This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: RHdsqm9aArCE+d4wzytNvOxHwvRSYN+k39dphkj+hSk= Subject key identifier: 65:7A:63:04:3C:E5:3A:0C:D9:F3:88:C1:8F:6F:A3:D9:37:5B:FF:C3 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1F41499AD0A2F665BBC17A4BB90A90CA981EEA47 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa Signing time: Mon 19 Jan 2026 06:13:58 +0000 ROA not before: Mon 19 Jan 2026 06:08:58 +0000 ROA not after: Mon 18 Jan 2027 06:13:58 +0000 asID: 834 IP address blocks: 96.62.223.0/24 maxlen: 24 96.62.231.0/24 maxlen: 24 140.150.155.0/24 maxlen: 24 143.14.71.0/24 maxlen: 24 143.14.75.0/24 maxlen: 24 143.14.79.0/24 maxlen: 24 143.14.80.0/23 maxlen: 24 143.14.114.0/24 maxlen: 24 143.14.131.0/24 maxlen: 24 143.14.133.0/24 maxlen: 24 143.14.142.0/24 maxlen: 24 143.14.147.0/24 maxlen: 24 143.14.166.0/24 maxlen: 24 143.14.181.0/24 maxlen: 24 143.14.182.0/24 maxlen: 24 143.14.187.0/24 maxlen: 24 143.14.191.0/24 maxlen: 24 143.14.192.0/23 maxlen: 24 143.14.194.0/24 maxlen: 24 143.14.198.0/24 maxlen: 24 143.14.226.0/24 maxlen: 24 143.14.250.0/24 maxlen: 24 147.79.8.0/24 maxlen: 24 147.79.18.0/24 maxlen: 24 147.79.30.0/24 maxlen: 24 148.135.173.0/24 maxlen: 24 148.135.174.0/24 maxlen: 24 148.135.181.0/24 maxlen: 24 150.241.137.0/24 maxlen: 24 150.241.139.0/24 maxlen: 24 150.241.141.0/24 maxlen: 24 150.241.143.0/24 maxlen: 24 150.241.253.0/24 maxlen: 24 155.117.13.0/24 maxlen: 24 155.117.109.0/24 maxlen: 24 155.117.118.0/23 maxlen: 24 155.117.137.0/24 maxlen: 24 155.117.138.0/24 maxlen: 24 155.117.147.0/24 maxlen: 24 155.117.156.0/24 maxlen: 24 155.117.166.0/24 maxlen: 24 155.117.197.0/24 maxlen: 24 155.117.202.0/24 maxlen: 24 155.117.205.0/24 maxlen: 24 155.117.206.0/24 maxlen: 24 155.117.228.0/24 maxlen: 24 155.117.230.0/24 maxlen: 24 155.117.232.0/24 maxlen: 24 155.117.240.0/24 maxlen: 24 155.117.244.0/24 maxlen: 24 155.117.255.0/24 maxlen: 24 162.141.1.0/24 maxlen: 24 162.141.21.0/24 maxlen: 24 162.141.36.0/24 maxlen: 24 162.141.44.0/24 maxlen: 24 162.141.48.0/24 maxlen: 24 162.141.67.0/24 maxlen: 24 162.141.68.0/23 maxlen: 24 162.141.70.0/24 maxlen: 24 162.141.100.0/24 maxlen: 24 162.141.108.0/24 maxlen: 24 162.141.121.0/24 maxlen: 24 162.141.137.0/24 maxlen: 24 162.141.142.0/24 maxlen: 24 162.141.152.0/24 maxlen: 24 167.148.41.0/24 maxlen: 24 167.148.42.0/24 maxlen: 24 167.148.119.0/24 maxlen: 24 167.148.120.0/23 maxlen: 24 167.148.144.0/24 maxlen: 24 167.148.154.0/24 maxlen: 24 167.148.156.0/23 maxlen: 24 167.148.170.0/24 maxlen: 24 167.148.177.0/24 maxlen: 24 167.148.180.0/23 maxlen: 24 167.148.183.0/24 maxlen: 24 167.148.184.0/24 maxlen: 24 167.148.186.0/24 maxlen: 24 167.148.189.0/24 maxlen: 24 167.148.192.0/24 maxlen: 24 167.148.197.0/24 maxlen: 24 167.148.200.0/23 maxlen: 24 167.148.202.0/24 maxlen: 24 167.148.205.0/24 maxlen: 24 167.148.211.0/24 maxlen: 24 168.222.22.0/24 maxlen: 24 168.222.64.0/18 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 00:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:41:49:9a:d0:a2:f6:65:bb:c1:7a:4b:b9:0a:90:ca:98:1e:ea:47 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 19 06:08:58 2026 GMT Not After : Jan 18 06:13:58 2027 GMT Subject: CN=657A63043CE53A0CD9F388C18F6FA3D9375BFFC3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:06:82:d1:1d:21:53:a0:0f:c7:68:8b:b0:59: 74:1d:97:91:1a:10:0c:8c:b4:75:dd:21:d3:93:01: 85:b1:e8:e8:ef:48:01:51:0e:cb:c7:d4:22:28:74: 12:67:36:50:14:cb:14:55:51:a7:0e:a2:e6:9d:77: b4:ac:b0:7f:9e:d2:21:64:7b:a8:ef:46:9e:eb:35: 35:4c:70:c0:c2:09:6c:e7:75:24:d2:52:9c:0b:ca: bb:e4:a7:31:05:8b:f9:6d:0e:90:5c:76:2d:2d:8b: fc:ef:53:9c:b6:97:a4:22:10:ea:67:44:5d:03:8e: 37:be:d5:8e:38:43:16:21:2f:ca:23:ff:22:a4:cb: 65:e9:b2:e6:5b:ad:6e:11:34:7f:8c:99:4c:68:e9: ca:fb:07:31:9b:93:81:05:98:16:4b:d0:19:9d:44: 6e:99:ba:7f:e6:df:cb:02:f3:30:8b:d8:64:ac:af: 07:fb:7f:fe:ae:58:bc:67:db:07:b8:2a:b5:2d:b4: 11:5a:3c:c3:71:ed:93:97:84:dd:a0:4b:0d:fa:37: 20:7d:4d:2a:33:df:90:34:54:45:b6:cf:21:ad:05: f9:b9:ad:d0:4e:1e:d2:a3:67:e0:8b:eb:ab:50:69: a9:f3:60:d7:31:b9:e0:97:e4:be:2b:d9:e5:42:9a: d3:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:7A:63:04:3C:E5:3A:0C:D9:F3:88:C1:8F:6F:A3:D9:37:5B:FF:C3 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.223.0/24 96.62.231.0/24 140.150.155.0/24 143.14.71.0/24 143.14.75.0/24 143.14.79.0-143.14.81.255 143.14.114.0/24 143.14.131.0/24 143.14.133.0/24 143.14.142.0/24 143.14.147.0/24 143.14.166.0/24 143.14.181.0-143.14.182.255 143.14.187.0/24 143.14.191.0-143.14.194.255 143.14.198.0/24 143.14.226.0/24 143.14.250.0/24 147.79.8.0/24 147.79.18.0/24 147.79.30.0/24 148.135.173.0-148.135.174.255 148.135.181.0/24 150.241.137.0/24 150.241.139.0/24 150.241.141.0/24 150.241.143.0/24 150.241.253.0/24 155.117.13.0/24 155.117.109.0/24 155.117.118.0/23 155.117.137.0-155.117.138.255 155.117.147.0/24 155.117.156.0/24 155.117.166.0/24 155.117.197.0/24 155.117.202.0/24 155.117.205.0-155.117.206.255 155.117.228.0/24 155.117.230.0/24 155.117.232.0/24 155.117.240.0/24 155.117.244.0/24 155.117.255.0/24 162.141.1.0/24 162.141.21.0/24 162.141.36.0/24 162.141.44.0/24 162.141.48.0/24 162.141.67.0-162.141.70.255 162.141.100.0/24 162.141.108.0/24 162.141.121.0/24 162.141.137.0/24 162.141.142.0/24 162.141.152.0/24 167.148.41.0-167.148.42.255 167.148.119.0-167.148.121.255 167.148.144.0/24 167.148.154.0/24 167.148.156.0/23 167.148.170.0/24 167.148.177.0/24 167.148.180.0/23 167.148.183.0-167.148.184.255 167.148.186.0/24 167.148.189.0/24 167.148.192.0/24 167.148.197.0/24 167.148.200.0-167.148.202.255 167.148.205.0/24 167.148.211.0/24 168.222.22.0/24 168.222.64.0/18 Signature Algorithm: sha256WithRSAEncryption 3b:ac:ac:ab:74:54:b0:9c:e9:b0:f9:35:de:bd:58:42:1d:2b: 3a:99:b1:ee:10:b1:8a:90:20:83:6e:f1:22:6b:9a:21:70:af: 67:94:f9:b1:7d:4e:0b:25:c0:f9:95:83:dc:9c:47:57:81:8d: 47:b7:7a:2d:11:7d:5b:b2:b1:08:cd:89:d0:75:e2:37:84:9d: 75:1f:71:65:05:b7:9f:05:cf:7e:74:46:65:29:03:2f:f9:19: 5d:cf:73:b7:69:2b:49:e0:f2:ca:cb:74:f0:e1:90:fc:0a:6e: 91:01:d7:33:98:07:f6:8d:d6:68:1e:06:68:5b:a3:f1:33:2b: 62:13:25:d7:b7:fe:87:93:1e:ac:a5:ef:7a:1d:ed:ed:08:2e: eb:4f:25:66:ed:bf:03:a7:c9:a4:0c:15:16:81:a7:02:ec:3a: fc:76:05:64:17:88:b2:8e:22:05:6e:e5:1d:7d:9b:6f:79:ae: 0d:ad:67:24:28:b9:b7:6b:39:d9:5d:6a:38:4e:0f:0d:ad:ff: af:f3:32:18:1e:72:37:9c:85:0a:81:e9:84:fd:10:df:63:9b: 18:a6:87:80:8f:fd:6b:0d:6b:50:f9:eb:5a:37:f6:17:95:e0: c1:8a:77:bf:11:81:02:60:cf:03:10:04:c1:06:65:ab:07:9c: 38:4c:f9:2f -----BEGIN CERTIFICATE----- MIIHFTCCBf2gAwIBAgIUH0FJmtCi9mW7wXpLuQqQypge6kcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTkwNjA4NThaFw0yNzAxMTgwNjEzNThaMDMxMTAvBgNV BAMTKDY1N0E2MzA0M0NFNTNBMENEOUYzODhDMThGNkZBM0Q5Mzc1QkZGQzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+BoLRHSFToA/HaIuwWXQdl5Ea EAyMtHXdIdOTAYWx6OjvSAFRDsvH1CIodBJnNlAUyxRVUacOouadd7SssH+e0iFk e6jvRp7rNTVMcMDCCWzndSTSUpwLyrvkpzEFi/ltDpBcdi0ti/zvU5y2l6QiEOpn RF0Djje+1Y44QxYhL8oj/yKky2XpsuZbrW4RNH+MmUxo6cr7BzGbk4EFmBZL0Bmd RG6Zun/m38sC8zCL2GSsrwf7f/6uWLxn2we4KrUttBFaPMNx7ZOXhN2gSw36NyB9 TSoz35A0VEW2zyGtBfm5rdBOHtKjZ+CL66tQaanzYNcxueCX5L4r2eVCmtPNAgMB AAGjggQfMIIEGzAdBgNVHQ4EFgQUZXpjBDzlOgzZ84jBj2+j2Tdb/8MwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIICNQYIKwYBBQUHAQcBAf8EggIkMIICIDCCAhwEAgABMIIC FAMEAGA+3wMEAGA+5wMEAIyWmwMEAI8ORwMEAI8OSzAMAwQAjw5PAwQBjw5QAwQA jw5yAwQAjw6DAwQAjw6FAwQAjw6OAwQAjw6TAwQAjw6mMAwDBACPDrUDBACPDrYD BACPDrswDAMEAI8OvwMEAI8OwgMEAI8OxgMEAI8O4gMEAI8O+gMEAJNPCAMEAJNP EgMEAJNPHjAMAwQAlIetAwQAlIeuAwQAlIe1AwQAlvGJAwQAlvGLAwQAlvGNAwQA lvGPAwQAlvH9AwQAm3UNAwQAm3VtAwQBm3V2MAwDBACbdYkDBACbdYoDBACbdZMD BACbdZwDBACbdaYDBACbdcUDBACbdcowDAMEAJt1zQMEAJt1zgMEAJt15AMEAJt1 5gMEAJt16AMEAJt18AMEAJt19AMEAJt1/wMEAKKNAQMEAKKNFQMEAKKNJAMEAKKN LAMEAKKNMDAMAwQAoo1DAwQAoo1GAwQAoo1kAwQAoo1sAwQAoo15AwQAoo2JAwQA oo2OAwQAoo2YMAwDBACnlCkDBACnlCowDAMEAKeUdwMEAaeUeAMEAKeUkAMEAKeU mgMEAaeUnAMEAKeUqgMEAKeUsQMEAaeUtDAMAwQAp5S3AwQAp5S4AwQAp5S6AwQA p5S9AwQAp5TAAwQAp5TFMAwDBAOnlMgDBACnlMoDBACnlM0DBACnlNMDBACo3hYD BAao3kAwDQYJKoZIhvcNAQELBQADggEBADusrKt0VLCc6bD5Nd69WEIdKzqZse4Q sYqQIINu8SJrmiFwr2eU+bF9TgslwPmVg9ycR1eBjUe3ei0RfVuysQjNidB14jeE nXUfcWUFt58Fz350RmUpAy/5GV3Pc7dpK0ng8srLdPDhkPwKbpEB1zOYB/aN1mge Bmhbo/EzK2ITJde3/oeTHqyl73od7e0ILutPJWbtvwOnyaQMFRaBpwLsOvx2BWQX iLKOIgVu5R19m295rg2tZyQoubdrOdldajhODw2t/6/zMhgecjechQqB6YT9EN9j mximh4CP/WsNa1D561o39heV4MGKd78RgQJgzwMQBMEGZasHnDhM+S8= -----END CERTIFICATE-----Generated at Mon Jan 19 08:17:59 2026 by rpki-client