This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: f5j/2wtIr/Ac+zmWbPijZePq0/x2xW10YQznswOipn4= Subject key identifier: 58:83:2D:66:09:2E:31:D3:F4:49:1D:27:B3:A4:D2:FA:D5:9F:BC:72 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 18A4094869FF99D786DF817508B89FE9BA4AD52F Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa Signing time: Thu 11 Dec 2025 00:04:00 +0000 ROA not before: Wed 10 Dec 2025 23:59:00 +0000 ROA not after: Thu 10 Dec 2026 00:04:00 +0000 asID: 39521 IP address blocks: 143.20.6.0/24 maxlen: 24 143.20.32.0/24 maxlen: 24 143.20.54.0/24 maxlen: 24 143.20.61.0/24 maxlen: 24 143.20.62.0/24 maxlen: 24 143.20.104.0/24 maxlen: 24 143.20.124.0/24 maxlen: 24 143.20.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a4:09:48:69:ff:99:d7:86:df:81:75:08:b8:9f:e9:ba:4a:d5:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 10 23:59:00 2025 GMT Not After : Dec 10 00:04:00 2026 GMT Subject: CN=58832D66092E31D3F4491D27B3A4D2FAD59FBC72 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:c2:a0:ab:d7:70:83:8c:e4:6b:73:58:4d:df: b4:55:24:74:8e:94:ca:fe:47:75:29:de:e4:87:d7: 00:70:2a:e9:06:cb:7e:cc:99:92:ff:d7:b3:a3:6b: 3d:0e:ea:f5:d4:6c:80:02:32:f6:ce:c4:14:56:7b: af:f4:cc:b7:5b:57:e8:93:17:11:aa:d3:18:ea:40: b3:06:ce:01:69:29:a6:bc:f4:43:34:79:26:f7:e9: 4f:18:e7:02:af:25:4f:32:a1:6d:c1:37:c1:29:14: c8:91:21:74:bb:a8:28:23:09:4e:91:4d:50:32:4d: a3:94:26:60:8f:1e:13:d3:5b:ba:dd:1a:c9:9d:3b: 1e:db:04:7e:0a:de:02:ea:0e:a0:3c:ec:0a:cc:4c: 1d:d5:0a:04:87:80:00:03:37:a7:73:55:52:30:b8: f4:ad:2c:06:b3:90:a9:68:f6:8f:fb:73:cf:07:0b: 44:fe:82:1a:01:9f:5c:b0:49:7a:48:08:86:53:8d: 5e:2c:0a:5b:33:93:3e:a6:d4:26:7a:40:99:c4:36: 38:fb:5b:3c:b2:54:5f:ee:5a:22:51:70:c4:7b:68: 3d:bb:2b:83:50:95:5a:f2:ac:e3:90:cb:d8:4e:6f: be:d5:fb:c2:c6:04:58:fd:65:01:ef:9d:00:37:be: 6d:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:83:2D:66:09:2E:31:D3:F4:49:1D:27:B3:A4:D2:FA:D5:9F:BC:72 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.6.0/24 143.20.32.0/24 143.20.54.0/24 143.20.61.0-143.20.62.255 143.20.104.0/24 143.20.124.0/23 Signature Algorithm: sha256WithRSAEncryption 2d:cb:4e:be:67:3d:1f:2f:71:a0:3c:05:fe:5f:d2:34:01:ff: d2:2c:df:a4:fa:ff:e8:49:1c:10:60:40:09:95:58:ee:e3:c9: 54:89:bd:53:65:49:de:e5:38:84:69:da:9a:36:71:4b:fd:d9: f6:2a:1d:30:d8:dd:9c:04:9d:88:7e:d2:7f:48:54:4d:3c:1c: 93:45:00:ad:2d:be:f4:90:d4:e5:d4:ef:a3:c4:4c:8e:ea:61: 81:bf:00:2d:49:a1:52:96:10:92:90:2a:6d:a4:88:1e:fd:7a: 9f:56:a2:11:5c:d4:ad:bd:ac:29:d8:6a:00:3a:b3:43:02:2a: 47:47:0f:88:69:eb:c9:d1:57:ca:86:3f:05:3f:16:1d:14:8f: 32:cf:8d:e8:6f:22:99:1b:49:2a:fc:ef:c6:e3:52:2a:80:52: 67:3f:8b:3f:70:a1:0a:54:b1:a8:cc:99:97:a3:7d:01:b6:eb: a1:d0:a8:47:6f:a9:d2:3a:af:9d:2c:cb:89:dc:3a:a7:39:bb: ff:b4:f1:e7:12:cf:7a:02:59:87:30:e2:5a:ca:75:ea:33:3d: 72:04:26:3b:65:d6:92:8e:85:bb:01:7e:e1:59:be:b0:9e:a9: 0a:98:aa:8b:b0:67:c5:9e:31:61:d6:72:97:9f:85:e5:ff:66: dc:bd:d4:93 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgIUGKQJSGn/mdeG34F1CLif6bpK1S8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMTAyMzU5MDBaFw0yNjEyMTAwMDA0MDBaMDMxMTAvBgNV BAMTKDU4ODMyRDY2MDkyRTMxRDNGNDQ5MUQyN0IzQTREMkZBRDU5RkJDNzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTwqCr13CDjORrc1hN37RVJHSO lMr+R3Up3uSH1wBwKukGy37MmZL/17Ojaz0O6vXUbIACMvbOxBRWe6/0zLdbV+iT FxGq0xjqQLMGzgFpKaa89EM0eSb36U8Y5wKvJU8yoW3BN8EpFMiRIXS7qCgjCU6R TVAyTaOUJmCPHhPTW7rdGsmdOx7bBH4K3gLqDqA87ArMTB3VCgSHgAADN6dzVVIw uPStLAazkKlo9o/7c88HC0T+ghoBn1ywSXpICIZTjV4sClszkz6m1CZ6QJnENjj7 WzyyVF/uWiJRcMR7aD27K4NQlVryrOOQy9hOb77V+8LGBFj9ZQHvnQA3vm1pAgMB AAGjggIvMIICKzAdBgNVHQ4EFgQUWIMtZgkuMdP0SR0ns6TS+tWfvHIwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBACPFAYD BACPFCADBACPFDYwDAMEAI8UPQMEAI8UPgMEAI8UaAMEAY8UfDANBgkqhkiG9w0B AQsFAAOCAQEALctOvmc9Hy9xoDwF/l/SNAH/0izfpPr/6EkcEGBACZVY7uPJVIm9 U2VJ3uU4hGnamjZxS/3Z9iodMNjdnASdiH7Sf0hUTTwck0UArS2+9JDU5dTvo8RM juphgb8ALUmhUpYQkpAqbaSIHv16n1aiEVzUrb2sKdhqADqzQwIqR0cPiGnrydFX yoY/BT8WHRSPMs+N6G8imRtJKvzvxuNSKoBSZz+LP3ChClSxqMyZl6N9AbbrodCo R2+p0jqvnSzLidw6pzm7/7Tx5xLPegJZhzDiWsp16jM9cgQmO2XWko6FuwF+4Vm+ sJ6pCpiqi7BnxZ4xYdZyl5+F5f9m3L3Ukw== -----END CERTIFICATE-----Generated at Sat Dec 20 21:05:05 2025 by rpki-client