This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: /3ANRFoMf+M9q6ZG98sxHYLBYPQSiixYWv3PEzfhFCs= Subject key identifier: 9A:88:43:FF:77:D0:2F:9B:87:FB:10:59:EB:27:69:8D:AD:AC:01:67 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 1181B54BC4A2F013D85C1710B7A6517BD0C98B05 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa Signing time: Thu 01 Jan 2026 00:04:39 +0000 ROA not before: Wed 31 Dec 2025 23:59:39 +0000 ROA not after: Thu 31 Dec 2026 00:04:39 +0000 asID: 16509 IP address blocks: 181.214.94.0/24 maxlen: 24 181.214.110.0/24 maxlen: 24 181.215.206.0/23 maxlen: 24 185.137.13.0/24 maxlen: 24 191.96.204.0/24 maxlen: 24 191.101.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:81:b5:4b:c4:a2:f0:13:d8:5c:17:10:b7:a6:51:7b:d0:c9:8b:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 31 23:59:39 2025 GMT Not After : Dec 31 00:04:39 2026 GMT Subject: CN=9A8843FF77D02F9B87FB1059EB27698DADAC0167 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2f:20:8e:db:73:27:57:c9:77:8b:f0:7e:da: 16:88:b0:f2:57:53:3e:c1:86:1a:33:93:27:30:8a: ce:36:ad:65:ac:ae:ca:34:fc:55:2c:3d:f2:28:e7: 2e:5c:c8:5f:31:6d:1b:50:b3:72:92:da:50:88:2b: 7a:14:07:5e:f2:40:8c:b3:d0:48:e5:5f:c3:59:74: d9:25:6f:7e:46:f0:6c:1f:29:73:f7:cb:71:74:af: 14:c6:eb:5c:3e:53:52:c8:65:e1:c5:48:ad:05:d3: 53:00:1f:9f:93:b5:e6:8e:95:da:36:96:24:4d:3f: 25:50:af:90:d5:97:73:18:ce:00:d9:71:0c:58:b0: 97:9c:ed:2d:f0:8e:68:d2:32:ff:68:d2:94:78:ad: 15:b4:81:09:fd:b9:0a:19:83:bd:e7:6d:c9:d1:a2: a3:22:49:86:02:38:d7:85:f3:c8:e0:e6:74:0d:48: 19:ff:d4:2f:9c:4a:96:20:c3:0f:d7:9e:b7:78:f5: 03:9c:98:fd:06:da:d5:9a:ad:58:2f:a8:4a:05:35: ea:d7:e8:90:65:fe:28:fe:23:1b:1e:83:ca:df:61: e8:86:71:0a:0f:54:48:f6:40:49:95:68:f3:d5:13: 97:27:02:a1:ce:e5:25:86:2f:09:d2:00:fc:94:d1: 0f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:88:43:FF:77:D0:2F:9B:87:FB:10:59:EB:27:69:8D:AD:AC:01:67 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.214.94.0/24 181.214.110.0/24 181.215.206.0/23 185.137.13.0/24 191.96.204.0/24 191.101.111.0/24 Signature Algorithm: sha256WithRSAEncryption 9f:7f:74:fe:99:ee:2e:79:86:80:19:cf:3d:a9:9f:20:5f:52: f4:11:f5:2d:17:9b:d1:d6:74:74:4b:21:21:2e:b8:df:3f:2e: 86:b9:9f:22:34:54:ca:6e:77:29:2a:0d:91:54:9c:1e:43:56: 22:27:a8:7a:c9:f1:2d:47:6b:b3:70:20:0e:2d:0c:9b:1c:49: 1f:30:a2:a5:9c:2a:e0:8a:74:c1:bc:41:eb:7d:30:b2:33:ed: 35:97:b3:85:d2:2f:a9:05:fe:47:8c:58:dc:ec:3d:b7:65:5f: 7b:f8:5a:4b:ea:b7:bc:42:78:38:f1:95:f8:bd:7a:bf:34:6e: f6:67:9c:cd:43:21:32:a3:70:97:b0:93:00:75:12:0d:48:ac: 7d:a8:0f:75:a0:da:22:0e:f4:e0:83:2a:e6:31:b8:c1:ee:81: 22:ca:ce:f0:ee:59:91:9c:cb:d9:ef:e1:6e:1d:65:00:e4:c7: 4f:4b:d3:0a:da:ba:d0:33:0e:31:6c:09:71:87:54:f7:e0:07: 17:d3:8c:b6:e2:51:f3:cc:75:2b:64:84:dd:3d:d3:0a:cf:da: 6a:ae:4b:9b:bd:d9:3b:97:1b:59:cb:34:96:e1:e4:ab:b7:3d: 24:0d:2e:76:ae:79:61:98:22:80:34:98:cd:77:1d:ef:96:35: 60:a4:99:01 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIUEYG1S8Si8BPYXBcQt6ZRe9DJiwUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMzEyMzU5MzlaFw0yNjEyMzEwMDA0MzlaMDMxMTAvBgNV BAMTKDlBODg0M0ZGNzdEMDJGOUI4N0ZCMTA1OUVCMjc2OThEQURBQzAxNjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyLyCO23MnV8l3i/B+2haIsPJX Uz7Bhhozkycwis42rWWsrso0/FUsPfIo5y5cyF8xbRtQs3KS2lCIK3oUB17yQIyz 0EjlX8NZdNklb35G8GwfKXP3y3F0rxTG61w+U1LIZeHFSK0F01MAH5+TteaOldo2 liRNPyVQr5DVl3MYzgDZcQxYsJec7S3wjmjSMv9o0pR4rRW0gQn9uQoZg73nbcnR oqMiSYYCONeF88jg5nQNSBn/1C+cSpYgww/Xnrd49QOcmP0G2tWarVgvqEoFNerX 6JBl/ij+Ixseg8rfYeiGcQoPVEj2QEmVaPPVE5cnAqHO5SWGLwnSAPyU0Q8TAgMB AAGjggInMIICIzAdBgNVHQ4EFgQUmohD/3fQL5uH+xBZ6ydpja2sAWcwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgABMCQDBAC11l4D BAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDQYJKoZIhvcNAQELBQADggEB AJ9/dP6Z7i55hoAZzz2pnyBfUvQR9S0Xm9HWdHRLISEuuN8/Loa5nyI0VMpudykq DZFUnB5DViInqHrJ8S1Ha7NwIA4tDJscSR8woqWcKuCKdMG8Qet9MLIz7TWXs4XS L6kF/keMWNzsPbdlX3v4Wkvqt7xCeDjxlfi9er80bvZnnM1DITKjcJewkwB1Eg1I rH2oD3Wg2iIO9OCDKuYxuMHugSLKzvDuWZGcy9nv4W4dZQDkx09L0wrautAzDjFs CXGHVPfgBxfTjLbiUfPMdStkhN090wrP2mquS5u92TuXG1nLNJbh5Ku3PSQNLnau eWGYIoA0mM13He+WNWCkmQE= -----END CERTIFICATE-----Generated at Fri Jan 2 10:57:42 2026 by rpki-client