This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56655.roa File: AS56655.roa (raw, json) Hash identifier: JToo73QDOtqoL/5w0JWiia+CHEcSXBEqRnhfyc9Ud0s= Subject key identifier: C1:B7:6E:C6:D8:5C:68:A0:66:66:60:C5:54:55:34:2D:20:6F:C0:31 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1D2BC2471AEC5E695309F756AB7441FC21F9169A Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56655.roa Signing time: Wed 19 Nov 2025 09:01:47 +0000 ROA not before: Wed 19 Nov 2025 08:56:47 +0000 ROA not after: Wed 18 Nov 2026 09:01:47 +0000 asID: 56655 IP address blocks: 143.14.18.0/24 maxlen: 24 143.14.40.0/22 maxlen: 22 143.14.76.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:2b:c2:47:1a:ec:5e:69:53:09:f7:56:ab:74:41:fc:21:f9:16:9a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 19 08:56:47 2025 GMT Not After : Nov 18 09:01:47 2026 GMT Subject: CN=C1B76EC6D85C68A0666660C55455342D206FC031 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8f:f9:f5:5b:f4:d9:8d:eb:d8:a4:7b:a8:81:d7: 0f:63:0c:c8:a7:ec:66:cd:ff:69:80:cb:35:e7:89: 69:84:04:ed:f5:fc:5c:7f:18:15:9a:0d:f2:78:ba: 8c:df:bc:be:95:09:99:6d:7e:a3:b7:73:b3:1c:3e: 7b:8a:8e:fe:e1:0f:2f:c6:1b:5a:63:32:e6:e1:f7: 99:52:f4:7f:68:01:7e:50:2f:0d:28:d2:3f:81:b3: a6:43:10:6b:61:65:62:84:ea:d5:89:1c:13:3b:ed: 35:f2:7b:d0:b5:58:08:5d:0d:7f:54:8c:ff:17:06: 3f:6f:6f:d4:08:b2:8e:ee:6c:2f:db:f2:b6:3c:9c: fd:b2:ca:e0:e6:7e:a3:01:74:8c:7a:bc:64:19:e3: 82:6e:e2:b7:62:38:f9:26:19:f9:d9:c1:a5:72:c9: 2c:0e:b0:b6:31:ec:1b:f7:a6:35:c6:43:06:1f:34: 60:0d:7d:fe:51:9f:47:f4:b4:f5:40:42:b4:68:5b: 53:de:2a:5b:33:95:ce:42:b5:1b:6b:9d:d3:59:4e: b1:b8:c3:70:14:25:9a:54:35:41:45:6d:eb:b2:0c: 95:1e:1b:e3:49:c7:ef:a1:2a:b8:5f:6c:2c:cc:19: b4:7f:58:07:0d:99:04:fb:cf:e2:6f:77:60:17:4e: bd:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:B7:6E:C6:D8:5C:68:A0:66:66:60:C5:54:55:34:2D:20:6F:C0:31 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS56655.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.18.0/24 143.14.40.0/22 143.14.76.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:08:99:92:8b:84:57:b0:68:ef:47:3f:85:d3:c6:6a:50:c5: 8a:d1:ea:ff:5c:05:aa:9c:c9:cd:ea:30:07:b1:0f:54:f7:24: fc:cd:3f:f8:33:cc:b9:ef:46:18:48:15:dc:41:72:f6:9f:92: a1:cf:15:99:ed:b0:ab:03:c2:53:89:ee:99:5b:94:6f:9e:85: 4c:fb:e8:a4:6b:8f:04:14:2f:59:fb:05:87:0a:58:77:1d:e7: df:b0:75:b3:6d:39:8b:ef:c7:5f:27:d1:0d:bd:36:c0:b3:09: ef:e2:04:2c:59:ca:71:15:5a:dc:24:d1:91:0c:6a:4a:f1:ee: bc:e8:aa:12:35:02:e0:6d:03:4a:a4:af:39:05:b9:72:03:fb: 45:dd:73:28:80:ac:2f:95:ec:99:e6:06:fc:4d:dd:9c:24:59: aa:de:35:91:44:e8:e4:41:cf:94:ea:ca:d5:e1:3f:ba:d3:94: 67:7b:a6:7b:f5:c6:ed:a1:e1:b7:56:87:29:07:09:23:47:ec: dc:c8:cf:6f:0b:b2:67:e6:c9:57:8b:76:83:83:a9:17:8c:87: cd:2b:dc:55:02:6c:1f:06:39:66:cc:cd:73:7a:ec:e8:d5:4e: 13:b2:9a:d2:2a:fd:e0:69:2e:8e:e2:ec:2b:d2:71:3f:a0:4d: 10:86:ad:27 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIUHSvCRxrsXmlTCfdWq3RB/CH5FpowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTkwODU2NDdaFw0yNjExMTgwOTAxNDdaMDMxMTAvBgNV BAMTKEMxQjc2RUM2RDg1QzY4QTA2NjY2NjBDNTU0NTUzNDJEMjA2RkMwMzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP+fVb9NmN69ike6iB1w9jDMin 7GbN/2mAyzXniWmEBO31/Fx/GBWaDfJ4uozfvL6VCZltfqO3c7McPnuKjv7hDy/G G1pjMubh95lS9H9oAX5QLw0o0j+Bs6ZDEGthZWKE6tWJHBM77TXye9C1WAhdDX9U jP8XBj9vb9QIso7ubC/b8rY8nP2yyuDmfqMBdIx6vGQZ44Ju4rdiOPkmGfnZwaVy ySwOsLYx7Bv3pjXGQwYfNGANff5Rn0f0tPVAQrRoW1PeKlszlc5CtRtrndNZTrG4 w3AUJZpUNUFFbeuyDJUeG+NJx++hKrhfbCzMGbR/WAcNmQT7z+Jvd2AXTr3RAgMB AAGjggIVMIICETAdBgNVHQ4EFgQUwbduxthcaKBmZmDFVFU0LSBvwDEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTY2NTUucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBACPDhID BAKPDigDBACPDkwwDQYJKoZIhvcNAQELBQADggEBAIsImZKLhFewaO9HP4XTxmpQ xYrR6v9cBaqcyc3qMAexD1T3JPzNP/gzzLnvRhhIFdxBcvafkqHPFZntsKsDwlOJ 7plblG+ehUz76KRrjwQUL1n7BYcKWHcd59+wdbNtOYvvx18n0Q29NsCzCe/iBCxZ ynEVWtwk0ZEMakrx7rzoqhI1AuBtA0qkrzkFuXID+0XdcyiArC+V7JnmBvxN3Zwk WareNZFE6ORBz5TqytXhP7rTlGd7pnv1xu2h4bdWhykHCSNH7NzIz28LsmfmyVeL doODqReMh80r3FUCbB8GOWbMzXN67OjVThOymtIq/eBpLo7i7CvScT+gTRCGrSc= -----END CERTIFICATE-----Generated at Fri Dec 5 18:14:40 2025 by rpki-client