This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa File: AS400909.roa (raw, json) Hash identifier: iAZg3CXLjetZb3JyVFvKzQPY3UPdijb/rucDoYfQwqc= Subject key identifier: 1B:02:77:FC:82:F7:06:80:AA:FD:E9:C7:2A:BD:87:01:49:17:A8:B1 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 2D06BAC0F5963DD1F5917D1F209EED1AADBED53C Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa Signing time: Thu 20 Nov 2025 08:49:59 +0000 ROA not before: Thu 20 Nov 2025 08:44:59 +0000 ROA not after: Thu 19 Nov 2026 08:49:59 +0000 asID: 400909 IP address blocks: 82.24.174.0/24 maxlen: 24 82.25.205.0/24 maxlen: 24 82.29.110.0/23 maxlen: 23 82.29.118.0/23 maxlen: 23 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:06:ba:c0:f5:96:3d:d1:f5:91:7d:1f:20:9e:ed:1a:ad:be:d5:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 20 08:44:59 2025 GMT Not After : Nov 19 08:49:59 2026 GMT Subject: CN=1B0277FC82F70680AAFDE9C72ABD87014917A8B1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:74:8a:82:7c:be:18:c7:07:00:c7:69:eb:42: 13:2f:cb:78:3f:1a:6d:95:90:30:3a:6d:7a:b9:5c: 98:62:17:73:65:a5:85:1e:25:a3:6d:82:2b:90:cc: c3:18:f9:32:9a:3e:bd:f9:ae:39:50:3e:1c:ab:2a: e8:21:8b:86:83:e7:1b:e7:84:e5:f6:c1:ff:39:d7: bf:75:f1:45:06:fb:6f:10:b3:c9:e3:c1:90:bf:67: 15:11:17:68:ee:88:8c:24:c6:1a:ea:a7:69:7e:e5: f9:ec:d5:6d:48:77:cb:12:8b:d3:97:42:6c:09:b7: 7f:02:b1:b3:c8:47:f2:d6:99:e4:9b:6d:df:08:74: c3:39:68:46:14:a1:a8:6a:5b:78:2b:be:4c:e0:ac: 13:8b:c3:42:ff:10:d2:6a:4a:e5:c1:f6:42:78:92: 36:8c:2c:d3:6a:bd:a0:6d:cf:a5:76:0e:f8:cc:3e: fa:e6:ce:ac:b1:bf:25:f0:5a:82:57:52:f5:a6:ef: b9:03:b9:c6:9f:37:b0:98:a0:6d:be:23:f5:88:22: 98:0f:dd:4e:41:0f:c1:3b:2a:d8:cc:b9:12:5a:f9: 7f:5d:cd:32:12:07:df:24:dd:52:06:e5:f7:33:4e: 86:91:c0:e9:dc:c0:43:07:89:70:9e:49:1e:c5:c1: 46:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:02:77:FC:82:F7:06:80:AA:FD:E9:C7:2A:BD:87:01:49:17:A8:B1 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS400909.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.24.174.0/24 82.25.205.0/24 82.29.110.0/23 82.29.118.0/23 Signature Algorithm: sha256WithRSAEncryption 27:80:c4:b5:e1:aa:40:1f:6f:db:79:69:9f:b4:17:fc:5a:f5: 16:54:31:7d:09:bb:2f:0d:28:41:db:25:f4:80:54:4f:e4:bc: 07:c6:b9:7f:65:1b:35:a6:3e:68:f8:8e:26:80:48:df:e0:21: ba:1c:1e:4e:07:d9:5a:ee:d7:ec:68:69:11:dc:12:0d:3e:21: f3:38:85:1a:9f:de:0b:e2:98:a8:75:ea:f2:c5:c7:4d:14:cf: 49:b4:7f:c9:cf:a5:7a:79:da:95:a9:15:86:1d:34:dd:15:6e: 7d:08:d1:05:aa:6a:59:8c:fd:a9:b1:ec:eb:78:c9:47:85:2f: b3:f2:b2:9b:83:ae:68:a3:4d:19:f8:61:e5:a2:ac:44:a9:3f: 37:16:ef:97:02:02:b9:80:f0:cb:ff:04:e2:d8:68:1d:07:72: 6e:b0:c6:b9:fe:cf:62:7f:7c:7b:67:db:6a:73:7c:d3:a2:d1: 77:f3:eb:a8:81:70:df:48:ff:42:d9:3b:af:87:d0:8b:f1:a8: b5:2c:3c:51:3a:4a:f0:22:5e:5a:bd:75:47:19:c8:73:e9:fa: b3:ca:56:87:6e:8b:60:1d:21:3d:20:9d:3a:ea:f7:fb:18:bc: 6b:23:b9:c3:8c:bf:76:46:1f:5b:ae:9e:8d:fc:bb:7c:fb:e5: 26:d9:7b:f0 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIULQa6wPWWPdH1kX0fIJ7tGq2+1TwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMjAwODQ0NTlaFw0yNjExMTkwODQ5NTlaMDMxMTAvBgNV BAMTKDFCMDI3N0ZDODJGNzA2ODBBQUZERTlDNzJBQkQ4NzAxNDkxN0E4QjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3dIqCfL4YxwcAx2nrQhMvy3g/ Gm2VkDA6bXq5XJhiF3NlpYUeJaNtgiuQzMMY+TKaPr35rjlQPhyrKughi4aD5xvn hOX2wf8517918UUG+28Qs8njwZC/ZxURF2juiIwkxhrqp2l+5fns1W1Id8sSi9OX QmwJt38CsbPIR/LWmeSbbd8IdMM5aEYUoahqW3grvkzgrBOLw0L/ENJqSuXB9kJ4 kjaMLNNqvaBtz6V2DvjMPvrmzqyxvyXwWoJXUvWm77kDucafN7CYoG2+I/WIIpgP 3U5BD8E7KtjMuRJa+X9dzTISB98k3VIG5fczToaRwOncwEMHiXCeSR7FwUaLAgMB AAGjggIcMIICGDAdBgNVHQ4EFgQUGwJ3/IL3BoCq/enHKr2HAUkXqLEwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDAwOTA5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUhiu AwQAUhnNAwQBUh1uAwQBUh12MA0GCSqGSIb3DQEBCwUAA4IBAQAngMS14apAH2/b eWmftBf8WvUWVDF9CbsvDShB2yX0gFRP5LwHxrl/ZRs1pj5o+I4mgEjf4CG6HB5O B9la7tfsaGkR3BINPiHzOIUan94L4pioderyxcdNFM9JtH/Jz6V6edqVqRWGHTTd FW59CNEFqmpZjP2psezreMlHhS+z8rKbg65oo00Z+GHloqxEqT83Fu+XAgK5gPDL /wTi2GgdB3JusMa5/s9if3x7Z9tqc3zTotF38+uogXDfSP9C2Tuvh9CL8ai1LDxR OkrwIl5avXVHGchz6fqzylaHbotgHSE9IJ066vf7GLxrI7nDjL92Rh9brp6N/Lt8 ++Um2Xvw -----END CERTIFICATE-----Generated at Thu Dec 4 06:00:40 2025 by rpki-client