This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS5065.roa File: AS5065.roa (raw, json) Hash identifier: pD/qOOsFRuRbV0Qav1Ao/98zAKcA76K+QQEisdo2V2M= Subject key identifier: 96:DE:D8:22:EE:A7:69:37:D2:D5:BE:2C:6B:F5:02:62:D4:65:26:C9 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 0807D8142B007A39FAA3B82E7F1ADACCC03162EB Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS5065.roa Signing time: Wed 17 Dec 2025 16:29:46 +0000 ROA not before: Wed 17 Dec 2025 16:24:46 +0000 ROA not after: Wed 16 Dec 2026 16:29:46 +0000 asID: 5065 IP address blocks: 143.20.133.0/24 maxlen: 24 143.20.158.0/24 maxlen: 24 143.20.159.0/24 maxlen: 24 143.20.163.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 16:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:07:d8:14:2b:00:7a:39:fa:a3:b8:2e:7f:1a:da:cc:c0:31:62:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 17 16:24:46 2025 GMT Not After : Dec 16 16:29:46 2026 GMT Subject: CN=96DED822EEA76937D2D5BE2C6BF50262D46526C9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:3e:db:63:c3:70:65:ec:e0:ef:6b:06:a5:f3: fc:99:dc:6f:07:5b:16:f4:13:1d:a6:39:b8:c8:ad: a5:2b:28:36:ac:37:e0:f9:05:67:c4:17:96:4a:45: 03:09:9d:6f:99:26:ce:77:bd:e4:7f:7c:eb:dd:40: ff:5a:12:e8:02:89:c1:67:0a:68:74:43:d8:26:25: 84:b2:20:8f:31:75:c1:17:66:b6:3b:cd:0a:23:ac: ab:e8:3c:48:c0:a7:01:b9:86:cf:8a:7b:4a:1b:d3: c2:1f:a8:79:5e:37:9a:b5:90:7b:d8:61:a7:35:77: 25:4d:ee:8c:c1:3f:58:ea:4c:ec:54:23:65:1a:04: b3:ec:2e:4f:08:27:2e:6b:c2:c4:47:fb:01:26:14: 3d:be:58:07:f8:a6:a3:4a:57:8c:ba:3c:03:07:a9: fe:09:7a:5b:18:3e:46:65:35:ad:43:43:05:a5:b0: 6c:a2:02:99:ed:0a:2d:16:94:f6:a6:f3:a7:b4:62: 2a:04:91:a7:30:ab:71:0a:ab:1f:a6:34:84:65:5b: bd:41:16:d2:21:a4:43:82:b4:73:b3:70:13:9e:e5: d1:2c:c0:42:b1:9d:a4:ed:7c:83:de:59:b4:40:00: 45:20:a6:f6:b4:a3:e1:ad:34:a0:05:b4:9f:cc:fe: 4d:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:DE:D8:22:EE:A7:69:37:D2:D5:BE:2C:6B:F5:02:62:D4:65:26:C9 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS5065.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.133.0/24 143.20.158.0/23 143.20.163.0/24 Signature Algorithm: sha256WithRSAEncryption 10:c5:13:f6:86:a0:56:9e:5b:af:17:65:f4:14:45:e6:2a:46: 10:df:e9:f6:05:b3:ad:44:78:42:f7:4e:6d:ec:52:a2:20:64: fb:64:2f:6c:75:9b:0e:fa:40:fb:dd:21:b2:4c:e4:8b:16:38: 7b:f5:c7:70:3b:ac:33:23:e1:31:53:a1:41:09:17:f3:7f:75: 4d:4f:d2:63:49:5c:e2:42:1f:01:d7:95:e4:b9:5b:da:34:38: b5:96:17:77:b3:89:af:0f:ab:e4:7e:a7:29:91:1f:29:ea:af: f4:e4:24:ac:55:05:57:d8:38:c6:58:50:a6:da:f9:ea:df:c8: 41:07:5a:b6:5d:6a:ec:37:c0:a8:7e:5e:df:f5:20:74:2f:ce: 01:4a:01:90:33:b1:6e:23:f4:be:9f:0e:05:84:bf:c3:ff:d9: 05:44:6e:a8:19:39:fc:29:81:53:3f:7e:ba:d1:39:24:73:d1: 47:36:07:46:41:95:8f:2b:2e:75:67:2e:19:de:f7:a6:fc:58: 69:25:30:30:96:b4:62:05:67:85:bc:32:c3:b5:f3:0b:2e:37: a0:48:4c:3c:ef:4a:06:ae:e4:d0:e2:0f:fe:ea:40:70:8d:5e: 19:62:fb:17:59:ee:8d:71:9a:da:cd:99:b0:b4:11:47:09:a2: 88:a6:a7:3d -----BEGIN CERTIFICATE----- MIIFCjCCA/KgAwIBAgIUCAfYFCsAejn6o7gufxrazMAxYuswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMTcxNjI0NDZaFw0yNjEyMTYxNjI5NDZaMDMxMTAvBgNV BAMTKDk2REVEODIyRUVBNzY5MzdEMkQ1QkUyQzZCRjUwMjYyRDQ2NTI2QzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsPttjw3Bl7ODvawal8/yZ3G8H Wxb0Ex2mObjIraUrKDasN+D5BWfEF5ZKRQMJnW+ZJs53veR/fOvdQP9aEugCicFn Cmh0Q9gmJYSyII8xdcEXZrY7zQojrKvoPEjApwG5hs+Ke0ob08IfqHleN5q1kHvY Yac1dyVN7ozBP1jqTOxUI2UaBLPsLk8IJy5rwsRH+wEmFD2+WAf4pqNKV4y6PAMH qf4JelsYPkZlNa1DQwWlsGyiApntCi0WlPam86e0YioEkacwq3EKqx+mNIRlW71B FtIhpEOCtHOzcBOe5dEswEKxnaTtfIPeWbRAAEUgpva0o+GtNKAFtJ/M/k13AgMB AAGjggIUMIICEDAdBgNVHQ4EFgQUlt7YIu6naTfS1b4sa/UCYtRlJskwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTNTA2NS5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAI8UhQME AY8UngMEAI8UozANBgkqhkiG9w0BAQsFAAOCAQEAEMUT9oagVp5brxdl9BRF5ipG EN/p9gWzrUR4QvdObexSoiBk+2QvbHWbDvpA+90hskzkixY4e/XHcDusMyPhMVOh QQkX8391TU/SY0lc4kIfAdeV5Llb2jQ4tZYXd7OJrw+r5H6nKZEfKeqv9OQkrFUF V9g4xlhQptr56t/IQQdatl1q7DfAqH5e3/UgdC/OAUoBkDOxbiP0vp8OBYS/w//Z BURuqBk5/CmBUz9+utE5JHPRRzYHRkGVjysudWcuGd73pvxYaSUwMJa0YgVnhbwy w7XzCy43oEhMPO9KBq7k0OIP/upAcI1eGWL7F1nujXGa2s2ZsLQRRwmiiKanPQ== -----END CERTIFICATE-----Generated at Sat Dec 20 02:38:32 2025 by rpki-client