This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa File: AS3320.roa (raw, json) Hash identifier: gxqLNl+JyFcDu7k1eNoShI/O9tSEOvUhawyWnZrMb60= Subject key identifier: 67:42:AB:66:6F:DC:03:3C:A7:8F:03:C1:7F:11:02:5D:72:A9:B7:53 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 4C4F2D0B318A76C6A09FCF737A8698B67E5CF934 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa Signing time: Mon 01 Dec 2025 06:54:09 +0000 ROA not before: Mon 01 Dec 2025 06:49:09 +0000 ROA not after: Mon 30 Nov 2026 06:54:09 +0000 asID: 3320 IP address blocks: 91.124.112.0/24 maxlen: 24 91.124.113.0/24 maxlen: 24 91.124.114.0/24 maxlen: 24 91.124.115.0/24 maxlen: 24 91.124.164.0/22 maxlen: 24 92.112.10.0/24 maxlen: 24 95.134.16.0/22 maxlen: 24 95.134.61.0/24 maxlen: 24 95.134.112.0/24 maxlen: 24 95.134.178.0/24 maxlen: 24 95.134.180.0/24 maxlen: 24 95.134.192.0/24 maxlen: 24 95.134.205.0/24 maxlen: 24 95.134.224.0/22 maxlen: 24 95.134.233.0/24 maxlen: 24 95.135.44.0/22 maxlen: 24 95.135.76.0/24 maxlen: 24 95.135.77.0/24 maxlen: 24 95.135.78.0/24 maxlen: 24 95.135.79.0/24 maxlen: 24 95.135.88.0/22 maxlen: 24 95.135.222.0/24 maxlen: 24 178.92.85.0/24 maxlen: 24 178.92.88.0/24 maxlen: 24 178.92.93.0/24 maxlen: 24 178.92.106.0/24 maxlen: 24 178.92.172.0/22 maxlen: 24 178.92.199.0/24 maxlen: 24 178.92.207.0/24 maxlen: 24 178.92.248.0/24 maxlen: 24 178.93.17.0/24 maxlen: 24 178.93.19.0/24 maxlen: 24 178.93.28.0/24 maxlen: 24 178.93.31.0/24 maxlen: 24 178.93.35.0/24 maxlen: 24 178.93.59.0/24 maxlen: 24 178.93.208.0/24 maxlen: 24 178.93.224.0/24 maxlen: 24 178.93.254.0/24 maxlen: 24 178.94.38.0/24 maxlen: 24 178.94.54.0/24 maxlen: 24 178.94.68.0/24 maxlen: 24 178.94.123.0/24 maxlen: 24 178.95.11.0/24 maxlen: 24 178.95.16.0/24 maxlen: 24 178.95.21.0/24 maxlen: 24 178.95.27.0/24 maxlen: 24 178.95.93.0/24 maxlen: 24 178.95.103.0/24 maxlen: 24 178.95.112.0/24 maxlen: 24 178.95.127.0/24 maxlen: 24 178.95.129.0/24 maxlen: 24 178.95.130.0/24 maxlen: 24 178.95.132.0/24 maxlen: 24 178.95.134.0/24 maxlen: 24 178.95.140.0/22 maxlen: 24 178.95.194.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:4f:2d:0b:31:8a:76:c6:a0:9f:cf:73:7a:86:98:b6:7e:5c:f9:34 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 1 06:49:09 2025 GMT Not After : Nov 30 06:54:09 2026 GMT Subject: CN=6742AB666FDC033CA78F03C17F11025D72A9B753 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:bd:cc:f5:b5:f4:61:bf:b0:44:73:12:52:e6: 1f:45:6c:75:a2:74:c4:db:76:f4:38:c3:90:d1:9e: 08:17:73:40:05:ea:4f:aa:df:2f:03:81:19:6e:37: 08:29:be:c2:7b:d4:64:36:ae:b4:66:07:e8:ee:db: 8e:9d:d1:42:7a:bc:63:8e:cc:8d:b5:15:ba:ed:c8: 2d:b2:b9:72:88:9b:52:6b:db:4b:ad:19:d1:0f:aa: 08:4e:48:62:34:fb:3b:63:23:1e:ed:1a:d6:84:e6: 49:8b:06:5a:24:de:aa:c5:f3:d8:de:78:35:f5:33: 27:c3:fe:fa:14:5b:96:37:f5:87:5f:51:20:09:7b: 79:35:80:6e:bf:0f:d8:e2:b6:b1:78:1d:8b:e5:1b: 8e:00:e5:9f:32:4c:ba:62:c9:12:85:bf:73:a8:fb: 41:fa:42:d0:fd:92:c0:0b:af:09:7f:f6:64:2c:56: 75:fc:ca:59:aa:1a:18:9a:25:09:b8:c6:5b:4e:f5: 4d:c1:a1:a9:ee:37:62:6e:03:83:bd:7c:16:8b:86: 90:09:12:17:d0:cd:27:f3:a1:33:0a:d5:7c:40:6d: 13:1c:22:bf:3c:28:f0:50:57:2b:49:02:8b:21:da: f9:ea:a0:30:d9:d5:b7:9a:50:c9:65:99:c9:3e:20: ed:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:42:AB:66:6F:DC:03:3C:A7:8F:03:C1:7F:11:02:5D:72:A9:B7:53 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS3320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.124.112.0/22 91.124.164.0/22 92.112.10.0/24 95.134.16.0/22 95.134.61.0/24 95.134.112.0/24 95.134.178.0/24 95.134.180.0/24 95.134.192.0/24 95.134.205.0/24 95.134.224.0/22 95.134.233.0/24 95.135.44.0/22 95.135.76.0/22 95.135.88.0/22 95.135.222.0/24 178.92.85.0/24 178.92.88.0/24 178.92.93.0/24 178.92.106.0/24 178.92.172.0/22 178.92.199.0/24 178.92.207.0/24 178.92.248.0/24 178.93.17.0/24 178.93.19.0/24 178.93.28.0/24 178.93.31.0/24 178.93.35.0/24 178.93.59.0/24 178.93.208.0/24 178.93.224.0/24 178.93.254.0/24 178.94.38.0/24 178.94.54.0/24 178.94.68.0/24 178.94.123.0/24 178.95.11.0/24 178.95.16.0/24 178.95.21.0/24 178.95.27.0/24 178.95.93.0/24 178.95.103.0/24 178.95.112.0/24 178.95.127.0/24 178.95.129.0-178.95.130.255 178.95.132.0/24 178.95.134.0/24 178.95.140.0/22 178.95.194.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:5e:96:92:b9:32:29:a4:2d:83:8e:fd:dd:ad:08:de:06:96: ec:aa:4e:c5:dd:7c:7f:19:72:3a:a4:01:db:be:39:f7:ea:e6: 5a:c5:43:eb:ff:ed:fa:ba:5d:49:69:ce:92:98:59:09:e8:67: 4a:a9:ac:58:39:84:03:9d:aa:a3:64:62:f6:18:4b:cd:e0:36: db:97:68:b1:21:82:37:fc:e2:6f:0c:cf:47:7a:09:d6:ba:f4: 69:cf:5f:a6:38:5c:f9:db:d0:7a:ed:ab:27:a3:dd:57:cb:a7: e6:60:62:41:84:07:c7:32:e1:5f:9a:27:55:98:00:25:ec:79: 60:1e:12:20:37:e3:b2:b8:b1:8f:f9:82:69:2b:55:f9:f5:36: a5:d1:f1:07:59:56:0a:7b:ef:16:8d:ad:4e:85:ab:4a:e0:1b: a6:dd:0f:c0:26:2f:1b:66:71:e9:9a:b4:3f:00:28:55:56:b1: 12:bf:6c:5a:65:ff:8b:05:5b:80:87:0c:99:2b:33:61:4c:46: 06:30:5e:a0:f3:bb:25:00:67:ea:27:30:3d:72:d7:8c:dc:dc: 36:54:aa:e7:df:60:88:31:7f:7a:e4:e3:92:34:f0:33:2f:cf: cd:35:90:40:ab:21:e1:98:04:40:f3:2d:f2:c1:02:2c:08:5f: 4f:66:dd:cc -----BEGIN CERTIFICATE----- MIIGNjCCBR6gAwIBAgIUTE8tCzGKdsagn89zeoaYtn5c+TQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMDEwNjQ5MDlaFw0yNjExMzAwNjU0MDlaMDMxMTAvBgNV BAMTKDY3NDJBQjY2NkZEQzAzM0NBNzhGMDNDMTdGMTEwMjVENzJBOUI3NTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClvcz1tfRhv7BEcxJS5h9FbHWi dMTbdvQ4w5DRnggXc0AF6k+q3y8DgRluNwgpvsJ71GQ2rrRmB+ju246d0UJ6vGOO zI21FbrtyC2yuXKIm1Jr20utGdEPqghOSGI0+ztjIx7tGtaE5kmLBlok3qrF89je eDX1MyfD/voUW5Y39YdfUSAJe3k1gG6/D9jitrF4HYvlG44A5Z8yTLpiyRKFv3Oo +0H6QtD9ksALrwl/9mQsVnX8ylmqGhiaJQm4xltO9U3BoanuN2JuA4O9fBaLhpAJ EhfQzSfzoTMK1XxAbRMcIr88KPBQVytJAosh2vnqoDDZ1beaUMllmck+IO11AgMB AAGjggNAMIIDPDAdBgNVHQ4EFgQUZ0KrZm/cAzynjwPBfxECXXKpt1MwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAVUGCCsGAQUFBwEHAQH/BIIBRDCCAUAwggE8BAIAATCC ATQDBAJbfHADBAJbfKQDBABccAoDBAJfhhADBABfhj0DBABfhnADBABfhrIDBABf hrQDBABfhsADBABfhs0DBAJfhuADBABfhukDBAJfhywDBAJfh0wDBAJfh1gDBABf h94DBACyXFUDBACyXFgDBACyXF0DBACyXGoDBAKyXKwDBACyXMcDBACyXM8DBACy XPgDBACyXREDBACyXRMDBACyXRwDBACyXR8DBACyXSMDBACyXTsDBACyXdADBACy XeADBACyXf4DBACyXiYDBACyXjYDBACyXkQDBACyXnsDBACyXwsDBACyXxADBACy XxUDBACyXxsDBACyX10DBACyX2cDBACyX3ADBACyX38wDAMEALJfgQMEALJfggME ALJfhAMEALJfhgMEArJfjAMEALJfwjANBgkqhkiG9w0BAQsFAAOCAQEAi16Wkrky KaQtg4793a0I3gaW7KpOxd18fxlyOqQB27459+rmWsVD6//t+rpdSWnOkphZCehn SqmsWDmEA52qo2Ri9hhLzeA225dosSGCN/zibwzPR3oJ1rr0ac9fpjhc+dvQeu2r J6PdV8un5mBiQYQHxzLhX5onVZgAJex5YB4SIDfjsrixj/mCaStV+fU2pdHxB1lW CnvvFo2tToWrSuAbpt0PwCYvG2Zx6Zq0PwAoVVaxEr9sWmX/iwVbgIcMmSszYUxG BjBeoPO7JQBn6icwPXLXjNzcNlSq599giDF/euTjkjTwMy/PzTWQQKsh4ZgEQPMt 8sECLAhfT2bdzA== -----END CERTIFICATE-----Generated at Fri Dec 5 14:24:25 2025 by rpki-client