This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: 5cX6wYlEv9kkK3y6WtViQnLC20Rpw8uddMpdjRxjMGQ= Subject key identifier: 76:15:A7:4C:20:28:7E:E8:20:0D:03:7C:79:98:48:1A:8F:40:FD:7D Certificate issuer: /CN=9dfbff217105df8877d463f6e9bac28a4084d20c Certificate serial: 61E48E19506FADC292A1FA460D62CBD27EA204EC Authority key identifier: 9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa Signing time: Wed 04 Feb 2026 12:57:47 +0000 ROA not before: Wed 04 Feb 2026 12:52:47 +0000 ROA not after: Wed 03 Feb 2027 12:57:47 +0000 asID: 39521 IP address blocks: 85.8.160.0/22 maxlen: 22 212.107.4.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.mft rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 06 Feb 2026 12:00:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61:e4:8e:19:50:6f:ad:c2:92:a1:fa:46:0d:62:cb:d2:7e:a2:04:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9dfbff217105df8877d463f6e9bac28a4084d20c Validity Not Before: Feb 4 12:52:47 2026 GMT Not After : Feb 3 12:57:47 2027 GMT Subject: CN=7615A74C20287EE8200D037C7998481A8F40FD7D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:6c:e7:ff:75:a9:56:31:9a:c4:6e:8a:10:75: f1:6f:53:e4:d3:2b:e0:d9:a9:1b:72:a1:a9:ed:c6: 50:0f:10:ea:4d:04:1d:02:8d:13:51:30:2d:fe:b0: f9:a8:78:d5:c1:f6:ee:5f:71:3a:24:fd:24:40:bd: a4:4b:17:92:84:0a:65:12:dd:78:69:55:4c:fa:0b: dd:8d:6d:9b:0b:c2:6a:ed:11:aa:5d:75:58:7a:1b: d4:02:ff:12:f4:98:5a:31:0b:bf:5a:b3:62:5c:5f: c0:f8:a2:b8:e6:09:4a:31:1f:0d:40:bd:7e:e4:52: 56:bf:92:76:60:69:d5:25:71:11:e5:d5:cd:30:ab: ca:d2:56:01:7e:28:90:eb:87:23:07:c6:a2:c9:14: d8:62:f9:47:b5:22:09:9c:4a:cf:ea:49:21:60:a9: 30:d3:93:79:9d:16:89:4e:a2:35:6f:e5:ab:b3:80: 27:5f:8d:dd:fd:f4:29:cd:96:93:18:56:19:95:47: ee:7d:fe:01:76:fa:32:80:45:0c:64:c1:5e:40:00: ed:84:6d:84:61:5f:1f:0e:be:0d:b0:18:3f:22:bb: 68:e7:e0:5c:cf:a3:9b:6b:0d:77:54:71:01:5e:4b: 89:65:9b:51:66:d2:00:dd:3d:ff:3d:b9:26:6c:82: b8:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:15:A7:4C:20:28:7E:E8:20:0D:03:7C:79:98:48:1A:8F:40:FD:7D X509v3 Authority Key Identifier: keyid:9D:FB:FF:21:71:05:DF:88:77:D4:63:F6:E9:BA:C2:8A:40:84:D2:0C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/9DFBFF217105DF8877D463F6E9BAC28A4084D20C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfv_IXEF34h31GP26brCikCE0gw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/55b4d9e8-4111-4394-a3a6-bd8251e7fbbd/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.8.160.0/22 212.107.4.0/22 Signature Algorithm: sha256WithRSAEncryption e5:53:df:55:b5:54:b6:38:c6:f7:9c:dd:85:12:8b:2e:60:d1: a0:1c:42:c2:7f:a2:dd:32:83:d0:55:48:af:a3:5e:72:d9:f1: 48:f2:51:2f:8a:17:bf:da:a1:be:42:50:b4:76:95:d1:63:bb: 39:ee:1c:db:04:a6:a1:e5:af:84:92:fb:4c:38:7d:c9:86:ba: 6f:5a:4b:6f:73:df:db:33:1e:52:4c:64:e9:5c:1e:e3:c3:64: 09:61:13:53:19:4e:05:21:9f:cf:f2:a0:53:96:e5:99:c8:aa: c1:6c:d4:8b:f9:31:ed:48:22:c1:28:91:19:2f:b3:88:59:68: 93:76:c3:ed:9a:01:fd:ae:e2:ae:5d:28:fb:f3:77:a1:84:cc: 7e:48:f1:51:ea:f6:79:0c:e1:78:f7:99:a6:80:4d:2a:c4:88: 10:66:b5:e0:37:65:34:61:2d:ce:b4:9f:4d:df:82:81:cd:f2: 90:9d:3e:01:96:23:fb:77:b1:e3:0a:10:71:e9:88:54:22:c2: 58:82:84:38:25:8d:f2:a7:64:16:2c:30:37:1f:72:5f:4c:93: 99:5b:1d:bd:24:dc:e9:5a:9e:e9:04:60:e1:14:1f:4f:e8:e2: 0b:e5:63:41:ef:84:fb:95:16:ef:bf:98:8f:24:27:2d:ee:dc: e3:ab:b0:bc -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUYeSOGVBvrcKSofpGDWLL0n6iBOwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWRmYmZmMjE3MTA1ZGY4ODc3ZDQ2M2Y2ZTliYWMyOGE0 MDg0ZDIwYzAeFw0yNjAyMDQxMjUyNDdaFw0yNzAyMDMxMjU3NDdaMDMxMTAvBgNV BAMTKDc2MTVBNzRDMjAyODdFRTgyMDBEMDM3Qzc5OTg0ODFBOEY0MEZEN0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClbOf/dalWMZrEbooQdfFvU+TT K+DZqRtyoantxlAPEOpNBB0CjRNRMC3+sPmoeNXB9u5fcTok/SRAvaRLF5KECmUS 3XhpVUz6C92NbZsLwmrtEapddVh6G9QC/xL0mFoxC79as2JcX8D4orjmCUoxHw1A vX7kUla/knZgadUlcRHl1c0wq8rSVgF+KJDrhyMHxqLJFNhi+Ue1IgmcSs/qSSFg qTDTk3mdFolOojVv5auzgCdfjd399CnNlpMYVhmVR+59/gF2+jKARQxkwV5AAO2E bYRhXx8Ovg2wGD8iu2jn4FzPo5trDXdUcQFeS4llm1Fm0gDdPf89uSZsgriJAgMB AAGjggIPMIICCzAdBgNVHQ4EFgQUdhWnTCAofuggDQN8eZhIGo9A/X0wHwYDVR0j BBgwFoAUnfv/IXEF34h31GP26brCikCE0gwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTViNGQ5ZTgtNDExMS00Mzk0LWEzYTYtYmQ4MjUxZTdm YmJkLzAvOURGQkZGMjE3MTA1REY4ODc3RDQ2M0Y2RTlCQUMyOEE0MDg0RDIwQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL25mdl9JWEVGMzRoMzFHUDI2YnJDaWtD RTBndy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzU1YjRkOWU4LTQxMTEt NDM5NC1hM2E2LWJkODI1MWU3ZmJiZC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAJVCKAD BALUawQwDQYJKoZIhvcNAQELBQADggEBAOVT31W1VLY4xvec3YUSiy5g0aAcQsJ/ ot0yg9BVSK+jXnLZ8UjyUS+KF7/aob5CULR2ldFjuznuHNsEpqHlr4SS+0w4fcmG um9aS29z39szHlJMZOlcHuPDZAlhE1MZTgUhn8/yoFOW5ZnIqsFs1Iv5Me1IIsEo kRkvs4hZaJN2w+2aAf2u4q5dKPvzd6GEzH5I8VHq9nkM4Xj3maaATSrEiBBmteA3 ZTRhLc60n03fgoHN8pCdPgGWI/t3seMKEHHpiFQiwliChDgljfKnZBYsMDcfcl9M k5lbHb0k3OlanukEYOEUH0/o4gvlY0HvhPuVFu+/mI8kJy3u3OOrsLw= -----END CERTIFICATE-----Generated at Thu Feb 5 13:59:06 2026 by rpki-client