This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: QxL9amQtRXhVVyhAb6w02/0L+Mq92KuGKIrTLPcxCQM= Subject key identifier: DB:99:29:E9:9F:1C:A0:3B:3B:C2:48:9F:FA:C3:A3:95:A5:4D:E3:46 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 5E7BCFE2F0BADDC1B0BFDC3F96A56613D5549D0D Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa Signing time: Sun 30 Nov 2025 08:05:29 +0000 ROA not before: Sun 30 Nov 2025 08:00:29 +0000 ROA not after: Sun 29 Nov 2026 08:05:29 +0000 asID: 25198 IP address blocks: 82.21.7.0/24 maxlen: 24 82.22.126.0/24 maxlen: 24 82.22.196.0/24 maxlen: 24 82.22.205.0/24 maxlen: 24 82.23.163.0/24 maxlen: 24 82.23.248.0/24 maxlen: 24 82.24.81.0/24 maxlen: 24 82.24.110.0/24 maxlen: 24 82.24.144.0/24 maxlen: 24 82.25.11.0/24 maxlen: 24 82.25.39.0/24 maxlen: 24 82.25.60.0/24 maxlen: 24 82.25.200.0/24 maxlen: 24 82.26.113.0/24 maxlen: 24 82.26.202.0/24 maxlen: 24 82.27.117.0/24 maxlen: 24 82.27.118.0/24 maxlen: 24 82.38.17.0/24 maxlen: 24 82.38.19.0/24 maxlen: 24 82.38.40.0/24 maxlen: 24 82.38.44.0/24 maxlen: 24 82.38.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5e:7b:cf:e2:f0:ba:dd:c1:b0:bf:dc:3f:96:a5:66:13:d5:54:9d:0d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 30 08:00:29 2025 GMT Not After : Nov 29 08:05:29 2026 GMT Subject: CN=DB9929E99F1CA03B3BC2489FFAC3A395A54DE346 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:c8:eb:74:22:8c:f5:e7:87:d3:e1:d9:24:6d: 86:48:0a:c0:92:fc:a2:90:2a:1c:d5:46:e0:f6:82: 2b:76:96:3e:a3:da:fe:fb:b5:0c:30:7f:97:cd:74: ed:f7:11:12:64:2d:01:26:0a:20:24:81:3b:82:3f: 1f:68:54:ae:31:2b:47:71:59:4a:91:ac:ef:a2:2b: 64:f5:09:e0:c8:94:dc:2f:0d:cf:af:cd:c1:cc:84: c0:e7:13:d6:f0:25:54:e6:f4:4f:38:60:70:42:b4: 19:7b:ae:cb:fd:8e:8d:10:54:53:ce:a0:8a:c7:fc: ea:17:16:57:be:e5:43:9d:ae:c1:b8:c2:7c:da:64: b8:a4:53:65:f8:1b:c4:f3:a7:6d:71:3b:1f:52:2a: c8:88:28:1e:13:35:53:a8:c3:b1:fc:8f:58:ea:00: a4:29:28:69:e9:c4:a9:24:ad:f7:b4:55:b5:cb:d3: 84:bc:aa:fd:6d:2b:f6:40:9b:03:17:3c:21:bb:00: 83:bc:84:19:d8:ef:b1:18:12:f8:5a:0f:e8:58:d3: d6:c6:48:09:27:e0:93:e0:87:1d:06:d7:11:17:74: b0:4b:92:bc:0d:df:61:42:65:77:3e:b2:dd:05:21: 4d:18:56:81:89:03:16:6a:3c:02:a0:6e:02:f1:a0: 46:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:99:29:E9:9F:1C:A0:3B:3B:C2:48:9F:FA:C3:A3:95:A5:4D:E3:46 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.7.0/24 82.22.126.0/24 82.22.196.0/24 82.22.205.0/24 82.23.163.0/24 82.23.248.0/24 82.24.81.0/24 82.24.110.0/24 82.24.144.0/24 82.25.11.0/24 82.25.39.0/24 82.25.60.0/24 82.25.200.0/24 82.26.113.0/24 82.26.202.0/24 82.27.117.0-82.27.118.255 82.38.17.0/24 82.38.19.0/24 82.38.40.0/24 82.38.44.0/24 82.38.63.0/24 Signature Algorithm: sha256WithRSAEncryption 38:b3:de:0d:aa:43:87:7f:d3:c3:ec:80:e6:b4:df:0c:44:42: 2a:f0:24:df:2b:a8:71:ac:bd:53:8f:22:47:bf:1d:37:df:9f: 02:c6:04:ce:ae:a1:72:2d:f4:bf:c8:14:3c:d7:55:a3:d7:e2: 79:ac:0e:a1:70:2a:ef:83:ba:d5:2b:18:9d:68:e9:5e:e9:33: 42:82:7c:63:74:33:28:9d:5f:31:9b:4c:ad:76:a3:da:c1:b6: 7d:61:f3:b4:50:df:30:e9:98:cb:80:05:c9:a4:18:b5:81:00: ac:8c:51:c3:5b:74:f2:c2:bf:6f:b7:5c:b2:b8:6c:58:79:8c: 3c:e5:3b:07:c5:a5:8c:1a:a7:ca:e7:b2:0d:0b:be:73:a7:f9: 72:e4:f5:ef:4a:12:60:ae:d5:f5:4a:24:36:f8:e6:e3:51:0e: 56:15:cf:74:f6:b7:21:5b:9a:b3:0f:0c:86:14:0d:ca:91:97: 4d:8e:3f:b7:9c:f9:e8:d0:20:5f:70:4b:4a:0b:dc:2b:47:4f: 6c:bd:3d:01:d0:30:c4:98:1e:45:0b:69:20:8f:2a:91:f3:0f: 83:4e:ae:74:61:1a:96:1c:14:34:37:77:cd:76:0f:74:2a:01: 7e:55:0c:62:a4:6a:89:f2:a6:0b:fa:9a:67:e4:ff:6c:a5:79: 6d:73:0d:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgIUXnvP4vC63cGwv9w/lqVmE9VUnQ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMzAwODAwMjlaFw0yNjExMjkwODA1MjlaMDMxMTAvBgNV BAMTKERCOTkyOUU5OUYxQ0EwM0IzQkMyNDg5RkZBQzNBMzk1QTU0REUzNDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYyOt0Ioz154fT4dkkbYZICsCS /KKQKhzVRuD2git2lj6j2v77tQwwf5fNdO33ERJkLQEmCiAkgTuCPx9oVK4xK0dx WUqRrO+iK2T1CeDIlNwvDc+vzcHMhMDnE9bwJVTm9E84YHBCtBl7rsv9jo0QVFPO oIrH/OoXFle+5UOdrsG4wnzaZLikU2X4G8Tzp21xOx9SKsiIKB4TNVOow7H8j1jq AKQpKGnpxKkkrfe0VbXL04S8qv1tK/ZAmwMXPCG7AIO8hBnY77EYEvhaD+hY09bG SAkn4JPghx0G1xEXdLBLkrwN32FCZXc+st0FIU0YVoGJAxZqPAKgbgLxoEapAgMB AAGjggKOMIICijAdBgNVHQ4EFgQU25kp6Z8coDs7wkif+sOjlaVN40YwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwgaMGCCsGAQUFBwEHAQH/BIGTMIGQMIGNBAIAATCBhgME AFIVBwMEAFIWfgMEAFIWxAMEAFIWzQMEAFIXowMEAFIX+AMEAFIYUQMEAFIYbgME AFIYkAMEAFIZCwMEAFIZJwMEAFIZPAMEAFIZyAMEAFIacQMEAFIayjAMAwQAUht1 AwQAUht2AwQAUiYRAwQAUiYTAwQAUiYoAwQAUiYsAwQAUiY/MA0GCSqGSIb3DQEB CwUAA4IBAQA4s94NqkOHf9PD7IDmtN8MREIq8CTfK6hxrL1TjyJHvx03358CxgTO rqFyLfS/yBQ811Wj1+J5rA6hcCrvg7rVKxidaOle6TNCgnxjdDMonV8xm0ytdqPa wbZ9YfO0UN8w6ZjLgAXJpBi1gQCsjFHDW3Tywr9vt1yyuGxYeYw85TsHxaWMGqfK 57INC75zp/ly5PXvShJgrtX1SiQ2+ObjUQ5WFc909rchW5qzDwyGFA3KkZdNjj+3 nPno0CBfcEtKC9wrR09svT0B0DDEmB5FC2kgjyqR8w+DTq50YRqWHBQ0N3fNdg90 KgF+VQxipGqJ8qYL+ppn5P9spXltcw3w -----END CERTIFICATE-----Generated at Thu Dec 4 05:59:59 2025 by rpki-client