This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa File: AS40676.roa (raw, json) Hash identifier: H4mD7UZnma1nRaIYVnBpEtxOesmZ4a+mMpIAwQHrFkE= Subject key identifier: 3A:26:90:A7:DD:C7:F5:20:97:CD:F1:DC:6D:75:07:A7:66:35:80:6F Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 46A354FE57F1A3978E95E8C670AD0DD22BC4AA9D Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa Signing time: Tue 18 Nov 2025 14:48:30 +0000 ROA not before: Tue 18 Nov 2025 14:43:30 +0000 ROA not after: Tue 17 Nov 2026 14:48:30 +0000 asID: 40676 IP address blocks: 82.38.24.0/22 maxlen: 24 82.38.52.0/22 maxlen: 24 82.38.72.0/22 maxlen: 24 82.38.88.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 00:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:a3:54:fe:57:f1:a3:97:8e:95:e8:c6:70:ad:0d:d2:2b:c4:aa:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 18 14:43:30 2025 GMT Not After : Nov 17 14:48:30 2026 GMT Subject: CN=3A2690A7DDC7F52097CDF1DC6D7507A76635806F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:6e:31:b5:85:b6:86:f1:33:4f:7e:f2:58:5c: 1b:6a:30:bc:15:05:51:34:0e:ce:8f:a7:3e:aa:b1: 51:83:e2:00:12:da:37:dc:d5:89:42:7c:e3:ce:e5: e1:33:42:ff:34:46:59:a5:57:c6:2d:4f:f6:7f:61: 3d:f5:69:bc:7a:7f:2e:96:b7:83:4d:a5:22:8a:0d: 05:fb:e7:b5:f7:e6:96:b6:e4:63:6e:4d:db:2a:7b: 39:f0:23:a2:5a:41:a3:38:25:8c:3f:7d:51:10:00: d6:24:b0:ef:eb:37:86:0c:f2:7c:b9:cd:b8:df:dc: fe:7a:b4:af:c1:da:10:75:7f:50:58:d8:05:c1:53: 23:fa:24:c8:b6:66:a8:3e:17:91:d3:c4:5f:ee:48: b1:05:9e:9e:31:5a:ea:51:21:c6:6a:96:d2:46:ba: 3d:f1:3a:89:25:b1:e9:93:b4:61:bb:10:3f:45:e9: 1a:58:42:ea:4d:4c:13:85:97:2e:16:0c:05:27:1e: 34:33:6b:6b:52:ab:4c:00:f7:16:ca:f4:8b:2f:22: 10:fe:c2:1e:ef:7f:bc:a2:9f:05:b9:2d:b3:d5:d4: b9:20:0b:03:aa:d5:66:68:4e:ef:de:5c:ca:45:70: e2:11:49:0f:ac:f8:8e:87:bd:e2:de:8b:5d:4d:1c: 71:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:26:90:A7:DD:C7:F5:20:97:CD:F1:DC:6D:75:07:A7:66:35:80:6F X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS40676.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.38.24.0/22 82.38.52.0/22 82.38.72.0/22 82.38.88.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:13:be:89:0b:1e:21:1b:e2:03:bb:b3:26:08:b3:ff:8e:41: ab:9e:94:4c:d3:72:eb:06:e5:ba:8c:4a:e4:9c:d5:12:df:ca: 95:23:65:90:f7:35:c6:6c:47:cf:8a:1b:78:c5:72:72:7c:dc: a3:22:37:59:37:64:8f:a9:b9:12:97:60:de:48:5d:f4:32:1c: 7e:0e:83:04:55:c4:68:65:f8:97:6d:a5:89:28:4d:ea:65:b1: d3:d2:42:e6:a6:d7:54:99:b5:50:ba:37:46:dc:e2:75:40:31: 9a:9c:a4:ed:a9:9f:80:4b:a8:c7:58:2c:fe:15:bf:26:ac:82: 1a:a3:6b:68:dc:f5:7c:51:e4:29:c7:62:65:6c:be:1f:35:35: 7d:62:8b:21:aa:ac:19:e3:c2:b6:62:97:52:d4:8b:85:07:61: d1:46:2e:8f:2f:85:58:60:b7:05:18:04:de:e4:1f:d1:44:81: 10:fa:de:e6:77:64:77:04:12:04:58:9f:31:01:26:74:1f:9a: d0:89:3e:9d:a8:fc:7c:8c:bf:0a:01:ce:d4:5d:4d:bb:40:9a: 7f:28:e4:d6:63:03:7e:61:7c:b0:70:4f:74:94:64:1f:2b:34: 49:32:8e:11:d1:db:34:7f:2f:52:e7:95:f1:d2:f7:fb:36:9f: 79:d2:d6:e2 -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIURqNU/lfxo5eOlejGcK0N0ivEqp0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMTgxNDQzMzBaFw0yNjExMTcxNDQ4MzBaMDMxMTAvBgNV BAMTKDNBMjY5MEE3RERDN0Y1MjA5N0NERjFEQzZENzUwN0E3NjYzNTgwNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAbjG1hbaG8TNPfvJYXBtqMLwV BVE0Ds6Ppz6qsVGD4gAS2jfc1YlCfOPO5eEzQv80RlmlV8YtT/Z/YT31abx6fy6W t4NNpSKKDQX757X35pa25GNuTdsqeznwI6JaQaM4JYw/fVEQANYksO/rN4YM8ny5 zbjf3P56tK/B2hB1f1BY2AXBUyP6JMi2Zqg+F5HTxF/uSLEFnp4xWupRIcZqltJG uj3xOoklsemTtGG7ED9F6RpYQupNTBOFly4WDAUnHjQza2tSq0wA9xbK9IsvIhD+ wh7vf7yinwW5LbPV1LkgCwOq1WZoTu/eXMpFcOIRSQ+s+I6HveLei11NHHHBAgMB AAGjggIbMIICFzAdBgNVHQ4EFgQUOiaQp93H9SCXzfHcbXUHp2Y1gG8wHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAJSJhgD BAJSJjQDBAJSJkgDBAJSJlgwDQYJKoZIhvcNAQELBQADggEBAJ8TvokLHiEb4gO7 syYIs/+OQauelEzTcusG5bqMSuSc1RLfypUjZZD3NcZsR8+KG3jFcnJ83KMiN1k3 ZI+puRKXYN5IXfQyHH4OgwRVxGhl+JdtpYkoTeplsdPSQuam11SZtVC6N0bc4nVA MZqcpO2pn4BLqMdYLP4Vvyasghqja2jc9XxR5CnHYmVsvh81NX1iiyGqrBnjwrZi l1LUi4UHYdFGLo8vhVhgtwUYBN7kH9FEgRD63uZ3ZHcEEgRYnzEBJnQfmtCJPp2o /HyMvwoBztRdTbtAmn8o5NZjA35hfLBwT3SUZB8rNEkyjhHR2zR/L1LnlfHS9/s2 n3nS1uI= -----END CERTIFICATE-----Generated at Thu Dec 4 06:00:38 2025 by rpki-client