This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: apC0lcvb5qBF2YlBgtaSP0t5/Or6Nfio11QW3NIBNkA= Subject key identifier: 7A:EF:93:10:17:0C:C4:28:44:85:4E:2A:56:14:FC:F7:6D:28:58:8D Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 61ED4DC67EB9DA2D6443AFA9FC075D64680406EA Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa Signing time: Sat 13 Dec 2025 07:58:07 +0000 ROA not before: Sat 13 Dec 2025 07:53:07 +0000 ROA not after: Sat 12 Dec 2026 07:58:07 +0000 asID: 214025 IP address blocks: 96.62.115.0/24 maxlen: 24 146.103.37.0/24 maxlen: 24 148.135.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:ed:4d:c6:7e:b9:da:2d:64:43:af:a9:fc:07:5d:64:68:04:06:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 13 07:53:07 2025 GMT Not After : Dec 12 07:58:07 2026 GMT Subject: CN=7AEF9310170CC42844854E2A5614FCF76D28588D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:05:95:fe:be:ff:96:c9:a3:70:1b:d3:c9:f6: 15:2a:d3:52:92:c9:84:75:1a:24:91:a6:76:85:09: 92:c0:e3:e4:a2:d8:c9:d0:53:59:79:40:52:c2:0f: 21:56:7c:2d:37:ab:85:76:ea:3b:8c:e3:53:d8:8a: cc:42:50:f9:37:90:db:6e:a1:76:40:37:fb:66:cb: 36:f6:2f:e8:69:6c:0f:67:6c:e9:16:da:c5:7f:5c: b6:7e:b5:59:ff:64:c3:1a:c6:e1:f1:a5:66:94:be: 25:ae:46:80:b0:a7:07:8f:76:0c:38:2f:c2:93:a7: f3:9c:b8:79:e4:62:78:ca:1e:e8:fe:5f:0c:88:cc: 60:6b:58:7a:67:c0:ae:72:31:9e:26:47:6c:8f:eb: 33:13:b7:11:2b:d9:60:1d:5a:34:ea:3a:96:5e:0b: 25:71:46:35:44:7b:75:67:7e:34:73:cc:b5:21:3a: 78:46:82:8d:51:c5:c0:5f:a7:b1:b3:46:06:f8:f2: 9d:d2:37:ff:84:b1:61:47:7e:c0:22:7e:92:70:fa: c0:24:fa:10:12:31:75:31:ce:1a:81:4c:7d:a4:3f: ef:02:e2:f2:3a:60:e2:ed:51:cc:0e:70:29:03:36: 01:3b:36:af:f8:94:16:45:5e:21:5d:eb:22:91:47: d3:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:EF:93:10:17:0C:C4:28:44:85:4E:2A:56:14:FC:F7:6D:28:58:8D X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.115.0/24 146.103.37.0/24 148.135.255.0/24 Signature Algorithm: sha256WithRSAEncryption af:9f:4d:7b:b6:96:8e:a1:7b:6c:07:24:b5:8b:3b:a4:8c:3c: 05:5e:a5:9d:ac:3d:5a:05:ff:3a:fd:81:66:b4:43:12:2c:7c: d8:43:cc:36:bc:a7:9a:ba:5b:46:ee:88:7d:46:08:53:18:5b: 4f:3a:64:ea:f5:6b:7a:26:77:72:48:7b:92:bd:e8:28:10:8d: 01:38:5b:97:3b:b9:c9:c9:ff:c7:ea:9d:12:da:b7:eb:96:3b: 65:6b:e3:9f:41:aa:ea:82:a5:38:2e:b0:63:93:18:3c:1a:39: 14:b4:82:eb:5f:04:7b:f2:49:eb:fa:85:f8:a8:74:23:84:f1: 81:03:24:8d:78:6d:a7:d5:4e:88:f4:f5:57:c4:0f:fa:ce:2e: 09:da:34:70:16:b7:02:9c:2c:6f:bc:da:8e:92:09:cf:86:80: 35:17:b9:29:3c:1b:95:46:c9:7a:aa:58:b7:6a:76:f4:31:72: fb:a8:de:e1:12:11:71:c3:da:88:86:54:ba:a0:71:5d:39:2b: d1:b5:94:47:26:bc:d9:a8:1e:b4:52:ec:b3:02:9b:a5:1a:da: 9d:e5:c0:8d:c2:63:72:b1:a5:17:b1:98:6a:5d:10:9d:73:f7: d8:d4:0e:95:b8:f8:6a:8b:5b:7d:45:8a:32:15:18:19:87:b6: d7:1e:8c:92 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUYe1Nxn652i1kQ6+p/AddZGgEBuowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMTMwNzUzMDdaFw0yNjEyMTIwNzU4MDdaMDMxMTAvBgNV BAMTKDdBRUY5MzEwMTcwQ0M0Mjg0NDg1NEUyQTU2MTRGQ0Y3NkQyODU4OEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeBZX+vv+WyaNwG9PJ9hUq01KS yYR1GiSRpnaFCZLA4+Si2MnQU1l5QFLCDyFWfC03q4V26juM41PYisxCUPk3kNtu oXZAN/tmyzb2L+hpbA9nbOkW2sV/XLZ+tVn/ZMMaxuHxpWaUviWuRoCwpwePdgw4 L8KTp/OcuHnkYnjKHuj+XwyIzGBrWHpnwK5yMZ4mR2yP6zMTtxEr2WAdWjTqOpZe CyVxRjVEe3VnfjRzzLUhOnhGgo1RxcBfp7GzRgb48p3SN/+EsWFHfsAifpJw+sAk +hASMXUxzhqBTH2kP+8C4vI6YOLtUcwOcCkDNgE7Nq/4lBZFXiFd6yKRR9PDAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUeu+TEBcMxChEhU4qVhT8920oWI0wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAYD5z AwQAkmclAwQAlIf/MA0GCSqGSIb3DQEBCwUAA4IBAQCvn017tpaOoXtsByS1izuk jDwFXqWdrD1aBf86/YFmtEMSLHzYQ8w2vKeaultG7oh9RghTGFtPOmTq9Wt6Jndy SHuSvegoEI0BOFuXO7nJyf/H6p0S2rfrljtla+OfQarqgqU4LrBjkxg8GjkUtILr XwR78knr+oX4qHQjhPGBAySNeG2n1U6I9PVXxA/6zi4J2jRwFrcCnCxvvNqOkgnP hoA1F7kpPBuVRsl6qli3anb0MXL7qN7hEhFxw9qIhlS6oHFdOSvRtZRHJrzZqB60 UuyzApulGtqd5cCNwmNysaUXsZhqXRCdc/fY1A6VuPhqi1t9RYoyFRgZh7bXHoyS -----END CERTIFICATE-----Generated at Thu Dec 18 09:54:30 2025 by rpki-client