This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209043.roa File: AS209043.roa (raw, json) Hash identifier: iU0iA4ElKbx5/Hid6S5xNEVKO1IhIkBHCFE4n0/ITCs= Subject key identifier: CD:93:3B:13:43:5C:21:8A:56:90:FE:BF:E5:7F:44:35:AD:1E:E3:77 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 6892D73356D49B5733F020F2AE7969F07FE99F64 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209043.roa Signing time: Tue 11 Nov 2025 15:00:10 +0000 ROA not before: Tue 11 Nov 2025 14:55:10 +0000 ROA not after: Tue 10 Nov 2026 15:00:10 +0000 asID: 209043 IP address blocks: 96.62.197.0/24 maxlen: 24 146.103.36.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:92:d7:33:56:d4:9b:57:33:f0:20:f2:ae:79:69:f0:7f:e9:9f:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 11 14:55:10 2025 GMT Not After : Nov 10 15:00:10 2026 GMT Subject: CN=CD933B13435C218A5690FEBFE57F4435AD1EE377 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3e:0d:a0:e5:18:dc:c0:e8:00:de:9c:5b:12: 52:ee:4d:64:f6:58:92:41:ab:ff:bf:7d:ab:e7:62: c5:9f:76:91:ce:8a:7f:76:c3:49:50:eb:4f:89:48: 4e:68:24:8e:81:bb:14:9c:4d:d8:74:07:d7:bf:31: 8a:99:56:b1:b1:6d:78:06:84:cf:a9:d5:01:40:9d: 80:20:14:c0:2c:d5:97:99:e6:a9:e3:b0:3a:91:fa: bd:4d:c4:c6:39:a6:43:6a:d3:10:f1:e3:14:38:83: ed:54:c4:1b:77:fe:3d:d5:a0:74:66:f3:16:1e:19: 8d:0a:d0:67:3d:47:5c:7b:2e:b9:0b:54:48:45:95: db:fe:f7:49:da:6c:4a:57:09:c7:c5:e3:28:89:7b: a0:47:f4:2c:6f:a4:7b:6a:07:59:12:99:45:b8:45: 3d:db:17:15:a7:98:66:58:30:0e:17:d4:ab:fe:b5: bb:0e:25:25:a3:1c:26:db:e6:19:57:c3:68:16:e2: 3e:c9:10:64:6f:ca:af:85:10:03:a3:68:bc:91:51: 13:43:81:53:87:35:03:43:ef:8c:14:ef:ce:2a:44: 93:2a:25:33:2a:a4:ab:2f:35:aa:44:18:87:cd:06: 72:d5:71:42:7e:b8:40:ce:76:b3:80:19:20:9c:57: 28:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:93:3B:13:43:5C:21:8A:56:90:FE:BF:E5:7F:44:35:AD:1E:E3:77 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS209043.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.197.0/24 146.103.36.0/24 Signature Algorithm: sha256WithRSAEncryption 7c:a8:85:b0:79:b2:c0:20:55:09:81:ff:9d:73:13:cb:a8:d5: ed:73:e3:e9:2b:0d:46:80:8b:37:6b:7d:2b:82:d9:93:7d:fa: 2f:5a:70:f4:90:5c:75:15:51:20:a2:f0:0a:3f:a4:d4:62:72: 6d:6b:25:01:df:3c:61:39:67:b3:1d:16:b6:c6:11:4d:95:36: 76:4a:cd:16:28:95:03:ee:d3:5a:93:16:fc:2d:9c:8f:e1:b5: ae:2f:6f:83:9b:11:ba:48:ef:d1:05:ce:74:05:ed:71:37:e8: fc:b0:95:16:c8:f3:90:7f:4c:9d:d3:81:a1:6a:1b:93:54:da: ae:05:c5:7d:fb:91:22:2b:61:61:00:98:b1:27:e5:6c:94:20: 8b:19:e8:28:74:1a:51:08:69:d4:8a:af:c5:2f:be:c3:ac:46: af:87:ca:4d:de:2d:36:03:d6:18:98:94:ae:fa:af:06:df:6a: 19:cf:f0:16:e8:44:32:85:04:fe:f1:5e:91:ca:69:7c:ff:d6: 5b:0a:05:3c:18:66:1b:c1:59:9c:34:b3:6f:e6:62:93:e2:09: 8a:70:b9:36:7a:af:61:6f:f3:61:bd:1b:0b:6e:d7:29:df:d0: 0d:6f:a6:61:a7:df:59:1a:f0:2d:52:4f:64:7b:81:63:b6:fd: ee:44:ee:bd -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUaJLXM1bUm1cz8CDyrnlp8H/pn2QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTExNDU1MTBaFw0yNjExMTAxNTAwMTBaMDMxMTAvBgNV BAMTKENEOTMzQjEzNDM1QzIxOEE1NjkwRkVCRkU1N0Y0NDM1QUQxRUUzNzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5Pg2g5RjcwOgA3pxbElLuTWT2 WJJBq/+/favnYsWfdpHOin92w0lQ60+JSE5oJI6BuxScTdh0B9e/MYqZVrGxbXgG hM+p1QFAnYAgFMAs1ZeZ5qnjsDqR+r1NxMY5pkNq0xDx4xQ4g+1UxBt3/j3VoHRm 8xYeGY0K0Gc9R1x7LrkLVEhFldv+90nabEpXCcfF4yiJe6BH9CxvpHtqB1kSmUW4 RT3bFxWnmGZYMA4X1Kv+tbsOJSWjHCbb5hlXw2gW4j7JEGRvyq+FEAOjaLyRURND gVOHNQND74wU784qRJMqJTMqpKsvNapEGIfNBnLVcUJ+uEDOdrOAGSCcVyi5AgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUzZM7E0NcIYpWkP6/5X9ENa0e43cwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjA5MDQzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAYD7F AwQAkmckMA0GCSqGSIb3DQEBCwUAA4IBAQB8qIWwebLAIFUJgf+dcxPLqNXtc+Pp Kw1GgIs3a30rgtmTffovWnD0kFx1FVEgovAKP6TUYnJtayUB3zxhOWezHRa2xhFN lTZ2Ss0WKJUD7tNakxb8LZyP4bWuL2+DmxG6SO/RBc50Be1xN+j8sJUWyPOQf0yd 04GhahuTVNquBcV9+5EiK2FhAJixJ+VslCCLGegodBpRCGnUiq/FL77DrEavh8pN 3i02A9YYmJSu+q8G32oZz/AW6EQyhQT+8V6Ryml8/9ZbCgU8GGYbwVmcNLNv5mKT 4gmKcLk2eq9hb/NhvRsLbtcp39ANb6Zhp99ZGvAtUk9ke4Fjtv3uRO69 -----END CERTIFICATE-----Generated at Fri Dec 5 15:44:21 2025 by rpki-client