This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: FqGiyIX/w2q23xvxQalz6f4NFkQfGG5TLHZxxG09oeg= Subject key identifier: 0C:EB:B0:57:AC:ED:62:74:98:42:4D:70:14:B4:32:62:69:76:01:E5 Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Certificate serial: 29E7E10371E3697D88E251DF01F1987E816DCEA6 Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS25198.roa Signing time: Mon 08 Dec 2025 12:14:37 +0000 ROA not before: Mon 08 Dec 2025 12:09:37 +0000 ROA not after: Mon 07 Dec 2026 12:14:37 +0000 asID: 25198 IP address blocks: 46.236.254.0/24 maxlen: 24 46.236.255.0/24 maxlen: 24 82.139.194.0/24 maxlen: 24 82.139.233.0/24 maxlen: 24 82.139.248.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 13:06:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:e7:e1:03:71:e3:69:7d:88:e2:51:df:01:f1:98:7e:81:6d:ce:a6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Validity Not Before: Dec 8 12:09:37 2025 GMT Not After : Dec 7 12:14:37 2026 GMT Subject: CN=0CEBB057ACED627498424D7014B43262697601E5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:33:d8:86:2f:68:6d:18:0b:ca:9f:a2:74:8e: 51:d0:9a:8f:be:0b:1c:43:77:77:7f:f9:cc:e2:1b: 98:18:17:a7:07:51:fc:3f:17:f4:9f:cc:fc:8a:f7: 67:c1:a3:40:90:30:91:31:b1:58:56:84:6a:5a:06: a4:82:c2:e9:2a:e6:0d:9e:6d:76:06:34:ed:8c:cd: ee:62:ba:3e:ec:32:a1:91:42:f6:54:fb:ed:e7:df: da:53:e9:43:1f:41:d0:73:33:8c:19:4e:26:45:aa: 2d:06:01:5b:e2:f5:4c:a0:9a:eb:5c:4b:44:0a:62: 6d:36:5b:4f:ad:71:bb:9a:4c:5e:64:32:c1:1a:c2: ef:36:28:da:77:c2:a9:76:8c:db:46:43:f3:d6:88: 0d:af:5a:90:68:e4:03:ee:97:6f:c4:82:aa:1d:ea: ab:73:36:35:7f:38:83:67:4d:b4:6b:47:2f:8d:3d: 79:85:fa:0d:75:d7:74:62:b7:21:29:ef:7d:25:19: d7:96:0d:0e:f1:66:1c:80:1b:f8:f2:65:6b:17:60: b9:8f:9c:9f:9e:20:85:12:87:74:70:00:40:53:24: 41:5e:8e:41:d6:20:4d:89:d2:e6:6c:02:ee:f1:8f: 32:52:a4:39:48:ac:65:98:7a:03:a6:50:e5:38:93: 96:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:EB:B0:57:AC:ED:62:74:98:42:4D:70:14:B4:32:62:69:76:01:E5 X509v3 Authority Key Identifier: keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.236.254.0/23 82.139.194.0/24 82.139.233.0/24 82.139.248.0/24 Signature Algorithm: sha256WithRSAEncryption 53:dd:dd:77:4f:c9:56:53:94:f3:cc:b3:bc:14:38:17:5d:28: 09:ed:ee:39:6b:4a:0f:38:ea:89:de:4f:03:29:6f:35:4d:90: 8e:ad:1b:21:2b:d3:8d:80:c7:77:64:9f:a8:a7:05:00:5c:eb: a1:81:56:cf:27:85:1d:2a:b1:2c:88:78:67:ee:5d:c7:f0:4e: 75:6a:ba:86:88:b1:f2:73:cf:30:12:d6:60:04:83:8b:e6:d2: b5:12:85:7c:48:f8:bc:80:55:e0:5a:c4:66:1d:a2:29:09:ac: 21:b2:91:82:1d:8f:50:46:ea:4b:aa:57:1a:69:fc:b8:79:01: ac:53:7f:b4:b7:e7:52:26:57:8e:61:d3:05:0f:f2:aa:95:89: 1f:3f:17:9d:75:32:70:ae:f6:f1:92:30:60:16:91:71:8d:f8: a7:16:70:b8:2b:33:4a:9e:88:68:21:ee:06:b9:35:27:ad:9b: bc:c7:81:c3:99:44:97:e5:4f:f6:4c:ef:cf:6a:dd:7e:61:95: 17:46:b9:11:7a:77:b7:ec:5a:6c:1a:0e:cc:58:13:a1:9b:21: 96:d8:6b:00:bc:1c:f5:5c:5d:d5:b5:f6:75:9f:4a:db:84:eb: 66:92:59:98:58:05:5c:02:0b:84:75:36:46:a6:33:8a:2e:a2: b3:72:d9:64 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIUKefhA3HjaX2I4lHfAfGYfoFtzqYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx ZWUyOGExYjAeFw0yNTEyMDgxMjA5MzdaFw0yNjEyMDcxMjE0MzdaMDMxMTAvBgNV BAMTKDBDRUJCMDU3QUNFRDYyNzQ5ODQyNEQ3MDE0QjQzMjYyNjk3NjAxRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/M9iGL2htGAvKn6J0jlHQmo++ CxxDd3d/+cziG5gYF6cHUfw/F/SfzPyK92fBo0CQMJExsVhWhGpaBqSCwukq5g2e bXYGNO2Mze5iuj7sMqGRQvZU++3n39pT6UMfQdBzM4wZTiZFqi0GAVvi9Uygmutc S0QKYm02W0+tcbuaTF5kMsEawu82KNp3wql2jNtGQ/PWiA2vWpBo5APul2/Egqod 6qtzNjV/OINnTbRrRy+NPXmF+g1113RityEp730lGdeWDQ7xZhyAG/jyZWsXYLmP nJ+eIIUSh3RwAEBTJEFejkHWIE2J0uZsAu7xjzJSpDlIrGWYegOmUOU4k5apAgMB AAGjggIbMIICFzAdBgNVHQ4EFgQUDOuwV6ztYnSYQk1wFLQyYml2AeUwHwYDVR0j BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1 NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3 aWlocy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAEu7P4D BABSi8IDBABSi+kDBABSi/gwDQYJKoZIhvcNAQELBQADggEBAFPd3XdPyVZTlPPM s7wUOBddKAnt7jlrSg846oneTwMpbzVNkI6tGyEr042Ax3dkn6inBQBc66GBVs8n hR0qsSyIeGfuXcfwTnVquoaIsfJzzzAS1mAEg4vm0rUShXxI+LyAVeBaxGYdoikJ rCGykYIdj1BG6kuqVxpp/Lh5AaxTf7S351ImV45h0wUP8qqViR8/F511MnCu9vGS MGAWkXGN+KcWcLgrM0qeiGgh7ga5NSetm7zHgcOZRJflT/ZM789q3X5hlRdGuRF6 d7fsWmwaDsxYE6GbIZbYawC8HPVcXdW19nWfStuE62aSWZhYBVwCC4R1NkamM4ou orNy2WQ= -----END CERTIFICATE-----Generated at Fri Dec 19 21:20:41 2025 by rpki-client