This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa File: AS400039.roa (raw, json) Hash identifier: CL8wC8dgRGIHCEt1y0/+vK6jaOVK33wigQ/K44Z0+gk= Subject key identifier: 71:48:C8:14:28:37:39:F4:CB:53:0C:26:E4:A8:08:C1:7B:66:E2:65 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 3FF3BC1B1DC1158A8586DF37A29BD437F0C950ED Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa Signing time: Wed 03 Dec 2025 08:55:13 +0000 ROA not before: Wed 03 Dec 2025 08:50:13 +0000 ROA not after: Wed 02 Dec 2026 08:55:13 +0000 asID: 400039 IP address blocks: 5.181.129.0/24 maxlen: 24 181.215.245.0/24 maxlen: 24 191.96.197.0/24 maxlen: 24 191.101.57.0/24 maxlen: 24 193.31.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 10:42:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:f3:bc:1b:1d:c1:15:8a:85:86:df:37:a2:9b:d4:37:f0:c9:50:ed Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 3 08:50:13 2025 GMT Not After : Dec 2 08:55:13 2026 GMT Subject: CN=7148C814283739F4CB530C26E4A808C17B66E265 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:49:ab:4e:2d:d3:b2:e2:c4:11:5e:cf:af:de: 9f:90:56:32:c8:36:1c:fb:e6:a8:50:85:73:02:f1: 5e:da:56:3f:7f:fd:1e:96:9f:49:d9:23:55:10:ed: 39:8b:6f:1a:bb:94:72:89:dc:34:79:23:f3:de:d2: d5:d5:37:df:95:fa:b8:bc:56:98:86:5e:1b:72:31: 51:9e:d4:5d:06:06:29:dd:98:15:93:1c:73:5e:76: 62:9c:12:8b:f3:3a:9e:c0:c8:f7:02:fe:ac:ce:fc: fd:9e:bf:cf:ca:dd:c3:f3:07:a9:83:9e:a1:dd:70: f2:4f:10:ff:b0:32:bf:35:0e:bd:dd:95:27:cb:70: ff:e6:5b:ec:99:7b:9d:bc:05:8f:81:29:f7:01:bb: 8f:b1:dd:ba:81:63:03:00:32:fb:56:3b:f7:f8:ad: cc:df:8a:37:59:d8:0b:d9:16:99:43:c2:32:9a:fc: ac:5b:b2:07:27:f8:84:c6:12:09:73:d9:dd:d4:41: 0e:e7:c6:f7:f1:d7:ab:00:56:f3:f3:47:32:cf:6b: ab:c2:26:af:79:e5:5a:c3:fc:92:50:3e:7c:63:c2: 52:5f:53:08:39:56:82:51:68:f5:91:78:aa:eb:90: 79:77:5f:16:5f:27:09:7d:fd:98:53:a3:35:82:8f: 0c:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:48:C8:14:28:37:39:F4:CB:53:0C:26:E4:A8:08:C1:7B:66:E2:65 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS400039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.181.129.0/24 181.215.245.0/24 191.96.197.0/24 191.101.57.0/24 193.31.42.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:f3:23:10:73:de:e9:82:ca:9b:9c:5f:66:c7:3c:6b:7a:14: d8:5c:38:1d:c8:fc:96:69:fc:73:da:6a:d0:d6:aa:55:b3:3c: f2:6b:0c:7f:1c:d7:6c:21:a7:f4:a5:1b:2b:1f:08:20:e2:9f: cf:c7:bf:76:c2:01:94:4c:d7:f3:92:ad:0d:51:1d:76:36:8a: fc:68:3a:8d:19:46:d3:a3:40:95:68:5d:c3:e3:14:02:24:d4: ee:6b:ff:b0:2f:30:e4:66:5c:2c:61:0a:da:b2:70:8d:8b:41: d1:4b:6f:3a:6a:d2:12:8d:9f:9f:9c:7c:22:6f:5e:e2:bf:46: e9:fb:9c:b8:12:09:db:63:9f:70:d2:f8:88:2c:da:c1:c8:13: 68:11:4a:8c:1e:7f:2e:79:06:db:46:b5:32:a7:5b:03:bf:18: 2b:a1:a4:0a:ba:18:e2:6a:e5:14:47:e6:30:ae:53:22:cf:a5: cc:2d:72:54:0f:53:ad:ba:05:df:75:33:8f:b1:9e:90:09:b6: af:e8:91:2d:1d:27:be:9a:52:6f:e1:ea:cc:9c:a8:e0:40:e4: b2:da:a6:44:76:2e:68:21:65:3d:36:7d:18:cf:30:8f:1c:ca: bf:c3:47:5c:72:47:7c:ac:00:54:09:3b:df:61:f6:f8:db:83: 03:cb:95:01 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUP/O8Gx3BFYqFht83opvUN/DJUO0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMDMwODUwMTNaFw0yNjEyMDIwODU1MTNaMDMxMTAvBgNV BAMTKDcxNDhDODE0MjgzNzM5RjRDQjUzMEMyNkU0QTgwOEMxN0I2NkUyNjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8SatOLdOy4sQRXs+v3p+QVjLI Nhz75qhQhXMC8V7aVj9//R6Wn0nZI1UQ7TmLbxq7lHKJ3DR5I/Pe0tXVN9+V+ri8 VpiGXhtyMVGe1F0GBindmBWTHHNedmKcEovzOp7AyPcC/qzO/P2ev8/K3cPzB6mD nqHdcPJPEP+wMr81Dr3dlSfLcP/mW+yZe528BY+BKfcBu4+x3bqBYwMAMvtWO/f4 rczfijdZ2AvZFplDwjKa/Kxbsgcn+ITGEglz2d3UQQ7nxvfx16sAVvPzRzLPa6vC Jq955VrD/JJQPnxjwlJfUwg5VoJRaPWReKrrkHl3XxZfJwl9/ZhTozWCjwyNAgMB AAGjggIiMIICHjAdBgNVHQ4EFgQUcUjIFCg3OfTLUwwm5KgIwXtm4mUwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTNDAwMDM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbWB AwQAtdf1AwQAv2DFAwQAv2U5AwQAwR8qMA0GCSqGSIb3DQEBCwUAA4IBAQAK8yMQ c97pgsqbnF9mxzxrehTYXDgdyPyWafxz2mrQ1qpVszzyawx/HNdsIaf0pRsrHwgg 4p/Px792wgGUTNfzkq0NUR12Nor8aDqNGUbTo0CVaF3D4xQCJNTua/+wLzDkZlws YQrasnCNi0HRS286atISjZ+fnHwib17iv0bp+5y4EgnbY59w0viILNrByBNoEUqM Hn8ueQbbRrUyp1sDvxgroaQKuhjiauUUR+YwrlMiz6XMLXJUD1OtugXfdTOPsZ6Q Cbav6JEtHSe+mlJv4erMnKjgQOSy2qZEdi5oIWU9Nn0YzzCPHMq/w0dcckd8rABU CTvfYfb424MDy5UB -----END CERTIFICATE-----Generated at Fri Dec 5 17:55:49 2025 by rpki-client