This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa File: AS3320.roa (raw, json) Hash identifier: hvzfjXtp+Rvv8+Cj6QKd/BsIhn9Vawv/ttyhsdlkHgs= Subject key identifier: 7F:49:22:91:30:3C:32:B6:89:27:F0:93:9E:03:C0:D1:66:DA:D7:A8 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 460838AAB1822C9ABB205E6FF72DFADFFE541F0F Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa Signing time: Mon 01 Dec 2025 06:55:20 +0000 ROA not before: Mon 01 Dec 2025 06:50:20 +0000 ROA not after: Mon 30 Nov 2026 06:55:20 +0000 asID: 3320 IP address blocks: 140.233.192.0/18 maxlen: 24 140.233.192.0/24 maxlen: 24 143.14.10.0/24 maxlen: 24 143.14.128.0/24 maxlen: 24 143.14.130.0/24 maxlen: 24 143.14.140.0/24 maxlen: 24 143.14.164.0/24 maxlen: 24 143.14.169.0/24 maxlen: 24 143.14.223.0/24 maxlen: 24 143.14.225.0/24 maxlen: 24 143.14.246.0/24 maxlen: 24 147.79.8.0/21 maxlen: 24 147.79.48.0/24 maxlen: 24 147.79.49.0/24 maxlen: 24 147.79.50.0/24 maxlen: 24 147.79.51.0/24 maxlen: 24 150.241.192.0/24 maxlen: 24 150.241.193.0/24 maxlen: 24 150.241.194.0/24 maxlen: 24 150.241.195.0/24 maxlen: 24 155.117.17.0/24 maxlen: 24 155.117.113.0/24 maxlen: 24 155.117.124.0/24 maxlen: 24 155.117.125.0/24 maxlen: 24 155.117.126.0/24 maxlen: 24 155.117.167.0/24 maxlen: 24 155.117.168.0/24 maxlen: 24 155.117.200.0/24 maxlen: 24 155.117.215.0/24 maxlen: 24 155.117.221.0/24 maxlen: 24 155.117.223.0/24 maxlen: 24 162.141.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:08:38:aa:b1:82:2c:9a:bb:20:5e:6f:f7:2d:fa:df:fe:54:1f:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 1 06:50:20 2025 GMT Not After : Nov 30 06:55:20 2026 GMT Subject: CN=7F492291303C32B68927F0939E03C0D166DAD7A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:11:d1:90:47:41:fc:38:da:da:31:84:6c:d6: f8:67:e9:91:33:72:e6:77:f6:01:d2:56:7e:52:1c: 2e:e2:77:88:22:57:b6:db:8d:c4:e5:cd:36:de:a0: 7e:5b:51:47:cf:d9:fe:93:59:a2:2f:21:9f:b2:6d: e2:7f:84:d5:f4:84:37:82:90:ff:a0:9d:d8:07:34: 28:99:b1:de:5a:1c:12:33:2c:fb:37:5a:78:1f:81: 37:cd:90:c3:8a:01:70:1a:1e:24:2d:a2:35:9d:6a: 7f:23:18:26:95:a4:57:2d:77:18:da:50:f3:34:fc: 26:84:1a:39:c3:91:d6:f8:50:86:92:55:21:24:80: 51:5e:ce:3d:ae:17:1b:e5:ac:1b:01:64:9a:ba:84: 45:1a:07:e2:82:db:36:72:a5:fe:ed:4c:14:3c:f4: 12:54:f0:fc:87:df:17:e0:42:75:30:47:96:11:4e: da:a2:ce:53:b4:2a:57:46:0b:3c:37:70:82:cb:88: 3c:23:f2:fc:dc:d0:dc:d5:c6:7a:bb:93:eb:85:7e: ae:b2:d2:dc:de:42:e7:5b:09:9d:55:11:51:8c:97: 01:e9:9a:60:f1:8f:ac:99:d8:b6:7b:17:44:d3:e3: ce:d1:17:1e:f8:eb:41:45:07:cc:31:50:e4:6d:81: 38:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7F:49:22:91:30:3C:32:B6:89:27:F0:93:9E:03:C0:D1:66:DA:D7:A8 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS3320.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.233.192.0/18 143.14.10.0/24 143.14.128.0/24 143.14.130.0/24 143.14.140.0/24 143.14.164.0/24 143.14.169.0/24 143.14.223.0/24 143.14.225.0/24 143.14.246.0/24 147.79.8.0/21 147.79.48.0/22 150.241.192.0/22 155.117.17.0/24 155.117.113.0/24 155.117.124.0-155.117.126.255 155.117.167.0-155.117.168.255 155.117.200.0/24 155.117.215.0/24 155.117.221.0/24 155.117.223.0/24 162.141.158.0/24 Signature Algorithm: sha256WithRSAEncryption b4:94:a1:cf:0a:10:35:ae:e4:8a:ba:26:6c:71:23:55:b1:94: c2:91:b6:06:59:49:dc:d7:68:21:04:bc:b1:78:df:bd:b1:ad: 38:c4:58:d4:b5:57:d4:5f:8d:b2:22:63:be:a7:12:29:c0:26: 3f:a3:5e:74:ed:a8:fb:65:bb:8e:47:2a:8d:c8:1e:03:21:93: 8b:a0:f4:47:4b:75:31:2b:19:fc:57:ef:cc:71:f0:4a:e0:9a: 74:fb:0b:3f:bc:2e:e1:bf:01:17:71:77:30:1d:de:6f:1b:ea: b3:12:b6:4b:5b:d0:3f:d6:16:bb:0b:40:9c:a4:37:24:1f:25: ee:00:6b:1a:49:7c:7f:2e:c6:23:46:fb:3a:d1:7c:e5:96:08: 78:c7:97:c9:dd:6a:7b:9a:ee:3c:83:f8:33:20:6d:84:53:0a: 63:ae:dc:81:49:87:b4:fd:fb:3c:b5:7f:6a:9b:ba:c6:fd:27: 75:ef:df:63:14:f7:19:2f:ca:5a:da:5a:c1:7f:2c:40:c1:4b: 07:4f:3f:d0:22:02:c8:77:7f:f4:9f:04:c1:e2:c2:e8:ff:70: 8d:e5:a4:8a:86:04:c9:92:bf:2d:e2:34:ed:e0:fc:94:87:f4: ff:a4:90:a9:50:cd:7d:51:ed:d6:d0:74:96:16:42:4b:a8:ef: 24:c1:b9:ae -----BEGIN CERTIFICATE----- MIIFkTCCBHmgAwIBAgIURgg4qrGCLJq7IF5v9y363/5UHw8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDEwNjUwMjBaFw0yNjExMzAwNjU1MjBaMDMxMTAvBgNV BAMTKDdGNDkyMjkxMzAzQzMyQjY4OTI3RjA5MzlFMDNDMEQxNjZEQUQ3QTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaEdGQR0H8ONraMYRs1vhn6ZEz cuZ39gHSVn5SHC7id4giV7bbjcTlzTbeoH5bUUfP2f6TWaIvIZ+ybeJ/hNX0hDeC kP+gndgHNCiZsd5aHBIzLPs3WngfgTfNkMOKAXAaHiQtojWdan8jGCaVpFctdxja UPM0/CaEGjnDkdb4UIaSVSEkgFFezj2uFxvlrBsBZJq6hEUaB+KC2zZypf7tTBQ8 9BJU8PyH3xfgQnUwR5YRTtqizlO0KldGCzw3cILLiDwj8vzc0NzVxnq7k+uFfq6y 0tzeQudbCZ1VEVGMlwHpmmDxj6yZ2LZ7F0TT487RFx7460FFB8wxUORtgTjrAgMB AAGjggKbMIIClzAdBgNVHQ4EFgQUf0kikTA8MraJJ/CTngPA0Wba16gwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzMyMC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCBsQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQG jOnAAwQAjw4KAwQAjw6AAwQAjw6CAwQAjw6MAwQAjw6kAwQAjw6pAwQAjw7fAwQA jw7hAwQAjw72AwQDk08IAwQCk08wAwQClvHAAwQAm3URAwQAm3VxMAwDBAKbdXwD BACbdX4wDAMEAJt1pwMEAJt1qAMEAJt1yAMEAJt11wMEAJt13QMEAJt13wMEAKKN njANBgkqhkiG9w0BAQsFAAOCAQEAtJShzwoQNa7kirombHEjVbGUwpG2BllJ3Ndo IQS8sXjfvbGtOMRY1LVX1F+NsiJjvqcSKcAmP6NedO2o+2W7jkcqjcgeAyGTi6D0 R0t1MSsZ/FfvzHHwSuCadPsLP7wu4b8BF3F3MB3ebxvqsxK2S1vQP9YWuwtAnKQ3 JB8l7gBrGkl8fy7GI0b7OtF85ZYIeMeXyd1qe5ruPIP4MyBthFMKY67cgUmHtP37 PLV/apu6xv0nde/fYxT3GS/KWtpawX8sQMFLB08/0CICyHd/9J8EweLC6P9wjeWk ioYEyZK/LeI07eD8lIf0/6SQqVDNfVHt1tB0lhZCS6jvJMG5rg== -----END CERTIFICATE-----Generated at Sat Dec 6 12:48:34 2025 by rpki-client