This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa File: AS29802.roa (raw, json) Hash identifier: GXRzOy0HJ0HKcnVoZFUjSkZXPZ8/5SyvQQsHKNxmKkw= Subject key identifier: 72:81:B7:E6:97:69:29:E9:BF:18:BD:48:D2:C9:13:23:B1:F3:A0:CE Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 789FFB108C0E1F12B1ED743A5DDD00CD9AC3AAE7 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa Signing time: Thu 15 Jan 2026 11:14:20 +0000 ROA not before: Thu 15 Jan 2026 11:09:20 +0000 ROA not after: Thu 14 Jan 2027 11:14:20 +0000 asID: 29802 IP address blocks: 96.62.140.0/24 maxlen: 24 96.62.216.0/24 maxlen: 24 143.14.110.0/24 maxlen: 24 143.14.157.0/24 maxlen: 24 143.14.210.0/24 maxlen: 24 143.14.213.0/24 maxlen: 24 145.223.50.0/24 maxlen: 24 145.223.55.0/24 maxlen: 24 145.223.60.0/24 maxlen: 24 145.223.62.0/24 maxlen: 24 145.223.63.0/24 maxlen: 24 146.103.4.0/24 maxlen: 24 146.103.19.0/24 maxlen: 24 147.79.61.0/24 maxlen: 24 148.135.178.0/24 maxlen: 24 148.135.179.0/24 maxlen: 24 148.135.190.0/24 maxlen: 24 148.135.191.0/24 maxlen: 24 148.135.254.0/24 maxlen: 24 150.241.175.0/24 maxlen: 24 150.241.233.0/24 maxlen: 24 155.117.22.0/24 maxlen: 24 155.117.121.0/24 maxlen: 24 162.141.52.0/24 maxlen: 24 162.141.133.0/24 maxlen: 24 162.141.141.0/24 maxlen: 24 167.148.118.0/24 maxlen: 24 167.148.178.0/24 maxlen: 24 168.222.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78:9f:fb:10:8c:0e:1f:12:b1:ed:74:3a:5d:dd:00:cd:9a:c3:aa:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 15 11:09:20 2026 GMT Not After : Jan 14 11:14:20 2027 GMT Subject: CN=7281B7E6976929E9BF18BD48D2C91323B1F3A0CE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b4:a4:04:3a:08:7b:97:5d:ff:c6:06:b8:8a: 9c:41:46:2a:28:b4:23:c2:72:42:bc:d8:65:a8:52: 45:76:96:f5:03:93:60:c4:ae:27:52:ac:2c:44:31: 2c:8b:2b:10:35:ca:ee:80:4c:a8:ee:1f:4a:ce:fc: f4:b3:4a:ed:3f:7e:37:1c:32:f0:97:9a:c4:90:84: bd:b1:e4:a6:da:51:c2:df:e2:98:5c:6b:7f:33:58: 5d:89:da:fa:72:7c:95:82:6a:e5:a5:0e:1a:33:45: b4:cd:12:d5:5f:91:9e:7e:99:0f:16:0b:9c:cd:08: 9d:08:72:1b:41:52:0a:99:dc:07:8b:7b:08:8c:2e: d8:0e:14:f3:df:a8:ff:1e:bf:65:33:6a:23:0f:81: c2:c4:9f:e0:8e:9e:81:91:a4:5c:c8:74:83:75:29: 07:db:8d:d5:c5:64:dc:22:5e:84:89:38:0c:52:61: 56:b9:62:d5:8e:ab:f1:d5:a7:d9:8d:a3:8d:35:eb: f1:a9:65:b2:2c:54:fd:47:93:45:a5:d0:db:a5:7c: f0:51:73:9b:02:4a:e7:3b:f6:27:5e:64:8a:06:2a: 50:53:c9:8a:57:00:5d:59:d9:4d:2e:76:7c:8a:ce: 85:cf:15:86:a3:fb:05:f2:73:2b:65:c5:f8:de:41: b3:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:81:B7:E6:97:69:29:E9:BF:18:BD:48:D2:C9:13:23:B1:F3:A0:CE X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS29802.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.140.0/24 96.62.216.0/24 143.14.110.0/24 143.14.157.0/24 143.14.210.0/24 143.14.213.0/24 145.223.50.0/24 145.223.55.0/24 145.223.60.0/24 145.223.62.0/23 146.103.4.0/24 146.103.19.0/24 147.79.61.0/24 148.135.178.0/23 148.135.190.0/23 148.135.254.0/24 150.241.175.0/24 150.241.233.0/24 155.117.22.0/24 155.117.121.0/24 162.141.52.0/24 162.141.133.0/24 162.141.141.0/24 167.148.118.0/24 167.148.178.0/24 168.222.1.0/24 Signature Algorithm: sha256WithRSAEncryption 33:69:76:5b:e7:02:dd:b1:24:eb:01:bd:db:77:3a:49:2d:3d: f9:17:a7:d3:d5:41:6a:2a:ef:9c:33:91:7e:49:b0:3d:c4:18: e4:d5:1a:89:7a:80:2e:f2:cd:0f:c6:a3:11:43:93:e5:6a:9d: dd:96:e4:5c:96:a2:88:d6:3b:83:62:5e:de:9f:83:18:4c:aa: ad:3c:53:45:8a:9e:45:fb:f5:a7:af:90:86:d5:d5:a7:01:a1: 3d:04:6e:2c:76:8d:92:d3:be:96:4e:2f:bb:6b:16:80:32:e5: 5b:ab:f9:79:7c:88:78:75:69:e8:e8:76:3b:71:50:4d:98:91: d0:bb:70:f4:b8:55:f6:d4:7e:b3:b0:74:ea:5b:bf:13:c3:22: b6:9d:ad:ac:ae:a0:7b:21:af:b6:0d:bc:46:cb:bb:9e:3f:ac: 5a:68:8f:2e:46:9f:6a:b5:50:48:ac:3c:1a:3d:c5:4f:c0:f2: 17:20:f7:9b:d2:2e:8e:40:e4:8e:8e:f5:80:38:0a:ac:03:5e: 23:ee:67:e4:a4:d9:f4:ca:7d:23:ae:0b:a7:20:f6:13:ff:e0: 94:b0:20:1f:13:72:09:19:68:67:85:6f:14:bc:74:5c:56:2e: 31:34:d9:0b:7f:11:d5:d1:69:36:47:8d:0c:72:ed:45:d3:94: 29:81:c6:e9 -----BEGIN CERTIFICATE----- MIIFmjCCBIKgAwIBAgIUeJ/7EIwOHxKx7XQ6Xd0AzZrDqucwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTUxMTA5MjBaFw0yNzAxMTQxMTE0MjBaMDMxMTAvBgNV BAMTKDcyODFCN0U2OTc2OTI5RTlCRjE4QkQ0OEQyQzkxMzIzQjFGM0EwQ0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDItKQEOgh7l13/xga4ipxBRioo tCPCckK82GWoUkV2lvUDk2DEridSrCxEMSyLKxA1yu6ATKjuH0rO/PSzSu0/fjcc MvCXmsSQhL2x5KbaUcLf4phca38zWF2J2vpyfJWCauWlDhozRbTNEtVfkZ5+mQ8W C5zNCJ0IchtBUgqZ3AeLewiMLtgOFPPfqP8ev2UzaiMPgcLEn+COnoGRpFzIdIN1 KQfbjdXFZNwiXoSJOAxSYVa5YtWOq/HVp9mNo4016/GpZbIsVP1Hk0Wl0NulfPBR c5sCSuc79ideZIoGKlBTyYpXAF1Z2U0udnyKzoXPFYaj+wXycytlxfjeQbM9AgMB AAGjggKkMIICoDAdBgNVHQ4EFgQUcoG35pdpKem/GL1I0skTI7HzoM4wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjk4MDIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwgbkGCCsGAQUFBwEHAQH/BIGpMIGmMIGjBAIAATCBnAME AGA+jAMEAGA+2AMEAI8ObgMEAI8OnQMEAI8O0gMEAI8O1QMEAJHfMgMEAJHfNwME AJHfPAMEAZHfPgMEAJJnBAMEAJJnEwMEAJNPPQMEAZSHsgMEAZSHvgMEAJSH/gME AJbxrwMEAJbx6QMEAJt1FgMEAJt1eQMEAKKNNAMEAKKNhQMEAKKNjQMEAKeUdgME AKeUsgMEAKjeATANBgkqhkiG9w0BAQsFAAOCAQEAM2l2W+cC3bEk6wG923c6SS09 +Ren09VBairvnDORfkmwPcQY5NUaiXqALvLND8ajEUOT5Wqd3ZbkXJaiiNY7g2Je 3p+DGEyqrTxTRYqeRfv1p6+QhtXVpwGhPQRuLHaNktO+lk4vu2sWgDLlW6v5eXyI eHVp6Oh2O3FQTZiR0Ltw9LhV9tR+s7B06lu/E8Mitp2trK6geyGvtg28Rsu7nj+s WmiPLkafarVQSKw8Gj3FT8DyFyD3m9IujkDkjo71gDgKrANeI+5n5KTZ9Mp9I64L pyD2E//glLAgHxNyCRloZ4VvFLx0XFYuMTTZC38R1dFpNkeNDHLtRdOUKYHG6Q== -----END CERTIFICATE-----Generated at Mon Jan 19 08:18:00 2026 by rpki-client