This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS12345.roa File: AS12345.roa (raw, json) Hash identifier: 3oS6iZlwNXm5BLLEP41+LYtKFwnBwZBSf8c0Ma8CNmw= Subject key identifier: 26:6A:D7:B0:3A:40:DE:C6:1B:2A:74:05:BC:F3:96:DD:7F:21:FF:73 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 5C5C734DF93182C59169441A3C4FFFADCF882333 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS12345.roa Signing time: Mon 08 Sep 2025 09:15:40 +0000 ROA not before: Mon 08 Sep 2025 09:10:40 +0000 ROA not after: Mon 07 Sep 2026 09:15:40 +0000 asID: 12345 IP address blocks: 2a13:9500:d9::/48 maxlen: 48 Validation: Failed, certificate revoked on Wed 24 Sep 2025 15:31:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:5c:73:4d:f9:31:82:c5:91:69:44:1a:3c:4f:ff:ad:cf:88:23:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Sep 8 09:10:40 2025 GMT Not After : Sep 7 09:15:40 2026 GMT Subject: CN=266AD7B03A40DEC61B2A7405BCF396DD7F21FF73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:2b:7b:5c:1b:43:2f:31:6d:e5:6b:c1:33:d7: 8a:2d:60:33:d3:fa:bf:37:6b:cb:97:1c:32:e3:8f: 23:a7:af:df:4b:f5:de:94:67:6f:a1:67:13:8e:0d: 7d:4b:ff:b9:fe:86:69:58:c0:a0:13:ea:2f:ab:d2: c2:18:d9:13:00:76:bc:53:bc:56:59:b9:4b:95:2b: 5e:65:09:f7:aa:df:b0:16:2a:88:1f:a6:d9:bb:38: 78:2a:42:56:85:58:0f:03:86:e3:e0:ec:c4:30:f1: eb:26:0a:5c:84:30:a1:c6:bd:75:59:2d:f6:eb:e0: d7:43:21:66:90:67:3d:7c:47:d6:6e:51:56:cf:b5: 09:59:02:23:cc:55:b3:2a:51:58:39:f0:61:77:93: f6:0d:5f:10:fd:03:f3:08:30:c4:b1:d1:dd:28:a6: 54:f0:e7:49:3e:50:ee:bc:a3:c8:34:56:0e:80:05: 3f:56:2d:cb:d9:52:1a:d7:d3:68:d2:5b:ed:ea:9d: 79:4d:c8:fc:70:bb:02:ad:4d:be:31:73:51:95:79: 42:8c:25:07:00:4a:d8:b0:1b:e3:43:18:99:13:07: 6f:68:fa:05:6d:79:f8:41:fa:03:fb:db:06:b0:0a: 9e:7c:aa:cb:fa:e0:29:66:ca:dc:90:fd:14:07:88: fa:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:6A:D7:B0:3A:40:DE:C6:1B:2A:74:05:BC:F3:96:DD:7F:21:FF:73 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS12345.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:9500:d9::/48 Signature Algorithm: sha256WithRSAEncryption a4:3f:ea:0d:dc:71:8c:55:83:4d:30:9a:2d:b8:9b:05:d7:62: d5:a5:7f:17:9d:c4:84:f5:ae:48:7a:6b:71:13:63:19:53:d7: fa:a5:32:28:57:31:39:f9:ac:d9:14:d3:7e:4e:ae:56:24:4a: a2:ae:d7:85:ef:e4:43:3a:57:66:20:c2:b4:34:e9:a6:b9:1a: 05:2e:17:29:f8:7d:53:43:33:71:23:7b:1f:9f:b2:e0:bd:08: 35:fb:76:6b:f6:b5:3a:2d:6f:b7:80:1d:24:e8:7a:4f:35:91: 10:55:72:d4:ac:64:5e:6a:35:b5:c9:ce:62:9f:30:68:11:7b: 37:0d:9a:e1:ad:74:e3:a6:0e:52:46:be:da:59:82:f6:8c:fa: 20:98:8a:6d:30:e7:b8:86:f7:27:ff:c4:0b:22:26:6c:44:d9: f1:bc:97:c8:aa:6f:89:52:91:1a:0b:02:86:d3:8c:cc:cd:53: 5f:a9:96:7e:22:40:b6:57:c7:1d:3d:ae:69:18:be:16:46:27: bf:3e:9a:4a:83:5c:2b:33:5e:4d:68:56:7d:65:0e:bf:20:67: 91:27:21:de:bf:38:08:d2:88:87:ba:78:43:46:69:38:5b:1c: 4e:3f:40:06:0f:a5:73:0d:72:97:e5:f8:79:86:2a:86:ea:95: a4:94:59:7b -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUXFxzTfkxgsWRaUQaPE//rc+IIzMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTA5MDgwOTEwNDBaFw0yNjA5MDcwOTE1NDBaMDMxMTAvBgNV BAMTKDI2NkFEN0IwM0E0MERFQzYxQjJBNzQwNUJDRjM5NkREN0YyMUZGNzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3K3tcG0MvMW3la8Ez14otYDPT +r83a8uXHDLjjyOnr99L9d6UZ2+hZxOODX1L/7n+hmlYwKAT6i+r0sIY2RMAdrxT vFZZuUuVK15lCfeq37AWKogfptm7OHgqQlaFWA8DhuPg7MQw8esmClyEMKHGvXVZ Lfbr4NdDIWaQZz18R9ZuUVbPtQlZAiPMVbMqUVg58GF3k/YNXxD9A/MIMMSx0d0o plTw50k+UO68o8g0Vg6ABT9WLcvZUhrX02jSW+3qnXlNyPxwuwKtTb4xc1GVeUKM JQcAStiwG+NDGJkTB29o+gVtefhB+gP72wawCp58qsv64ClmytyQ/RQHiPoRAgMB AAGjggIMMIICCDAdBgNVHQ4EFgQUJmrXsDpA3sYbKnQFvPOW3X8h/3MwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTIzNDUucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqE5UA ANkwDQYJKoZIhvcNAQELBQADggEBAKQ/6g3ccYxVg00wmi24mwXXYtWlfxedxIT1 rkh6a3ETYxlT1/qlMihXMTn5rNkU035OrlYkSqKu14Xv5EM6V2YgwrQ06aa5GgUu Fyn4fVNDM3Ejex+fsuC9CDX7dmv2tTotb7eAHSToek81kRBVctSsZF5qNbXJzmKf MGgRezcNmuGtdOOmDlJGvtpZgvaM+iCYim0w57iG9yf/xAsiJmxE2fG8l8iqb4lS kRoLAobTjMzNU1+pln4iQLZXxx09rmkYvhZGJ78+mkqDXCszXk1oVn1lDr8gZ5En Id6/OAjSiIe6eENGaThbHE4/QAYPpXMNcpfl+HmGKobqlaSUWXs= -----END CERTIFICATE-----Generated at Sun Dec 14 14:46:40 2025 by rpki-client