This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa File: AS135402.roa (raw, json) Hash identifier: 6RuqL79U0oC4cnHzgxrT2q+eDUYfxL91l/Xxr4XwNgk= Subject key identifier: F1:55:EF:D5:94:B4:CE:B2:84:0F:38:A5:2D:74:07:47:14:7E:5F:87 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 32D9772F4F22E0142E14824004685B850EEBA977 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa Signing time: Fri 14 Nov 2025 11:08:02 +0000 ROA not before: Fri 14 Nov 2025 11:03:02 +0000 ROA not after: Fri 13 Nov 2026 11:08:02 +0000 asID: 135402 IP address blocks: 143.14.159.0/24 maxlen: 24 146.103.0.0/24 maxlen: 24 162.141.94.0/24 maxlen: 24 168.222.49.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32:d9:77:2f:4f:22:e0:14:2e:14:82:40:04:68:5b:85:0e:eb:a9:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 14 11:03:02 2025 GMT Not After : Nov 13 11:08:02 2026 GMT Subject: CN=F155EFD594B4CEB2840F38A52D740747147E5F87 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:3f:78:b0:ac:af:b4:9b:29:ba:9e:63:de:a0: 3f:8c:d0:64:92:e9:f4:4d:70:36:fe:81:fb:b0:f1: ff:e7:56:f1:82:25:c8:dc:ea:ec:1a:50:dc:26:62: 92:db:cd:26:71:cb:fd:bd:eb:41:36:48:71:7f:1e: 4a:96:e2:ec:89:b6:41:c0:8b:e2:31:7c:5d:65:6d: 8e:9a:55:77:1d:d9:b2:bc:17:3f:34:4c:d2:5e:6c: 33:6f:38:6f:86:f8:82:75:dd:d8:67:a7:de:80:c4: c3:87:9c:2d:d6:a1:74:35:3a:15:a1:3d:20:70:c8: 21:24:40:fd:b2:a8:f8:88:33:49:36:08:f1:5c:ab: b2:45:ab:f8:67:20:79:41:53:97:ad:bb:e9:ef:4b: 5f:fe:39:8b:45:b5:8e:2e:34:c0:8c:75:c6:c6:65: 43:7f:d0:97:74:92:1c:ef:68:e6:80:97:57:57:a6: 9e:47:45:13:0d:90:af:a4:dd:c7:c8:ec:0b:50:90: 2a:8a:e4:49:13:9c:3f:14:b9:7c:28:f3:96:7b:20: 12:81:01:bb:29:de:56:d6:09:0c:b7:a3:29:a2:98: e7:d7:83:e1:08:4d:03:28:ad:ea:e5:70:d4:9b:ad: 42:20:dc:fc:e7:c3:ba:4e:36:ba:d8:53:74:59:27: dc:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:55:EF:D5:94:B4:CE:B2:84:0F:38:A5:2D:74:07:47:14:7E:5F:87 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135402.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.159.0/24 146.103.0.0/24 162.141.94.0/24 168.222.49.0/24 Signature Algorithm: sha256WithRSAEncryption 8e:9f:7e:6a:e5:8e:c1:9a:73:b1:92:6c:ed:1e:ba:30:86:72: 7c:76:e4:09:75:5c:d3:c6:43:2a:8a:6b:45:aa:d5:b4:c6:6b: d6:20:85:c3:1c:58:14:75:fd:11:dd:96:48:4c:e0:c4:6f:d4: 64:5a:bb:06:ff:7f:d1:86:a1:11:8c:e3:93:76:ce:91:92:d9: 72:ce:b8:d1:55:48:6b:40:ad:a7:86:1b:b0:09:37:70:f9:db: a0:4e:c3:33:e7:54:e2:3b:99:aa:27:17:5a:34:98:69:83:75: f4:19:90:f7:1c:9f:46:4d:7a:35:38:77:36:c2:05:56:14:95: 84:9c:0d:61:6f:32:07:64:20:de:2a:7d:d6:cc:bf:e4:42:9d: 32:05:5a:a9:c4:47:f3:f7:06:18:b4:5b:da:8d:e4:d9:7a:ec: 27:02:42:cd:8f:90:5e:8c:2d:4e:72:10:aa:5a:27:09:98:11: 88:ad:7f:b9:89:d1:b6:94:42:f4:c8:3c:be:db:3b:d4:d3:07: ef:da:21:ea:83:3d:a6:d7:33:ab:e2:7f:05:c4:96:f9:4d:3e: a1:36:e4:7e:78:de:60:8d:cc:6c:ca:21:9c:49:40:6d:4f:53: 93:ee:f5:48:0f:99:ee:1a:c4:08:78:bb:1a:f0:66:fd:c7:70: eb:97:cb:7b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUMtl3L08i4BQuFIJABGhbhQ7rqXcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTQxMTAzMDJaFw0yNjExMTMxMTA4MDJaMDMxMTAvBgNV BAMTKEYxNTVFRkQ1OTRCNENFQjI4NDBGMzhBNTJENzQwNzQ3MTQ3RTVGODcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbP3iwrK+0mym6nmPeoD+M0GSS 6fRNcDb+gfuw8f/nVvGCJcjc6uwaUNwmYpLbzSZxy/2960E2SHF/HkqW4uyJtkHA i+IxfF1lbY6aVXcd2bK8Fz80TNJebDNvOG+G+IJ13dhnp96AxMOHnC3WoXQ1OhWh PSBwyCEkQP2yqPiIM0k2CPFcq7JFq/hnIHlBU5etu+nvS1/+OYtFtY4uNMCMdcbG ZUN/0Jd0khzvaOaAl1dXpp5HRRMNkK+k3cfI7AtQkCqK5EkTnD8UuXwo85Z7IBKB Absp3lbWCQy3oymimOfXg+EITQMorerlcNSbrUIg3Pznw7pONrrYU3RZJ9y9AgMB AAGjggIcMIICGDAdBgNVHQ4EFgQU8VXv1ZS0zrKEDzilLXQHRxR+X4cwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1NDAyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAjw6f AwQAkmcAAwQAoo1eAwQAqN4xMA0GCSqGSIb3DQEBCwUAA4IBAQCOn35q5Y7BmnOx kmztHrowhnJ8duQJdVzTxkMqimtFqtW0xmvWIIXDHFgUdf0R3ZZITODEb9RkWrsG /3/RhqERjOOTds6RktlyzrjRVUhrQK2nhhuwCTdw+dugTsMz51TiO5mqJxdaNJhp g3X0GZD3HJ9GTXo1OHc2wgVWFJWEnA1hbzIHZCDeKn3WzL/kQp0yBVqpxEfz9wYY tFvajeTZeuwnAkLNj5BejC1OchCqWicJmBGIrX+5idG2lEL0yDy+2zvU0wfv2iHq gz2m1zOr4n8FxJb5TT6hNuR+eN5gjcxsyiGcSUBtT1OT7vVID5nuGsQIeLsa8Gb9 x3Drl8t7 -----END CERTIFICATE-----Generated at Fri Dec 5 05:07:15 2025 by rpki-client