This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: J0tQ5Pn9OZLw8CPvZM9pR4N++JW7EHkgjkCWOUN8unk= Subject key identifier: B8:CA:71:4C:BD:BF:25:E6:DA:25:CA:B9:A1:FC:F7:94:B1:70:BC:19 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 34B6BB9662B8B7A76EA868DE8E204603DDD3320B Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa Signing time: Sat 15 Nov 2025 00:07:28 +0000 ROA not before: Sat 15 Nov 2025 00:02:28 +0000 ROA not after: Sat 14 Nov 2026 00:07:28 +0000 asID: 20473 IP address blocks: 150.241.216.0/21 maxlen: 24 162.141.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 20:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:b6:bb:96:62:b8:b7:a7:6e:a8:68:de:8e:20:46:03:dd:d3:32:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 15 00:02:28 2025 GMT Not After : Nov 14 00:07:28 2026 GMT Subject: CN=B8CA714CBDBF25E6DA25CAB9A1FCF794B170BC19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:99:20:40:8e:23:af:20:36:a4:e5:81:a9:2b: d4:45:fb:d5:b1:6b:39:52:13:fc:ba:6c:29:d7:a1: 19:c1:46:5a:57:3c:c3:52:4b:bc:08:08:a6:cb:cb: ba:34:8b:3e:31:b9:1d:92:57:7e:a0:25:04:38:a3: 19:f0:49:db:45:b4:94:fb:e8:c7:42:85:c7:e6:64: da:10:08:6d:04:cf:a2:db:93:f1:68:06:f3:89:90: df:9a:fd:b8:fe:af:96:24:22:35:32:8e:db:de:12: cd:5d:8b:91:5e:91:41:26:7e:31:12:ce:8f:00:9f: f4:16:fc:fe:e9:fb:0a:0f:51:96:18:69:d8:31:29: f2:38:9e:95:29:3b:5c:5e:f0:51:5a:c1:31:dd:a5: 83:c3:a8:75:d9:9b:3e:e0:5f:3f:76:67:b5:1a:cf: dd:90:35:d2:73:1d:e7:a3:46:aa:76:f0:80:ff:10: 4e:4f:1c:ca:63:1a:8a:73:13:22:18:67:44:45:00: 60:75:0a:eb:fa:82:5c:a5:6a:44:59:38:89:c4:9c: 76:c8:e2:08:4d:45:5b:77:7a:0f:21:46:16:a5:15: 9a:f3:00:6b:95:00:26:9f:dc:11:c6:3c:9d:bb:16: 36:f3:9d:81:a6:be:dd:20:57:fa:6e:82:24:18:55: 08:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B8:CA:71:4C:BD:BF:25:E6:DA:25:CA:B9:A1:FC:F7:94:B1:70:BC:19 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 150.241.216.0/21 162.141.12.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:ce:5e:76:3f:8a:02:d5:a6:7b:0e:a2:63:62:71:27:13:57: 3d:0a:61:77:a6:bb:a8:67:7e:91:bb:31:ee:d3:67:da:67:7a: da:21:fb:52:0d:84:c0:2e:84:10:12:20:00:e3:c7:98:b7:06: e8:51:dd:10:cf:cc:4a:4f:49:49:ba:eb:57:08:2e:73:91:6f: c5:80:50:71:c8:e3:0b:0b:cf:aa:b4:bc:d0:51:4f:c5:a6:bd: 64:a3:6a:af:52:8a:ee:f4:52:c9:94:bb:ad:cc:28:ef:45:c0: 70:46:11:a7:bc:69:85:b4:c9:8a:7e:cd:64:52:49:7b:a9:e0: 98:f5:8f:3c:0d:20:81:c4:b4:6d:ad:40:4a:c7:93:e7:8e:03: 76:11:41:3e:88:5d:8e:0e:0c:bc:a4:16:77:03:5e:2d:37:3a: e4:65:68:3e:c3:4e:3e:b7:50:12:93:54:a5:ac:e3:03:70:45: 3f:ff:cf:7b:1c:a9:10:15:64:be:46:6a:8c:fc:d9:98:53:ab: 0f:2c:ac:5b:97:1e:2e:c2:5d:90:9a:ea:36:7a:a8:cb:53:2b: d6:97:0f:91:45:69:f9:cc:da:06:f7:e9:da:d7:89:9a:88:18: 70:66:92:a2:de:9f:07:41:0b:8d:d8:27:d8:11:ea:31:5f:2d: ba:5d:7b:70 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUNLa7lmK4t6duqGjejiBGA93TMgswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTUwMDAyMjhaFw0yNjExMTQwMDA3MjhaMDMxMTAvBgNV BAMTKEI4Q0E3MTRDQkRCRjI1RTZEQTI1Q0FCOUExRkNGNzk0QjE3MEJDMTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXmSBAjiOvIDak5YGpK9RF+9Wx azlSE/y6bCnXoRnBRlpXPMNSS7wICKbLy7o0iz4xuR2SV36gJQQ4oxnwSdtFtJT7 6MdChcfmZNoQCG0Ez6Lbk/FoBvOJkN+a/bj+r5YkIjUyjtveEs1di5FekUEmfjES zo8An/QW/P7p+woPUZYYadgxKfI4npUpO1xe8FFawTHdpYPDqHXZmz7gXz92Z7Ua z92QNdJzHeejRqp28ID/EE5PHMpjGopzEyIYZ0RFAGB1Cuv6glylakRZOInEnHbI 4ghNRVt3eg8hRhalFZrzAGuVACaf3BHGPJ27FjbznYGmvt0gV/pugiQYVQhzAgMB AAGjggIPMIICCzAdBgNVHQ4EFgQUuMpxTL2/JebaJcq5ofz3lLFwvBkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAOW8dgD BACijQwwDQYJKoZIhvcNAQELBQADggEBAH3OXnY/igLVpnsOomNicScTVz0KYXem u6hnfpG7Me7TZ9pnetoh+1INhMAuhBASIADjx5i3BuhR3RDPzEpPSUm661cILnOR b8WAUHHI4wsLz6q0vNBRT8WmvWSjaq9Siu70UsmUu63MKO9FwHBGEae8aYW0yYp+ zWRSSXup4Jj1jzwNIIHEtG2tQErHk+eOA3YRQT6IXY4ODLykFncDXi03OuRlaD7D Tj63UBKTVKWs4wNwRT//z3scqRAVZL5Gaoz82ZhTqw8srFuXHi7CXZCa6jZ6qMtT K9aXD5FFafnM2gb36drXiZqIGHBmkqLenwdBC43YJ9gR6jFfLbpde3A= -----END CERTIFICATE-----Generated at Fri Nov 28 05:01:32 2025 by rpki-client