38.109.255 82.38.111.0/24 82.38.120.0/24 82.38.122.0/24 82.38.132.0/23 82.41.233.0-82.41.238.255 82.41.241.0/24 Signature Algorithm: sha256WithRSAEncryption 95:34:20:eb:ec:4f:da:e2:0b:64:cc:eb:f5:9e:89:42:96:84: 3a:c8:52:28:1b:6f:a8:9a:8a:98:43:72:48:df:a2:dd:3c:97: 18:74:61:2e:3f:64:a2:56:5c:a3:d3:42:80:93:19:75:4d:ef: 0c:dd:0d:4a:8d:d8:da:03:0c:10:ce:2a:6d:49:fa:11:71:a4: f8:d1:bf:90:6c:c0:d1:ed:8d:51:70:4b:0a:a3:e1:5a:30:bc: d3:e3:95:f4:bf:d5:24:d1:51:ca:5a:ca:a8:90:a2:c6:ac:98: 30:ca:bd:62:2f:10:14:8e:78:fb:8c:64:c9:c7:19:71:83:93: 35:86:c9:42:62:21:7b:17:1e:80:7f:c6:d2:c0:31:1d:9c:70: 4f:ea:46:a7:cc:89:63:5e:33:95:06:c0:9d:84:12:5e:82:c3: 5d:ed:4a:f1:b0:7d:01:27:e4:61:1c:25:14:76:be:8a:31:34: 97:b5:87:1e:be:38:9c:e3:a9:16:44:21:9a:cf:fa:39:09:48: ff:98:c0:23:9c:27:6f:fd:e4:ac:6a:38:88:eb:da:0e:59:6e: 61:a1:fe:78:78:af:9f:c9:e7:bc:1e:19:4b:8a:3b:10:df:60: 3a:b4:df:8f:13:c1:12:ad:3d:0e:4c:3e:9a:5c:88:36:c5:48: 9f:97:27:eb -----BEGIN CERTIFICATE----- MIIFsTCCBJmgAwIBAgIUfr6U+kunJmla5f3D4a3ldp7MZEEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMzAxNTExMDRaFw0yNjExMjkxNTE2MDRaMDMxMTAvBgNV BAMTKDc0QjhGMzA3RDBBRTNGQ0FFM0IzRjFDNDREMzM5REQyNzBCOTE1OTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCHjUX8ZtSlWvL8oE9OfobuswE pAQehc+bq95R7pdSGP5w1tFsne9spiJnbs1LUFd2i+VcfMMsFWkqRVUY30k/WcA3 kGVD4tz6wxzvBZpqgpQAfr7OXW2JFOvYNtBm/66fsjsU0w/NKl0ML6ZcvvopFIBJ 0vcQYrx0A+JWfvMWh/+koQRNcO8sJhJd5zzxgojoeNZJCOlHm9uTUSq3gj9akV8x +XTVR4rf/IH6pl1EqGHJBorf5VMg6Ce2+61l8g5MruV+L+hHnkqaJlvNdgdR7Dsg OJt8zf22DxSI0ZY4UATntpNhQkzToRGMWMkHKjSorOUKlJCVi/NfS91b3rKPAgMB AAGjggK7MIICtzAdBgNVHQ4EFgQUdLjzB9CuP8rjs/HETTOd0nC5FZQwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCB0QYIKwYBBQUHAQcBAf8EgcEwgb4wgbsEAgABMIG0AwQA UhU1AwQAUhVLMAwDBABSFgMDBABSFgYDBABSFg4DBABSF5ADBABSF5MDBAJSGAAD BABSGbsDBABSGlcDBABSGnMDBABSGnYDBABSGn0DBAJSG1wDBABSG4MDBAFSJi4D BABSJjMDBAJSJkwDBABSJmIDBAFSJmgwDAMEAFImawMEAVImbAMEAFImbwMEAFIm eAMEAFImegMEAVImhDAMAwQAUinpAwQAUinuAwQAUinxMA0GCSqGSIb3DQEBCwUA A4IBAQCVNCDr7E/a4gtkzOv1nolCloQ6yFIoG2+omoqYQ3JI36LdPJcYdGEuP2Si Vlyj00KAkxl1Te8M3Q1KjdjaAwwQziptSfoRcaT40b+QbMDR7Y1RcEsKo+FaMLzT 45X0v9Uk0VHKWsqokKLGrJgwyr1iLxAUjnj7jGTJxxlxg5M1hslCYiF7Fx6Af8bS wDEdnHBP6kanzIljXjOVBsCdhBJegsNd7UrxsH0BJ+RhHCUUdr6KMTSXtYcevjic 46kWRCGaz/o5CUj/mMAjnCdv/eSsajiI69oOWW5hof54eK+fyee8HhlLijsQ32A6 tN+PE8ESrT0OTD6aXIg2xUiflyfr -----END CERTIFICATE-----Generated at Thu Dec 4 04:21:44 2025 by rpki-client