This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: 2L+uwboJCvky7f/4pu6DQZxZtjcrtQ1dujn48YjrV94= Subject key identifier: 35:F9:0C:54:E8:0E:7A:C4:32:52:78:00:B6:2B:08:45:60:E3:AE:EB Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 68FD72B81EF59D3BB1F9CF3446B90FCE1B5F80E7 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa Signing time: Tue 13 Jan 2026 07:54:40 +0000 ROA not before: Tue 13 Jan 2026 07:49:40 +0000 ROA not after: Tue 12 Jan 2027 07:54:40 +0000 asID: 214025 IP address blocks: 96.62.220.0/24 maxlen: 24 140.233.165.0/24 maxlen: 24 143.14.46.0/24 maxlen: 24 155.117.127.0/24 maxlen: 24 162.141.104.0/24 maxlen: 24 167.148.141.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 19:27:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 68:fd:72:b8:1e:f5:9d:3b:b1:f9:cf:34:46:b9:0f:ce:1b:5f:80:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 13 07:49:40 2026 GMT Not After : Jan 12 07:54:40 2027 GMT Subject: CN=35F90C54E80E7AC432527800B62B084560E3AEEB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:1f:2a:83:fb:05:a2:33:db:be:2f:7e:a1:f4: 2b:30:83:b2:1e:c2:91:4b:ab:89:5b:f5:45:df:dd: af:96:8a:09:e5:ee:d6:c5:31:5e:2b:73:e6:7f:2d: 3a:cd:22:81:c8:62:26:b3:c8:60:44:dc:57:34:26: e9:a4:b7:81:35:8f:87:51:0e:cb:bc:67:a7:6d:68: 0a:1f:ed:31:84:0d:20:6a:11:3d:7a:50:1e:49:23: 74:e6:e5:0c:4c:76:46:90:b7:5e:95:27:e4:0a:4a: a2:7e:9d:15:5f:26:90:e4:07:61:5f:26:69:5a:b0: 51:6b:fd:cb:ed:73:2b:fc:e3:26:85:1a:4c:96:ef: bf:5c:2c:46:96:9e:79:ba:c9:60:f2:17:5e:51:dd: b2:ff:d2:1c:2c:54:c5:2e:73:8c:c6:1d:24:82:52: 6a:47:9e:c6:1c:1b:78:36:cc:ca:5d:59:ea:f6:51: 85:21:e2:b3:26:ad:96:2a:40:b9:c6:6d:fb:bf:b3: b3:09:41:cf:65:eb:12:9e:21:20:51:14:a5:52:3c: a3:97:3e:a4:47:69:29:d9:26:11:c8:2e:cb:84:4a: 61:52:65:13:dd:f2:30:44:9a:91:f7:42:ae:65:89: 2e:dd:10:50:5b:68:41:6c:1e:3c:03:06:06:86:42: c4:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:F9:0C:54:E8:0E:7A:C4:32:52:78:00:B6:2B:08:45:60:E3:AE:EB X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.220.0/24 140.233.165.0/24 143.14.46.0/24 155.117.127.0/24 162.141.104.0/24 167.148.141.0/24 Signature Algorithm: sha256WithRSAEncryption 09:03:56:8b:9c:31:11:46:fe:6d:8d:c3:71:4a:b2:9d:f1:01: 49:96:5b:a4:8c:a4:37:da:ec:12:d6:91:e9:b4:a4:45:b3:11: 0e:6a:df:4e:74:1d:ff:f6:f1:7b:a5:81:83:4a:f6:59:f3:fe: 6c:7a:e8:e3:e4:63:19:d1:78:26:9d:7e:12:89:6d:4f:04:fe: 6b:f7:66:3c:8e:f3:e6:77:97:c1:33:32:ba:f6:d6:b1:64:e6: f8:e9:52:c1:8a:3f:32:b6:85:91:fa:e6:8c:fd:6e:9f:be:07: 35:c3:0d:bc:27:7f:33:a7:b6:c0:d6:2b:7d:fd:71:97:7f:42: 65:bc:62:10:5c:66:19:2e:42:03:fb:6b:35:55:f5:5b:2d:51: 6f:29:04:b6:58:e1:37:11:49:12:6f:3e:f1:3e:ae:c1:7d:ff: 64:26:fe:8d:cc:03:68:55:4f:49:8b:82:e0:0f:f2:d9:e8:7b: 41:4f:b1:5a:cb:50:ca:54:52:53:13:e2:82:66:12:20:c3:c0: 9a:64:01:68:1c:8e:23:69:fc:98:d7:59:d4:6d:ee:62:d2:df: 7b:68:d3:d7:06:7d:65:a3:52:e4:00:5d:cf:f1:b4:80:3f:75: f5:fe:8a:b6:ab:89:6e:ad:67:aa:a1:4d:bc:bc:91:8d:30:20: 16:e1:51:a7 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgIUaP1yuB71nTux+c80RrkPzhtfgOcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTMwNzQ5NDBaFw0yNzAxMTIwNzU0NDBaMDMxMTAvBgNV BAMTKDM1RjkwQzU0RTgwRTdBQzQzMjUyNzgwMEI2MkIwODQ1NjBFM0FFRUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGHyqD+wWiM9u+L36h9Cswg7Ie wpFLq4lb9UXf3a+Wignl7tbFMV4rc+Z/LTrNIoHIYiazyGBE3Fc0Jumkt4E1j4dR Dsu8Z6dtaAof7TGEDSBqET16UB5JI3Tm5QxMdkaQt16VJ+QKSqJ+nRVfJpDkB2Ff JmlasFFr/cvtcyv84yaFGkyW779cLEaWnnm6yWDyF15R3bL/0hwsVMUuc4zGHSSC UmpHnsYcG3g2zMpdWer2UYUh4rMmrZYqQLnGbfu/s7MJQc9l6xKeISBRFKVSPKOX PqRHaSnZJhHILsuESmFSZRPd8jBEmpH3Qq5liS7dEFBbaEFsHjwDBgaGQsTZAgMB AAGjggIoMIICJDAdBgNVHQ4EFgQUNfkMVOgOesQyUngAtisIRWDjruswHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAYD7c AwQAjOmlAwQAjw4uAwQAm3V/AwQAoo1oAwQAp5SNMA0GCSqGSIb3DQEBCwUAA4IB AQAJA1aLnDERRv5tjcNxSrKd8QFJllukjKQ32uwS1pHptKRFsxEOat9OdB3/9vF7 pYGDSvZZ8/5seujj5GMZ0XgmnX4SiW1PBP5r92Y8jvPmd5fBMzK69taxZOb46VLB ij8ytoWR+uaM/W6fvgc1ww28J38zp7bA1it9/XGXf0JlvGIQXGYZLkID+2s1VfVb LVFvKQS2WOE3EUkSbz7xPq7Bff9kJv6NzANoVU9Ji4LgD/LZ6HtBT7Fay1DKVFJT E+KCZhIgw8CaZAFoHI4jafyY11nUbe5i0t97aNPXBn1lo1LkAF3P8bSAP3X1/oq2 q4lurWeqoU28vJGNMCAW4VGn -----END CERTIFICATE-----Generated at Mon Jan 19 05:25:26 2026 by rpki-client