This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa File: AS203020.roa (raw, json) Hash identifier: F/B6xz9iWz9yCayskIZQuLLpZk2fw16imfOsVaUtaq0= Subject key identifier: 49:95:B0:6E:3C:9E:50:C6:C1:57:7E:AE:76:D5:07:23:02:6C:FF:D7 Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Certificate serial: 30BC4AFEEA6C98516FE11CE9FADBBABE37769B50 Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa Signing time: Fri 09 Jan 2026 12:55:33 +0000 ROA not before: Fri 09 Jan 2026 12:50:33 +0000 ROA not after: Fri 08 Jan 2027 12:55:33 +0000 asID: 203020 IP address blocks: 2.57.176.0/22 maxlen: 24 45.140.236.0/22 maxlen: 24 193.0.234.0/23 maxlen: 24 193.161.206.0/24 maxlen: 24 212.80.192.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:bc:4a:fe:ea:6c:98:51:6f:e1:1c:e9:fa:db:ba:be:37:76:9b:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Validity Not Before: Jan 9 12:50:33 2026 GMT Not After : Jan 8 12:55:33 2027 GMT Subject: CN=4995B06E3C9E50C6C1577EAE76D50723026CFFD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3e:38:71:4a:65:c7:a7:84:9c:5b:bd:fe:4d: 78:c5:52:f2:7d:12:5c:f8:77:65:76:bc:db:47:bc: a6:b6:e5:26:0b:88:e0:d3:47:5a:f8:a3:47:4b:11: cf:d6:86:cc:0c:be:70:ae:b8:f1:f4:36:38:8d:84: dc:e0:1d:87:45:5a:86:e1:84:53:ec:51:20:b4:fd: 78:aa:f6:3b:e1:00:24:f7:e0:96:34:4c:82:6a:06: 3c:fc:09:4a:ce:09:a7:c1:bb:62:95:02:86:59:82: 36:9a:ae:fe:cf:4d:2b:f1:4e:85:89:ea:58:54:10: be:d4:fe:04:d5:00:76:6c:de:a3:ad:10:ed:95:14: db:65:f1:46:5c:b6:37:92:eb:92:55:ae:ea:22:11: df:b5:fe:2b:0a:6f:1f:14:c9:92:51:ac:0a:3d:f0: fc:2b:99:d1:43:9d:bd:e6:91:5c:6b:f1:cc:ad:34: 15:6b:37:38:73:90:08:9a:03:df:5b:c9:8d:1a:60: 6a:ed:57:44:f9:ac:a9:11:b8:a2:3b:c3:70:8a:b5: 32:6f:d4:24:36:b3:84:8f:d7:18:b0:3e:23:ac:89: 8b:24:40:6d:a7:cd:19:b9:6e:16:09:70:e8:62:31: 01:11:5d:44:1c:7d:04:83:3f:b3:f0:7d:96:9a:a0: ff:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:95:B0:6E:3C:9E:50:C6:C1:57:7E:AE:76:D5:07:23:02:6C:FF:D7 X509v3 Authority Key Identifier: keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS203020.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.57.176.0/22 45.140.236.0/22 193.0.234.0/23 193.161.206.0/24 212.80.192.0/22 Signature Algorithm: sha256WithRSAEncryption cb:5a:cf:f3:90:bc:0b:76:b6:7a:65:97:cc:44:d2:1c:2e:d7: ea:0c:fa:81:d9:72:7a:a9:b9:60:96:46:73:29:f1:69:3c:e3: 00:5d:7a:48:26:f4:ed:ff:9f:b4:77:84:ce:e8:18:79:50:9c: df:37:4c:38:63:a5:02:08:f1:c3:4d:79:bd:2a:01:a4:d6:65: 02:05:e9:81:5f:d9:a0:5c:be:1f:64:1e:c3:c7:a8:6f:08:ba: db:f7:36:a9:2f:50:8c:02:b2:9d:ac:ca:cd:12:71:31:d1:3b: 07:59:ee:67:4e:a2:68:71:5e:ff:bf:9b:ab:64:9e:0c:61:88: 15:8a:e0:1a:46:8a:d7:d8:f1:5a:10:01:03:55:86:64:1a:55: 45:9f:5f:0a:c7:10:49:09:09:fe:a5:80:1e:7c:06:c6:38:fe: 45:11:94:96:fa:76:e3:3f:f7:4b:f4:95:49:d6:fc:80:45:82: b9:ff:d2:22:af:8c:94:7b:85:df:97:aa:b9:58:d0:22:c1:31: 07:b9:d0:75:d4:5e:13:aa:9a:84:1a:eb:fc:24:1b:00:b0:07: 4a:e5:76:13:b2:76:30:65:f5:c9:bc:f0:a2:4b:ec:b8:f4:a9: 99:2e:9a:17:76:18:2e:63:83:03:f2:4f:27:0a:61:b0:02:ac: f0:b2:c1:96 -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUMLxK/upsmFFv4Rzp+tu6vjd2m1AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi MmQ2ZWQ5ZDAeFw0yNjAxMDkxMjUwMzNaFw0yNzAxMDgxMjU1MzNaMDMxMTAvBgNV BAMTKDQ5OTVCMDZFM0M5RTUwQzZDMTU3N0VBRTc2RDUwNzIzMDI2Q0ZGRDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9PjhxSmXHp4ScW73+TXjFUvJ9 Elz4d2V2vNtHvKa25SYLiODTR1r4o0dLEc/WhswMvnCuuPH0NjiNhNzgHYdFWobh hFPsUSC0/Xiq9jvhACT34JY0TIJqBjz8CUrOCafBu2KVAoZZgjaarv7PTSvxToWJ 6lhUEL7U/gTVAHZs3qOtEO2VFNtl8UZctjeS65JVruoiEd+1/isKbx8UyZJRrAo9 8PwrmdFDnb3mkVxr8cytNBVrNzhzkAiaA99byY0aYGrtV0T5rKkRuKI7w3CKtTJv 1CQ2s4SP1xiwPiOsiYskQG2nzRm5bhYJcOhiMQERXUQcfQSDP7PwfZaaoP9RAgMB AAGjggIiMIICHjAdBgNVHQ4EFgQUSZWwbjyeUMbBV36udtUHIwJs/9cwHwYDVR0j BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM VzdaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjAzMDIwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjmw AwQCLYzsAwQBwQDqAwQAwaHOAwQC1FDAMA0GCSqGSIb3DQEBCwUAA4IBAQDLWs/z kLwLdrZ6ZZfMRNIcLtfqDPqB2XJ6qblglkZzKfFpPOMAXXpIJvTt/5+0d4TO6Bh5 UJzfN0w4Y6UCCPHDTXm9KgGk1mUCBemBX9mgXL4fZB7Dx6hvCLrb9zapL1CMArKd rMrNEnEx0TsHWe5nTqJocV7/v5urZJ4MYYgViuAaRorX2PFaEAEDVYZkGlVFn18K xxBJCQn+pYAefAbGOP5FEZSW+nbjP/dL9JVJ1vyARYK5/9Iir4yUe4Xfl6q5WNAi wTEHudB11F4TqpqEGuv8JBsAsAdK5XYTsnYwZfXJvPCiS+y49KmZLpoXdhguY4MD 8k8nCmGwAqzwssGW -----END CERTIFICATE-----Generated at Sun Jan 18 10:49:41 2026 by rpki-client