This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa File: AS14618.roa (raw, json) Hash identifier: rvSCkZGKeiFAcQmhtGZCWoC75RoetwEoGc5HxcXzLP8= Subject key identifier: 9C:89:B1:94:AB:09:F0:BB:B5:08:F4:D8:11:F7:C5:98:0F:E9:55:78 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 7DE5ECA2B4ED361BBD296BB460405A9BD29CDD2C Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa Signing time: Fri 21 Nov 2025 15:23:47 +0000 ROA not before: Fri 21 Nov 2025 15:18:47 +0000 ROA not after: Fri 20 Nov 2026 15:23:47 +0000 asID: 14618 IP address blocks: 96.62.208.0/22 maxlen: 22 140.233.128.0/19 maxlen: 24 143.14.132.0/24 maxlen: 24 145.223.64.0/24 maxlen: 24 145.223.65.0/24 maxlen: 24 146.103.60.0/24 maxlen: 24 146.103.62.0/23 maxlen: 24 147.79.25.0/24 maxlen: 24 148.135.180.0/24 maxlen: 24 148.135.186.0/24 maxlen: 24 155.117.0.0/24 maxlen: 24 155.117.60.0/24 maxlen: 24 155.117.185.0/24 maxlen: 24 155.117.187.0/24 maxlen: 24 162.141.159.0/24 maxlen: 24 162.141.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:e5:ec:a2:b4:ed:36:1b:bd:29:6b:b4:60:40:5a:9b:d2:9c:dd:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 21 15:18:47 2025 GMT Not After : Nov 20 15:23:47 2026 GMT Subject: CN=9C89B194AB09F0BBB508F4D811F7C5980FE95578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:d0:90:a7:2a:00:87:fc:ae:6e:e6:9c:ca:fd: 5e:ac:65:2c:09:42:86:57:11:b4:61:7d:0d:b3:53: 18:1d:c3:7e:d6:ec:4b:92:e3:4c:b0:3b:06:3a:2d: db:ab:82:14:fe:16:89:1c:a9:65:64:08:00:59:75: 36:99:72:0e:97:2c:cb:ac:d4:e7:1f:25:ca:c9:79: b5:83:71:3d:83:d5:66:85:ff:11:06:6d:06:46:19: 11:91:c0:04:c9:da:b7:9c:a0:33:4f:af:04:a4:e8: f1:13:b1:16:56:f6:b0:8c:54:da:e1:2d:32:be:c9: 83:0e:80:8a:70:8c:9e:2c:07:d6:6e:5e:71:1d:2a: 4b:c4:79:47:c5:86:7c:75:07:59:36:8f:19:0e:56: c6:e4:b9:46:8a:38:80:f6:c0:8c:25:14:38:59:7a: 23:2b:99:83:04:ab:58:3a:78:72:94:a1:ba:e3:35: aa:e7:c6:21:e3:37:55:fe:d4:c0:ee:8a:91:51:35: a0:a7:c8:ef:a4:55:e9:0f:c9:88:58:ad:c0:87:e5: b8:5e:e3:4e:1a:1b:95:55:94:26:24:38:b0:6b:d8: 82:8c:86:68:d5:7f:3b:8e:3c:b4:41:62:0f:f2:f7: 85:2f:b4:81:d9:e5:47:9e:cf:86:4e:d7:35:67:99: f1:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:89:B1:94:AB:09:F0:BB:B5:08:F4:D8:11:F7:C5:98:0F:E9:55:78 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.208.0/22 140.233.128.0/19 143.14.132.0/24 145.223.64.0/23 146.103.60.0/24 146.103.62.0/23 147.79.25.0/24 148.135.180.0/24 148.135.186.0/24 155.117.0.0/24 155.117.60.0/24 155.117.185.0/24 155.117.187.0/24 162.141.159.0/24 162.141.180.0/24 Signature Algorithm: sha256WithRSAEncryption 4e:b3:a5:a5:c1:69:1f:64:bf:c4:ec:9a:48:94:60:8f:81:23: 48:1a:d3:aa:92:98:61:c8:fd:72:8f:bc:13:44:b1:69:6a:f8: 85:61:f0:e6:65:f3:94:87:99:36:c4:47:b4:ee:fe:8e:49:24: f9:87:39:12:d1:af:d3:07:f6:a6:23:e2:2b:46:b7:c6:88:77: d6:55:a7:68:ab:b3:81:e0:51:5b:7b:69:eb:2e:a5:83:2c:aa: 8d:b9:88:6a:be:cc:2e:41:04:84:22:13:6d:79:2f:e4:9e:51: 43:93:5e:2e:f4:3a:b8:48:57:ad:43:2b:15:2a:48:89:08:e8: 1c:d6:fc:a1:b1:7f:dc:80:80:9a:65:29:b5:c1:50:0d:f3:31: 5b:a0:cf:f4:85:66:c4:95:51:b1:aa:32:22:76:9d:2b:ee:c8: 23:b0:bb:22:70:b8:43:60:a5:42:1d:24:57:cf:d4:c5:ef:e3: 41:38:a7:93:af:ab:a4:85:f9:e1:2e:ec:c8:0d:ed:84:c5:29: ce:e6:a9:1d:fb:95:ae:87:dc:99:2f:ad:b8:26:7e:c6:21:6c: e5:45:3a:60:bd:2a:fb:c3:7a:8f:c8:e3:ba:08:bb:d6:b2:c0: 9c:62:f4:33:d5:20:a8:7a:9c:c5:53:ee:fb:e2:e0:98:66:70: bb:b5:d9:45 -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgIUfeXsorTtNhu9KWu0YEBam9Kc3SwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjExNTE4NDdaFw0yNjExMjAxNTIzNDdaMDMxMTAvBgNV BAMTKDlDODlCMTk0QUIwOUYwQkJCNTA4RjREODExRjdDNTk4MEZFOTU1NzgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC40JCnKgCH/K5u5pzK/V6sZSwJ QoZXEbRhfQ2zUxgdw37W7EuS40ywOwY6LdurghT+FokcqWVkCABZdTaZcg6XLMus 1OcfJcrJebWDcT2D1WaF/xEGbQZGGRGRwATJ2recoDNPrwSk6PETsRZW9rCMVNrh LTK+yYMOgIpwjJ4sB9ZuXnEdKkvEeUfFhnx1B1k2jxkOVsbkuUaKOID2wIwlFDhZ eiMrmYMEq1g6eHKUobrjNarnxiHjN1X+1MDuipFRNaCnyO+kVekPyYhYrcCH5bhe 404aG5VVlCYkOLBr2IKMhmjVfzuOPLRBYg/y94UvtIHZ5Ueez4ZO1zVnmfFfAgMB AAGjggJdMIICWTAdBgNVHQ4EFgQUnImxlKsJ8Lu1CPTYEffFmA/pVXgwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBAJgPtAD BAWM6YADBACPDoQDBAGR30ADBACSZzwDBAGSZz4DBACTTxkDBACUh7QDBACUh7oD BACbdQADBACbdTwDBACbdbkDBACbdbsDBACijZ8DBACijbQwDQYJKoZIhvcNAQEL BQADggEBAE6zpaXBaR9kv8TsmkiUYI+BI0ga06qSmGHI/XKPvBNEsWlq+IVh8OZl 85SHmTbER7Tu/o5JJPmHORLRr9MH9qYj4itGt8aId9ZVp2irs4HgUVt7aesupYMs qo25iGq+zC5BBIQiE215L+SeUUOTXi70OrhIV61DKxUqSIkI6BzW/KGxf9yAgJpl KbXBUA3zMVugz/SFZsSVUbGqMiJ2nSvuyCOwuyJwuENgpUIdJFfP1MXv40E4p5Ov q6SF+eEu7MgN7YTFKc7mqR37la6H3JkvrbgmfsYhbOVFOmC9KvvDeo/I47oIu9ay wJxi9DPVIKh6nMVT7vvi4JhmcLu12UU= -----END CERTIFICATE-----Generated at Sat Nov 22 21:32:52 2025 by rpki-client