This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa File: AS397423.roa (raw, json) Hash identifier: cEF9TDDKDUnSzJo4PXIpr8zW0qQc0hKQzTcKzZ4Jpnw= Subject key identifier: 27:D4:F1:8E:29:77:E4:DD:7D:0A:4A:3C:E5:F6:70:29:29:AC:19:F1 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 7DB3395FFCB78AF6D42EACF5ABC62FCC08411C1A Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa Signing time: Mon 17 Nov 2025 21:15:24 +0000 ROA not before: Mon 17 Nov 2025 21:10:24 +0000 ROA not after: Mon 16 Nov 2026 21:15:24 +0000 asID: 397423 IP address blocks: 143.14.180.0/24 maxlen: 24 145.223.44.0/24 maxlen: 24 145.223.54.0/24 maxlen: 24 145.223.58.0/24 maxlen: 24 146.103.5.0/24 maxlen: 24 150.241.226.0/23 maxlen: 24 155.117.232.0/22 maxlen: 22 155.117.246.0/24 maxlen: 24 162.141.100.0/24 maxlen: 24 167.148.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 04:35:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:b3:39:5f:fc:b7:8a:f6:d4:2e:ac:f5:ab:c6:2f:cc:08:41:1c:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 17 21:10:24 2025 GMT Not After : Nov 16 21:15:24 2026 GMT Subject: CN=27D4F18E2977E4DD7D0A4A3CE5F6702929AC19F1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ff:44:95:e0:49:68:77:d3:00:e1:6d:5b:17: 3e:17:24:ee:4f:6b:19:d6:e3:de:c3:9b:94:ca:20: cd:ba:ed:7c:dd:c3:d0:95:bc:5e:79:77:16:c1:aa: ad:b9:39:7d:7b:2f:75:0c:4d:03:d5:29:65:ee:d9: 8f:51:a3:29:8b:33:6c:28:4d:1b:2d:d0:74:6b:74: 38:33:50:1b:1a:05:e4:49:ac:39:d1:8f:aa:b0:b5: 5b:cd:fa:e2:21:3c:cd:4d:d7:11:d0:77:10:4c:e2: 9a:73:07:b1:23:05:5f:73:f7:df:de:e7:cc:1d:2f: 5e:72:33:38:b6:42:2f:87:13:93:41:5e:a3:47:05: b6:4a:9a:33:40:9b:a6:22:4b:2e:37:dc:6a:d3:3d: 8e:69:33:5e:82:5b:84:3e:7f:d5:6b:da:dc:04:8b: f7:ae:7c:6e:d6:1e:32:da:d9:a4:b1:d0:f9:b4:e0: f5:0e:04:d3:e8:60:d7:1c:df:ab:22:55:6c:a2:cd: 31:43:93:db:15:ca:61:ca:2d:55:61:31:1d:84:18: 9d:67:4a:4d:3b:de:e4:da:55:f4:7d:ef:ed:48:e7: c3:b0:c2:88:97:dc:6d:a5:66:01:5a:ca:df:24:77: a3:ca:d1:9c:8c:97:0c:68:ed:ba:96:3e:a8:01:9e: 11:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:D4:F1:8E:29:77:E4:DD:7D:0A:4A:3C:E5:F6:70:29:29:AC:19:F1 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.180.0/24 145.223.44.0/24 145.223.54.0/24 145.223.58.0/24 146.103.5.0/24 150.241.226.0/23 155.117.232.0/22 155.117.246.0/24 162.141.100.0/24 167.148.158.0/24 Signature Algorithm: sha256WithRSAEncryption 07:7b:79:f3:e5:0d:fa:97:7a:d8:d1:cd:bc:c8:70:20:66:8a: 45:e8:9e:bb:ca:9b:92:e9:13:34:3d:43:58:f8:4e:80:a2:1d: 96:97:3b:fe:b8:bb:ac:29:26:1e:1c:f9:67:7a:18:bc:df:1c: 25:48:54:dd:0d:7f:60:07:c6:b3:32:82:53:d3:8d:4c:3b:1b: 9d:6a:f9:df:0d:44:74:14:1a:85:5c:07:14:4e:21:8c:e6:89: 16:4a:f7:a3:03:66:11:b1:af:59:ff:69:f3:9c:32:22:f4:86: 15:d8:db:ee:75:77:47:c9:dd:bc:28:6a:7e:7f:e1:6a:12:92: aa:af:2e:32:9c:d9:91:39:a0:41:b2:a1:59:bd:34:67:2e:84: fa:0c:57:f5:a2:33:0a:67:11:4a:3f:d7:04:37:98:25:54:64: 6b:c0:a8:48:c6:95:dd:00:df:4e:60:cb:71:e3:83:c8:f1:28: 47:e1:d7:3a:3a:17:67:b9:a2:e5:72:fa:16:79:26:3d:bb:04: 72:37:07:be:7e:96:7d:c9:12:e4:9c:6a:67:f0:43:12:ff:72: 25:1e:16:6a:aa:e5:1b:84:73:1f:67:12:95:7d:b2:16:62:e7: 7a:44:10:95:b1:67:2d:8c:f0:76:30:df:7e:d8:2c:3f:c5:7b: e8:3c:4a:f6 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIUfbM5X/y3ivbULqz1q8YvzAhBHBowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTcyMTEwMjRaFw0yNjExMTYyMTE1MjRaMDMxMTAvBgNV BAMTKDI3RDRGMThFMjk3N0U0REQ3RDBBNEEzQ0U1RjY3MDI5MjlBQzE5RjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm/0SV4Elod9MA4W1bFz4XJO5P axnW497Dm5TKIM267Xzdw9CVvF55dxbBqq25OX17L3UMTQPVKWXu2Y9RoymLM2wo TRst0HRrdDgzUBsaBeRJrDnRj6qwtVvN+uIhPM1N1xHQdxBM4ppzB7EjBV9z99/e 58wdL15yMzi2Qi+HE5NBXqNHBbZKmjNAm6YiSy433GrTPY5pM16CW4Q+f9Vr2twE i/eufG7WHjLa2aSx0Pm04PUOBNPoYNcc36siVWyizTFDk9sVymHKLVVhMR2EGJ1n Sk073uTaVfR97+1I58OwwoiX3G2lZgFayt8kd6PK0ZyMlwxo7bqWPqgBnhGfAgMB AAGjggJAMIICPDAdBgNVHQ4EFgQUJ9Txjil35N19Cko85fZwKSmsGfEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAjw60 AwQAkd8sAwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQCm3XoAwQAm3X2AwQAoo1k AwQAp5SeMA0GCSqGSIb3DQEBCwUAA4IBAQAHe3nz5Q36l3rY0c28yHAgZopF6J67 ypuS6RM0PUNY+E6Aoh2Wlzv+uLusKSYeHPlnehi83xwlSFTdDX9gB8azMoJT041M OxudavnfDUR0FBqFXAcUTiGM5okWSvejA2YRsa9Z/2nznDIi9IYV2NvudXdHyd28 KGp+f+FqEpKqry4ynNmROaBBsqFZvTRnLoT6DFf1ojMKZxFKP9cEN5glVGRrwKhI xpXdAN9OYMtx44PI8ShH4dc6OhdnuaLlcvoWeSY9uwRyNwe+fpZ9yRLknGpn8EMS /3IlHhZqquUbhHMfZxKVfbIWYud6RBCVsWctjPB2MN9+2Cw/xXvoPEr2 -----END CERTIFICATE-----Generated at Sun Nov 23 13:05:54 2025 by rpki-client