This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa File: AS14618.roa (raw, json) Hash identifier: vSLqJkTrnpC7ar24h43fsDkmlhAn44WCxGz+Sq4Xpx0= Subject key identifier: 85:9E:6A:3F:7A:52:BF:D1:A6:41:35:88:BC:F7:12:3C:78:65:F6:16 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 130080C55BBDA3B55E38A9081BBC1CFED1CD8A5E Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa Signing time: Wed 17 Dec 2025 01:18:32 +0000 ROA not before: Wed 17 Dec 2025 01:13:32 +0000 ROA not after: Wed 16 Dec 2026 01:18:32 +0000 asID: 14618 IP address blocks: 96.62.208.0/22 maxlen: 22 140.233.128.0/19 maxlen: 24 143.14.227.0/24 maxlen: 24 145.223.64.0/24 maxlen: 24 145.223.65.0/24 maxlen: 24 146.103.60.0/24 maxlen: 24 146.103.62.0/23 maxlen: 24 147.79.25.0/24 maxlen: 24 148.135.180.0/24 maxlen: 24 148.135.186.0/24 maxlen: 24 150.241.253.0/24 maxlen: 24 155.117.0.0/24 maxlen: 24 155.117.60.0/24 maxlen: 24 155.117.185.0/24 maxlen: 24 155.117.187.0/24 maxlen: 24 155.117.203.0/24 maxlen: 24 162.141.159.0/24 maxlen: 24 162.141.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:00:80:c5:5b:bd:a3:b5:5e:38:a9:08:1b:bc:1c:fe:d1:cd:8a:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 17 01:13:32 2025 GMT Not After : Dec 16 01:18:32 2026 GMT Subject: CN=859E6A3F7A52BFD1A6413588BCF7123C7865F616 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:e1:48:71:d2:53:70:7a:41:00:53:68:ac:ee: c5:02:29:4a:f6:76:3e:11:16:2f:f6:a7:63:ea:dd: 93:02:02:1a:94:74:33:89:da:dc:c4:47:80:9a:de: 0e:ee:b5:35:1d:79:0a:c3:f7:0a:a3:5b:33:5c:67: 05:3b:f3:40:1a:09:e4:23:c7:18:5f:2a:fb:57:10: 83:5d:ef:1c:bd:82:83:cc:87:10:06:85:87:e7:a0: c3:2a:2e:cd:23:60:a4:dd:03:84:4f:75:74:46:df: 75:aa:43:cb:68:48:a6:f4:36:d1:95:ff:a1:0a:a2: 4c:f1:c5:a3:3a:a6:ec:8b:7c:c8:e7:42:c9:aa:88: 96:95:a0:64:c6:95:f7:d3:c7:c1:cc:ed:f3:0f:3f: 6b:62:60:e1:2c:ee:92:7a:4c:3b:52:4a:ca:c6:7b: 4b:6b:88:6f:99:12:92:ce:35:3c:9a:8d:cc:9d:db: b0:5b:bb:5c:2b:af:f6:97:05:93:3a:98:fc:43:48: ad:76:10:b8:3d:c0:19:3a:6b:d9:9e:de:ab:c2:04: 15:21:ec:52:0c:56:1b:52:0e:bd:80:7f:fc:64:ee: 27:b6:a0:04:30:e7:a4:f2:12:19:e3:24:80:94:7f: 0f:c1:8e:ff:4a:46:b5:e1:90:6f:b3:03:32:33:84: 1c:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:9E:6A:3F:7A:52:BF:D1:A6:41:35:88:BC:F7:12:3C:78:65:F6:16 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS14618.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.208.0/22 140.233.128.0/19 143.14.227.0/24 145.223.64.0/23 146.103.60.0/24 146.103.62.0/23 147.79.25.0/24 148.135.180.0/24 148.135.186.0/24 150.241.253.0/24 155.117.0.0/24 155.117.60.0/24 155.117.185.0/24 155.117.187.0/24 155.117.203.0/24 162.141.159.0/24 162.141.180.0/24 Signature Algorithm: sha256WithRSAEncryption 9d:1a:c4:4d:25:33:af:ee:ae:1b:73:a1:a6:01:05:cb:e0:93: 14:ba:cc:46:0c:22:b0:2c:2c:67:5a:3e:56:f9:52:06:81:ba: c5:a4:fb:8e:7f:00:3c:ab:84:58:27:21:0b:ed:1f:a3:8f:f7: 34:8c:4a:e0:76:83:f3:18:06:2a:26:1a:5b:da:e7:70:5f:91: 15:df:70:18:5c:88:fd:ed:40:82:59:c7:2e:80:cf:c2:69:17: 9c:e6:1e:29:95:ad:48:c3:21:1d:3f:ed:e3:78:7e:ce:e0:5b: e5:2d:ee:16:59:7e:83:1a:73:4d:00:92:a8:8b:21:da:ba:6d: 58:04:3e:98:25:8a:2c:4f:b1:d9:84:82:1f:fd:45:7c:2a:35: 9b:01:05:2d:20:52:1b:3d:0f:be:40:dd:35:ce:68:47:b7:48: af:0a:23:1b:54:8b:81:1b:9d:40:b8:d8:8c:6d:81:f9:01:ad: 1c:02:7c:b8:9d:37:7a:d2:25:33:c2:b9:78:e8:82:b3:52:d4: 4c:3e:48:24:15:8e:3a:03:db:64:d6:0c:36:3c:c6:e4:7d:69: 71:60:f0:e0:17:a7:94:e5:46:fd:9d:38:1b:f5:ff:85:35:8e: d4:45:25:03:3b:b5:e2:49:d5:fe:d0:78:69:ad:29:6d:3e:58: 85:87:a5:22 -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUEwCAxVu9o7VeOKkIG7wc/tHNil4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMTcwMTEzMzJaFw0yNjEyMTYwMTE4MzJaMDMxMTAvBgNV BAMTKDg1OUU2QTNGN0E1MkJGRDFBNjQxMzU4OEJDRjcxMjNDNzg2NUY2MTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDb4Uhx0lNwekEAU2is7sUCKUr2 dj4RFi/2p2Pq3ZMCAhqUdDOJ2tzER4Ca3g7utTUdeQrD9wqjWzNcZwU780AaCeQj xxhfKvtXEINd7xy9goPMhxAGhYfnoMMqLs0jYKTdA4RPdXRG33WqQ8toSKb0NtGV /6EKokzxxaM6puyLfMjnQsmqiJaVoGTGlffTx8HM7fMPP2tiYOEs7pJ6TDtSSsrG e0triG+ZEpLONTyajcyd27Bbu1wrr/aXBZM6mPxDSK12ELg9wBk6a9me3qvCBBUh 7FIMVhtSDr2Af/xk7ie2oAQw56TyEhnjJICUfw/Bjv9KRrXhkG+zAzIzhBzNAgMB AAGjggJpMIICZTAdBgNVHQ4EFgQUhZ5qP3pSv9GmQTWIvPcSPHhl9hYwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTQ2MTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYDBAJgPtAD BAWM6YADBACPDuMDBAGR30ADBACSZzwDBAGSZz4DBACTTxkDBACUh7QDBACUh7oD BACW8f0DBACbdQADBACbdTwDBACbdbkDBACbdbsDBACbdcsDBACijZ8DBACijbQw DQYJKoZIhvcNAQELBQADggEBAJ0axE0lM6/urhtzoaYBBcvgkxS6zEYMIrAsLGda Plb5UgaBusWk+45/ADyrhFgnIQvtH6OP9zSMSuB2g/MYBiomGlva53BfkRXfcBhc iP3tQIJZxy6Az8JpF5zmHimVrUjDIR0/7eN4fs7gW+Ut7hZZfoMac00AkqiLIdq6 bVgEPpgliixPsdmEgh/9RXwqNZsBBS0gUhs9D75A3TXOaEe3SK8KIxtUi4EbnUC4 2IxtgfkBrRwCfLidN3rSJTPCuXjogrNS1Ew+SCQVjjoD22TWDDY8xuR9aXFg8OAX p5TlRv2dOBv1/4U1jtRFJQM7teJJ1f7QeGmtKW0+WIWHpSI= -----END CERTIFICATE-----Generated at Fri Jan 9 00:51:54 2026 by rpki-client