This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214677.roa File: AS214677.roa (raw, json) Hash identifier: fqDCdcBRG/r9oLvc/QRBgFbgOOQ5Na2fQhH9afcqLPU= Subject key identifier: 1B:BC:77:B6:AD:38:04:C8:3A:5B:CA:4E:B4:F5:7A:C4:6A:7E:8D:54 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 5AAA8C512EA4E168A94A9A57A0F2741564BACBC5 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214677.roa Signing time: Wed 03 Dec 2025 09:09:35 +0000 ROA not before: Wed 03 Dec 2025 09:04:35 +0000 ROA not after: Wed 02 Dec 2026 09:09:35 +0000 asID: 214677 IP address blocks: 92.112.124.0/22 maxlen: 24 95.135.208.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 26 Dec 2025 08:01:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:aa:8c:51:2e:a4:e1:68:a9:4a:9a:57:a0:f2:74:15:64:ba:cb:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 3 09:04:35 2025 GMT Not After : Dec 2 09:09:35 2026 GMT Subject: CN=1BBC77B6AD3804C83A5BCA4EB4F57AC46A7E8D54 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:8c:d1:bf:c5:36:0e:f5:1f:75:88:a3:b1:c7: b9:df:eb:ba:74:ff:d0:1c:15:db:8e:f3:f9:41:34: 79:77:df:e0:c5:2d:1f:95:3c:64:47:b7:0a:bf:d6: ab:aa:d8:0e:e6:47:06:a0:c0:17:c9:0b:d6:d1:19: 3e:fe:6b:03:41:de:d7:08:fb:b4:fb:87:d5:9d:5c: c0:39:8d:dd:b8:2e:12:66:3a:76:4c:d5:4b:d3:f5: 7d:e6:62:5f:3b:93:73:c9:a5:97:3c:3e:59:a9:4f: 6c:32:e0:26:9c:94:d3:a0:5e:f1:6e:6d:a4:a3:d8: ed:1e:29:8f:46:68:ae:91:fd:27:76:a5:38:91:32: 19:cc:23:28:f2:da:3f:4b:d1:cf:2c:43:ba:91:36: 6b:77:93:f3:2e:3a:dd:ef:df:1d:9d:90:3a:93:cf: 41:9e:ab:c5:b4:65:df:b0:49:e5:7f:50:80:c4:8d: 02:95:66:1d:f2:30:7b:12:f2:c6:8a:e4:15:2e:2f: ec:06:18:29:95:5b:0e:44:f0:94:37:0a:7d:13:cc: c5:5b:da:f9:01:49:44:e7:2d:05:3a:84:5d:6c:54: d5:d7:c8:50:f6:43:11:c4:56:a8:37:cb:f7:78:e6: eb:81:55:b2:b9:f9:79:9d:f6:b0:6e:6e:ef:ef:bb: ad:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:BC:77:B6:AD:38:04:C8:3A:5B:CA:4E:B4:F5:7A:C4:6A:7E:8D:54 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214677.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.112.124.0/22 95.135.208.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:02:2c:7d:c2:c6:d8:f9:b5:43:50:8d:4b:d9:45:09:c9:ed: 7c:91:0e:85:15:93:10:02:9a:5d:26:8d:2f:a9:64:17:8f:15: e0:93:4a:c4:0d:14:bc:e1:7a:8d:4c:0c:7e:d2:40:ee:fb:b4: f0:dd:9d:c8:b6:74:62:87:e2:6a:1e:1c:cd:cc:7e:76:14:81: 45:ce:07:58:ee:e4:8e:67:26:0e:8d:aa:a6:6e:10:e1:98:2d: b6:6c:f9:86:94:aa:14:f3:82:05:ce:61:a3:25:83:cf:f4:8f: 47:87:0d:95:c8:70:fe:ff:99:46:18:39:03:a3:45:30:d8:9d: be:90:9a:54:11:53:a7:4d:07:ff:44:de:ac:0b:bf:c4:89:aa: 74:15:28:c5:3d:9d:d6:9d:d3:dc:7a:7c:7f:bb:63:8b:43:cf: e0:01:97:96:aa:fd:7e:bc:4e:05:d5:ba:1f:4f:7f:a2:7c:40: d6:15:00:d9:f7:99:bd:68:13:44:2a:3d:b3:3a:71:60:ec:e8: 0d:96:82:50:5e:8a:a7:95:95:0c:69:20:9f:c3:5c:17:6d:9f: e2:68:a5:ce:c4:e9:c9:d1:5d:14:a9:f3:12:29:a1:24:b5:ec: 10:e7:3a:ea:03:31:3f:a5:49:ec:59:1b:7a:77:32:89:8d:90: b9:f5:6b:8f -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUWqqMUS6k4WipSppXoPJ0FWS6y8UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMDMwOTA0MzVaFw0yNjEyMDIwOTA5MzVaMDMxMTAvBgNV BAMTKDFCQkM3N0I2QUQzODA0QzgzQTVCQ0E0RUI0RjU3QUM0NkE3RThENTQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCFjNG/xTYO9R91iKOxx7nf67p0 /9AcFduO8/lBNHl33+DFLR+VPGRHtwq/1quq2A7mRwagwBfJC9bRGT7+awNB3tcI +7T7h9WdXMA5jd24LhJmOnZM1UvT9X3mYl87k3PJpZc8PlmpT2wy4CaclNOgXvFu baSj2O0eKY9GaK6R/Sd2pTiRMhnMIyjy2j9L0c8sQ7qRNmt3k/MuOt3v3x2dkDqT z0Geq8W0Zd+wSeV/UIDEjQKVZh3yMHsS8saK5BUuL+wGGCmVWw5E8JQ3Cn0TzMVb 2vkBSUTnLQU6hF1sVNXXyFD2QxHEVqg3y/d45uuBVbK5+Xmd9rBubu/vu615AgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUG7x3tq04BMg6W8pOtPV6xGp+jVQwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0Njc3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXHB8 AwQAX4fQMA0GCSqGSIb3DQEBCwUAA4IBAQA6Aix9wsbY+bVDUI1L2UUJye18kQ6F FZMQAppdJo0vqWQXjxXgk0rEDRS84XqNTAx+0kDu+7Tw3Z3ItnRih+JqHhzNzH52 FIFFzgdY7uSOZyYOjaqmbhDhmC22bPmGlKoU84IFzmGjJYPP9I9Hhw2VyHD+/5lG GDkDo0Uw2J2+kJpUEVOnTQf/RN6sC7/Eiap0FSjFPZ3WndPcenx/u2OLQ8/gAZeW qv1+vE4F1bofT3+ifEDWFQDZ95m9aBNEKj2zOnFg7OgNloJQXoqnlZUMaSCfw1wX bZ/iaKXOxOnJ0V0UqfMSKaEktewQ5zrqAzE/pUnsWRt6dzKJjZC59WuP -----END CERTIFICATE-----Generated at Thu Dec 25 23:51:34 2025 by rpki-client