This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa File: AS215152.roa (raw, json) Hash identifier: Wvco1AtXk4IK5wITJyzBki6v9/TvwAf2rHYP+fzgKwU= Subject key identifier: 33:F7:14:4F:07:FB:DA:D3:AA:93:53:F7:D4:C6:B3:AF:A5:89:52:E6 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 0BCA73A84112100EAAF17F5382D007D3F129A21A Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa Signing time: Thu 11 Dec 2025 04:11:03 +0000 ROA not before: Thu 11 Dec 2025 04:06:03 +0000 ROA not after: Thu 10 Dec 2026 04:11:03 +0000 asID: 215152 IP address blocks: 150.241.254.0/24 maxlen: 24 168.222.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:ca:73:a8:41:12:10:0e:aa:f1:7f:53:82:d0:07:d3:f1:29:a2:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 11 04:06:03 2025 GMT Not After : Dec 10 04:11:03 2026 GMT Subject: CN=33F7144F07FBDAD3AA9353F7D4C6B3AFA58952E6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:e0:41:a9:46:40:1e:14:61:ea:f0:31:8b:9e: 0d:8c:9d:b6:cd:74:7c:88:b9:ec:b6:c7:88:9c:4b: a4:a0:55:10:87:17:e9:24:8f:1e:aa:a9:e1:5e:d0: 75:7f:c7:37:45:2b:8c:b3:2a:71:7f:7c:dd:61:2e: 0e:e5:38:42:fe:41:79:70:cb:3b:8d:f6:ad:53:96: 23:38:93:d4:d7:15:cd:67:f1:0d:92:64:18:35:0c: 9f:54:65:4a:76:5e:fa:74:4a:f3:90:1d:d9:7f:29: 9f:35:06:f8:f7:b0:c7:6d:5c:21:fc:8b:1f:c8:77: 98:ab:80:79:40:8f:58:d9:4d:bb:29:88:c4:28:c1: ad:db:22:1a:3a:c8:7b:10:76:88:82:9a:0f:eb:a0: 5e:77:fb:4b:a1:6f:a3:01:1e:d2:d5:bd:3b:5c:9e: ea:f0:d3:36:6e:3c:87:6d:8e:27:dd:d1:22:03:0c: e3:a3:cd:73:15:02:f7:a7:e7:06:9a:a6:7b:91:ba: d8:d1:7d:81:e2:68:b6:fa:e5:b0:23:05:fe:f7:49: af:9f:c3:15:3b:ae:c1:19:db:77:b1:51:70:d9:83: 9c:02:0b:ab:46:48:f2:cf:c1:a3:65:91:4e:07:cb: 1c:a2:a4:b3:bb:67:e7:21:f7:f6:c1:4b:53:c1:db: d0:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:F7:14:4F:07:FB:DA:D3:AA:93:53:F7:D4:C6:B3:AF:A5:89:52:E6 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 150.241.254.0/24 168.222.13.0/24 Signature Algorithm: sha256WithRSAEncryption a1:92:59:e3:59:54:95:ac:e0:fa:ec:88:f6:b0:6e:c7:6e:e3: 4c:80:dc:d6:44:b5:0a:b7:57:61:4d:cd:a5:09:20:dc:cc:df: 0c:5d:54:22:20:cc:b3:ec:03:1f:58:dd:ec:a6:c5:9d:ee:f9: d4:b7:a9:3b:5a:52:c5:e8:ff:3d:15:74:c9:3a:57:af:04:41: aa:3e:14:70:66:8d:2a:3d:be:c6:c7:5d:4f:ae:e3:f9:65:70: 73:f5:f0:67:0e:26:2b:58:ee:51:bc:07:b4:56:e5:ab:dc:e3: 4c:6c:c9:42:8c:3d:1d:7d:97:f7:f0:56:2a:e5:df:4b:94:56: 77:53:9c:a2:46:2a:b3:3b:c6:c2:ee:b5:37:2f:1a:15:14:96: 0a:66:15:81:97:bc:8a:2f:6a:9d:80:b7:13:ae:9b:e8:d9:30: a6:c9:ca:1b:13:34:55:ae:54:2a:18:3b:a7:42:00:2c:53:dc: 3b:49:a8:62:92:bf:fc:a5:c3:f5:94:4a:2d:66:c3:65:05:0a: 87:fb:c5:67:40:ee:d8:7c:be:25:58:f0:77:71:a8:d1:d3:2a: d9:28:e2:a4:21:73:c4:8a:eb:b4:42:21:a4:ea:88:f6:4f:3b: f5:3d:51:75:b3:14:4b:61:34:f7:0a:fa:42:d8:d0:7a:d3:69: a2:d9:4b:fb -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUC8pzqEESEA6q8X9TgtAH0/EpohowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMTEwNDA2MDNaFw0yNjEyMTAwNDExMDNaMDMxMTAvBgNV BAMTKDMzRjcxNDRGMDdGQkRBRDNBQTkzNTNGN0Q0QzZCM0FGQTU4OTUyRTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw4EGpRkAeFGHq8DGLng2MnbbN dHyIuey2x4icS6SgVRCHF+kkjx6qqeFe0HV/xzdFK4yzKnF/fN1hLg7lOEL+QXlw yzuN9q1TliM4k9TXFc1n8Q2SZBg1DJ9UZUp2Xvp0SvOQHdl/KZ81Bvj3sMdtXCH8 ix/Id5irgHlAj1jZTbspiMQowa3bIho6yHsQdoiCmg/roF53+0uhb6MBHtLVvTtc nurw0zZuPIdtjifd0SIDDOOjzXMVAven5waapnuRutjRfYHiaLb65bAjBf73Sa+f wxU7rsEZ23exUXDZg5wCC6tGSPLPwaNlkU4HyxyipLO7Z+ch9/bBS1PB29C3AgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUM/cUTwf72tOqk1P31Mazr6WJUuYwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlvH+ AwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IBAQChklnjWVSVrOD67Ij2sG7HbuNMgNzW RLUKt1dhTc2lCSDczN8MXVQiIMyz7AMfWN3spsWd7vnUt6k7WlLF6P89FXTJOlev BEGqPhRwZo0qPb7Gx11PruP5ZXBz9fBnDiYrWO5RvAe0VuWr3ONMbMlCjD0dfZf3 8FYq5d9LlFZ3U5yiRiqzO8bC7rU3LxoVFJYKZhWBl7yKL2qdgLcTrpvo2TCmycob EzRVrlQqGDunQgAsU9w7Sahikr/8pcP1lEotZsNlBQqH+8VnQO7YfL4lWPB3cajR 0yrZKOKkIXPEiuu0QiGk6oj2Tzv1PVF1sxRLYTT3CvpC2NB602mi2Uv7 -----END CERTIFICATE-----Generated at Fri Dec 19 21:20:44 2025 by rpki-client