This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa File: AS397423.roa (raw, json) Hash identifier: WaPKdfrzAJWs5SlE31/yHgNiGHHZwejQx3CPrYY1t4c= Subject key identifier: D8:37:6F:AA:5B:E3:65:12:42:06:2B:E5:E9:9A:14:23:67:44:0C:51 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 378202F3787D21AC884DABFBB8B3D366C7B6E306 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa Signing time: Sun 28 Dec 2025 00:04:29 +0000 ROA not before: Sat 27 Dec 2025 23:59:29 +0000 ROA not after: Sun 27 Dec 2026 00:04:29 +0000 asID: 397423 IP address blocks: 143.14.180.0/24 maxlen: 24 145.223.44.0/24 maxlen: 24 145.223.54.0/24 maxlen: 24 145.223.58.0/24 maxlen: 24 146.103.5.0/24 maxlen: 24 150.241.226.0/23 maxlen: 24 155.117.246.0/24 maxlen: 24 162.141.100.0/24 maxlen: 24 167.148.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 12:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:82:02:f3:78:7d:21:ac:88:4d:ab:fb:b8:b3:d3:66:c7:b6:e3:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 27 23:59:29 2025 GMT Not After : Dec 27 00:04:29 2026 GMT Subject: CN=D8376FAA5BE3651242062BE5E99A142367440C51 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:d9:ea:86:29:37:71:bc:3c:97:77:1c:ff:5a: b0:94:2f:a1:a6:bf:1e:73:17:43:05:03:f6:67:15: ce:a7:0a:ca:cd:b1:a7:59:9d:d9:95:47:0f:cd:4e: b4:9b:3a:94:d5:fe:11:86:94:cb:7f:fe:26:1b:90: 52:ec:a9:cf:cd:66:e4:d6:16:83:d9:90:7c:00:1c: 56:60:ed:ce:a8:0c:54:19:f2:40:82:c4:d7:e3:c8: 06:14:c3:64:37:51:47:a7:c3:20:4e:05:18:a0:7e: e3:f1:b6:3f:ef:c8:30:ba:33:90:ca:4b:b3:92:69: 30:37:4e:ab:c0:89:e0:d7:c8:59:54:34:53:78:5d: a0:6f:9c:cc:6d:0e:d7:02:48:40:9a:a1:d5:3b:5a: 22:7c:6d:8c:26:e7:d6:cc:14:62:93:e6:25:e8:e6: 4f:db:8d:34:06:5c:38:8c:f6:4f:41:8f:c6:75:dd: 5d:8e:13:d4:ce:2f:f8:7a:88:fe:f0:0e:44:31:02: a7:ff:d0:ff:db:97:93:b1:e0:8e:b9:21:cc:a7:3f: 11:69:25:c3:34:07:01:a8:54:9e:f1:48:71:91:1b: 76:46:b2:94:d6:2b:b4:56:a8:84:23:ab:a6:88:21: 66:be:a2:86:39:0f:63:1b:51:ed:d3:4c:e6:67:0c: 2b:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:37:6F:AA:5B:E3:65:12:42:06:2B:E5:E9:9A:14:23:67:44:0C:51 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.180.0/24 145.223.44.0/24 145.223.54.0/24 145.223.58.0/24 146.103.5.0/24 150.241.226.0/23 155.117.246.0/24 162.141.100.0/24 167.148.158.0/24 Signature Algorithm: sha256WithRSAEncryption 45:08:ec:d6:27:91:f9:1b:da:53:34:55:e7:c1:1e:e9:9f:bb: 64:8d:07:79:20:9a:85:fe:3e:f7:4e:46:c9:ce:c8:64:0a:b3: ef:87:7f:db:18:81:55:fa:d5:3b:ce:57:19:47:e3:78:a1:30: 87:bb:e5:a5:bf:45:ed:b7:8b:65:7c:5c:63:66:1a:18:1a:37: 65:b9:f5:47:73:0b:ad:40:75:0a:e3:2b:37:25:fa:a6:70:a2: da:bf:17:dc:ea:b4:fd:b8:03:cf:82:a8:99:74:ea:32:16:38: 2c:58:25:c6:90:1f:4a:16:90:fb:8a:ae:02:c9:78:3a:6c:ce: e1:b0:55:0c:37:3e:1b:92:38:d9:ee:5f:65:8d:17:6a:f6:56: 71:29:c8:3c:12:aa:d2:b3:63:88:29:51:7a:77:f1:00:55:b7: 82:00:b0:4e:00:4d:a2:e8:00:e4:1e:2c:0e:7f:58:8f:da:67: cf:fe:de:c0:d6:2a:df:68:32:be:d2:02:39:24:98:be:62:eb: 6f:9a:db:e3:5f:c6:f7:b4:e8:94:1c:b8:c0:14:82:e6:19:0a: 95:be:18:81:19:25:96:3a:81:96:87:f4:57:b5:a6:8b:e4:00: 53:d5:f4:9c:de:35:16:fe:de:32:53:93:ac:0e:9e:5d:47:23: d7:44:14:ea -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUN4IC83h9IayITav7uLPTZse24wYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMjcyMzU5MjlaFw0yNjEyMjcwMDA0MjlaMDMxMTAvBgNV BAMTKEQ4Mzc2RkFBNUJFMzY1MTI0MjA2MkJFNUU5OUExNDIzNjc0NDBDNTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC92eqGKTdxvDyXdxz/WrCUL6Gm vx5zF0MFA/ZnFc6nCsrNsadZndmVRw/NTrSbOpTV/hGGlMt//iYbkFLsqc/NZuTW FoPZkHwAHFZg7c6oDFQZ8kCCxNfjyAYUw2Q3UUenwyBOBRigfuPxtj/vyDC6M5DK S7OSaTA3TqvAieDXyFlUNFN4XaBvnMxtDtcCSECaodU7WiJ8bYwm59bMFGKT5iXo 5k/bjTQGXDiM9k9Bj8Z13V2OE9TOL/h6iP7wDkQxAqf/0P/bl5Ox4I65IcynPxFp JcM0BwGoVJ7xSHGRG3ZGspTWK7RWqIQjq6aIIWa+ooY5D2MbUe3TTOZnDCtTAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQU2DdvqlvjZRJCBivl6ZoUI2dEDFEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAjw60 AwQAkd8sAwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQAm3X2AwQAoo1kAwQAp5Se MA0GCSqGSIb3DQEBCwUAA4IBAQBFCOzWJ5H5G9pTNFXnwR7pn7tkjQd5IJqF/j73 TkbJzshkCrPvh3/bGIFV+tU7zlcZR+N4oTCHu+Wlv0Xtt4tlfFxjZhoYGjdlufVH cwutQHUK4ys3JfqmcKLavxfc6rT9uAPPgqiZdOoyFjgsWCXGkB9KFpD7iq4CyXg6 bM7hsFUMNz4bkjjZ7l9ljRdq9lZxKcg8EqrSs2OIKVF6d/EAVbeCALBOAE2i6ADk HiwOf1iP2mfP/t7A1irfaDK+0gI5JJi+YutvmtvjX8b3tOiUHLjAFILmGQqVvhiB GSWWOoGWh/RXtaaL5ABT1fSc3jUW/t4yU5OsDp5dRyPXRBTq -----END CERTIFICATE-----Generated at Fri Jan 9 18:02:07 2026 by rpki-client