This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa File: AS21840.roa (raw, json) Hash identifier: qQobN7uxqyLlsCNCfhXgrToAuG3zGRpFK7rx3wG0PMg= Subject key identifier: EF:58:D6:2D:F4:1C:AA:B9:2B:B4:9B:18:17:C1:FB:EA:17:0F:3C:09 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 5DE14F0E05270E68C6579D3624CC88B63F9780D5 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa Signing time: Tue 25 Nov 2025 00:04:22 +0000 ROA not before: Mon 24 Nov 2025 23:59:22 +0000 ROA not after: Tue 24 Nov 2026 00:04:22 +0000 asID: 21840 IP address blocks: 96.62.247.0/24 maxlen: 24 148.135.203.0/24 maxlen: 24 150.241.198.0/24 maxlen: 24 155.117.51.0/24 maxlen: 24 167.148.196.0/24 maxlen: 24 168.222.48.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 16:36:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:e1:4f:0e:05:27:0e:68:c6:57:9d:36:24:cc:88:b6:3f:97:80:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 24 23:59:22 2025 GMT Not After : Nov 24 00:04:22 2026 GMT Subject: CN=EF58D62DF41CAAB92BB49B1817C1FBEA170F3C09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:8c:42:7a:a5:60:7d:d7:c1:f5:43:66:02:8c: fa:90:df:25:91:19:6e:5a:f9:a2:54:a1:c8:00:82: 4f:1c:25:f6:1f:40:d9:79:32:af:e1:40:aa:fa:5b: 12:6d:c1:2d:31:a3:4b:b0:0a:65:e9:12:04:47:36: 61:bc:31:3e:fe:80:7d:ec:5a:34:83:2c:3a:4b:2a: 08:bb:b4:6a:25:4c:73:e6:3d:c9:36:9b:0b:ec:7b: b3:17:61:b9:95:d4:8f:0e:93:0e:c2:62:d3:1a:70: ab:f8:03:50:5d:cf:ea:4a:f8:82:00:bd:1b:9b:7e: 92:72:0f:43:cd:af:7a:08:70:33:f5:88:62:e8:13: 93:31:fd:e7:a7:2a:67:fe:73:81:57:3f:df:fa:82: fa:b4:04:31:a7:57:88:a7:0f:52:aa:58:96:8b:bc: ac:dc:2b:0c:c4:c7:c6:a4:76:95:43:01:40:c5:1b: 30:33:0e:2f:55:87:60:3b:55:08:66:d8:61:d6:94: 73:66:57:82:69:6b:c2:b9:39:45:9b:39:35:bb:26: b8:ff:0e:9e:2a:85:c4:a6:9b:da:e6:b2:4f:ce:2d: 2a:67:b7:38:6a:84:55:46:21:2c:e6:ba:30:3d:93: 7d:45:e6:09:4d:17:e5:bf:7d:7c:00:7e:dd:9a:10: 2d:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:58:D6:2D:F4:1C:AA:B9:2B:B4:9B:18:17:C1:FB:EA:17:0F:3C:09 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21840.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.247.0/24 148.135.203.0/24 150.241.198.0/24 155.117.51.0/24 167.148.196.0/24 168.222.48.0/24 Signature Algorithm: sha256WithRSAEncryption 28:a3:fc:d0:7f:1f:87:90:1b:a8:dd:41:5c:4b:7d:f4:8d:69: 36:aa:2c:41:2c:d8:6a:1e:91:0e:e1:91:f2:33:92:0a:ba:7d: 44:6d:30:a4:1e:f5:d2:f7:a1:8f:13:de:cf:79:63:57:cd:ff: 49:94:ef:41:83:93:f2:bf:ba:24:29:67:b4:a6:20:21:78:f0: 2a:04:98:9c:e8:a3:79:8a:ab:0d:25:e7:4b:08:a6:c4:81:64: 58:3a:56:66:ce:21:46:8f:9c:7f:b3:92:19:c5:4b:bc:d1:33: 41:d3:00:fd:4e:cd:79:75:46:1f:25:98:73:2f:a5:22:54:f5: b1:7a:74:b4:1c:dc:a8:ae:05:0c:f8:f9:67:82:c1:3b:ca:16: 42:e1:b8:73:a8:b6:8e:f4:d2:26:4f:41:5f:b8:b3:0f:94:c3: 29:f8:0f:92:2d:e0:04:7c:6b:b6:c1:09:5e:ac:27:59:aa:82: 68:f4:e2:0e:eb:d7:58:69:d4:d4:98:81:d4:9b:9d:d8:0d:3e: 84:9f:fa:a8:58:40:b4:54:3c:19:b4:fa:ea:4d:2f:33:1f:ea: 47:30:db:12:ba:44:ab:1d:73:a3:d7:8a:82:d0:f0:d8:7a:17: f5:71:d8:96:e1:c6:5f:f7:7d:6f:00:28:1a:08:75:b8:6e:a7: b5:b8:04:e4 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIUXeFPDgUnDmjGV502JMyItj+XgNUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjQyMzU5MjJaFw0yNjExMjQwMDA0MjJaMDMxMTAvBgNV BAMTKEVGNThENjJERjQxQ0FBQjkyQkI0OUIxODE3QzFGQkVBMTcwRjNDMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDujEJ6pWB918H1Q2YCjPqQ3yWR GW5a+aJUocgAgk8cJfYfQNl5Mq/hQKr6WxJtwS0xo0uwCmXpEgRHNmG8MT7+gH3s WjSDLDpLKgi7tGolTHPmPck2mwvse7MXYbmV1I8Okw7CYtMacKv4A1Bdz+pK+IIA vRubfpJyD0PNr3oIcDP1iGLoE5Mx/eenKmf+c4FXP9/6gvq0BDGnV4inD1KqWJaL vKzcKwzEx8akdpVDAUDFGzAzDi9Vh2A7VQhm2GHWlHNmV4Jpa8K5OUWbOTW7Jrj/ Dp4qhcSmm9rmsk/OLSpntzhqhFVGISzmujA9k31F5glNF+W/fXwAft2aEC37AgMB AAGjggInMIICIzAdBgNVHQ4EFgQU71jWLfQcqrkrtJsYF8H76hcPPAkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBABgPvcD BACUh8sDBACW8cYDBACbdTMDBACnlMQDBACo3jAwDQYJKoZIhvcNAQELBQADggEB ACij/NB/H4eQG6jdQVxLffSNaTaqLEEs2GoekQ7hkfIzkgq6fURtMKQe9dL3oY8T 3s95Y1fN/0mU70GDk/K/uiQpZ7SmICF48CoEmJzoo3mKqw0l50sIpsSBZFg6VmbO IUaPnH+zkhnFS7zRM0HTAP1OzXl1Rh8lmHMvpSJU9bF6dLQc3KiuBQz4+WeCwTvK FkLhuHOoto700iZPQV+4sw+Uwyn4D5It4AR8a7bBCV6sJ1mqgmj04g7r11hp1NSY gdSbndgNPoSf+qhYQLRUPBm0+upNLzMf6kcw2xK6RKsdc6PXioLQ8Nh6F/Vx2Jbh xl/3fW8AKBoIdbhup7W4BOQ= -----END CERTIFICATE-----Generated at Sat Dec 6 06:43:03 2025 by rpki-client