This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa File: AS9304.roa (raw, json) Hash identifier: 9HaJxYTCGLzkmcwN5ln9vMVisInrrcqMgWULH/srzNw= Subject key identifier: 3B:81:57:CA:19:D8:67:CC:B4:90:58:09:09:6D:B8:D5:F1:41:ED:65 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 1DD657ECF2BC58E6CD734083DB68DA7282B3C64C Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa Signing time: Sat 17 Jan 2026 13:35:28 +0000 ROA not before: Sat 17 Jan 2026 13:30:28 +0000 ROA not after: Sat 16 Jan 2027 13:35:28 +0000 asID: 9304 IP address blocks: 143.20.11.0/24 maxlen: 24 143.20.13.0/24 maxlen: 24 143.20.16.0/24 maxlen: 24 143.20.17.0/24 maxlen: 24 143.20.18.0/24 maxlen: 24 143.20.21.0/24 maxlen: 24 143.20.22.0/24 maxlen: 24 143.20.25.0/24 maxlen: 24 143.20.26.0/24 maxlen: 24 143.20.28.0/24 maxlen: 24 143.20.34.0/24 maxlen: 24 143.20.43.0/24 maxlen: 24 143.20.48.0/24 maxlen: 24 143.20.56.0/24 maxlen: 24 143.20.57.0/24 maxlen: 24 143.20.59.0/24 maxlen: 24 143.20.73.0/24 maxlen: 24 143.20.77.0/24 maxlen: 24 143.20.80.0/24 maxlen: 24 143.20.84.0/24 maxlen: 24 143.20.105.0/24 maxlen: 24 143.20.106.0/24 maxlen: 24 143.20.120.0/24 maxlen: 24 143.20.132.0/24 maxlen: 24 143.20.151.0/24 maxlen: 24 143.20.152.0/24 maxlen: 24 143.20.162.0/24 maxlen: 24 143.20.168.0/24 maxlen: 24 143.20.173.0/24 maxlen: 24 143.20.198.0/24 maxlen: 24 143.20.214.0/24 maxlen: 24 143.20.223.0/24 maxlen: 24 143.20.237.0/24 maxlen: 24 143.20.239.0/24 maxlen: 24 143.20.244.0/24 maxlen: 24 143.20.245.0/24 maxlen: 24 143.20.248.0/24 maxlen: 24 143.20.249.0/24 maxlen: 24 143.20.252.0/24 maxlen: 24 143.20.254.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 16:06:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d6:57:ec:f2:bc:58:e6:cd:73:40:83:db:68:da:72:82:b3:c6:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Jan 17 13:30:28 2026 GMT Not After : Jan 16 13:35:28 2027 GMT Subject: CN=3B8157CA19D867CCB4905809096DB8D5F141ED65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:4c:78:93:1f:0d:f2:d6:da:83:6b:7c:d8:b7: 74:d3:c0:4d:d4:ed:3b:87:66:0c:1d:8e:67:40:50: ba:7b:69:16:f2:71:14:3b:a0:b7:dd:9b:14:a2:4c: 2e:63:86:6a:9f:4f:48:89:2e:97:6e:87:43:aa:a7: 87:68:04:1c:cf:65:6a:ed:3d:01:5b:a4:19:78:2c: da:74:7e:44:df:86:33:9f:4f:a4:9a:91:88:2c:df: 9b:c6:fb:c1:c2:f0:5d:54:ee:35:5a:33:8b:18:7b: 3c:52:e4:ef:01:25:b3:c1:ef:60:e3:7d:0c:8e:1b: d0:46:14:48:d2:6c:9f:6f:c3:fb:dc:11:d7:d9:fc: 24:6c:54:4d:e8:86:96:c2:aa:5e:32:f6:ec:b1:5e: d5:40:2e:56:1b:6a:a9:18:84:a9:0d:1e:ac:0c:34: 0f:21:52:d4:e4:da:87:76:62:d6:70:36:4b:4c:62: 83:8c:b2:05:bc:a2:0c:82:f7:70:a1:33:59:27:4a: 30:2d:5c:f5:2b:39:e4:3f:e8:49:13:6e:45:e5:1d: 4f:f5:2c:41:b9:05:18:9c:b0:4e:be:db:e3:ee:19: 3d:7b:c0:99:42:4a:7d:e0:f6:e0:87:d6:ce:2c:65: ff:0f:5b:2d:19:13:22:fd:58:ff:f1:f8:34:57:48: 41:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:81:57:CA:19:D8:67:CC:B4:90:58:09:09:6D:B8:D5:F1:41:ED:65 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS9304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.11.0/24 143.20.13.0/24 143.20.16.0-143.20.18.255 143.20.21.0-143.20.22.255 143.20.25.0-143.20.26.255 143.20.28.0/24 143.20.34.0/24 143.20.43.0/24 143.20.48.0/24 143.20.56.0/23 143.20.59.0/24 143.20.73.0/24 143.20.77.0/24 143.20.80.0/24 143.20.84.0/24 143.20.105.0-143.20.106.255 143.20.120.0/24 143.20.132.0/24 143.20.151.0-143.20.152.255 143.20.162.0/24 143.20.168.0/24 143.20.173.0/24 143.20.198.0/24 143.20.214.0/24 143.20.223.0/24 143.20.237.0/24 143.20.239.0/24 143.20.244.0/23 143.20.248.0/23 143.20.252.0/24 143.20.254.0/24 Signature Algorithm: sha256WithRSAEncryption d4:ba:cd:c9:9c:7f:6e:46:9f:90:be:f3:03:9d:14:82:26:fc: 1e:4d:73:9a:95:b5:f8:4e:9f:7a:26:7b:ac:14:aa:7d:36:29: 85:ef:3d:e7:7d:64:e8:c6:ae:90:f4:89:7b:c5:66:b3:26:8a: bc:c1:9c:79:ec:af:5a:fa:ed:28:ae:73:8b:0c:00:a9:fb:f1: 5a:e9:c4:63:6a:b2:5d:27:ea:21:90:05:82:ed:6b:bf:4b:e2: b0:bf:1d:72:f2:ea:a7:bc:1b:4d:59:b0:d5:97:21:10:6d:66: c6:de:d9:bf:63:d5:ec:76:5a:22:2e:a4:4b:7f:92:8c:46:2b: 94:97:35:49:d1:16:8f:4a:bf:6a:7e:74:58:4d:e5:cd:e5:04: 22:02:10:ee:1a:c7:c2:ee:d2:c3:22:83:8b:2d:67:35:bc:a4: 43:67:3a:96:f0:97:ee:cc:ef:6f:e5:03:10:1c:f3:c2:b4:1c: e4:b4:09:cf:3d:a5:5f:90:45:75:9c:60:3c:af:87:62:cc:ee: 22:61:99:a2:cb:a7:f4:97:b2:4b:9d:c1:9a:89:a5:5a:3b:5b: 4d:6d:22:e8:34:6f:0f:d6:f6:5d:c7:ac:1e:09:96:fd:19:bb: 9f:2d:49:61:dc:50:5f:14:15:61:cc:14:34:de:36:1d:34:44: 4c:8a:fb:9e -----BEGIN CERTIFICATE----- MIIF3zCCBMegAwIBAgIUHdZX7PK8WObNc0CD22jacoKzxkwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNjAxMTcxMzMwMjhaFw0yNzAxMTYxMzM1MjhaMDMxMTAvBgNV BAMTKDNCODE1N0NBMTlEODY3Q0NCNDkwNTgwOTA5NkRCOEQ1RjE0MUVENjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWTHiTHw3y1tqDa3zYt3TTwE3U 7TuHZgwdjmdAULp7aRbycRQ7oLfdmxSiTC5jhmqfT0iJLpduh0Oqp4doBBzPZWrt PQFbpBl4LNp0fkTfhjOfT6SakYgs35vG+8HC8F1U7jVaM4sYezxS5O8BJbPB72Dj fQyOG9BGFEjSbJ9vw/vcEdfZ/CRsVE3ohpbCql4y9uyxXtVALlYbaqkYhKkNHqwM NA8hUtTk2od2YtZwNktMYoOMsgW8ogyC93ChM1knSjAtXPUrOeQ/6EkTbkXlHU/1 LEG5BRicsE6+2+PuGT17wJlCSn3g9uCH1s4sZf8PWy0ZEyL9WP/x+DRXSEGVAgMB AAGjggLpMIIC5TAdBgNVHQ4EFgQUO4FXyhnYZ8y0kFgJCW241fFB7WUwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTOTMwNC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCB/wYIKwYBBQUHAQcBAf8Ege8wgewwgekEAgABMIHiAwQA jxQLAwQAjxQNMAwDBASPFBADBACPFBIwDAMEAI8UFQMEAI8UFjAMAwQAjxQZAwQA jxQaAwQAjxQcAwQAjxQiAwQAjxQrAwQAjxQwAwQBjxQ4AwQAjxQ7AwQAjxRJAwQA jxRNAwQAjxRQAwQAjxRUMAwDBACPFGkDBACPFGoDBACPFHgDBACPFIQwDAMEAI8U lwMEAI8UmAMEAI8UogMEAI8UqAMEAI8UrQMEAI8UxgMEAI8U1gMEAI8U3wMEAI8U 7QMEAI8U7wMEAY8U9AMEAY8U+AMEAI8U/AMEAI8U/jANBgkqhkiG9w0BAQsFAAOC AQEA1LrNyZx/bkafkL7zA50Ugib8Hk1zmpW1+E6feiZ7rBSqfTYphe89531k6Mau kPSJe8VmsyaKvMGceeyvWvrtKK5ziwwAqfvxWunEY2qyXSfqIZAFgu1rv0visL8d cvLqp7wbTVmw1ZchEG1mxt7Zv2PV7HZaIi6kS3+SjEYrlJc1SdEWj0q/an50WE3l zeUEIgIQ7hrHwu7SwyKDiy1nNbykQ2c6lvCX7szvb+UDEBzzwrQc5LQJzz2lX5BF dZxgPK+HYszuImGZosun9JeyS53BmomlWjtbTW0i6DRvD9b2XcesHgmW/Rm7ny1J YdxQXxQVYcwUNN42HTRETIr7ng== -----END CERTIFICATE-----Generated at Sun Jan 18 08:55:12 2026 by rpki-client