This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: cMckbjczuHWtN8fW9HLv6i31eNNDxGeivWSfL/WYs5Y= Subject key identifier: 46:0D:AC:B3:08:3B:6C:2A:93:10:81:54:D4:C4:13:F6:1E:44:1D:B7 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 37F1E6B75665C5FFCFABA520AF09B42AD88BC2EB Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa Signing time: Sat 22 Nov 2025 11:21:37 +0000 ROA not before: Sat 22 Nov 2025 11:16:37 +0000 ROA not after: Sat 21 Nov 2026 11:21:37 +0000 asID: 20473 IP address blocks: 181.215.70.0/24 maxlen: 24 191.101.223.0/24 maxlen: 24 213.109.169.0/24 maxlen: 24 2a0a:7e00::/29 maxlen: 29 2a0b:500::/32 maxlen: 48 2a0b:501::/32 maxlen: 48 2a0b:502::/32 maxlen: 48 2a0b:503::/32 maxlen: 48 2a0b:504::/32 maxlen: 48 2a0b:505::/32 maxlen: 48 2a0c:fa40::/29 maxlen: 29 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 20:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:f1:e6:b7:56:65:c5:ff:cf:ab:a5:20:af:09:b4:2a:d8:8b:c2:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Nov 22 11:16:37 2025 GMT Not After : Nov 21 11:21:37 2026 GMT Subject: CN=460DACB3083B6C2A93108154D4C413F61E441DB7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:b1:d1:fe:8e:09:4a:92:45:c6:f2:99:7d:e5: 81:83:df:c9:8f:58:38:31:79:1d:a6:49:f4:80:3b: db:ff:95:73:47:9e:b0:95:1a:33:bf:fd:b1:18:bb: f4:55:56:d1:af:60:48:e8:2a:df:cb:35:83:d8:d5: 1b:22:09:07:cb:b3:ad:ec:00:43:7f:cb:34:01:0b: ee:4f:26:b4:59:b3:a6:38:b4:24:50:c0:3a:c8:3a: 87:a0:45:2a:6c:02:ff:57:98:62:f0:d8:30:ac:6e: 9e:7e:41:6c:83:06:33:82:d3:6f:dd:25:04:e6:58: 67:22:19:1b:a1:27:da:74:a8:0e:ac:95:e9:a7:cb: 51:0c:05:00:6e:f3:72:5d:9a:ed:d1:88:0c:e7:d4: 1f:67:d9:a8:6d:af:1a:1f:65:28:84:29:1c:96:cc: 28:34:09:67:d7:a4:25:7b:48:05:d0:8e:60:aa:e7: 7f:1f:be:78:fe:ec:b2:fb:1d:e4:bf:f3:73:51:92: f4:96:3f:96:97:bf:51:7d:67:97:1f:c6:5a:44:6a: 2e:a7:ed:ee:86:22:99:65:11:3f:29:17:c5:fc:cd: 6a:c1:35:86:39:79:c8:41:2c:97:0d:9c:9b:2c:f0: dc:1c:20:e5:1c:bc:7c:ef:51:01:4f:30:67:23:f0: 54:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 46:0D:AC:B3:08:3B:6C:2A:93:10:81:54:D4:C4:13:F6:1E:44:1D:B7 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.215.70.0/24 191.101.223.0/24 213.109.169.0/24 IPv6: 2a0a:7e00::/29 2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff 2a0c:fa40::/29 Signature Algorithm: sha256WithRSAEncryption 60:38:ad:ab:36:52:b0:e7:26:0b:12:19:e8:ff:e6:22:2d:5f: d2:8e:e7:72:2a:69:c3:e3:cb:36:d9:6c:3c:22:5f:6d:8b:8e: d8:ed:45:bb:30:61:9f:f0:78:03:c5:22:f5:3e:fc:5c:6e:7b: 84:c4:73:df:7a:66:6a:9a:4a:e3:2d:10:31:fe:09:ee:52:ec: d0:ef:36:62:bf:f8:09:15:00:72:10:ca:f4:c2:88:84:f2:3e: 87:78:2b:9f:bb:05:60:8f:9a:5f:48:21:b4:de:98:69:26:ce: 33:a8:87:1c:d7:ff:0f:f0:7c:05:1f:e4:c8:39:0f:f3:59:70: 2f:ee:66:7e:a5:59:a9:99:60:fb:f5:89:f9:f6:99:db:12:b0: 84:1c:a4:ab:db:8b:6f:d9:16:09:cb:14:c3:8c:fe:b5:0e:fe: 87:56:be:b0:77:36:e9:ea:e7:0c:ae:09:ee:b5:0f:62:a9:65: 96:7e:e9:46:cf:b4:b8:67:3c:a9:e4:19:b9:07:d3:53:30:b4: 38:cc:2f:18:c8:dd:3e:0d:76:b8:19:b6:80:94:31:87:53:96: 4d:78:97:17:84:38:28:c2:e8:e9:66:bc:38:78:22:09:0a:c0: c1:f6:93:3e:68:b5:c2:1f:44:7a:4b:e4:44:c5:9b:5f:41:29: 3f:33:e5:32 -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUN/Hmt1Zlxf/Pq6Ugrwm0KtiLwuswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTExMjIxMTE2MzdaFw0yNjExMjExMTIxMzdaMDMxMTAvBgNV BAMTKDQ2MERBQ0IzMDgzQjZDMkE5MzEwODE1NEQ0QzQxM0Y2MUU0NDFEQjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEsdH+jglKkkXG8pl95YGD38mP WDgxeR2mSfSAO9v/lXNHnrCVGjO//bEYu/RVVtGvYEjoKt/LNYPY1RsiCQfLs63s AEN/yzQBC+5PJrRZs6Y4tCRQwDrIOoegRSpsAv9XmGLw2DCsbp5+QWyDBjOC02/d JQTmWGciGRuhJ9p0qA6slemny1EMBQBu83Jdmu3RiAzn1B9n2ahtrxofZSiEKRyW zCg0CWfXpCV7SAXQjmCq538fvnj+7LL7HeS/83NRkvSWP5aXv1F9Z5cfxlpEai6n 7e6GIpllET8pF8X8zWrBNYY5echBLJcNnJss8NwcIOUcvHzvUQFPMGcj8FRXAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQURg2sswg7bCqTEIFU1MQT9h5EHbcwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwUAYIKwYBBQUHAQcBAf8EQTA/MBgEAgABMBIDBAC110YD BAC/Zd8DBADVbakwIwQCAAIwHQMFAyoKfgAwDQMEACoLBQMFASoLBQQDBQMqDPpA MA0GCSqGSIb3DQEBCwUAA4IBAQBgOK2rNlKw5yYLEhno/+YiLV/SjudyKmnD48s2 2Ww8Il9ti47Y7UW7MGGf8HgDxSL1PvxcbnuExHPfemZqmkrjLRAx/gnuUuzQ7zZi v/gJFQByEMr0woiE8j6HeCufuwVgj5pfSCG03phpJs4zqIcc1/8P8HwFH+TIOQ/z WXAv7mZ+pVmpmWD79Yn59pnbErCEHKSr24tv2RYJyxTDjP61Dv6HVr6wdzbp6ucM rgnutQ9iqWWWfulGz7S4Zzyp5Bm5B9NTMLQ4zC8YyN0+DXa4GbaAlDGHU5ZNeJcX hDgowujpZrw4eCIJCsDB9pM+aLXCH0R6S+RExZtfQSk/M+Uy -----END CERTIFICATE-----Generated at Fri Nov 28 05:01:32 2025 by rpki-client