This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa File: AS398704.roa (raw, json) Hash identifier: SyUGkJqb2/hniUNMYIVSNdOaPhT4zqdg8ObPny74bb0= Subject key identifier: 2F:DE:C4:13:8C:06:7E:8A:8F:49:09:B7:1F:B0:AE:7A:7D:40:45:55 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 53ECD416130C985DA7CF78BA8C86803AF974588A Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa Signing time: Wed 17 Dec 2025 00:59:08 +0000 ROA not before: Wed 17 Dec 2025 00:54:08 +0000 ROA not after: Wed 16 Dec 2026 00:59:08 +0000 asID: 398704 IP address blocks: 181.214.119.0/24 maxlen: 24 181.214.216.0/24 maxlen: 24 191.96.111.0/24 maxlen: 24 191.101.39.0/24 maxlen: 24 191.101.63.0/24 maxlen: 24 191.101.88.0/24 maxlen: 24 191.101.135.0/24 maxlen: 24 191.101.144.0/24 maxlen: 24 191.101.148.0/24 maxlen: 24 191.101.206.0/24 maxlen: 24 191.101.212.0/22 maxlen: 24 191.101.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 19 Dec 2025 22:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:ec:d4:16:13:0c:98:5d:a7:cf:78:ba:8c:86:80:3a:f9:74:58:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 17 00:54:08 2025 GMT Not After : Dec 16 00:59:08 2026 GMT Subject: CN=2FDEC4138C067E8A8F4909B71FB0AE7A7D404555 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:58:b6:a4:b7:63:cc:35:b4:13:fd:2f:62:c0: 9d:da:c8:23:30:62:4a:ab:79:37:70:47:54:22:15: 0b:98:47:a9:61:0a:b3:8c:07:43:15:61:a9:a3:32: 0d:de:b1:03:ff:41:61:1d:ef:8c:1c:ce:3f:06:2a: a2:bb:94:e7:47:aa:c1:00:a2:3a:0f:ff:66:f2:28: 3f:80:0f:66:f5:86:32:ce:6b:81:8c:07:5c:2a:40: 16:77:00:81:55:34:87:52:bf:eb:35:f1:3e:49:f6: a4:77:06:20:7f:3b:85:48:cf:30:cb:37:f0:19:a9: 4e:c9:11:e2:45:87:54:4d:11:53:80:02:7b:bf:d4: e9:d5:33:2c:09:38:5b:54:58:a0:e5:7d:9c:c8:a3: 7b:1c:1f:5c:4b:94:b3:53:56:42:c4:9a:a6:41:16: a5:8e:c5:cb:f2:f8:c4:d3:7f:7a:74:1e:7f:02:92: 99:6a:96:9e:00:d4:74:8c:44:f0:dc:e9:0e:b3:3c: 29:97:4f:0c:c0:6d:3a:71:22:e5:06:ab:f3:6d:1e: 42:89:08:5b:9e:fc:b8:d2:62:b3:22:7b:9b:58:3a: 7f:3c:a1:fb:2c:8b:23:8b:90:51:fd:9c:c1:2b:67: b0:15:f9:1f:b6:4f:c5:60:dc:7b:ab:e1:99:09:fa: d4:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:DE:C4:13:8C:06:7E:8A:8F:49:09:B7:1F:B0:AE:7A:7D:40:45:55 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.214.119.0/24 181.214.216.0/24 191.96.111.0/24 191.101.39.0/24 191.101.63.0/24 191.101.88.0/24 191.101.135.0/24 191.101.144.0/24 191.101.148.0/24 191.101.206.0/24 191.101.212.0/22 191.101.238.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:10:09:69:05:34:37:81:dd:e0:cc:b5:04:ab:f8:3e:78:6d: 1d:47:78:e5:f4:e9:bf:ec:40:40:8c:68:40:b2:72:b6:d5:55: 1f:dc:43:be:af:f1:ec:e8:f7:5b:f2:ad:3d:2f:f9:b3:2b:d7: b3:d2:a4:78:bc:74:6a:52:ba:d9:78:f0:3c:93:61:9d:87:33: 82:5c:a6:49:ed:34:1a:33:dc:ef:4d:9b:b1:47:f4:c1:dc:b7: 48:2f:65:4d:27:63:c2:89:a8:76:7c:01:49:0e:ea:4e:28:d3: ff:97:38:87:f4:e4:52:c1:b1:50:23:43:31:d2:5c:1a:bd:e6: ef:30:db:a1:fa:58:67:49:00:33:4e:6a:f5:25:56:63:e9:61: 33:f2:d8:19:b1:85:93:35:9b:c7:e3:ad:38:04:90:22:ef:45: 57:19:fb:c4:3f:4c:e1:f5:17:0a:49:86:33:66:5d:d7:91:47: db:f1:59:eb:fa:f5:d7:78:6c:85:3e:4d:2c:70:74:32:33:39: 96:30:bc:47:43:24:76:d2:05:64:59:b8:e0:e3:f3:ea:66:53: a7:17:b7:30:7f:af:81:04:e9:85:fd:bf:8d:93:9c:3e:fa:10: f1:78:18:ae:08:2c:45:16:0d:85:f0:68:47:9e:41:2d:96:ee: e9:ea:b8:96 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgIUU+zUFhMMmF2nz3i6jIaAOvl0WIowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMTcwMDU0MDhaFw0yNjEyMTYwMDU5MDhaMDMxMTAvBgNV BAMTKDJGREVDNDEzOEMwNjdFOEE4RjQ5MDlCNzFGQjBBRTdBN0Q0MDQ1NTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYWLakt2PMNbQT/S9iwJ3ayCMw YkqreTdwR1QiFQuYR6lhCrOMB0MVYamjMg3esQP/QWEd74wczj8GKqK7lOdHqsEA ojoP/2byKD+AD2b1hjLOa4GMB1wqQBZ3AIFVNIdSv+s18T5J9qR3BiB/O4VIzzDL N/AZqU7JEeJFh1RNEVOAAnu/1OnVMywJOFtUWKDlfZzIo3scH1xLlLNTVkLEmqZB FqWOxcvy+MTTf3p0Hn8Ckplqlp4A1HSMRPDc6Q6zPCmXTwzAbTpxIuUGq/NtHkKJ CFue/LjSYrMie5tYOn88ofssiyOLkFH9nMErZ7AV+R+2T8Vg3Hur4ZkJ+tTpAgMB AAGjggJMMIICSDAdBgNVHQ4EFgQUL97EE4wGfoqPSQm3H7Cuen1ARVUwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAtdZ3 AwQAtdbYAwQAv2BvAwQAv2UnAwQAv2U/AwQAv2VYAwQAv2WHAwQAv2WQAwQAv2WU AwQAv2XOAwQCv2XUAwQAv2XuMA0GCSqGSIb3DQEBCwUAA4IBAQBsEAlpBTQ3gd3g zLUEq/g+eG0dR3jl9Om/7EBAjGhAsnK21VUf3EO+r/Hs6Pdb8q09L/mzK9ez0qR4 vHRqUrrZePA8k2GdhzOCXKZJ7TQaM9zvTZuxR/TB3LdIL2VNJ2PCiah2fAFJDupO KNP/lziH9ORSwbFQI0Mx0lwavebvMNuh+lhnSQAzTmr1JVZj6WEz8tgZsYWTNZvH 4604BJAi70VXGfvEP0zh9RcKSYYzZl3XkUfb8Vnr+vXXeGyFPk0scHQyMzmWMLxH QyR20gVkWbjg4/PqZlOnF7cwf6+BBOmF/b+Nk5w++hDxeBiuCCxFFg2F8GhHnkEt lu7p6riW -----END CERTIFICATE-----Generated at Fri Dec 19 08:22:27 2025 by rpki-client