This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: DcwXaU9m/gDeBz9ul4Gqnp7prsHH8v32+3YJozN9fKg= Subject key identifier: 24:69:EB:FC:DB:CF:23:54:DD:B3:BD:03:EB:88:4D:AA:2A:8A:FB:AC Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 03DF2CF8F411F9EE3891A1870D9EE51C24266A83 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa Signing time: Fri 28 Nov 2025 14:06:48 +0000 ROA not before: Fri 28 Nov 2025 14:01:48 +0000 ROA not after: Fri 27 Nov 2026 14:06:48 +0000 asID: 39521 IP address blocks: 162.141.44.0/24 maxlen: 24 162.141.67.0/24 maxlen: 24 162.141.80.0/24 maxlen: 24 162.141.98.0/24 maxlen: 24 167.148.40.0/24 maxlen: 24 167.148.190.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:df:2c:f8:f4:11:f9:ee:38:91:a1:87:0d:9e:e5:1c:24:26:6a:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 28 14:01:48 2025 GMT Not After : Nov 27 14:06:48 2026 GMT Subject: CN=2469EBFCDBCF2354DDB3BD03EB884DAA2A8AFBAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:8b:d8:fb:d3:93:50:be:fc:6d:a4:fe:b8:d4: dd:52:a7:d4:91:58:19:c1:b5:14:be:18:2e:79:10: 87:38:37:d2:25:07:55:db:3e:b4:67:e0:44:e5:bb: 91:d8:21:a1:32:08:e7:d7:e2:07:70:9f:e1:85:54: d2:44:90:a2:22:e3:fe:2d:b5:e3:34:f5:9e:ac:c4: 05:88:90:3f:50:72:e6:15:ef:99:e7:99:48:20:76: 18:3b:6e:8b:43:e2:2b:cf:41:64:0c:45:61:23:27: 57:e6:e8:bf:85:8c:90:a2:aa:31:64:ba:76:cd:f7: 45:e1:98:f4:97:9d:28:69:03:57:46:53:7b:80:79: ee:99:a9:47:92:42:c2:1f:7d:5d:01:21:03:81:dc: d6:cb:58:d3:9c:fd:da:e4:71:0d:22:b7:e1:92:b5: 46:f4:b0:bd:e7:55:28:d7:e4:f2:ae:c1:e4:13:f0: a3:33:e3:1e:d8:96:fe:23:db:e9:dd:32:56:e3:33: e4:3f:61:b7:32:5b:b1:eb:91:dd:74:53:ea:ba:7d: 13:60:9e:62:24:d7:ea:e0:d7:ea:36:1a:f0:f5:d5: b2:b8:b4:70:a6:f5:74:54:cd:a4:0a:2a:0a:6b:a7: bb:64:85:fa:14:6e:7d:1e:4c:38:d8:4e:af:e9:77: f0:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:69:EB:FC:DB:CF:23:54:DD:B3:BD:03:EB:88:4D:AA:2A:8A:FB:AC X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 162.141.44.0/24 162.141.67.0/24 162.141.80.0/24 162.141.98.0/24 167.148.40.0/24 167.148.190.0/24 Signature Algorithm: sha256WithRSAEncryption 28:93:b3:8d:93:49:2c:51:98:f3:83:e3:80:f2:bf:5f:9d:3f: 3a:1c:77:e3:c3:f2:5a:6f:5d:41:e6:d1:4e:0d:2f:12:89:55: ca:cf:50:a3:b7:d3:64:d8:6b:6e:48:ed:c0:13:f4:ec:b1:7e: de:7a:9f:6e:76:02:f7:4d:cf:fa:ca:01:53:d1:6f:e7:fc:ae: c4:58:6a:bb:63:2d:33:26:b2:c0:d2:62:1e:e2:61:14:15:7c: bc:0f:58:eb:1f:8c:61:d4:06:33:84:c4:f1:2c:bf:88:5e:59: bd:0c:e6:d3:7b:41:93:13:af:fe:d2:42:9d:74:6a:1c:f2:3e: f5:63:0e:9c:8c:e9:60:2d:6f:52:d4:55:76:ec:c3:47:6d:97: e4:a8:6c:b1:3f:21:ec:45:27:99:3c:c9:bc:76:8e:6d:3f:8d: 31:b0:29:37:ac:77:d0:bc:28:f3:2b:35:b2:7c:4c:4a:1f:62: b4:2b:85:a0:dc:38:4b:6d:38:e0:16:dd:06:50:ec:ca:02:db: c3:d7:6b:ca:ed:dc:2e:20:0f:5f:b4:ba:22:c9:f5:67:71:11: cb:80:e9:00:f7:13:2e:6f:77:39:58:29:c0:50:c7:ca:47:eb: fd:9e:23:f9:a1:79:e6:42:e6:02:6a:bd:c3:43:81:92:3f:20: 14:02:d0:08 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIUA98s+PQR+e44kaGHDZ7lHCQmaoMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjgxNDAxNDhaFw0yNjExMjcxNDA2NDhaMDMxMTAvBgNV BAMTKDI0NjlFQkZDREJDRjIzNTREREIzQkQwM0VCODg0REFBMkE4QUZCQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCti9j705NQvvxtpP641N1Sp9SR WBnBtRS+GC55EIc4N9IlB1XbPrRn4ETlu5HYIaEyCOfX4gdwn+GFVNJEkKIi4/4t teM09Z6sxAWIkD9QcuYV75nnmUggdhg7botD4ivPQWQMRWEjJ1fm6L+FjJCiqjFk unbN90XhmPSXnShpA1dGU3uAee6ZqUeSQsIffV0BIQOB3NbLWNOc/drkcQ0it+GS tUb0sL3nVSjX5PKuweQT8KMz4x7Ylv4j2+ndMlbjM+Q/YbcyW7Hrkd10U+q6fRNg nmIk1+rg1+o2GvD11bK4tHCm9XRUzaQKKgprp7tkhfoUbn0eTDjYTq/pd/D/AgMB AAGjggInMIICIzAdBgNVHQ4EFgQUJGnr/NvPI1Tds70D64hNqiqK+6wwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBACijSwD BACijUMDBACijVADBACijWIDBACnlCgDBACnlL4wDQYJKoZIhvcNAQELBQADggEB ACiTs42TSSxRmPOD44Dyv1+dPzocd+PD8lpvXUHm0U4NLxKJVcrPUKO302TYa25I 7cAT9Oyxft56n252AvdNz/rKAVPRb+f8rsRYartjLTMmssDSYh7iYRQVfLwPWOsf jGHUBjOExPEsv4heWb0M5tN7QZMTr/7SQp10ahzyPvVjDpyM6WAtb1LUVXbsw0dt l+SobLE/IexFJ5k8ybx2jm0/jTGwKTesd9C8KPMrNbJ8TEofYrQrhaDcOEttOOAW 3QZQ7MoC28PXa8rt3C4gD1+0uiLJ9WdxEcuA6QD3Ey5vdzlYKcBQx8pH6/2eI/mh eeZC5gJqvcNDgZI/IBQC0Ag= -----END CERTIFICATE-----Generated at Fri Dec 5 05:06:36 2025 by rpki-client