This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59432.roa File: AS59432.roa (raw, json) Hash identifier: QHb/TW9MWhEnvh2JGSH5k0JnjA/85wfa79r93tnd5Nw= Subject key identifier: 27:A3:D5:68:AA:76:FC:50:26:B3:81:71:27:77:3E:58:13:24:5F:1B Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1D0F7949813ABFB3E0A5D30A8AFA0D7FFC2D55E8 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59432.roa Signing time: Mon 17 Nov 2025 07:27:58 +0000 ROA not before: Mon 17 Nov 2025 07:22:58 +0000 ROA not after: Mon 16 Nov 2026 07:27:58 +0000 asID: 59432 IP address blocks: 143.14.91.0/24 maxlen: 24 167.148.202.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:0f:79:49:81:3a:bf:b3:e0:a5:d3:0a:8a:fa:0d:7f:fc:2d:55:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 17 07:22:58 2025 GMT Not After : Nov 16 07:27:58 2026 GMT Subject: CN=27A3D568AA76FC5026B3817127773E5813245F1B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:02:26:7f:9d:af:0f:98:c9:57:12:f3:b9:04: 3a:67:cc:91:08:11:72:27:61:47:73:e8:b8:34:08: 75:1b:5d:a0:ba:6e:6c:91:55:6c:02:13:67:5d:b8: 3d:f6:d8:35:af:b1:a6:56:fe:eb:ec:49:0b:a3:80: de:be:db:93:46:3a:79:5a:8a:2f:c3:ba:72:00:95: 5c:da:ca:c9:85:b1:c0:f9:43:57:54:e5:b2:25:5b: 61:f5:b5:75:23:75:98:ce:82:8e:f0:9a:3f:35:1f: c9:04:82:e2:2c:a4:94:28:02:76:d3:cf:6f:10:9d: d8:b5:0e:58:42:1f:d2:29:d7:da:8d:15:54:6f:23: 75:d7:2a:84:90:a4:a4:66:1f:83:07:52:88:41:fe: 91:4e:03:8e:76:0c:ef:81:af:77:f8:80:5e:57:c7: 61:db:02:a5:94:34:e5:a3:3c:74:4d:c4:a4:9d:56: 28:d8:0f:5e:0f:88:a4:89:71:13:70:6a:72:19:94: 8a:77:d7:1e:b5:08:50:d7:a7:5e:d6:cf:14:3f:87: 5e:10:45:7e:9b:ef:ae:0e:ce:2d:21:38:0a:29:10: 95:e4:e1:93:6c:3e:86:2f:d1:f0:3c:58:52:c8:7e: 37:d7:c3:c9:aa:10:a2:30:1c:36:63:54:10:b8:31: 00:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:A3:D5:68:AA:76:FC:50:26:B3:81:71:27:77:3E:58:13:24:5F:1B X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS59432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.91.0/24 167.148.202.0/24 Signature Algorithm: sha256WithRSAEncryption bc:4a:b3:96:87:68:61:7e:ed:c2:7e:e7:d2:bf:ee:1d:1b:fc: 7b:ca:00:0d:74:b7:da:2f:6d:bf:f0:5a:f5:1c:75:5f:20:64: 59:70:c5:93:74:fd:06:a8:ee:1b:6b:d1:c5:c4:f0:79:b3:87: 9d:48:cf:49:86:c1:57:d1:7c:23:80:97:9b:3d:a0:20:14:6b: a7:4b:0c:81:93:38:cb:8c:e0:a1:0c:fe:dc:be:d5:7e:30:7e: ed:c7:89:74:36:c2:a4:ee:bc:ce:ae:2b:26:5a:ac:43:d2:ed: d2:1c:40:4f:b0:8d:cd:a1:99:34:06:25:fd:f5:19:f6:af:a8: 68:26:e3:fe:47:72:6f:80:f6:15:b8:23:bc:f8:5b:c1:4b:73: 1d:37:01:59:2c:4e:37:19:c7:5a:9f:b5:90:a3:ab:d4:65:33: c3:25:dd:6c:4d:47:d2:cc:48:e3:9c:85:5f:3a:7f:12:fd:07: c0:04:a1:f9:f6:7e:2b:15:68:4c:bd:35:b3:8e:c4:a2:51:f9: 7a:6c:86:79:5f:ae:2c:27:80:86:da:82:e2:33:6d:22:8e:91: 95:ce:47:59:b9:cb:9f:66:fb:cf:9e:b3:0b:80:69:2b:94:e5: 1d:a1:bf:2c:b8:5c:92:46:48:13:e6:3f:27:fc:63:aa:f3:58: dc:6a:33:02 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUHQ95SYE6v7PgpdMKivoNf/wtVegwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTcwNzIyNThaFw0yNjExMTYwNzI3NThaMDMxMTAvBgNV BAMTKDI3QTNENTY4QUE3NkZDNTAyNkIzODE3MTI3NzczRTU4MTMyNDVGMUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBAiZ/na8PmMlXEvO5BDpnzJEI EXInYUdz6Lg0CHUbXaC6bmyRVWwCE2dduD322DWvsaZW/uvsSQujgN6+25NGOnla ii/DunIAlVzaysmFscD5Q1dU5bIlW2H1tXUjdZjOgo7wmj81H8kEguIspJQoAnbT z28Qndi1DlhCH9Ip19qNFVRvI3XXKoSQpKRmH4MHUohB/pFOA452DO+Br3f4gF5X x2HbAqWUNOWjPHRNxKSdVijYD14PiKSJcRNwanIZlIp31x61CFDXp17WzxQ/h14Q RX6b764Ozi0hOAopEJXk4ZNsPoYv0fA8WFLIfjfXw8mqEKIwHDZjVBC4MQBLAgMB AAGjggIPMIICCzAdBgNVHQ4EFgQUJ6PVaKp2/FAms4FxJ3c+WBMkXxswHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTNTk0MzIucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACPDlsD BACnlMowDQYJKoZIhvcNAQELBQADggEBALxKs5aHaGF+7cJ+59K/7h0b/HvKAA10 t9ovbb/wWvUcdV8gZFlwxZN0/Qao7htr0cXE8Hmzh51Iz0mGwVfRfCOAl5s9oCAU a6dLDIGTOMuM4KEM/ty+1X4wfu3HiXQ2wqTuvM6uKyZarEPS7dIcQE+wjc2hmTQG Jf31GfavqGgm4/5Hcm+A9hW4I7z4W8FLcx03AVksTjcZx1qftZCjq9RlM8Ml3WxN R9LMSOOchV86fxL9B8AEofn2fisVaEy9NbOOxKJR+XpshnlfriwngIbaguIzbSKO kZXOR1m5y59m+8+eswuAaSuU5R2hvyy4XJJGSBPmPyf8Y6rzWNxqMwI= -----END CERTIFICATE-----Generated at Fri Dec 5 20:11:50 2025 by rpki-client