This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa File: AS22427.roa (raw, json) Hash identifier: IM0bbCxSJnzxMIIgJcsKobEF4YImr2JPbJ2J4Xw2WEY= Subject key identifier: A3:FA:A0:54:46:91:A7:1B:82:49:CD:2F:95:FD:22:75:5E:CC:6E:50 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 38A1C3AEDD812041C2BFD0BEC40E904FA2669573 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa Signing time: Mon 24 Nov 2025 03:27:18 +0000 ROA not before: Mon 24 Nov 2025 03:22:18 +0000 ROA not after: Mon 23 Nov 2026 03:27:18 +0000 asID: 22427 IP address blocks: 148.135.194.0/24 maxlen: 24 155.117.247.0/24 maxlen: 24 167.148.28.0/24 maxlen: 24 167.148.140.0/24 maxlen: 24 167.148.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:a1:c3:ae:dd:81:20:41:c2:bf:d0:be:c4:0e:90:4f:a2:66:95:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 24 03:22:18 2025 GMT Not After : Nov 23 03:27:18 2026 GMT Subject: CN=A3FAA0544691A71B8249CD2F95FD22755ECC6E50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:9c:5e:b6:fc:92:10:1c:93:82:83:18:aa:81: 8e:c7:33:11:1d:79:9b:d0:72:08:5c:47:d3:f9:f7: c7:53:b6:90:20:6a:b1:35:40:61:1a:71:c0:8d:9c: 27:f0:0e:98:f1:1b:2e:e4:a4:e4:76:d2:5d:32:54: c7:69:d2:1e:57:e7:65:92:b8:fe:e0:57:94:3f:c3: 31:61:94:15:65:7e:2f:a4:cf:9d:bc:09:ea:e8:a4: 4e:f3:91:eb:54:29:7c:ba:07:af:75:4a:8e:20:10: 44:a9:5d:f9:5e:8f:ae:d1:a4:36:dc:8b:bc:d8:6f: 19:4f:ad:aa:7a:04:aa:29:e0:62:23:df:fd:f5:a3: 63:5b:ba:49:4d:96:80:17:c0:bb:14:b2:84:95:78: ce:10:72:6b:94:c6:bb:b7:56:ae:72:05:3c:32:e0: f8:a9:7d:c0:aa:d8:d9:fc:04:1f:9d:55:1f:3d:75: a0:cd:0e:4c:18:d5:9e:ef:8d:23:0e:bc:33:2a:97: 6e:14:fa:fd:db:a4:04:13:cf:1e:1e:49:0c:e6:6b: 6c:02:3a:f2:af:d1:98:20:73:97:25:e6:5f:8b:62: 8b:69:5f:91:4b:c0:ec:53:30:bb:27:92:e0:01:aa: c5:3c:93:f0:76:5b:e5:f2:e7:89:e3:9f:40:1f:23: 11:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:FA:A0:54:46:91:A7:1B:82:49:CD:2F:95:FD:22:75:5E:CC:6E:50 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS22427.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 148.135.194.0/24 155.117.247.0/24 167.148.28.0/24 167.148.140.0/24 167.148.179.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:e7:2d:8f:1a:75:bc:5e:7c:35:08:ad:09:ca:51:70:72:d6: 8f:41:db:a7:d6:26:b8:23:87:75:7b:f6:a4:cc:50:3c:aa:5e: 4b:aa:37:c9:92:b3:50:1f:03:1a:3e:fd:8c:c7:63:61:c2:73: 7d:d7:13:06:a6:cc:19:ad:b2:dd:da:90:9b:ed:e9:5d:e9:db: 4e:b2:00:52:c9:26:49:d4:4a:04:e3:42:b9:bf:73:35:9d:cf: 5d:ff:6c:c5:c4:6b:65:19:c1:8d:e1:ca:d2:76:f3:24:98:00: 2c:e9:d4:c0:af:00:41:15:b7:e3:3a:cd:a2:66:5e:21:07:97: 8a:b8:74:d0:f5:40:98:2a:fd:cd:78:f4:ed:2c:3b:bd:39:16: a3:cb:65:60:6d:0e:d7:6e:2e:fb:c5:c1:7a:25:ad:22:cc:5f: 94:f1:8c:25:53:81:59:58:3c:d4:4b:f8:b6:17:84:96:ba:0e: 70:d1:00:5a:76:b0:1b:7c:1c:e8:94:b1:1b:80:12:ef:ab:53: 13:9c:41:43:a8:5d:20:5f:ce:d4:39:29:be:20:8f:f8:8c:54: 9e:60:fd:b9:ca:5f:32:ee:a3:79:72:10:32:89:82:d2:c9:4a: b5:56:2d:1a:c7:08:f0:d1:e5:f9:f6:b0:f1:fe:8b:b8:dc:b4: 70:a7:23:2b -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIUOKHDrt2BIEHCv9C+xA6QT6JmlXMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjQwMzIyMThaFw0yNjExMjMwMzI3MThaMDMxMTAvBgNV BAMTKEEzRkFBMDU0NDY5MUE3MUI4MjQ5Q0QyRjk1RkQyMjc1NUVDQzZFNTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtnF62/JIQHJOCgxiqgY7HMxEd eZvQcghcR9P598dTtpAgarE1QGEaccCNnCfwDpjxGy7kpOR20l0yVMdp0h5X52WS uP7gV5Q/wzFhlBVlfi+kz528CeropE7zketUKXy6B691So4gEESpXflej67RpDbc i7zYbxlPrap6BKop4GIj3/31o2NbuklNloAXwLsUsoSVeM4QcmuUxru3Vq5yBTwy 4PipfcCq2Nn8BB+dVR89daDNDkwY1Z7vjSMOvDMql24U+v3bpAQTzx4eSQzma2wC OvKv0Zggc5cl5l+LYotpX5FLwOxTMLsnkuABqsU8k/B2W+Xy54njn0AfIxEPAgMB AAGjggIhMIICHTAdBgNVHQ4EFgQUo/qgVEaRpxuCSc0vlf0idV7MblAwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjI0Mjcucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACUh8ID BACbdfcDBACnlBwDBACnlIwDBACnlLMwDQYJKoZIhvcNAQELBQADggEBAH7nLY8a dbxefDUIrQnKUXBy1o9B26fWJrgjh3V79qTMUDyqXkuqN8mSs1AfAxo+/YzHY2HC c33XEwamzBmtst3akJvt6V3p206yAFLJJknUSgTjQrm/czWdz13/bMXEa2UZwY3h ytJ28ySYACzp1MCvAEEVt+M6zaJmXiEHl4q4dND1QJgq/c149O0sO705FqPLZWBt DtduLvvFwXolrSLMX5TxjCVTgVlYPNRL+LYXhJa6DnDRAFp2sBt8HOiUsRuAEu+r UxOcQUOoXSBfztQ5Kb4gj/iMVJ5g/bnKXzLuo3lyEDKJgtLJSrVWLRrHCPDR5fn2 sPH+i7jctHCnIys= -----END CERTIFICATE-----Generated at Fri Dec 5 05:06:38 2025 by rpki-client