This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: LHgqYdZH32fgBrUpuF6Ip+ppTGXXgd4A7vaShWcRjwM= Subject key identifier: 9E:FC:EF:43:CA:C3:02:6E:C2:7E:BD:97:14:82:A0:FA:99:EF:BB:A3 Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Certificate serial: 1F12D1139738A188203269789227664B7D25B693 Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa Signing time: Fri 19 Dec 2025 11:17:06 +0000 ROA not before: Fri 19 Dec 2025 11:12:06 +0000 ROA not after: Fri 18 Dec 2026 11:17:06 +0000 asID: 834 IP address blocks: 46.236.192.0/24 maxlen: 24 46.236.209.0/24 maxlen: 24 46.236.210.0/24 maxlen: 24 46.236.212.0/23 maxlen: 24 46.236.214.0/24 maxlen: 24 46.236.217.0/24 maxlen: 24 46.236.223.0/24 maxlen: 24 46.236.252.0/24 maxlen: 24 82.139.192.0/24 maxlen: 24 82.139.204.0/24 maxlen: 24 82.139.208.0/22 maxlen: 24 82.139.212.0/23 maxlen: 24 82.139.215.0/24 maxlen: 24 82.139.218.0/23 maxlen: 24 82.139.221.0/24 maxlen: 24 82.139.224.0/24 maxlen: 24 82.139.227.0/24 maxlen: 24 82.139.228.0/23 maxlen: 24 82.139.232.0/24 maxlen: 24 82.139.234.0/24 maxlen: 24 82.139.236.0/24 maxlen: 24 82.139.240.0/23 maxlen: 24 82.139.249.0/24 maxlen: 24 212.60.147.0/24 maxlen: 24 212.60.149.0/24 maxlen: 24 212.60.155.0/24 maxlen: 24 212.60.157.0/24 maxlen: 24 212.60.159.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 06:11:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:12:d1:13:97:38:a1:88:20:32:69:78:92:27:66:4b:7d:25:b6:93 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Validity Not Before: Dec 19 11:12:06 2025 GMT Not After : Dec 18 11:17:06 2026 GMT Subject: CN=9EFCEF43CAC3026EC27EBD971482A0FA99EFBBA3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:ec:72:0a:a1:7b:6f:eb:67:49:ee:64:c5:47: 18:5c:ea:30:42:47:5f:34:62:cc:e4:f4:08:61:f6: 33:74:55:5e:a0:57:b3:14:6f:12:8c:7f:27:65:1c: 27:76:0a:e8:3f:7d:61:11:3c:8d:c9:12:ef:39:9e: 8f:55:dc:a8:70:8f:59:1d:49:88:8e:ad:ae:64:39: 45:d5:cf:9f:0b:9d:b5:96:c5:12:be:41:37:5f:6a: 0c:2f:59:f1:a1:9d:ee:4b:37:ea:a6:a3:e7:e5:7f: 67:f5:12:c8:0f:6b:ef:4d:7a:cf:bb:e1:c1:1b:4a: 92:e7:c2:08:ac:00:fb:fd:40:ee:64:51:f7:cc:ee: 93:9f:a3:e0:a8:23:51:ed:03:44:df:93:f2:08:ee: 8d:91:f8:95:0a:94:69:b8:46:42:99:83:b3:af:e7: b0:cc:20:bf:d8:e7:42:d6:72:f5:8b:58:22:45:7b: f3:56:2a:14:aa:21:01:27:d7:61:fc:01:1d:09:c5: 87:ea:0c:83:07:4d:af:44:aa:15:e7:7f:5e:ae:4c: 2d:37:24:bd:5a:31:bb:c1:87:cb:61:51:f5:f7:2e: 60:a3:5c:41:3e:0e:92:1e:45:86:41:78:45:2c:d1: a9:ca:c9:18:d3:5a:a4:2c:4c:75:94:0f:4b:47:93: 90:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:FC:EF:43:CA:C3:02:6E:C2:7E:BD:97:14:82:A0:FA:99:EF:BB:A3 X509v3 Authority Key Identifier: keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.236.192.0/24 46.236.209.0-46.236.210.255 46.236.212.0-46.236.214.255 46.236.217.0/24 46.236.223.0/24 46.236.252.0/24 82.139.192.0/24 82.139.204.0/24 82.139.208.0-82.139.213.255 82.139.215.0/24 82.139.218.0/23 82.139.221.0/24 82.139.224.0/24 82.139.227.0-82.139.229.255 82.139.232.0/24 82.139.234.0/24 82.139.236.0/24 82.139.240.0/23 82.139.249.0/24 212.60.147.0/24 212.60.149.0/24 212.60.155.0/24 212.60.157.0/24 212.60.159.0/24 Signature Algorithm: sha256WithRSAEncryption 52:59:28:77:3f:23:99:52:9c:c5:99:f1:43:6b:93:b5:e0:53: 57:a0:c2:a0:ed:cf:71:df:c9:bb:61:51:f5:97:b7:6f:71:49: 35:80:1b:b3:df:2a:9d:f7:33:7c:ae:b2:17:24:72:34:a2:d1: 85:94:4e:d0:8e:f6:e3:38:b6:9e:ae:1c:70:55:7d:01:aa:fb: a8:32:e3:21:4c:60:73:7b:21:de:cf:e3:fb:80:0d:33:44:44: a2:dc:13:81:d0:41:91:dc:d7:31:d4:97:89:44:72:2e:ef:f0: 86:64:de:ca:6a:57:29:25:f2:5e:79:52:43:a8:33:f8:15:cf: 24:7e:3a:b8:30:48:d8:9d:2d:d6:0e:a4:85:b6:99:b1:a4:32: 88:fc:9f:64:12:8d:68:5d:95:34:ed:42:ce:17:3d:07:79:08: 50:45:ac:f9:24:f0:57:ed:5f:a0:ef:05:b7:36:7f:c4:57:16: ac:db:d4:74:48:91:7a:f4:14:56:f2:96:41:66:34:8a:af:e8: 88:94:8c:d8:70:fd:0e:84:04:52:f4:41:3a:42:e8:9a:03:68: 7b:46:fc:aa:d2:36:46:79:3b:16:6b:8a:ae:51:87:52:42:ad: 3c:4f:92:b7:c4:f6:4a:0f:22:4d:5a:3f:32:84:32:9a:57:a3: ad:94:f0:73 -----BEGIN CERTIFICATE----- MIIFrDCCBJSgAwIBAgIUHxLRE5c4oYggMml4kidmS30ltpMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx ZWUyOGExYjAeFw0yNTEyMTkxMTEyMDZaFw0yNjEyMTgxMTE3MDZaMDMxMTAvBgNV BAMTKDlFRkNFRjQzQ0FDMzAyNkVDMjdFQkQ5NzE0ODJBMEZBOTlFRkJCQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw7HIKoXtv62dJ7mTFRxhc6jBC R180Yszk9Ahh9jN0VV6gV7MUbxKMfydlHCd2Cug/fWERPI3JEu85no9V3Khwj1kd SYiOra5kOUXVz58LnbWWxRK+QTdfagwvWfGhne5LN+qmo+flf2f1EsgPa+9Nes+7 4cEbSpLnwgisAPv9QO5kUffM7pOfo+CoI1HtA0Tfk/II7o2R+JUKlGm4RkKZg7Ov 57DMIL/Y50LWcvWLWCJFe/NWKhSqIQEn12H8AR0JxYfqDIMHTa9EqhXnf16uTC03 JL1aMbvBh8thUfX3LmCjXEE+DpIeRYZBeEUs0anKyRjTWqQsTHWUD0tHk5CzAgMB AAGjggK2MIICsjAdBgNVHQ4EFgQUnvzvQ8rDAm7Cfr2XFIKg+pnvu6MwHwYDVR0j BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1 NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3 aWlocy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujCBtwQCAAEwgbADBAAu 7MAwDAMEAC7s0QMEAC7s0jAMAwQCLuzUAwQALuzWAwQALuzZAwQALuzfAwQALuz8 AwQAUovAAwQAUovMMAwDBARSi9ADBAFSi9QDBABSi9cDBAFSi9oDBABSi90DBABS i+AwDAMEAFKL4wMEAVKL5AMEAFKL6AMEAFKL6gMEAFKL7AMEAVKL8AMEAFKL+QME ANQ8kwMEANQ8lQMEANQ8mwMEANQ8nQMEANQ8nzANBgkqhkiG9w0BAQsFAAOCAQEA Ulkodz8jmVKcxZnxQ2uTteBTV6DCoO3Pcd/Ju2FR9Ze3b3FJNYAbs98qnfczfK6y FyRyNKLRhZRO0I724zi2nq4ccFV9Aar7qDLjIUxgc3sh3s/j+4ANM0REotwTgdBB kdzXMdSXiURyLu/whmTeympXKSXyXnlSQ6gz+BXPJH46uDBI2J0t1g6khbaZsaQy iPyfZBKNaF2VNO1Czhc9B3kIUEWs+STwV+1foO8FtzZ/xFcWrNvUdEiRevQUVvKW QWY0iq/oiJSM2HD9DoQEUvRBOkLomgNoe0b8qtI2Rnk7FmuKrlGHUkKtPE+St8T2 Sg8iTVo/MoQymlejrZTwcw== -----END CERTIFICATE-----Generated at Sat Dec 20 18:23:52 2025 by rpki-client