This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa File: AS215152.roa (raw, json) Hash identifier: 6HTpO/Ca8IoCWZGGkryMjltUjmq1U5f5MTWs3NTgsWk= Subject key identifier: CE:A0:F0:4F:78:6A:F1:A6:42:76:09:25:D6:07:E8:28:58:41:9A:99 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 083609E42C2BA22EB42F0D971D4590E031947F6C Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa Signing time: Tue 25 Nov 2025 09:46:44 +0000 ROA not before: Tue 25 Nov 2025 09:41:44 +0000 ROA not after: Tue 24 Nov 2026 09:46:44 +0000 asID: 215152 IP address blocks: 143.14.142.0/24 maxlen: 24 150.241.254.0/24 maxlen: 24 168.222.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 26 Nov 2025 12:53:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:36:09:e4:2c:2b:a2:2e:b4:2f:0d:97:1d:45:90:e0:31:94:7f:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 25 09:41:44 2025 GMT Not After : Nov 24 09:46:44 2026 GMT Subject: CN=CEA0F04F786AF1A642760925D607E82858419A99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:64:ce:04:31:63:9d:82:c1:3e:7c:ad:d2:3c: c0:c0:61:45:a7:9b:17:6a:cb:75:f4:93:d7:e9:61: 82:c2:08:7c:b8:8d:d7:b6:51:9b:57:27:db:dd:a0: db:84:f2:00:3f:3f:3a:9c:db:f0:14:d3:df:5f:f0: 87:42:8e:29:86:18:80:c8:1f:3d:62:36:c1:83:a5: 73:9c:d6:6d:28:8c:0f:85:b3:83:a8:f6:ab:f5:3f: d2:74:7b:7d:f8:67:8d:98:b9:8a:af:d4:23:ac:52: 9d:52:92:d3:ca:f6:37:92:73:04:ad:55:0f:35:e6: 45:ce:1c:34:a0:17:8f:85:c8:74:96:c3:bf:f9:71: 2c:eb:3a:8e:3a:4b:8e:4c:e1:a9:63:6d:a0:ea:6a: c7:91:5d:22:2c:4a:5c:bf:d9:6c:9c:88:54:bb:ba: 18:cd:2c:c7:38:40:a3:cd:09:00:1b:c0:2d:49:28: 88:bc:e8:d4:6b:e2:9d:fd:bb:b8:b9:46:61:e9:ac: 06:d1:6d:06:9c:c4:8d:fc:dd:84:b5:d8:b6:ab:e3: e5:5e:ce:70:69:31:f4:de:6a:b4:45:aa:f5:6c:67: 06:dc:ff:79:79:00:4e:13:2f:54:89:f9:d4:be:02: 62:3e:2e:50:9a:cc:b2:83:78:87:8f:15:5b:db:88: 32:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:A0:F0:4F:78:6A:F1:A6:42:76:09:25:D6:07:E8:28:58:41:9A:99 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.142.0/24 150.241.254.0/24 168.222.13.0/24 Signature Algorithm: sha256WithRSAEncryption 07:e2:56:aa:76:93:94:b1:04:2a:01:03:4b:86:a2:bc:19:6d: 1b:89:83:17:86:01:01:5a:b3:55:8d:45:47:fd:d4:90:f6:cf: 9c:f2:4d:c9:b1:05:0d:c3:6c:fe:ac:a6:e2:2d:ea:bb:0c:70: 89:a8:c6:3b:d9:9d:33:09:86:f4:7a:f5:59:de:36:4c:76:b0: fe:7b:7c:c3:92:41:38:80:cc:1b:08:e7:71:b5:74:ea:fc:8a: a1:e8:e5:65:61:9e:88:1b:7c:11:4a:e4:8a:67:eb:47:d2:7e: 8a:33:30:a0:02:b7:5e:9c:78:0c:e0:50:2e:3b:e4:c4:aa:26: ab:fe:74:dd:ee:5e:31:c8:00:95:9a:be:c1:11:d9:60:ad:65: dd:1a:b8:a3:90:b5:b0:48:86:21:d0:22:08:ff:30:7d:5f:ed: c9:64:84:e3:09:63:27:41:46:ab:b7:11:b8:6e:88:e8:a6:57: ae:e1:1d:39:10:b1:e7:5a:1b:96:ab:24:5d:2c:3c:b3:2f:31: 08:e3:27:6a:10:12:32:8e:57:55:80:56:30:91:e9:9b:b9:58: 6b:ab:db:bc:a6:37:dd:26:14:a3:08:13:85:01:d9:94:e4:1a: be:e4:6e:f8:c6:98:ca:cf:8a:36:82:be:74:f0:b7:bb:60:b0: 20:ca:e7:40 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUCDYJ5Cwroi60Lw2XHUWQ4DGUf2wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjUwOTQxNDRaFw0yNjExMjQwOTQ2NDRaMDMxMTAvBgNV BAMTKENFQTBGMDRGNzg2QUYxQTY0Mjc2MDkyNUQ2MDdFODI4NTg0MTlBOTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoZM4EMWOdgsE+fK3SPMDAYUWn mxdqy3X0k9fpYYLCCHy4jde2UZtXJ9vdoNuE8gA/Pzqc2/AU099f8IdCjimGGIDI Hz1iNsGDpXOc1m0ojA+Fs4Oo9qv1P9J0e334Z42YuYqv1COsUp1SktPK9jeScwSt VQ815kXOHDSgF4+FyHSWw7/5cSzrOo46S45M4aljbaDqaseRXSIsSly/2WyciFS7 uhjNLMc4QKPNCQAbwC1JKIi86NRr4p39u7i5RmHprAbRbQacxI383YS12Lar4+Ve znBpMfTearRFqvVsZwbc/3l5AE4TL1SJ+dS+AmI+LlCazLKDeIePFVvbiDLHAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUzqDwT3hq8aZCdgkl1gfoKFhBmpkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAjw6O AwQAlvH+AwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IBAQAH4laqdpOUsQQqAQNLhqK8 GW0biYMXhgEBWrNVjUVH/dSQ9s+c8k3JsQUNw2z+rKbiLeq7DHCJqMY72Z0zCYb0 evVZ3jZMdrD+e3zDkkE4gMwbCOdxtXTq/Iqh6OVlYZ6IG3wRSuSKZ+tH0n6KMzCg ArdenHgM4FAuO+TEqiar/nTd7l4xyACVmr7BEdlgrWXdGrijkLWwSIYh0CII/zB9 X+3JZITjCWMnQUartxG4bojopleu4R05ELHnWhuWqyRdLDyzLzEI4ydqEBIyjldV gFYwkembuVhrq9u8pjfdJhSjCBOFAdmU5Bq+5G74xpjKz4o2gr508Le7YLAgyudA -----END CERTIFICATE-----Generated at Tue Nov 25 17:36:05 2025 by rpki-client