This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: 9a/QuzX+EmEdnENfHX3hcaR7GylDpYkWlovEF6wVRA4= Subject key identifier: 8F:F8:E3:50:94:D3:9B:F1:B0:5F:4A:62:15:BA:7E:78:CC:17:55:FD Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 464DE3C76FC4A52A2BE0574FF8C38B91120CC0BA Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa Signing time: Thu 08 Jan 2026 16:08:46 +0000 ROA not before: Thu 08 Jan 2026 16:03:46 +0000 ROA not after: Thu 07 Jan 2027 16:08:46 +0000 asID: 39521 IP address blocks: 162.141.80.0/24 maxlen: 24 162.141.98.0/24 maxlen: 24 167.148.40.0/24 maxlen: 24 167.148.190.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:4d:e3:c7:6f:c4:a5:2a:2b:e0:57:4f:f8:c3:8b:91:12:0c:c0:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 8 16:03:46 2026 GMT Not After : Jan 7 16:08:46 2027 GMT Subject: CN=8FF8E35094D39BF1B05F4A6215BA7E78CC1755FD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:6f:49:79:cd:f9:98:82:1d:a9:4d:9c:b0:b5: f5:06:d7:6e:ca:ff:0f:53:1e:a9:93:4a:56:31:94: 9f:43:f8:1f:80:1d:f0:4b:97:c9:df:5c:43:77:57: b6:aa:2a:f5:21:2c:53:8b:49:46:51:1a:64:bc:7c: 55:ef:d7:35:52:4d:f2:0c:a8:c7:8b:08:6d:b7:33: e1:42:c7:a4:87:4b:4b:54:1a:2d:67:5b:2f:93:cb: c9:b3:11:78:e4:e2:85:9e:22:f8:e4:03:81:51:69: 10:6b:af:d6:79:51:1c:1a:38:f3:c3:e6:2d:33:40: 97:bf:de:81:06:03:1b:13:75:ca:e4:62:0e:30:ff: 9b:ac:8d:cc:ed:74:89:42:4d:b2:4c:37:6b:31:5e: 69:2b:60:f6:86:d9:80:70:11:c6:76:64:98:3b:32: c1:9f:67:78:68:f9:67:01:31:fa:cc:3a:7a:6d:fe: a5:79:87:70:fe:6f:fb:c3:de:3f:9b:59:4f:46:10: 84:ff:74:0c:eb:46:b5:14:af:96:7d:f1:9c:9d:6a: 69:24:65:49:58:43:b1:d1:3b:58:89:64:67:b8:02: 52:d9:da:1c:a7:af:b4:0f:8c:0a:83:ed:98:52:53: 39:91:03:fb:f9:f0:41:5d:53:50:e1:be:97:ef:16: 31:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8F:F8:E3:50:94:D3:9B:F1:B0:5F:4A:62:15:BA:7E:78:CC:17:55:FD X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 162.141.80.0/24 162.141.98.0/24 167.148.40.0/24 167.148.190.0/24 Signature Algorithm: sha256WithRSAEncryption 34:c7:d4:7c:f2:2a:11:ee:fc:aa:23:15:3a:b0:cf:b1:9b:f1: 20:e8:28:fb:75:99:1e:a2:1c:c5:2e:f3:a5:e0:e4:2c:e5:89: 55:1e:6d:5b:3e:25:f4:00:65:ec:78:83:74:1a:2e:4f:f9:fa: 45:ba:b8:18:0d:d0:1e:17:fc:42:76:b7:6f:51:3d:10:6e:8d: 14:39:25:46:e9:87:87:8a:05:00:b2:b2:e2:9c:14:68:50:64: fc:8e:f8:cf:96:eb:39:16:ef:1b:ef:42:67:49:66:0f:32:f1: 11:a0:69:53:60:fa:b0:cd:d7:c0:e1:93:12:b8:aa:f0:13:52: 81:fa:00:0b:8a:9c:df:33:b4:8c:75:6e:66:20:72:25:9d:e1: bc:fc:ce:45:9e:dc:f3:c5:48:19:49:40:2d:19:bb:a7:55:70: 54:a4:93:0e:20:a9:9f:33:2f:6c:21:3c:44:b1:4b:86:7a:33: c4:70:17:54:5a:c7:9f:63:8d:e3:64:61:b6:ac:0c:f1:76:87: 07:7e:6c:59:5f:a7:f2:e4:4a:75:d6:dc:c1:91:5d:03:62:f4: 78:cd:49:9d:82:31:dd:b3:7d:76:4c:44:06:d1:48:22:11:5a: 47:e5:d7:6b:fe:8a:78:e6:e9:cf:b9:55:ef:2f:db:83:fb:f8: c1:93:60:93 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIURk3jx2/EpSor4FdP+MOLkRIMwLowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMDgxNjAzNDZaFw0yNzAxMDcxNjA4NDZaMDMxMTAvBgNV BAMTKDhGRjhFMzUwOTREMzlCRjFCMDVGNEE2MjE1QkE3RTc4Q0MxNzU1RkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqb0l5zfmYgh2pTZywtfUG127K /w9THqmTSlYxlJ9D+B+AHfBLl8nfXEN3V7aqKvUhLFOLSUZRGmS8fFXv1zVSTfIM qMeLCG23M+FCx6SHS0tUGi1nWy+Ty8mzEXjk4oWeIvjkA4FRaRBrr9Z5URwaOPPD 5i0zQJe/3oEGAxsTdcrkYg4w/5usjcztdIlCTbJMN2sxXmkrYPaG2YBwEcZ2ZJg7 MsGfZ3ho+WcBMfrMOnpt/qV5h3D+b/vD3j+bWU9GEIT/dAzrRrUUr5Z98Zydamkk ZUlYQ7HRO1iJZGe4AlLZ2hynr7QPjAqD7ZhSUzmRA/v58EFdU1DhvpfvFjG3AgMB AAGjggIbMIICFzAdBgNVHQ4EFgQUj/jjUJTTm/GwX0piFbp+eMwXVf0wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACijVAD BACijWIDBACnlCgDBACnlL4wDQYJKoZIhvcNAQELBQADggEBADTH1HzyKhHu/Koj FTqwz7Gb8SDoKPt1mR6iHMUu86Xg5CzliVUebVs+JfQAZex4g3QaLk/5+kW6uBgN 0B4X/EJ2t29RPRBujRQ5JUbph4eKBQCysuKcFGhQZPyO+M+W6zkW7xvvQmdJZg8y 8RGgaVNg+rDN18DhkxK4qvATUoH6AAuKnN8ztIx1bmYgciWd4bz8zkWe3PPFSBlJ QC0Zu6dVcFSkkw4gqZ8zL2whPESxS4Z6M8RwF1Rax59jjeNkYbasDPF2hwd+bFlf p/LkSnXW3MGRXQNi9HjNSZ2CMd2zfXZMRAbRSCIRWkfl12v+injm6c+5Ve8v24P7 +MGTYJM= -----END CERTIFICATE-----Generated at Mon Jan 19 08:20:19 2026 by rpki-client