This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa File: AS51847.roa (raw, json) Hash identifier: hRjP7aEGDj9dIsiNw/dH7qEZNGmkOtQwoLdWpXCFWPs= Subject key identifier: 90:8B:2F:2A:75:D3:AD:44:9A:0C:9C:E7:F8:E6:F2:2C:1B:FE:4D:79 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 2E7EB0B43A0FBE782D254680C51790BBF369143C Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa Signing time: Wed 03 Dec 2025 10:29:42 +0000 ROA not before: Wed 03 Dec 2025 10:24:42 +0000 ROA not after: Wed 02 Dec 2026 10:29:42 +0000 asID: 51847 IP address blocks: 140.233.191.0/24 maxlen: 24 147.79.59.0/24 maxlen: 24 148.135.253.0/24 maxlen: 24 150.241.210.0/23 maxlen: 24 155.117.188.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 11:26:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:7e:b0:b4:3a:0f:be:78:2d:25:46:80:c5:17:90:bb:f3:69:14:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 3 10:24:42 2025 GMT Not After : Dec 2 10:29:42 2026 GMT Subject: CN=908B2F2A75D3AD449A0C9CE7F8E6F22C1BFE4D79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:e8:0e:17:b4:69:56:19:2a:d5:44:a9:d9:b7: 39:9e:3c:52:3d:07:3b:f4:f2:62:9e:94:e6:0f:57: 82:ec:fa:14:a5:aa:82:11:c1:ba:45:86:e0:1a:af: ca:24:0a:a8:fa:69:a3:83:80:af:f6:24:49:a3:42: 88:c3:84:36:3f:f5:6d:78:01:ed:95:bd:a1:25:a3: 4c:6c:b4:66:c5:41:1a:23:14:1b:7a:da:96:13:30: f1:07:fb:3c:0c:4a:e9:43:5b:48:14:ee:3f:33:36: 2c:0c:f2:2d:5e:53:33:33:07:3f:d3:ec:28:2c:5d: 68:c3:5c:bc:a4:1a:b5:b5:3f:19:37:c9:69:eb:72: 2e:d2:79:d8:a9:cf:bf:c5:7b:0c:86:32:1f:87:79: b6:a1:66:c2:89:78:20:f7:73:7a:89:d3:47:48:46: 36:c8:fc:49:fa:db:fa:d2:97:c1:2b:08:ec:52:bc: c9:98:9b:4b:79:9a:c1:5e:2c:fd:27:eb:3b:02:26: 5c:db:7c:1a:37:57:c5:68:1a:01:5c:2f:77:72:c0: 66:58:7b:2d:30:58:b5:c8:48:b4:ff:37:c6:e7:64: 5f:ac:09:60:a9:92:6e:98:8e:54:18:8c:ad:40:79: 2f:e7:22:bf:86:7e:15:d6:50:f1:96:78:07:74:a5: f5:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:8B:2F:2A:75:D3:AD:44:9A:0C:9C:E7:F8:E6:F2:2C:1B:FE:4D:79 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS51847.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.233.191.0/24 147.79.59.0/24 148.135.253.0/24 150.241.210.0/23 155.117.188.0/24 Signature Algorithm: sha256WithRSAEncryption 80:02:5f:20:82:0f:85:e9:f0:f7:89:d9:10:5b:fb:e4:cd:4c: 0a:45:da:48:ea:c0:17:63:14:ab:26:a4:55:f1:7a:41:67:09: cf:27:5e:0e:3f:98:c4:69:d1:f7:9f:60:fd:f3:7a:5a:75:9e: c8:b9:cd:bf:20:d2:4b:d0:eb:59:b4:c8:3a:23:4a:9a:76:02: ba:82:60:9c:6a:05:b5:c8:37:9e:b8:9b:79:7a:45:69:96:f1: ab:4b:1a:3b:25:d3:85:0b:06:0b:68:f1:64:65:06:59:20:9a: 32:58:3c:8a:fc:4a:79:97:db:6f:d5:39:c1:80:99:9c:c8:ae: f4:92:cc:5b:7b:82:60:a4:a3:1a:4d:dd:a6:28:1d:ce:f1:ed: d7:ad:39:65:4c:7f:92:8c:47:68:53:b9:43:05:ac:df:e6:f9: 81:23:87:81:ca:e7:53:94:74:d1:8d:58:81:c8:8b:7b:36:8f: 57:a8:df:33:d5:56:a3:20:ec:f9:21:9d:45:26:79:d9:a3:10: f4:2a:5a:40:31:40:73:fe:98:1a:54:65:a3:00:37:e7:c5:31: 3a:d7:66:ca:cf:05:54:ca:50:fb:16:e3:7d:7b:7a:a2:39:38: ee:7a:e8:16:62:0e:36:45:b4:f4:7a:a0:37:e2:d4:3a:3a:c9: 6a:66:b6:b3 -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIULn6wtDoPvngtJUaAxReQu/NpFDwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDMxMDI0NDJaFw0yNjEyMDIxMDI5NDJaMDMxMTAvBgNV BAMTKDkwOEIyRjJBNzVEM0FENDQ5QTBDOUNFN0Y4RTZGMjJDMUJGRTRENzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu6A4XtGlWGSrVRKnZtzmePFI9 Bzv08mKelOYPV4Ls+hSlqoIRwbpFhuAar8okCqj6aaODgK/2JEmjQojDhDY/9W14 Ae2VvaElo0xstGbFQRojFBt62pYTMPEH+zwMSulDW0gU7j8zNiwM8i1eUzMzBz/T 7CgsXWjDXLykGrW1Pxk3yWnrci7Sedipz7/FewyGMh+HebahZsKJeCD3c3qJ00dI RjbI/En62/rSl8ErCOxSvMmYm0t5msFeLP0n6zsCJlzbfBo3V8VoGgFcL3dywGZY ey0wWLXISLT/N8bnZF+sCWCpkm6YjlQYjK1AeS/nIr+GfhXWUPGWeAd0pfVRAgMB AAGjggIhMIICHTAdBgNVHQ4EFgQUkIsvKnXTrUSaDJzn+ObyLBv+TXkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTE4NDcucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACM6b8D BACTTzsDBACUh/0DBAGW8dIDBACbdbwwDQYJKoZIhvcNAQELBQADggEBAIACXyCC D4Xp8PeJ2RBb++TNTApF2kjqwBdjFKsmpFXxekFnCc8nXg4/mMRp0fefYP3zelp1 nsi5zb8g0kvQ61m0yDojSpp2ArqCYJxqBbXIN564m3l6RWmW8atLGjsl04ULBgto 8WRlBlkgmjJYPIr8SnmX22/VOcGAmZzIrvSSzFt7gmCkoxpN3aYoHc7x7detOWVM f5KMR2hTuUMFrN/m+YEjh4HK51OUdNGNWIHIi3s2j1eo3zPVVqMg7PkhnUUmedmj EPQqWkAxQHP+mBpUZaMAN+fFMTrXZsrPBVTKUPsW4317eqI5OO566BZiDjZFtPR6 oDfi1Do6yWpmtrM= -----END CERTIFICATE-----Generated at Wed Dec 3 18:54:03 2025 by rpki-client