This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: R6VxD/A/tV9eFxbYdU9nQl2+KbbAn6i1YtX/IrsGzp8= Subject key identifier: 8E:E7:78:E1:37:5C:F6:BD:0D:A8:58:02:38:74:58:CC:FE:32:7B:1F Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 5D68CA42B76492B3ED9B867F6F951D9A004A7DF6 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa Signing time: Mon 12 Jan 2026 09:57:29 +0000 ROA not before: Mon 12 Jan 2026 09:52:29 +0000 ROA not after: Mon 11 Jan 2027 09:57:29 +0000 asID: 16509 IP address blocks: 82.21.28.0/22 maxlen: 24 82.24.76.0/24 maxlen: 24 82.24.100.0/24 maxlen: 24 82.26.154.0/24 maxlen: 24 82.26.201.0/24 maxlen: 24 82.29.0.0/24 maxlen: 24 82.29.2.0/24 maxlen: 24 82.29.3.0/24 maxlen: 24 82.29.4.0/24 maxlen: 24 82.29.102.0/24 maxlen: 24 82.29.104.0/24 maxlen: 24 82.29.105.0/24 maxlen: 24 82.39.223.0/24 maxlen: 24 82.41.200.0/24 maxlen: 24 178.83.112.0/22 maxlen: 22 2a13:9500:110::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 02:03:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:68:ca:42:b7:64:92:b3:ed:9b:86:7f:6f:95:1d:9a:00:4a:7d:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Jan 12 09:52:29 2026 GMT Not After : Jan 11 09:57:29 2027 GMT Subject: CN=8EE778E1375CF6BD0DA85802387458CCFE327B1F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:eb:05:7c:8c:76:5f:a4:46:29:5b:58:f1:56: ff:78:b5:00:65:ee:bc:eb:1a:f9:f2:11:57:0f:71: a3:96:46:8f:ee:bb:b4:0d:ed:bb:a4:f3:9b:87:53: a8:49:be:00:95:4b:6f:51:a6:a5:20:89:1e:5f:8f: 3d:e5:23:d6:c0:a2:d4:77:ea:27:ed:92:cb:bc:53: 9a:ca:f3:c9:d4:50:75:ed:2e:50:9a:ee:9e:1d:36: 53:42:05:48:f5:93:27:34:be:69:d6:40:7d:82:3e: 10:82:9d:59:f2:af:e2:d0:31:c2:a6:c7:db:8b:95: 41:42:c4:61:b6:d0:02:ff:10:f4:da:48:6d:d6:14: 67:ef:b7:e4:62:c4:5a:65:a0:4d:9d:ee:60:52:b6: d1:43:cd:e4:4f:ed:89:55:72:02:3c:0f:bc:6a:08: a8:96:27:ea:48:79:79:73:bb:ee:63:26:7c:23:0e: 09:eb:b9:19:17:6f:c3:fb:51:37:cb:fd:9b:83:31: 70:43:84:57:b4:5d:31:32:db:59:1a:84:1b:52:e3: df:3f:24:2f:d2:00:89:5b:1a:e8:bd:73:de:3b:a4: be:43:aa:1b:e1:3c:63:e8:09:28:87:e4:bb:ad:a2: d1:6b:2d:26:42:ff:ca:74:53:fb:18:95:5f:60:3f: 41:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:E7:78:E1:37:5C:F6:BD:0D:A8:58:02:38:74:58:CC:FE:32:7B:1F X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.28.0/22 82.24.76.0/24 82.24.100.0/24 82.26.154.0/24 82.26.201.0/24 82.29.0.0/24 82.29.2.0-82.29.4.255 82.29.102.0/24 82.29.104.0/23 82.39.223.0/24 82.41.200.0/24 178.83.112.0/22 IPv6: 2a13:9500:110::/48 Signature Algorithm: sha256WithRSAEncryption a7:0f:49:fd:11:da:a4:ec:46:b0:2f:72:3c:d3:0b:cf:84:7a: 84:db:af:44:12:35:4b:6f:16:e6:23:6a:60:42:63:41:57:fd: b7:8f:56:ab:36:15:80:95:13:3d:73:66:b3:30:42:a1:2b:44: f1:19:da:ab:99:d7:c0:02:16:6c:03:1f:0b:bc:55:cf:64:fd: 77:bf:6d:9e:ee:58:ed:45:aa:73:9d:04:ee:a3:95:bd:82:91: a8:3e:f3:61:34:22:41:66:f6:8e:14:8b:59:f2:7e:32:1a:fc: 64:0c:26:b2:c0:ad:d1:46:06:8c:1a:d0:99:8a:99:40:05:10: ab:68:2e:57:9f:bd:71:68:ce:72:ca:84:f7:3c:bd:ce:2d:20: 44:da:ed:79:fa:54:64:9b:01:99:22:95:b6:ce:21:ff:79:a0: bd:5f:65:bd:5c:42:f8:65:8c:87:4d:27:f8:50:09:ee:17:b2: 82:6e:d4:55:bf:54:64:65:ad:21:5f:4f:3a:32:7e:70:b6:37: 7c:4e:dd:de:01:ea:72:55:d0:21:87:99:8c:c7:1a:19:55:a7: ce:ad:95:07:e7:56:71:d9:6e:91:be:d7:5c:bf:a5:cc:47:df: 05:bd:1a:05:1b:7a:dc:ef:77:c6:c2:3f:b0:8c:32:26:56:23: 66:d6:34:9e -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgIUXWjKQrdkkrPtm4Z/b5UdmgBKffYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNjAxMTIwOTUyMjlaFw0yNzAxMTEwOTU3MjlaMDMxMTAvBgNV BAMTKDhFRTc3OEUxMzc1Q0Y2QkQwREE4NTgwMjM4NzQ1OENDRkUzMjdCMUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+6wV8jHZfpEYpW1jxVv94tQBl 7rzrGvnyEVcPcaOWRo/uu7QN7buk85uHU6hJvgCVS29RpqUgiR5fjz3lI9bAotR3 6iftksu8U5rK88nUUHXtLlCa7p4dNlNCBUj1kyc0vmnWQH2CPhCCnVnyr+LQMcKm x9uLlUFCxGG20AL/EPTaSG3WFGfvt+RixFploE2d7mBSttFDzeRP7YlVcgI8D7xq CKiWJ+pIeXlzu+5jJnwjDgnruRkXb8P7UTfL/ZuDMXBDhFe0XTEy21kahBtS498/ JC/SAIlbGui9c947pL5DqhvhPGPoCSiH5LutotFrLSZC/8p0U/sYlV9gP0HXAgMB AAGjggJkMIICYDAdBgNVHQ4EFgQUjud44Tdc9r0NqFgCOHRYzP4yex8wHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwegYIKwYBBQUHAQcBAf8EazBpMFYEAgABMFADBAJSFRwD BABSGEwDBABSGGQDBABSGpoDBABSGskDBABSHQAwDAMEAVIdAgMEAFIdBAMEAFId ZgMEAVIdaAMEAFIn3wMEAFIpyAMEArJTcDAPBAIAAjAJAwcAKhOVAAEQMA0GCSqG SIb3DQEBCwUAA4IBAQCnD0n9Edqk7EawL3I80wvPhHqE269EEjVLbxbmI2pgQmNB V/23j1arNhWAlRM9c2azMEKhK0TxGdqrmdfAAhZsAx8LvFXPZP13v22e7ljtRapz nQTuo5W9gpGoPvNhNCJBZvaOFItZ8n4yGvxkDCaywK3RRgaMGtCZiplABRCraC5X n71xaM5yyoT3PL3OLSBE2u15+lRkmwGZIpW2ziH/eaC9X2W9XEL4ZYyHTSf4UAnu F7KCbtRVv1RkZa0hX086Mn5wtjd8Tt3eAepyVdAhh5mMxxoZVafOrZUH51Zx2W6R vtdcv6XMR98FvRoFG3rc73fGwj+wjDImViNm1jSe -----END CERTIFICATE-----Generated at Sat Jan 17 06:46:59 2026 by rpki-client