This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa File: AS215152.roa (raw, json) Hash identifier: biGdjG0Y7k39jxOz2S3UjshoTW9sUXqvWbNywpGzywE= Subject key identifier: ED:29:D0:95:7A:36:D4:63:F8:5E:99:D0:53:33:14:9E:4A:6F:33:BE Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 06189F51FBB51A40A9C1308F3F09420CE4FED649 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa Signing time: Fri 26 Dec 2025 06:21:18 +0000 ROA not before: Fri 26 Dec 2025 06:16:18 +0000 ROA not after: Fri 25 Dec 2026 06:21:18 +0000 asID: 215152 IP address blocks: 96.62.71.0/24 maxlen: 24 140.233.175.0/24 maxlen: 24 150.241.254.0/24 maxlen: 24 168.222.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:18:9f:51:fb:b5:1a:40:a9:c1:30:8f:3f:09:42:0c:e4:fe:d6:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 26 06:16:18 2025 GMT Not After : Dec 25 06:21:18 2026 GMT Subject: CN=ED29D0957A36D463F85E99D05333149E4A6F33BE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:30:44:c2:a7:ba:f3:1a:e7:0c:6a:73:e8:14: 10:a1:54:17:25:31:6d:bd:48:0f:e1:99:84:a0:56: 3b:2b:24:3e:2a:8e:0c:37:84:b3:84:ab:05:fd:2f: f6:b0:65:b6:11:58:6f:56:a1:fb:04:f0:24:ef:69: 3a:90:16:60:6b:cf:9f:03:d9:59:5e:27:88:9b:8d: a9:c7:ce:56:94:4c:98:74:37:6e:96:9e:32:7a:04: f4:bb:73:97:5c:d4:b0:9e:35:1c:94:48:ef:1e:94: a5:a9:57:ab:e9:8e:1a:f0:3a:6d:91:b4:8e:73:18: 1f:24:27:cd:d6:da:97:2c:24:2b:58:04:5b:9f:0f: df:5a:05:ce:36:aa:f7:a2:0f:f6:0c:1d:04:60:a8: 08:92:33:40:a6:87:50:bc:21:ac:78:ab:ee:0a:33: 07:df:82:de:f6:7e:a1:ce:97:09:b9:0c:2d:f6:b6: 9f:02:a9:bc:97:27:7d:93:08:07:33:cd:2e:ae:6c: 79:3c:40:4b:26:9c:e2:ab:0d:e1:d1:d4:5c:fc:1b: 8e:84:80:4d:87:0c:cb:18:0c:27:70:9d:a2:57:ad: 50:82:08:a8:84:de:a8:43:74:af:6a:18:04:f3:89: ed:b7:31:e2:90:4e:1c:34:db:84:4b:e7:ca:71:19: dc:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:29:D0:95:7A:36:D4:63:F8:5E:99:D0:53:33:14:9E:4A:6F:33:BE X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS215152.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.71.0/24 140.233.175.0/24 150.241.254.0/24 168.222.13.0/24 Signature Algorithm: sha256WithRSAEncryption 33:03:f5:6e:eb:ab:d2:7a:9e:7a:d3:f8:47:cc:87:39:a4:16: 23:e1:ec:7c:4a:bb:e0:04:ca:7f:32:36:ae:2f:24:2f:f2:49: 20:7e:af:49:67:4a:af:56:4d:bd:ba:5a:25:58:e7:d6:80:fc: 0c:fe:af:04:1e:20:d7:ec:e0:59:28:b4:67:89:b4:c6:ce:d4: e0:54:54:8d:d0:98:8b:6b:ee:aa:cd:a0:20:96:0e:c2:47:0b: 45:7d:31:d6:ec:4e:cc:ab:f3:fb:40:1d:57:a0:67:cb:05:cc: 53:b8:8e:e5:c2:17:25:0f:93:48:7b:1d:67:33:6f:ed:6e:e9: 22:6d:d2:41:bf:1c:4c:1c:a1:4d:2d:4a:80:c3:be:3f:a1:05: 9a:f9:06:b3:94:22:aa:0f:8e:bc:e8:ba:9d:fa:71:b5:fa:f2: 60:45:fa:33:a6:60:65:7a:31:cc:7c:56:22:57:de:60:aa:5b: 80:3b:c8:a0:62:92:c8:dc:74:15:48:ad:9f:41:e8:53:9c:f2: e4:4b:43:0d:df:f4:ad:e4:8c:e0:5f:c5:47:84:36:77:92:54: 58:8b:e1:2f:31:32:98:3f:13:dd:7f:8f:48:7e:90:23:ab:45: 2b:6e:4e:a8:02:b3:6c:60:f1:ea:d4:6f:15:f7:a2:a4:24:8a: 70:13:21:2a -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUBhifUfu1GkCpwTCPPwlCDOT+1kkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMjYwNjE2MThaFw0yNjEyMjUwNjIxMThaMDMxMTAvBgNV BAMTKEVEMjlEMDk1N0EzNkQ0NjNGODVFOTlEMDUzMzMxNDlFNEE2RjMzQkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6METCp7rzGucManPoFBChVBcl MW29SA/hmYSgVjsrJD4qjgw3hLOEqwX9L/awZbYRWG9WofsE8CTvaTqQFmBrz58D 2VleJ4ibjanHzlaUTJh0N26WnjJ6BPS7c5dc1LCeNRyUSO8elKWpV6vpjhrwOm2R tI5zGB8kJ83W2pcsJCtYBFufD99aBc42qveiD/YMHQRgqAiSM0Cmh1C8Iax4q+4K Mwffgt72fqHOlwm5DC32tp8CqbyXJ32TCAczzS6ubHk8QEsmnOKrDeHR1Fz8G46E gE2HDMsYDCdwnaJXrVCCCKiE3qhDdK9qGATzie23MeKQThw024RL58pxGdzfAgMB AAGjggIcMIICGDAdBgNVHQ4EFgQU7SnQlXo21GP4XpnQUzMUnkpvM74wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE1MTUyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAYD5H AwQAjOmvAwQAlvH+AwQAqN4NMA0GCSqGSIb3DQEBCwUAA4IBAQAzA/Vu66vSep56 0/hHzIc5pBYj4ex8SrvgBMp/MjauLyQv8kkgfq9JZ0qvVk29ulolWOfWgPwM/q8E HiDX7OBZKLRnibTGztTgVFSN0JiLa+6qzaAglg7CRwtFfTHW7E7Mq/P7QB1XoGfL BcxTuI7lwhclD5NIex1nM2/tbukibdJBvxxMHKFNLUqAw74/oQWa+QazlCKqD468 6Lqd+nG1+vJgRfozpmBlejHMfFYiV95gqluAO8igYpLI3HQVSK2fQehTnPLkS0MN 3/St5IzgX8VHhDZ3klRYi+EvMTKYPxPdf49IfpAjq0Urbk6oArNsYPHq1G8V96Kk JIpwEyEq -----END CERTIFICATE-----Generated at Sat Jan 10 22:51:58 2026 by rpki-client