This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: D6ejPl8iAO6jLtNTQGu9/DJD/OK8qaMs7VCNP+DBYoI= Subject key identifier: CF:53:6E:CB:10:A6:6A:3A:A9:57:AF:A1:B1:7F:EC:5E:3B:8A:26:AF Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 38D92A790D8F186E345441270FC70C03EB142504 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa Signing time: Sat 17 Jan 2026 17:56:55 +0000 ROA not before: Sat 17 Jan 2026 17:51:55 +0000 ROA not after: Sat 16 Jan 2027 17:56:55 +0000 asID: 20473 IP address blocks: 148.135.161.0/24 maxlen: 24 150.241.216.0/21 maxlen: 24 162.141.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:d9:2a:79:0d:8f:18:6e:34:54:41:27:0f:c7:0c:03:eb:14:25:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 17 17:51:55 2026 GMT Not After : Jan 16 17:56:55 2027 GMT Subject: CN=CF536ECB10A66A3AA957AFA1B17FEC5E3B8A26AF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:50:3c:44:12:3a:61:a1:12:9f:e1:f7:f3:0b: b9:bf:b6:db:e8:4a:83:35:e4:e7:c7:0e:a6:39:fc: 44:64:7d:34:28:5e:85:dd:6c:c4:ae:46:29:42:b5: c9:1a:0c:d9:a9:a1:e2:33:56:bd:7b:47:60:6d:48: 02:ab:3b:2d:4e:ec:92:e0:59:47:63:6c:55:ea:b9: 5f:0b:92:fe:5e:c6:ab:6e:36:c9:51:14:23:1c:67: 20:d3:f7:83:91:48:c1:b0:be:ce:62:f1:e8:31:e3: b6:53:24:84:a5:c9:9d:8f:61:ae:b8:76:20:b1:d2: 10:92:e9:f7:58:6e:db:7f:46:66:e6:49:85:7a:c0: ef:b9:06:6e:46:d4:47:58:49:24:1a:ae:e6:86:df: 34:1d:2d:e5:35:b3:37:78:ae:49:8a:e4:86:9d:78: e0:d3:b2:e0:98:a5:c8:31:9d:e1:16:1c:34:8c:07: ea:d3:f9:70:fb:d1:0a:6c:72:fe:f6:17:08:57:71: e0:46:e7:44:3f:91:fa:7f:e9:12:2b:68:1b:cb:21: 8c:80:ee:7a:fb:7e:64:fc:23:d4:e0:8d:23:47:9a: 10:49:4e:ec:12:f3:d7:ed:af:67:cf:11:5c:bd:c1: 8e:9d:bc:01:8a:d7:56:9a:d5:6b:7f:9d:a4:e6:24: a2:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:53:6E:CB:10:A6:6A:3A:A9:57:AF:A1:B1:7F:EC:5E:3B:8A:26:AF X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.135.161.0/24 150.241.216.0/21 162.141.12.0/24 Signature Algorithm: sha256WithRSAEncryption 80:02:dc:02:47:cd:16:92:c4:33:df:69:fa:25:1b:b5:dc:c2: 0b:7f:70:bc:e8:79:77:d2:08:23:07:f7:79:c9:d8:51:74:82: 9e:9b:f0:53:ba:14:48:14:83:96:93:81:94:04:05:34:a8:96: 85:a0:e7:b1:45:57:ae:f3:67:57:1f:a5:89:24:66:8e:0a:db: 21:0e:e9:73:25:11:9b:9c:5c:1b:7c:43:7a:c6:eb:a2:ed:30: cf:6b:f0:95:17:d7:22:a2:be:e4:e3:0e:2f:1d:20:76:46:51: 79:65:45:ce:5c:be:ec:bd:6f:a2:63:3d:1e:18:fc:78:2c:74: f6:f5:f0:bf:56:7b:fb:8b:e8:79:98:3f:08:e3:79:34:28:61: 50:ce:53:ec:26:92:3b:76:c8:cf:59:a4:f9:4a:fa:38:c2:a0: db:6f:b5:4c:13:82:f2:a7:b0:a0:2c:a8:c3:e9:1e:d1:3e:d4: aa:c7:98:3c:65:91:97:ba:ec:fd:7b:7c:16:15:fe:98:34:52: ed:18:08:ac:b5:1c:48:b7:80:ab:e6:ce:07:b9:cd:f0:39:77: bc:c7:6b:85:e2:a4:e3:e7:92:87:a7:cf:e2:12:1c:e7:f1:a9: 5b:10:20:bb:e3:b5:f8:37:3d:02:b2:88:da:a0:e9:74:c3:ad: 10:0e:18:ef -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIUONkqeQ2PGG40VEEnD8cMA+sUJQQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTcxNzUxNTVaFw0yNzAxMTYxNzU2NTVaMDMxMTAvBgNV BAMTKENGNTM2RUNCMTBBNjZBM0FBOTU3QUZBMUIxN0ZFQzVFM0I4QTI2QUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpUDxEEjphoRKf4ffzC7m/ttvo SoM15OfHDqY5/ERkfTQoXoXdbMSuRilCtckaDNmpoeIzVr17R2BtSAKrOy1O7JLg WUdjbFXquV8Lkv5exqtuNslRFCMcZyDT94ORSMGwvs5i8egx47ZTJISlyZ2PYa64 diCx0hCS6fdYbtt/RmbmSYV6wO+5Bm5G1EdYSSQaruaG3zQdLeU1szd4rkmK5Iad eODTsuCYpcgxneEWHDSMB+rT+XD70Qpscv72FwhXceBG50Q/kfp/6RIraBvLIYyA 7nr7fmT8I9TgjSNHmhBJTuwS89ftr2fPEVy9wY6dvAGK11aa1Wt/naTmJKJVAgMB AAGjggIVMIICETAdBgNVHQ4EFgQUz1NuyxCmajqpV6+hsX/sXjuKJq8wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACUh6ED BAOW8dgDBACijQwwDQYJKoZIhvcNAQELBQADggEBAIAC3AJHzRaSxDPfafolG7Xc wgt/cLzoeXfSCCMH93nJ2FF0gp6b8FO6FEgUg5aTgZQEBTSoloWg57FFV67zZ1cf pYkkZo4K2yEO6XMlEZucXBt8Q3rG66LtMM9r8JUX1yKivuTjDi8dIHZGUXllRc5c vuy9b6JjPR4Y/HgsdPb18L9We/uL6HmYPwjjeTQoYVDOU+wmkjt2yM9ZpPlK+jjC oNtvtUwTgvKnsKAsqMPpHtE+1KrHmDxlkZe67P17fBYV/pg0Uu0YCKy1HEi3gKvm zge5zfA5d7zHa4XipOPnkoenz+ISHOfxqVsQILvjtfg3PQKyiNqg6XTDrRAOGO8= -----END CERTIFICATE-----Generated at Mon Jan 19 08:20:04 2026 by rpki-client