This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: ssn1Eizall3EvnYLjbHprRMMWFqtOSlAk1iN4KDIccU= Subject key identifier: BE:D8:E3:26:22:DB:D6:1B:7C:34:4A:3B:8D:AF:86:C6:38:DF:28:F7 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 4162BFA8AD6299C4D106EA811BC1257BEB1114D0 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa Signing time: Mon 29 Dec 2025 00:00:32 +0000 ROA not before: Sun 28 Dec 2025 23:55:32 +0000 ROA not after: Mon 28 Dec 2026 00:00:32 +0000 asID: 20473 IP address blocks: 181.215.70.0/24 maxlen: 24 2a0b:500::/32 maxlen: 48 2a0b:501::/32 maxlen: 48 2a0b:502::/32 maxlen: 48 2a0b:503::/32 maxlen: 48 2a0b:504::/32 maxlen: 48 2a0b:505::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:62:bf:a8:ad:62:99:c4:d1:06:ea:81:1b:c1:25:7b:eb:11:14:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 28 23:55:32 2025 GMT Not After : Dec 28 00:00:32 2026 GMT Subject: CN=BED8E32622DBD61B7C344A3B8DAF86C638DF28F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:b8:9c:1a:96:cf:dc:89:af:bf:13:1d:05:8c: 77:33:f4:7d:b5:a4:63:b9:32:c5:88:ce:ee:e5:52: cd:d0:f3:90:79:41:0c:6c:fc:49:2c:72:ef:84:e0: 4d:e8:36:e2:dd:35:f4:bc:6c:b0:bf:b7:82:d9:66: f0:f0:f1:08:be:8b:35:57:be:ef:4e:88:6f:51:d5: ba:43:c4:ad:c5:b4:7d:32:dd:05:12:00:74:4a:5a: 90:78:85:b9:1b:b5:0b:4d:65:d3:8a:93:17:af:95: b6:45:ec:7c:db:f6:31:ec:e1:23:75:67:43:cb:17: 99:31:a2:89:9f:b1:83:1b:f7:53:13:93:89:ed:9b: 88:9a:65:fb:4f:be:09:ef:f2:bb:cf:b5:57:ed:0c: 47:fc:3f:25:99:05:0a:5a:73:e5:3c:22:b4:77:3a: 94:11:7d:16:f4:46:c9:15:ad:f6:d0:ae:8c:32:dc: c2:fa:fc:29:b5:4c:d3:ff:27:b2:1d:56:ef:39:91: 2e:7f:b2:b2:db:f3:11:58:2c:21:72:66:a9:86:07: 6e:59:52:2a:08:61:4d:31:56:1c:65:c5:ee:90:f0: 60:8a:81:c6:f0:87:35:e8:f9:fb:50:39:38:39:e3: 4c:94:bb:38:41:5a:49:61:88:be:b6:49:84:52:23: 89:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:D8:E3:26:22:DB:D6:1B:7C:34:4A:3B:8D:AF:86:C6:38:DF:28:F7 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.215.70.0/24 IPv6: 2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 8f:f4:25:cf:3a:ef:0a:67:f7:96:d4:3f:5d:72:0c:a0:90:e6: 1e:69:49:5d:54:2d:b1:db:4a:c4:cc:d8:97:9c:a3:f6:a4:3c: 48:42:34:6d:48:04:49:b0:e7:66:e7:e5:79:2c:90:f7:a9:20: a5:15:62:35:33:ab:8b:f1:62:13:f7:3d:76:ba:64:06:d4:ba: f7:3b:0a:0b:8c:48:0b:bc:05:93:82:6a:55:7f:3f:59:1b:f3: f7:fa:3c:cb:58:2b:71:39:5f:11:d6:41:87:e7:c4:2e:29:13: dd:bd:f3:17:35:3e:04:ed:d9:00:40:54:c8:6e:91:fe:a4:a1: b8:44:f1:b9:8c:23:9b:bd:5a:54:8d:6d:a1:ab:77:fd:c8:9c: 5e:70:e0:13:7c:b5:46:f7:c8:52:85:4b:ba:4d:58:11:82:94: 0b:00:b2:30:f8:fc:85:70:96:78:57:9e:cd:41:9d:66:f9:f9: 7a:65:17:5e:65:d4:83:9e:3f:8c:d2:6c:b3:49:36:7d:0f:78: c8:6f:3b:be:85:5f:71:56:25:8d:4d:c5:64:45:92:1d:27:86: 4b:1d:20:15:98:2f:b2:06:12:b1:5a:03:b6:14:e6:48:5d:6e: d4:ea:3a:cc:7a:1f:cb:4c:c2:ea:80:d9:7b:72:fc:32:a7:1a: 28:a6:9f:8a -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgIUQWK/qK1imcTRBuqBG8Ele+sRFNAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMjgyMzU1MzJaFw0yNjEyMjgwMDAwMzJaMDMxMTAvBgNV BAMTKEJFRDhFMzI2MjJEQkQ2MUI3QzM0NEEzQjhEQUY4NkM2MzhERjI4RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYuJwals/cia+/Ex0FjHcz9H21 pGO5MsWIzu7lUs3Q85B5QQxs/Ekscu+E4E3oNuLdNfS8bLC/t4LZZvDw8Qi+izVX vu9OiG9R1bpDxK3FtH0y3QUSAHRKWpB4hbkbtQtNZdOKkxevlbZF7Hzb9jHs4SN1 Z0PLF5kxoomfsYMb91MTk4ntm4iaZftPvgnv8rvPtVftDEf8PyWZBQpac+U8IrR3 OpQRfRb0RskVrfbQrowy3ML6/Cm1TNP/J7IdVu85kS5/srLb8xFYLCFyZqmGB25Z UioIYU0xVhxlxe6Q8GCKgcbwhzXo+ftQOTg540yUuzhBWklhiL62SYRSI4mvAgMB AAGjggIgMIICHDAdBgNVHQ4EFgQUvtjjJiLb1ht8NEo7ja+GxjjfKPcwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMAwEAgABMAYDBAC110Yw FQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsFAAOCAQEAj/Qlzzrv Cmf3ltQ/XXIMoJDmHmlJXVQtsdtKxMzYl5yj9qQ8SEI0bUgESbDnZufleSyQ96kg pRViNTOri/FiE/c9drpkBtS69zsKC4xIC7wFk4JqVX8/WRvz9/o8y1grcTlfEdZB h+fELikT3b3zFzU+BO3ZAEBUyG6R/qShuETxuYwjm71aVI1toat3/cicXnDgE3y1 RvfIUoVLuk1YEYKUCwCyMPj8hXCWeFeezUGdZvn5emUXXmXUg54/jNJss0k2fQ94 yG87voVfcVYljU3FZEWSHSeGSx0gFZgvsgYSsVoDthTmSF1u1Oo6zHofy0zC6oDZ e3L8MqcaKKafig== -----END CERTIFICATE-----Generated at Mon Jan 19 15:31:05 2026 by rpki-client