This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa File: AS212238.roa (raw, json) Hash identifier: OXY6hx8qA7RiDXsGKkCSIWfgjs2j8K7Qm8z6+pHP6Wg= Subject key identifier: 84:21:9B:13:F9:7D:36:BE:C3:B2:58:82:52:EA:8B:6A:EF:FE:B6:31 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 27B49B3E6D9622FF14DA59ABBA767C4325F2D75A Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa Signing time: Tue 02 Dec 2025 00:02:03 +0000 ROA not before: Mon 01 Dec 2025 23:57:03 +0000 ROA not after: Tue 01 Dec 2026 00:02:03 +0000 asID: 212238 IP address blocks: 96.62.96.0/23 maxlen: 23 96.62.111.0/24 maxlen: 24 96.62.127.0/24 maxlen: 24 96.62.214.0/24 maxlen: 24 140.233.178.0/23 maxlen: 24 140.233.188.0/23 maxlen: 24 143.14.219.0/24 maxlen: 24 146.103.45.0/24 maxlen: 24 146.103.51.0/24 maxlen: 24 146.103.53.0/24 maxlen: 24 148.135.183.0/24 maxlen: 24 148.135.195.0/24 maxlen: 24 150.241.200.0/23 maxlen: 23 150.241.243.0/24 maxlen: 24 150.241.251.0/24 maxlen: 24 158.140.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:57:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:b4:9b:3e:6d:96:22:ff:14:da:59:ab:ba:76:7c:43:25:f2:d7:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 1 23:57:03 2025 GMT Not After : Dec 1 00:02:03 2026 GMT Subject: CN=84219B13F97D36BEC3B2588252EA8B6AEFFEB631 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:80:e5:af:48:38:43:39:f6:9c:3c:13:d4:bb: 74:6a:d8:2e:11:7f:cc:f4:7a:e9:63:37:2f:7e:35: 33:1f:31:2c:44:8c:16:2a:e8:d6:36:70:c1:b3:66: c1:ae:e7:60:8a:d9:d0:4d:22:65:91:cb:0a:b2:f7: 7f:1c:5b:ff:c1:6b:21:15:59:64:e8:6c:a9:7c:90: ef:ae:5b:df:eb:55:2a:dd:28:90:de:89:fb:84:b4: 8c:e6:e3:7b:6a:02:94:1a:86:07:88:bd:e6:01:f2: 68:74:ac:8a:f9:43:82:4c:33:88:77:18:67:c5:7b: 16:ef:29:3f:16:6e:0f:62:2b:d5:11:ef:01:6f:17: f4:4e:f9:bc:00:6a:c3:08:a7:40:a2:72:c5:e2:cb: 01:c2:29:3f:f8:7b:25:f0:92:7c:74:4e:ef:fb:a3: 63:52:ad:a2:ad:11:90:bb:26:1c:43:82:96:28:ec: a8:29:9a:05:cc:f8:46:b1:fa:bc:fe:46:50:da:96: e3:7d:3a:b2:aa:5c:8c:54:e6:9f:d7:b0:04:01:98: 58:63:e8:36:ff:13:33:13:80:c2:b2:ab:8a:d1:8e: 00:c6:56:56:32:c7:9e:b1:1c:12:73:63:e4:f5:04: 89:84:b4:4b:5e:9d:7b:86:77:33:00:37:27:dd:f4: 8b:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:21:9B:13:F9:7D:36:BE:C3:B2:58:82:52:EA:8B:6A:EF:FE:B6:31 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.96.0/23 96.62.111.0/24 96.62.127.0/24 96.62.214.0/24 140.233.178.0/23 140.233.188.0/23 143.14.219.0/24 146.103.45.0/24 146.103.51.0/24 146.103.53.0/24 148.135.183.0/24 148.135.195.0/24 150.241.200.0/23 150.241.243.0/24 150.241.251.0/24 158.140.208.0/22 Signature Algorithm: sha256WithRSAEncryption 0c:c7:70:c7:b7:a6:62:52:be:89:03:5f:f7:22:3d:f1:24:37: 8f:1f:e4:31:88:3a:e3:2e:d6:b0:0d:ef:91:cc:6f:c3:39:2b: 58:48:28:2d:47:11:d2:60:51:ac:b9:d0:bb:b8:7a:8d:cf:db: f3:d9:de:a2:98:1d:0d:81:70:b2:98:64:7a:8a:4a:7b:48:3a: cc:71:6d:77:e9:fa:b8:6b:f5:a0:e9:5a:d7:bd:8d:39:90:52: 9d:9e:be:aa:8f:07:21:42:8b:45:4f:d0:13:67:76:a0:25:ca: 23:f0:c0:08:88:9c:51:c4:eb:ee:50:45:d8:4f:b1:6f:0b:96: 38:90:80:96:58:aa:5f:f5:1f:85:c9:ab:23:b8:ce:96:6c:6a: a5:de:a5:53:f6:ae:cb:df:03:05:7f:22:a5:56:6b:00:40:b3: 61:34:ac:d7:9a:dc:38:4d:b9:24:c7:6f:b7:20:90:05:49:00: 2e:9a:fd:65:52:6c:57:9d:b6:c6:1c:1a:7a:c4:9d:62:a5:51: c7:86:d9:42:60:6b:51:48:f3:1b:83:8e:72:f3:73:e9:fe:65: 43:1d:3e:ee:a3:37:05:46:06:e5:d6:80:7b:8e:f7:89:e1:a6: 3b:1c:ff:7d:d9:2d:d7:8b:f5:86:08:fc:05:6a:4e:75:16:64: af:a3:f4:b2 -----BEGIN CERTIFICATE----- MIIFWjCCBEKgAwIBAgIUJ7SbPm2WIv8U2lmrunZ8QyXy11owDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDEyMzU3MDNaFw0yNjEyMDEwMDAyMDNaMDMxMTAvBgNV BAMTKDg0MjE5QjEzRjk3RDM2QkVDM0IyNTg4MjUyRUE4QjZBRUZGRUI2MzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDgOWvSDhDOfacPBPUu3Rq2C4R f8z0euljNy9+NTMfMSxEjBYq6NY2cMGzZsGu52CK2dBNImWRywqy938cW//BayEV WWTobKl8kO+uW9/rVSrdKJDeifuEtIzm43tqApQahgeIveYB8mh0rIr5Q4JMM4h3 GGfFexbvKT8Wbg9iK9UR7wFvF/RO+bwAasMIp0CicsXiywHCKT/4eyXwknx0Tu/7 o2NSraKtEZC7JhxDgpYo7KgpmgXM+Eax+rz+RlDaluN9OrKqXIxU5p/XsAQBmFhj 6Db/EzMTgMKyq4rRjgDGVlYyx56xHBJzY+T1BImEtEtenXuGdzMANyfd9ItDAgMB AAGjggJkMIICYDAdBgNVHQ4EFgQUhCGbE/l9Nr7DsliCUuqLau/+tjEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQBYD5g AwQAYD5vAwQAYD5/AwQAYD7WAwQBjOmyAwQBjOm8AwQAjw7bAwQAkmctAwQAkmcz AwQAkmc1AwQAlIe3AwQAlIfDAwQBlvHIAwQAlvHzAwQAlvH7AwQCnozQMA0GCSqG SIb3DQEBCwUAA4IBAQAMx3DHt6ZiUr6JA1/3Ij3xJDePH+QxiDrjLtawDe+RzG/D OStYSCgtRxHSYFGsudC7uHqNz9vz2d6imB0NgXCymGR6ikp7SDrMcW136fq4a/Wg 6VrXvY05kFKdnr6qjwchQotFT9ATZ3agJcoj8MAIiJxRxOvuUEXYT7FvC5Y4kICW WKpf9R+FyasjuM6WbGql3qVT9q7L3wMFfyKlVmsAQLNhNKzXmtw4Tbkkx2+3IJAF SQAumv1lUmxXnbbGHBp6xJ1ipVHHhtlCYGtRSPMbg45y83Pp/mVDHT7uozcFRgbl 1oB7jveJ4aY7HP992S3Xi/WGCPwFak51FmSvo/Sy -----END CERTIFICATE-----Generated at Wed Dec 3 12:04:13 2025 by rpki-client