This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa File: AS206540.roa (raw, json) Hash identifier: ao+k3R93yGZ/06yCeEHOs0gnWm1oE35RWwW4JjTgcV0= Subject key identifier: 5B:F0:29:96:99:52:96:5F:90:02:61:85:44:1D:7A:EB:97:AD:60:A8 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 5103CB3B804B59F2B7BF9224EEF7D06A50DFE803 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa Signing time: Thu 11 Dec 2025 13:46:42 +0000 ROA not before: Thu 11 Dec 2025 13:41:42 +0000 ROA not after: Thu 10 Dec 2026 13:46:42 +0000 asID: 206540 IP address blocks: 2a14:7580:ffb0::/44 maxlen: 48 2a14:7580:ffc0::/44 maxlen: 48 2a14:7583:ff60::/44 maxlen: 48 2a14:7583:ff70::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 01:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:03:cb:3b:80:4b:59:f2:b7:bf:92:24:ee:f7:d0:6a:50:df:e8:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 11 13:41:42 2025 GMT Not After : Dec 10 13:46:42 2026 GMT Subject: CN=5BF029969952965F90026185441D7AEB97AD60A8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:8d:bf:be:fb:51:f8:51:5d:36:ca:e4:d0:f9: 7c:5e:a5:16:08:19:0e:2c:90:f3:0e:0a:69:da:a2: 07:d0:dd:b4:06:45:04:ac:2e:8a:2d:56:0a:94:50: 9b:a0:71:11:0e:81:5f:65:34:f0:07:1f:5f:00:3d: 59:c8:a6:79:24:42:f9:bd:a0:01:67:6f:cd:44:4b: 26:3c:f9:da:5a:88:b5:b9:4b:20:67:d6:fc:1c:e8: 1d:bc:b1:5b:98:d8:03:5d:c7:8a:eb:48:28:f4:00: 2d:e8:a3:2c:79:8e:1e:56:de:ac:46:d2:e9:32:8d: 0b:8f:ec:1b:4d:f7:43:e3:a2:69:de:4e:54:d5:dd: 55:b4:56:c7:0c:f7:07:dc:5c:8e:1c:c3:06:7d:c7: 52:7f:a4:1d:9f:1b:43:4c:19:21:8c:6e:3e:f8:4a: e6:62:da:0a:1d:0c:e9:16:c5:aa:c5:ee:7c:66:0e: b6:52:1a:70:e2:ce:23:39:a0:92:95:a8:5e:29:3c: 3e:a8:71:bc:b0:31:ad:b3:a9:a3:3c:4b:25:de:26: b3:18:86:ee:68:3d:a3:5f:98:5a:cc:d0:5f:fd:01: 21:af:87:4a:7b:ff:e8:ef:3a:1c:bb:d0:3d:a3:ab: 0b:f0:90:b5:e8:97:27:da:d6:01:ba:8a:7c:3f:c7: 0f:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:F0:29:96:99:52:96:5F:90:02:61:85:44:1D:7A:EB:97:AD:60:A8 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ffb0::-2a14:7580:ffcf:ffff:ffff:ffff:ffff:ffff 2a14:7583:ff60::/43 Signature Algorithm: sha256WithRSAEncryption 8c:15:4e:df:83:e5:8d:b8:d0:7f:d6:b7:97:40:e7:f9:e1:14: 25:ef:dd:fb:3d:11:a8:2a:5d:5a:80:6e:73:a2:8f:47:61:0f: 3c:55:99:a8:49:03:d9:10:ce:2a:d1:0d:b4:7b:08:3f:12:56: d3:0f:c6:97:3d:db:69:db:78:26:6e:74:4f:a1:63:0c:7c:8b: 7e:87:d3:9d:f0:ae:0f:19:dc:bc:f8:73:94:4d:e2:6d:df:08: 56:28:d5:c4:6b:00:13:bc:0f:79:cc:25:06:bc:e6:a6:ab:78: 3a:8a:04:4d:61:4d:19:fd:c9:03:fa:cc:80:05:9c:e0:63:e3: 5d:42:f5:57:3e:65:2c:84:1a:ec:af:b6:93:d9:1a:1a:c3:9e: 75:63:de:89:ec:64:75:4d:b3:a7:37:83:80:b4:6f:6e:74:47: e7:63:91:99:05:dc:b2:bc:b6:f1:26:93:31:84:93:14:4d:90: 09:90:55:5f:c1:56:a0:d8:fa:83:ff:79:bb:a5:64:7b:f9:13: 0a:7f:c3:e8:09:72:3e:a2:a9:5c:93:87:07:fc:0e:40:d5:b2: d3:26:7a:86:62:f7:9f:48:4f:14:ad:f1:21:7d:b8:56:e1:07: a2:2d:70:c7:dd:0c:6a:f3:7c:43:42:d6:7c:d9:95:9e:46:4e: bb:9b:fb:24 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIUUQPLO4BLWfK3v5Ik7vfQalDf6AMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMTExMzQxNDJaFw0yNjEyMTAxMzQ2NDJaMDMxMTAvBgNV BAMTKDVCRjAyOTk2OTk1Mjk2NUY5MDAyNjE4NTQ0MUQ3QUVCOTdBRDYwQTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzjb+++1H4UV02yuTQ+XxepRYI GQ4skPMOCmnaogfQ3bQGRQSsLootVgqUUJugcREOgV9lNPAHH18APVnIpnkkQvm9 oAFnb81ESyY8+dpaiLW5SyBn1vwc6B28sVuY2ANdx4rrSCj0AC3ooyx5jh5W3qxG 0ukyjQuP7BtN90PjomneTlTV3VW0VscM9wfcXI4cwwZ9x1J/pB2fG0NMGSGMbj74 SuZi2godDOkWxarF7nxmDrZSGnDiziM5oJKVqF4pPD6ocbywMa2zqaM8SyXeJrMY hu5oPaNfmFrM0F/9ASGvh0p7/+jvOhy70D2jqwvwkLXolyfa1gG6inw/xw8xAgMB AAGjggIhMIICHTAdBgNVHQ4EFgQUW/AplplSll+QAmGFRB1665etYKgwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA2NTQwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQq FHWA/7ADBwQqFHWA/8ADBwUqFHWD/2AwDQYJKoZIhvcNAQELBQADggEBAIwVTt+D 5Y240H/Wt5dA5/nhFCXv3fs9EagqXVqAbnOij0dhDzxVmahJA9kQzirRDbR7CD8S VtMPxpc922nbeCZudE+hYwx8i36H053wrg8Z3Lz4c5RN4m3fCFYo1cRrABO8D3nM JQa85qareDqKBE1hTRn9yQP6zIAFnOBj411C9Vc+ZSyEGuyvtpPZGhrDnnVj3ons ZHVNs6c3g4C0b250R+djkZkF3LK8tvEmkzGEkxRNkAmQVV/BVqDY+oP/ebulZHv5 Ewp/w+gJcj6iqVyThwf8DkDVstMmeoZi959ITxSt8SF9uFbhB6ItcMfdDGrzfENC 1nzZlZ5GTrub+yQ= -----END CERTIFICATE-----Generated at Sat Dec 20 08:06:12 2025 by rpki-client