This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS393942.roa File: AS393942.roa (raw, json) Hash identifier: PX3rKHL2Rbn61nnawDv0i0AK2q5icQPQyZBWljJGoo4= Subject key identifier: D5:D2:7F:B6:B3:2B:2E:5E:5C:C9:24:B1:6D:E9:A3:49:EC:15:5E:8C Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9 Certificate serial: 6667291A088F01C5571CA1D8B23D3589856C16CD Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS393942.roa Signing time: Mon 15 Dec 2025 04:23:24 +0000 ROA not before: Mon 15 Dec 2025 04:18:24 +0000 ROA not after: Mon 14 Dec 2026 04:23:24 +0000 asID: 393942 IP address blocks: 141.11.216.0/24 maxlen: 24 194.60.89.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:67:29:1a:08:8f:01:c5:57:1c:a1:d8:b2:3d:35:89:85:6c:16:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9 Validity Not Before: Dec 15 04:18:24 2025 GMT Not After : Dec 14 04:23:24 2026 GMT Subject: CN=D5D27FB6B32B2E5E5CC924B16DE9A349EC155E8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:a0:84:c4:4e:26:e1:fe:28:ed:de:2a:f0:76: 5e:08:8d:f5:e1:10:45:ae:be:9e:1a:37:83:24:37: fc:19:43:f0:48:60:36:c4:da:53:84:5c:8e:01:19: 0d:7a:aa:19:9b:b1:9d:43:e2:ac:e1:a4:97:ca:ad: 02:b0:08:ca:4c:ac:28:d4:1d:86:42:1f:25:41:2c: 3e:1c:61:3b:07:09:fc:9a:ba:a8:21:74:c7:25:4d: b6:83:be:8d:a9:76:f1:7d:69:7d:a5:5b:be:cc:48: d4:0f:87:cc:cf:72:f2:23:45:01:57:e6:1a:eb:dd: 47:36:58:ca:a9:f0:7e:9d:da:03:18:7b:3d:b6:db: 71:4b:97:aa:8a:ee:25:9a:15:d4:fc:51:c6:21:43: de:d8:9e:cd:c6:ac:49:57:e5:95:0f:ac:cd:ee:51: 74:3f:94:69:f1:e5:14:90:0e:cc:5d:ee:cb:9c:6b: 09:74:80:c1:91:7c:82:97:58:bf:34:17:55:e5:0a: e8:66:2e:e3:d3:9e:3c:a9:f5:ba:b6:aa:b3:3a:ed: d0:33:26:3c:a3:45:ba:0b:5d:14:b5:fa:be:30:07: 1f:34:8c:1d:25:97:a0:ee:70:f8:53:dd:78:85:21: 0b:bc:de:7e:72:62:93:e2:67:df:a6:35:bd:bf:69: 37:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:D2:7F:B6:B3:2B:2E:5E:5C:C9:24:B1:6D:E9:A3:49:EC:15:5E:8C X509v3 Authority Key Identifier: keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS393942.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.11.216.0/24 194.60.89.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:4b:14:22:0c:1d:41:16:c2:08:73:04:50:b0:6c:ff:0b:77: 40:0f:03:dc:f6:b6:19:55:65:01:e1:d6:9a:ac:bc:b8:8a:06: e1:c5:d3:ab:68:24:ec:60:83:cc:bd:26:7c:bc:c7:aa:e7:c3: 9d:10:df:50:4e:a7:5b:b4:b5:38:5e:33:11:52:e1:37:44:3f: d7:93:02:09:11:2f:a6:41:63:12:28:fe:ee:db:71:c0:0d:9b: de:f7:6f:71:d8:72:d5:fa:c5:d6:47:b5:cf:94:89:ca:6a:ed: 50:5d:09:56:b4:64:df:49:05:aa:e8:db:c2:6b:aa:01:24:cb: 49:60:80:be:2c:ae:1c:fb:eb:d1:3d:f1:62:0f:4c:f4:71:d6: 64:05:3f:a8:c6:fb:f0:59:5b:c2:6f:74:36:c3:b3:e1:44:fc: 00:1d:48:58:8d:de:25:59:73:86:73:6a:5a:47:ec:38:1b:c8: 6c:7f:39:9a:a3:86:68:79:86:08:94:78:ab:1b:5c:fd:95:53: 5f:5b:e8:fe:8f:c5:73:f4:e1:8d:d6:ad:18:b9:10:03:7a:b2: 1e:5a:4c:37:86:c5:c6:a9:2c:d8:78:5c:a3:ab:ee:43:8a:04: e9:19:5d:9f:42:c6:0c:ed:95:a7:bb:7c:e6:15:3a:2b:c4:db: a6:4b:eb:0f -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUZmcpGgiPAcVXHKHYsj01iYVsFs0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw ODI4ZWNhOTAeFw0yNTEyMTUwNDE4MjRaFw0yNjEyMTQwNDIzMjRaMDMxMTAvBgNV BAMTKEQ1RDI3RkI2QjMyQjJFNUU1Q0M5MjRCMTZERTlBMzQ5RUMxNTVFOEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPoITETibh/ijt3irwdl4IjfXh EEWuvp4aN4MkN/wZQ/BIYDbE2lOEXI4BGQ16qhmbsZ1D4qzhpJfKrQKwCMpMrCjU HYZCHyVBLD4cYTsHCfyauqghdMclTbaDvo2pdvF9aX2lW77MSNQPh8zPcvIjRQFX 5hrr3Uc2WMqp8H6d2gMYez2223FLl6qK7iWaFdT8UcYhQ97Yns3GrElX5ZUPrM3u UXQ/lGnx5RSQDsxd7sucawl0gMGRfIKXWL80F1XlCuhmLuPTnjyp9bq2qrM67dAz JjyjRboLXRS1+r4wBx80jB0ll6DucPhT3XiFIQu83n5yYpPiZ9+mNb2/aTdRAgMB AAGjggIQMIICDDAdBgNVHQ4EFgQU1dJ/trMrLl5cySSxbemjSewVXowwHwYDVR0j BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5 ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn bzdLay5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMzkzOTQyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjQvY AwQAwjxZMA0GCSqGSIb3DQEBCwUAA4IBAQAKSxQiDB1BFsIIcwRQsGz/C3dADwPc 9rYZVWUB4daarLy4igbhxdOraCTsYIPMvSZ8vMeq58OdEN9QTqdbtLU4XjMRUuE3 RD/XkwIJES+mQWMSKP7u23HADZve929x2HLV+sXWR7XPlInKau1QXQlWtGTfSQWq 6NvCa6oBJMtJYIC+LK4c++vRPfFiD0z0cdZkBT+oxvvwWVvCb3Q2w7PhRPwAHUhY jd4lWXOGc2paR+w4G8hsfzmao4ZoeYYIlHirG1z9lVNfW+j+j8Vz9OGN1q0YuRAD erIeWkw3hsXGqSzYeFyjq+5DigTpGV2fQsYM7ZWnu3zmFTorxNumS+sP -----END CERTIFICATE-----Generated at Sat Dec 20 02:38:05 2025 by rpki-client