This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa File: AS3320.roa (raw, json) Hash identifier: sLdlOa1Y9S221ggutZwcpqqaYmAuTMlY7OZBliRI17Q= Subject key identifier: 00:12:35:D1:6E:06:46:2D:2E:D5:59:20:F7:65:4A:20:D9:99:AE:11 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 7CA8C3E54B59D5085273BB8D0FEB015D96EA0E8C Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa Signing time: Tue 20 Jan 2026 22:49:33 +0000 ROA not before: Tue 20 Jan 2026 22:44:33 +0000 ROA not after: Tue 19 Jan 2027 22:49:33 +0000 asID: 3320 IP address blocks: 140.233.192.0/18 maxlen: 24 140.233.192.0/24 maxlen: 24 143.14.10.0/24 maxlen: 24 143.14.128.0/24 maxlen: 24 143.14.130.0/24 maxlen: 24 143.14.140.0/24 maxlen: 24 143.14.164.0/24 maxlen: 24 143.14.169.0/24 maxlen: 24 143.14.223.0/24 maxlen: 24 143.14.225.0/24 maxlen: 24 143.14.246.0/24 maxlen: 24 147.79.48.0/24 maxlen: 24 147.79.49.0/24 maxlen: 24 147.79.50.0/24 maxlen: 24 147.79.51.0/24 maxlen: 24 150.241.192.0/24 maxlen: 24 150.241.193.0/24 maxlen: 24 150.241.194.0/24 maxlen: 24 150.241.195.0/24 maxlen: 24 155.117.17.0/24 maxlen: 24 155.117.113.0/24 maxlen: 24 155.117.124.0/24 maxlen: 24 155.117.125.0/24 maxlen: 24 155.117.126.0/24 maxlen: 24 155.117.167.0/24 maxlen: 24 155.117.168.0/24 maxlen: 24 155.117.200.0/24 maxlen: 24 155.117.215.0/24 maxlen: 24 155.117.221.0/24 maxlen: 24 155.117.223.0/24 maxlen: 24 162.141.158.0/24 maxlen: 24 167.148.119.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:a8:c3:e5:4b:59:d5:08:52:73:bb:8d:0f:eb:01:5d:96:ea:0e:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 20 22:44:33 2026 GMT Not After : Jan 19 22:49:33 2027 GMT Subject: CN=001235D16E06462D2ED55920F7654A20D999AE11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:8f:06:1e:8f:a0:c6:ac:8a:17:8c:0a:f8:ed: ec:55:8d:05:4b:82:ae:f0:b9:ad:32:02:32:86:cc: 10:49:0b:f8:cc:c6:64:3d:40:9c:ae:6c:29:17:ed: 26:91:18:23:48:0f:f4:13:be:76:b7:b1:48:74:95: ab:a5:34:91:34:c9:67:9c:d9:8c:8f:65:f0:cf:76: 44:33:61:19:29:2f:94:45:61:03:d2:b7:8c:fa:6e: f9:2a:a8:26:0a:16:0c:5f:fe:ed:bf:13:64:79:f1: a9:eb:75:c7:8c:4f:b6:97:c9:42:4f:f2:f2:27:d4: 69:2c:f8:31:30:cf:b7:30:98:f4:fe:5d:ac:e0:a1: 28:47:f7:cd:59:50:e0:01:97:82:f0:09:fc:b0:4c: 83:1a:be:e6:12:2a:90:7e:68:7e:c2:53:87:e9:35: a3:c1:eb:1a:84:a4:f0:44:9b:4b:0f:e7:0d:9a:30: 7e:c2:2a:ed:2c:58:dd:cd:84:a6:89:24:7c:5d:89: aa:8f:3f:8a:dc:31:62:fc:03:22:4b:bb:d1:6c:19: 0b:db:10:5f:13:d4:39:e0:cc:bf:34:28:09:2a:11: d7:e3:97:49:95:91:db:4d:b3:57:91:7c:ec:96:78: eb:02:cf:eb:d9:ce:5d:8c:78:30:8b:54:fd:9a:1c: 10:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:12:35:D1:6E:06:46:2D:2E:D5:59:20:F7:65:4A:20:D9:99:AE:11 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.233.192.0/18 143.14.10.0/24 143.14.128.0/24 143.14.130.0/24 143.14.140.0/24 143.14.164.0/24 143.14.169.0/24 143.14.223.0/24 143.14.225.0/24 143.14.246.0/24 147.79.48.0/22 150.241.192.0/22 155.117.17.0/24 155.117.113.0/24 155.117.124.0-155.117.126.255 155.117.167.0-155.117.168.255 155.117.200.0/24 155.117.215.0/24 155.117.221.0/24 155.117.223.0/24 162.141.158.0/24 167.148.119.0/24 Signature Algorithm: sha256WithRSAEncryption b0:69:ea:07:c2:91:36:d4:d0:85:b9:15:5a:e4:84:17:bf:31: ad:1e:10:b3:ae:f2:54:88:17:70:f5:9c:0c:5a:c4:99:26:19: e5:2e:91:6e:2f:b0:40:75:12:e9:b1:18:fa:52:12:92:d7:3f: 87:d3:5a:9e:95:1f:58:b6:28:a7:db:7d:fb:77:a1:ce:15:41: 53:8d:77:0f:fc:c8:40:70:db:98:80:d3:94:e8:a9:dc:13:ca: 03:f8:aa:bb:66:fa:05:1a:4b:38:c5:c9:a4:42:5c:2a:43:00: 1f:e9:56:08:cb:4d:e6:2e:70:c2:3a:b7:7a:7f:7c:18:78:6b: f3:3f:bb:a2:38:e9:1a:e4:33:df:e5:72:ad:59:50:91:3a:ce: 9c:1a:b3:29:be:8a:d9:3b:fb:73:42:d9:e0:df:82:59:01:e8: 85:ab:9f:de:00:39:f8:83:1e:65:2d:0e:ff:07:ea:6b:76:8e: 7c:a3:49:1f:85:e2:f2:99:71:b5:52:18:78:eb:d4:96:6f:25: fb:23:c1:70:00:58:35:0b:9b:d9:98:9a:2a:09:5c:5e:ae:18: 47:1a:e7:53:05:5f:b0:8f:ee:49:e4:8c:bb:16:02:bd:e2:c2: 00:72:cb:7d:d5:77:24:52:0e:9a:3f:a8:e0:e4:0d:3a:1e:58: 69:90:e6:06 -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgIUfKjD5UtZ1QhSc7uND+sBXZbqDowwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMjAyMjQ0MzNaFw0yNzAxMTkyMjQ5MzNaMDMxMTAvBgNV BAMTKDAwMTIzNUQxNkUwNjQ2MkQyRUQ1NTkyMEY3NjU0QTIwRDk5OUFFMTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbjwYej6DGrIoXjAr47exVjQVL gq7wua0yAjKGzBBJC/jMxmQ9QJyubCkX7SaRGCNID/QTvna3sUh0laulNJE0yWec 2YyPZfDPdkQzYRkpL5RFYQPSt4z6bvkqqCYKFgxf/u2/E2R58anrdceMT7aXyUJP 8vIn1Gks+DEwz7cwmPT+XazgoShH981ZUOABl4LwCfywTIMavuYSKpB+aH7CU4fp NaPB6xqEpPBEm0sP5w2aMH7CKu0sWN3NhKaJJHxdiaqPP4rcMWL8AyJLu9FsGQvb EF8T1DngzL80KAkqEdfjl0mVkdtNs1eRfOyWeOsCz+vZzl2MeDCLVP2aHBDvAgMB AAGjggKbMIIClzAdBgNVHQ4EFgQUABI10W4GRi0u1Vkg92VKINmZrhEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQG jOnAAwQAjw4KAwQAjw6AAwQAjw6CAwQAjw6MAwQAjw6kAwQAjw6pAwQAjw7fAwQA jw7hAwQAjw72AwQCk08wAwQClvHAAwQAm3URAwQAm3VxMAwDBAKbdXwDBACbdX4w DAMEAJt1pwMEAJt1qAMEAJt1yAMEAJt11wMEAJt13QMEAJt13wMEAKKNngMEAKeU dzANBgkqhkiG9w0BAQsFAAOCAQEAsGnqB8KRNtTQhbkVWuSEF78xrR4Qs67yVIgX cPWcDFrEmSYZ5S6Rbi+wQHUS6bEY+lISktc/h9NanpUfWLYop9t9+3ehzhVBU413 D/zIQHDbmIDTlOip3BPKA/iqu2b6BRpLOMXJpEJcKkMAH+lWCMtN5i5wwjq3en98 GHhr8z+7ojjpGuQz3+VyrVlQkTrOnBqzKb6K2Tv7c0LZ4N+CWQHohauf3gA5+IMe ZS0O/wfqa3aOfKNJH4Xi8plxtVIYeOvUlm8l+yPBcABYNQub2ZiaKglcXq4YRxrn UwVfsI/uSeSMuxYCveLCAHLLfdV3JFIOmj+o4OQNOh5YaZDmBg== -----END CERTIFICATE-----Generated at Sun Jan 25 10:34:18 2026 by rpki-client