This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203057.roa File: AS203057.roa (raw, json) Hash identifier: 6WzUiFVGcGgj6o4SOI4NhNjixZkMYFiXe4XJ98Er4Do= Subject key identifier: 3C:43:E9:28:9F:D3:2B:71:5E:25:33:6A:21:F1:72:51:5F:6B:82:BE Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 380DF1A4A687B24EEABB26C376655A8018587972 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203057.roa Signing time: Wed 31 Dec 2025 07:21:10 +0000 ROA not before: Wed 31 Dec 2025 07:16:10 +0000 ROA not after: Wed 30 Dec 2026 07:21:10 +0000 asID: 203057 IP address blocks: 96.62.73.0/24 maxlen: 24 143.14.111.0/24 maxlen: 24 148.135.181.0/24 maxlen: 24 162.141.142.0/24 maxlen: 24 167.148.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 01 Jan 2026 00:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:0d:f1:a4:a6:87:b2:4e:ea:bb:26:c3:76:65:5a:80:18:58:79:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 31 07:16:10 2025 GMT Not After : Dec 30 07:21:10 2026 GMT Subject: CN=3C43E9289FD32B715E25336A21F172515F6B82BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:15:62:3a:3f:14:85:e2:7c:0e:4f:17:f8:a6: a5:a3:9a:2c:ca:20:d8:44:db:29:29:0b:da:06:dd: 8a:b7:34:db:29:c7:0d:38:b8:45:fe:59:24:ef:1a: 83:25:a1:8b:73:09:3e:64:ad:e4:f2:39:1b:16:c2: 85:53:75:fc:69:46:69:de:c8:d8:18:13:4f:59:b6: 9b:ed:7e:53:51:6a:7d:45:73:67:0b:d5:28:ce:92: c0:ad:a5:68:96:26:f3:92:1e:a3:9c:58:b7:b5:04: 5e:b7:78:e2:ac:18:19:86:07:bf:c9:6c:74:0c:ab: ad:c9:1e:b7:51:af:34:3b:37:00:cc:b3:83:2e:dd: bd:3a:9c:5f:f4:7d:94:1b:1d:27:24:c5:24:4b:92: fc:41:fd:b2:7c:4c:9f:f5:fd:c6:52:70:4a:c1:59: a8:c3:8f:54:fb:3f:24:95:42:70:56:3d:99:9f:b7: c2:c7:25:f6:3f:cc:c9:64:28:f0:36:ea:8e:a4:f9: a0:42:7a:c9:87:7d:e1:24:56:64:b6:a1:a9:68:e6: 89:46:dd:9c:58:00:94:94:9a:36:5e:b5:cd:d9:2e: 6c:40:b9:82:e2:2f:ce:10:5d:87:da:ef:6d:ac:0d: 07:75:75:f8:53:b4:69:7d:c4:0d:17:e4:9e:2b:0c: 9d:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:43:E9:28:9F:D3:2B:71:5E:25:33:6A:21:F1:72:51:5F:6B:82:BE X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS203057.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.73.0/24 143.14.111.0/24 148.135.181.0/24 162.141.142.0/24 167.148.188.0/24 Signature Algorithm: sha256WithRSAEncryption 02:c7:35:f9:d2:74:dd:46:94:f6:8c:06:cd:2a:6e:38:f1:dd: ce:88:e6:ad:46:20:1e:a8:6c:2f:aa:a0:ee:c6:78:f9:63:ed: 35:06:d2:f9:41:ce:b7:75:c5:32:0b:18:75:ef:8b:65:d9:09: d0:79:13:04:ef:3f:d5:39:7e:5d:e0:a6:b9:78:d6:cd:96:e3: 66:4a:54:50:c8:7d:7d:de:44:a4:f0:f9:18:d2:b4:af:52:fd: da:77:5f:04:f0:8d:05:5f:3d:70:c3:14:28:fb:8d:14:24:11: 2d:43:64:0c:d1:8d:85:c7:68:ca:96:9c:d8:bc:cb:0f:2a:7c: 4a:9d:a8:73:4a:01:07:ce:58:84:a1:04:15:10:4a:7b:67:8f: 20:68:d3:35:78:d4:6d:9c:f2:3a:d1:75:90:b0:66:a3:cf:94: e1:cd:a2:ea:e7:43:29:e1:41:b7:4d:59:03:cd:b0:22:de:2f: 57:24:36:ee:ca:40:f4:4e:39:96:eb:82:02:5f:c0:f2:8f:0d: ef:04:f0:97:37:4c:0b:e7:8c:08:49:ba:30:c2:43:d8:2e:54: 2d:8b:dc:4b:f6:db:78:c7:55:74:65:59:4b:e1:c8:aa:31:69: 81:4a:09:bd:95:3f:cd:c4:e4:06:c6:88:9e:30:b4:32:9e:33: 53:2c:53:c2 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUOA3xpKaHsk7quybDdmVagBhYeXIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMzEwNzE2MTBaFw0yNjEyMzAwNzIxMTBaMDMxMTAvBgNV BAMTKDNDNDNFOTI4OUZEMzJCNzE1RTI1MzM2QTIxRjE3MjUxNUY2QjgyQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBFWI6PxSF4nwOTxf4pqWjmizK INhE2ykpC9oG3Yq3NNspxw04uEX+WSTvGoMloYtzCT5kreTyORsWwoVTdfxpRmne yNgYE09ZtpvtflNRan1Fc2cL1SjOksCtpWiWJvOSHqOcWLe1BF63eOKsGBmGB7/J bHQMq63JHrdRrzQ7NwDMs4Mu3b06nF/0fZQbHSckxSRLkvxB/bJ8TJ/1/cZScErB WajDj1T7PySVQnBWPZmft8LHJfY/zMlkKPA26o6k+aBCesmHfeEkVmS2oalo5olG 3ZxYAJSUmjZetc3ZLmxAuYLiL84QXYfa722sDQd1dfhTtGl9xA0X5J4rDJ0nAgMB AAGjggIiMIICHjAdBgNVHQ4EFgQUPEPpKJ/TK3FeJTNqIfFyUV9rgr4wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjAzMDU3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAYD5J AwQAjw5vAwQAlIe1AwQAoo2OAwQAp5S8MA0GCSqGSIb3DQEBCwUAA4IBAQACxzX5 0nTdRpT2jAbNKm448d3OiOatRiAeqGwvqqDuxnj5Y+01BtL5Qc63dcUyCxh174tl 2QnQeRME7z/VOX5d4Ka5eNbNluNmSlRQyH193kSk8PkY0rSvUv3ad18E8I0FXz1w wxQo+40UJBEtQ2QM0Y2Fx2jKlpzYvMsPKnxKnahzSgEHzliEoQQVEEp7Z48gaNM1 eNRtnPI60XWQsGajz5ThzaLq50Mp4UG3TVkDzbAi3i9XJDbuykD0TjmW64ICX8Dy jw3vBPCXN0wL54wISbowwkPYLlQti9xL9tt4x1V0ZVlL4ciqMWmBSgm9lT/NxOQG xoieMLQynjNTLFPC -----END CERTIFICATE-----Generated at Wed Dec 31 09:39:38 2025 by rpki-client