This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214677.roa File: AS214677.roa (raw, json) Hash identifier: /AJdI0tG2ld+qbH2UIITnws5PYtYi9bO+A3zNsxGih8= Subject key identifier: 97:20:15:E1:AC:C9:69:98:3C:8F:30:95:8C:C5:DB:15:4E:1B:1A:6F Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9 Certificate serial: 7463FEA63A953423653E842AFFDBB0F63BD8466C Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214677.roa Signing time: Thu 11 Dec 2025 09:48:51 +0000 ROA not before: Thu 11 Dec 2025 09:43:51 +0000 ROA not after: Thu 10 Dec 2026 09:48:51 +0000 asID: 214677 IP address blocks: 141.11.100.0/24 maxlen: 24 141.11.167.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:04:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:63:fe:a6:3a:95:34:23:65:3e:84:2a:ff:db:b0:f6:3b:d8:46:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9 Validity Not Before: Dec 11 09:43:51 2025 GMT Not After : Dec 10 09:48:51 2026 GMT Subject: CN=972015E1ACC969983C8F30958CC5DB154E1B1A6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:83:c8:8a:43:79:59:02:1a:60:55:af:60:3e: 59:21:3f:ed:bf:c4:25:0b:c5:a8:63:f2:bc:42:f2: da:12:a3:24:6d:f5:8b:37:ad:32:6d:8e:84:cd:f8: 97:4d:a3:8a:2c:87:42:05:98:20:2b:76:99:0a:72: 92:d7:6d:42:8e:26:c7:29:3b:57:4c:50:3b:8a:2f: 24:13:69:19:33:b4:5a:9a:ff:6a:7d:1f:3f:0c:df: 2f:0f:0f:0e:a3:71:2f:26:b1:8b:64:cf:eb:85:4e: a9:2f:0d:6b:67:9a:7f:b9:9c:bf:f1:8c:81:ff:7c: 11:5f:01:20:bf:77:ce:38:9c:56:19:e3:61:5c:25: 01:c7:f3:7a:fc:88:5a:9b:dd:53:aa:ed:ce:2c:8f: d2:7f:df:d5:69:e0:2a:08:22:35:41:0f:46:8d:91: f3:2c:e7:83:69:87:9c:42:e7:6b:6e:c3:da:50:46: 98:c2:a7:db:6b:a3:8c:f9:d2:cd:cf:68:4d:8a:62: 2e:a4:36:4f:e3:d4:c8:40:29:1d:84:c2:c0:07:46: c8:75:b1:30:76:2d:29:d0:5c:4c:f1:e3:5c:72:36: a6:14:95:8e:9a:55:0e:ee:cb:6d:d2:19:24:6f:b0: 8a:5b:af:19:3a:14:b2:7b:eb:1a:76:9a:06:9c:7c: 93:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:20:15:E1:AC:C9:69:98:3C:8F:30:95:8C:C5:DB:15:4E:1B:1A:6F X509v3 Authority Key Identifier: keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS214677.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.11.100.0/24 141.11.167.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:6a:2a:bd:f3:3f:be:d8:4d:f1:b0:e8:64:98:40:36:1c:ff: 5b:25:6f:2b:41:71:db:d5:44:6d:65:ec:6e:73:c2:bc:83:18: 7b:7d:f1:db:d6:5e:bb:7d:a2:70:f9:ae:b7:7b:f3:42:5e:d8: 70:27:27:6d:52:f8:f1:85:17:ee:83:c5:9e:4d:af:a6:5a:1d: 18:56:5e:f5:4f:c7:d7:45:99:45:3c:fe:ad:e8:21:07:63:a0: 96:88:d2:cc:a6:b3:f5:58:61:8e:4b:ab:6d:9d:d9:3d:44:ac: 69:f3:37:92:6e:1f:1f:b0:0a:ad:03:8c:38:70:38:98:91:87: df:27:0b:b7:3c:03:32:a9:90:58:41:40:e9:20:5b:f7:83:c3: 08:18:50:9a:a9:43:81:2f:54:d6:c1:f8:8f:78:df:b6:fa:e5: 11:88:2e:75:02:c5:1f:46:5c:73:47:38:5d:1c:97:77:28:9f: 5c:67:e6:e0:cc:c1:d2:e3:37:63:d8:21:00:fc:48:1e:d4:12: 61:ed:13:cb:4d:74:d3:7b:7b:dd:df:08:b3:cb:39:01:e9:2d: df:3f:a1:61:ca:7f:f2:9d:e1:a6:79:06:79:d2:05:e5:43:1a: 26:4a:62:e6:da:c1:76:d2:94:6b:c5:eb:96:9a:24:49:48:cd: cf:61:a2:9a -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUdGP+pjqVNCNlPoQq/9uw9jvYRmwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw ODI4ZWNhOTAeFw0yNTEyMTEwOTQzNTFaFw0yNjEyMTAwOTQ4NTFaMDMxMTAvBgNV BAMTKDk3MjAxNUUxQUNDOTY5OTgzQzhGMzA5NThDQzVEQjE1NEUxQjFBNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPg8iKQ3lZAhpgVa9gPlkhP+2/ xCULxahj8rxC8toSoyRt9Ys3rTJtjoTN+JdNo4osh0IFmCArdpkKcpLXbUKOJscp O1dMUDuKLyQTaRkztFqa/2p9Hz8M3y8PDw6jcS8msYtkz+uFTqkvDWtnmn+5nL/x jIH/fBFfASC/d844nFYZ42FcJQHH83r8iFqb3VOq7c4sj9J/39Vp4CoIIjVBD0aN kfMs54Nph5xC52tuw9pQRpjCp9tro4z50s3PaE2KYi6kNk/j1MhAKR2EwsAHRsh1 sTB2LSnQXEzx41xyNqYUlY6aVQ7uy23SGSRvsIpbrxk6FLJ76xp2mgacfJO7AgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUlyAV4azJaZg8jzCVjMXbFU4bGm8wHwYDVR0j BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5 ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjE0Njc3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQtk AwQAjQunMA0GCSqGSIb3DQEBCwUAA4IBAQBbaiq98z++2E3xsOhkmEA2HP9bJW8r QXHb1URtZexuc8K8gxh7ffHb1l67faJw+a63e/NCXthwJydtUvjxhRfug8WeTa+m Wh0YVl71T8fXRZlFPP6t6CEHY6CWiNLMprP1WGGOS6ttndk9RKxp8zeSbh8fsAqt A4w4cDiYkYffJwu3PAMyqZBYQUDpIFv3g8MIGFCaqUOBL1TWwfiPeN+2+uURiC51 AsUfRlxzRzhdHJd3KJ9cZ+bgzMHS4zdj2CEA/Ege1BJh7RPLTXTTe3vd3wizyzkB 6S3fP6Fhyn/yneGmeQZ50gXlQxomSmLm2sF20pRrxeuWmiRJSM3PYaKa -----END CERTIFICATE-----Generated at Sat Dec 20 08:56:05 2025 by rpki-client