This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa File: AS396356.roa (raw, json) Hash identifier: ji8gDxko4STdkhQvx8wl5k+UFt9613iuUVOaDJ10nmU= Subject key identifier: 73:38:C9:12:14:BC:12:AA:96:4F:F7:62:29:84:7C:40:05:29:C7:BC Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 3E804B9318C9449EF3BAADF47859B4E934EF214C Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa Signing time: Mon 24 Nov 2025 12:49:26 +0000 ROA not before: Mon 24 Nov 2025 12:44:26 +0000 ROA not after: Mon 23 Nov 2026 12:49:26 +0000 asID: 396356 IP address blocks: 82.21.96.0/22 maxlen: 22 82.21.242.0/24 maxlen: 24 82.24.68.0/22 maxlen: 22 82.26.243.0/24 maxlen: 24 82.27.100.0/24 maxlen: 24 82.27.243.0/24 maxlen: 24 82.39.64.0/23 maxlen: 23 82.39.81.0/24 maxlen: 24 2a13:9500:1c::/48 maxlen: 48 2a13:9500:1d::/48 maxlen: 48 2a13:9500:1e::/48 maxlen: 48 2a13:9500:1f::/48 maxlen: 48 2a13:9500:33::/48 maxlen: 48 2a13:9500:82::/48 maxlen: 48 2a13:9500:83::/48 maxlen: 48 2a13:9500:84::/48 maxlen: 48 2a13:9500:85::/48 maxlen: 48 2a13:9500:86::/48 maxlen: 48 2a13:9500:87::/48 maxlen: 48 2a13:9500:88::/48 maxlen: 48 2a13:9500:89::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:80:4b:93:18:c9:44:9e:f3:ba:ad:f4:78:59:b4:e9:34:ef:21:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 24 12:44:26 2025 GMT Not After : Nov 23 12:49:26 2026 GMT Subject: CN=7338C91214BC12AA964FF76229847C400529C7BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:05:4e:16:da:ce:42:66:51:c5:83:90:90:21: f7:ac:76:59:14:67:3a:2b:2e:5f:c1:4c:73:15:77: e2:99:c9:1d:7b:f0:eb:95:6a:21:9a:78:8f:8b:4a: ea:f3:95:c6:e2:0e:43:4e:73:3b:41:eb:4a:7f:e1: 74:4f:30:65:0f:3b:7b:3f:f8:33:0a:51:ac:0b:e8: 4c:3f:95:0a:00:41:ef:e3:4b:ca:16:f8:11:fc:9c: 80:35:d4:ef:9a:82:07:11:23:52:a7:23:45:3d:38: 53:60:8e:be:38:5a:26:64:9b:35:c5:e4:00:14:22: 24:6c:4c:7b:46:d0:80:19:71:55:22:69:fd:72:cb: 01:96:16:61:f5:4b:28:2b:b0:9c:81:d5:cf:3c:8e: ab:5f:b5:c1:72:f6:9d:09:f2:37:25:71:6d:1f:ba: 59:1b:d9:85:bb:14:d7:0f:d7:52:c8:b4:05:09:20: e5:be:a5:c2:77:9a:8c:8c:f3:94:90:09:01:e8:01: 85:ad:54:6b:86:5a:0d:1a:48:7c:16:d9:3a:68:fd: bb:1f:4d:4f:83:74:0d:77:5d:f8:88:b2:0b:df:ec: 92:27:7a:9d:80:3c:11:eb:a0:52:f1:d2:59:80:1a: 52:e4:6b:fd:3d:4f:b9:31:8d:f9:1c:54:e3:78:f7: c6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:38:C9:12:14:BC:12:AA:96:4F:F7:62:29:84:7C:40:05:29:C7:BC X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS396356.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.96.0/22 82.21.242.0/24 82.24.68.0/22 82.26.243.0/24 82.27.100.0/24 82.27.243.0/24 82.39.64.0/23 82.39.81.0/24 IPv6: 2a13:9500:1c::/46 2a13:9500:33::/48 2a13:9500:82::-2a13:9500:89:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 16:d4:3a:72:ac:df:72:24:94:ec:98:24:27:e9:34:6f:80:d4: 5e:0c:fa:4e:0f:21:ff:e9:49:c8:e2:05:0c:1b:17:9f:12:f3: a4:76:e3:a2:6d:eb:62:a5:43:a7:dd:ef:e3:23:e1:de:bc:47: c7:62:6e:e6:ea:8b:92:5b:b6:15:61:38:30:e0:34:de:8d:08: 36:b8:8d:1b:1a:33:4c:79:02:16:1b:93:08:de:46:78:ff:1e: 94:af:86:a1:28:bf:4f:c6:2d:77:8b:83:cf:88:40:35:11:7c: 8e:c6:98:6b:89:66:b7:bd:be:10:b7:79:af:95:97:f4:56:a3: 73:a7:ac:77:64:cf:b0:3c:11:e6:a8:0d:2b:18:6f:b5:12:59: 52:cb:7f:5c:86:b0:a3:ff:5c:06:d7:27:be:31:6f:e6:36:e0: 6f:ac:0e:3f:cc:1f:0d:f6:98:6a:98:67:9d:af:ab:c9:b5:48: 91:cd:79:31:00:85:39:93:85:09:b2:cd:01:56:e0:fa:6a:56: 5d:49:24:99:1c:72:d5:b2:b6:50:e2:35:f5:6a:c2:36:30:bf: 0e:d3:ea:84:8f:99:ea:db:51:90:73:1f:60:33:6d:80:c3:36: 8a:5d:3b:36:48:bc:53:ee:32:b3:26:04:73:6b:33:00:1b:22: 39:fc:e4:01 -----BEGIN CERTIFICATE----- MIIFWDCCBECgAwIBAgIUPoBLkxjJRJ7zuq30eFm06TTvIUwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMjQxMjQ0MjZaFw0yNjExMjMxMjQ5MjZaMDMxMTAvBgNV BAMTKDczMzhDOTEyMTRCQzEyQUE5NjRGRjc2MjI5ODQ3QzQwMDUyOUM3QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEBU4W2s5CZlHFg5CQIfesdlkU ZzorLl/BTHMVd+KZyR178OuVaiGaeI+LSurzlcbiDkNOcztB60p/4XRPMGUPO3s/ +DMKUawL6Ew/lQoAQe/jS8oW+BH8nIA11O+aggcRI1KnI0U9OFNgjr44WiZkmzXF 5AAUIiRsTHtG0IAZcVUiaf1yywGWFmH1SygrsJyB1c88jqtftcFy9p0J8jclcW0f ulkb2YW7FNcP11LItAUJIOW+pcJ3moyM85SQCQHoAYWtVGuGWg0aSHwW2Tpo/bsf TU+DdA13XfiIsgvf7JInep2APBHroFLx0lmAGlLka/09T7kxjfkcVON498bnAgMB AAGjggJiMIICXjAdBgNVHQ4EFgQUczjJEhS8EqqWT/diKYR8QAUpx7wwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk2MzU2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjA2BAIAATAwAwQCUhVg AwQAUhXyAwQCUhhEAwQAUhrzAwQAUhtkAwQAUhvzAwQBUidAAwQAUidRMCwEAgAC MCYDBwIqE5UAABwDBwAqE5UAADMwEgMHASoTlQAAggMHASoTlQAAiDANBgkqhkiG 9w0BAQsFAAOCAQEAFtQ6cqzfciSU7JgkJ+k0b4DUXgz6Tg8h/+lJyOIFDBsXnxLz pHbjom3rYqVDp93v4yPh3rxHx2Ju5uqLklu2FWE4MOA03o0INriNGxozTHkCFhuT CN5GeP8elK+GoSi/T8Ytd4uDz4hANRF8jsaYa4lmt72+ELd5r5WX9Fajc6esd2TP sDwR5qgNKxhvtRJZUst/XIawo/9cBtcnvjFv5jbgb6wOP8wfDfaYaphnna+rybVI kc15MQCFOZOFCbLNAVbg+mpWXUkkmRxy1bK2UOI19WrCNjC/DtPqhI+Z6ttRkHMf YDNtgMM2il07Nki8U+4ysyYEc2szABsiOfzkAQ== -----END CERTIFICATE-----Generated at Thu Dec 4 06:00:38 2025 by rpki-client