This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa File: AS28753.roa (raw, json) Hash identifier: iTdVV1iW+zF4Oagojxi3geWiIK0gUW2P2RtBYvzpWKg= Subject key identifier: B0:82:EB:99:18:50:0D:F5:BF:75:DC:A6:88:A4:42:62:DD:DC:DF:5C Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 18A1BDB90A79726AB7C5288C4CD6705112AFF8E3 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa Signing time: Fri 02 Jan 2026 15:55:33 +0000 ROA not before: Fri 02 Jan 2026 15:50:33 +0000 ROA not after: Fri 01 Jan 2027 15:55:33 +0000 asID: 28753 IP address blocks: 82.21.230.0/24 maxlen: 24 82.21.250.0/24 maxlen: 24 82.21.251.0/24 maxlen: 24 82.21.252.0/24 maxlen: 24 82.22.221.0/24 maxlen: 24 82.22.234.0/24 maxlen: 24 82.22.251.0/24 maxlen: 24 82.22.252.0/24 maxlen: 24 82.23.200.0/24 maxlen: 24 82.23.241.0/24 maxlen: 24 82.23.242.0/24 maxlen: 24 82.24.251.0/24 maxlen: 24 82.24.252.0/24 maxlen: 24 82.25.251.0/24 maxlen: 24 82.25.252.0/24 maxlen: 24 82.26.224.0/24 maxlen: 24 82.26.251.0/24 maxlen: 24 82.26.252.0/24 maxlen: 24 82.27.221.0/24 maxlen: 24 82.27.251.0/24 maxlen: 24 82.27.252.0/24 maxlen: 24 82.29.250.0/24 maxlen: 24 82.29.251.0/24 maxlen: 24 82.29.252.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 08 Jan 2026 15:30:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:a1:bd:b9:0a:79:72:6a:b7:c5:28:8c:4c:d6:70:51:12:af:f8:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Jan 2 15:50:33 2026 GMT Not After : Jan 1 15:55:33 2027 GMT Subject: CN=B082EB9918500DF5BF75DCA688A44262DDDCDF5C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:26:5d:32:98:a5:3c:1e:4c:a7:69:b4:28:ae: 58:0b:81:a5:66:e5:75:7b:d0:34:02:b6:75:10:d8: 32:1f:94:d4:93:9e:a6:ff:7f:27:f9:5c:c1:1e:55: 5f:ce:99:40:f7:9d:cd:5c:04:ca:8a:12:4f:ca:01: 18:06:28:e6:17:be:cb:b2:36:7f:b1:3d:79:01:6b: 36:46:41:33:0e:6e:d3:cf:7d:ca:f4:71:5a:07:6f: 2a:85:37:e6:48:f0:aa:c9:18:23:ad:70:05:a4:68: a8:a4:c5:1e:88:e3:6a:54:ea:48:35:c8:16:c1:a0: 72:ef:9a:48:25:29:46:f4:90:5e:6a:89:a0:40:a6: 77:f3:05:6d:44:4a:36:e5:4f:23:b6:f6:cf:38:3e: 41:39:9c:39:52:b7:22:3a:36:8a:98:df:d6:84:85: 3e:db:76:7d:c3:92:6c:84:52:0a:12:0c:94:5c:7b: b5:0f:b9:59:59:1f:49:6a:51:21:e2:84:56:2e:ac: cd:6b:cc:0c:0f:27:96:e9:86:19:96:c9:e9:26:d1: 41:21:84:c6:de:4b:7a:be:df:74:33:42:be:da:6f: 57:05:22:b3:db:0e:23:e6:3a:f2:83:40:30:92:f8: 3e:44:5d:06:48:c2:4a:97:af:24:94:18:df:37:71: 50:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:82:EB:99:18:50:0D:F5:BF:75:DC:A6:88:A4:42:62:DD:DC:DF:5C X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS28753.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.230.0/24 82.21.250.0-82.21.252.255 82.22.221.0/24 82.22.234.0/24 82.22.251.0-82.22.252.255 82.23.200.0/24 82.23.241.0-82.23.242.255 82.24.251.0-82.24.252.255 82.25.251.0-82.25.252.255 82.26.224.0/24 82.26.251.0-82.26.252.255 82.27.221.0/24 82.27.251.0-82.27.252.255 82.29.250.0-82.29.252.255 Signature Algorithm: sha256WithRSAEncryption 10:2e:96:47:ac:a8:d9:a7:f1:ab:0c:bc:8c:61:cf:1d:21:38: fe:3b:ef:1d:a4:6d:25:b7:b3:f9:f1:4f:a7:38:c8:ad:32:4a: cd:30:b4:04:e1:5a:93:61:2f:b3:ab:5f:2a:0b:1c:14:ea:19: a0:a9:88:c8:f8:70:b5:00:6c:ee:83:e5:f6:25:31:4c:16:49: 8e:59:b8:04:cb:80:f6:01:c8:30:15:5d:cf:d3:70:08:40:a9: 03:9e:ed:21:ad:7b:e0:b5:04:b2:83:41:f4:8c:6f:46:25:b3: 63:64:23:82:2a:c1:31:e3:51:03:3b:f2:f5:74:54:37:94:e0: dd:2d:f1:0f:78:5b:38:03:ab:ae:da:d2:51:9f:ea:e0:e3:7e: 71:e0:65:b0:cc:ef:a6:eb:54:8c:b7:b6:05:eb:81:05:41:84: 8e:cc:f0:2a:c1:e6:77:01:d2:16:6b:b4:d4:9f:63:33:8b:fe: e1:20:a2:ff:fc:fb:01:40:1b:71:71:ae:4f:9b:78:70:f7:72: 24:a5:d8:04:c3:d4:66:14:a4:bf:ab:b8:92:ee:da:d0:31:c2: e4:0c:9f:c9:2a:8a:24:c8:90:4a:47:4c:a3:18:f5:2e:d4:3c: 4a:c9:7b:44:20:06:3d:cd:b3:e8:67:49:d9:ec:c4:7d:2a:7f: cd:a6:e2:11 -----BEGIN CERTIFICATE----- MIIFkjCCBHqgAwIBAgIUGKG9uQp5cmq3xSiMTNZwURKv+OMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNjAxMDIxNTUwMzNaFw0yNzAxMDExNTU1MzNaMDMxMTAvBgNV BAMTKEIwODJFQjk5MTg1MDBERjVCRjc1RENBNjg4QTQ0MjYyREREQ0RGNUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaJl0ymKU8HkynabQorlgLgaVm 5XV70DQCtnUQ2DIflNSTnqb/fyf5XMEeVV/OmUD3nc1cBMqKEk/KARgGKOYXvsuy Nn+xPXkBazZGQTMObtPPfcr0cVoHbyqFN+ZI8KrJGCOtcAWkaKikxR6I42pU6kg1 yBbBoHLvmkglKUb0kF5qiaBApnfzBW1ESjblTyO29s84PkE5nDlStyI6NoqY39aE hT7bdn3DkmyEUgoSDJRce7UPuVlZH0lqUSHihFYurM1rzAwPJ5bphhmWyekm0UEh hMbeS3q+33QzQr7ab1cFIrPbDiPmOvKDQDCS+D5EXQZIwkqXrySUGN83cVBFAgMB AAGjggKcMIICmDAdBgNVHQ4EFgQUsILrmRhQDfW/ddymiKRCYt3c31wwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjg3NTMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwgbEGCCsGAQUFBwEHAQH/BIGhMIGeMIGbBAIAATCBlAME AFIV5jAMAwQBUhX6AwQAUhX8AwQAUhbdAwQAUhbqMAwDBABSFvsDBABSFvwDBABS F8gwDAMEAFIX8QMEAFIX8jAMAwQAUhj7AwQAUhj8MAwDBABSGfsDBABSGfwDBABS GuAwDAMEAFIa+wMEAFIa/AMEAFIb3TAMAwQAUhv7AwQAUhv8MAwDBAFSHfoDBABS HfwwDQYJKoZIhvcNAQELBQADggEBABAulkesqNmn8asMvIxhzx0hOP477x2kbSW3 s/nxT6c4yK0ySs0wtAThWpNhL7OrXyoLHBTqGaCpiMj4cLUAbO6D5fYlMUwWSY5Z uATLgPYByDAVXc/TcAhAqQOe7SGte+C1BLKDQfSMb0Yls2NkI4IqwTHjUQM78vV0 VDeU4N0t8Q94WzgDq67a0lGf6uDjfnHgZbDM76brVIy3tgXrgQVBhI7M8CrB5ncB 0hZrtNSfYzOL/uEgov/8+wFAG3Fxrk+beHD3ciSl2ATD1GYUpL+ruJLu2tAxwuQM n8kqiiTIkEpHTKMY9S7UPErJe0QgBj3Ns+hnSdnsxH0qf82m4hE= -----END CERTIFICATE-----Generated at Wed Jan 7 17:19:04 2026 by rpki-client