This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa File: AS21859.roa (raw, json) Hash identifier: KUW1U2EV5uRz+Ejn/nekOu3LRR9yHYAMzjPR6JpCLK8= Subject key identifier: 07:88:08:8B:82:81:25:3C:B0:1B:5F:5F:2B:02:B1:63:C6:AF:F4:E7 Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Certificate serial: 12167EA716501804D261031160DB0816B320C3D6 Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa Signing time: Tue 16 Dec 2025 02:19:33 +0000 ROA not before: Tue 16 Dec 2025 02:14:33 +0000 ROA not after: Tue 15 Dec 2026 02:19:33 +0000 asID: 21859 IP address blocks: 185.155.222.0/24 maxlen: 24 193.29.98.0/24 maxlen: 24 195.206.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 13:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12:16:7e:a7:16:50:18:04:d2:61:03:11:60:db:08:16:b3:20:c3:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Validity Not Before: Dec 16 02:14:33 2025 GMT Not After : Dec 15 02:19:33 2026 GMT Subject: CN=0788088B8281253CB01B5F5F2B02B163C6AFF4E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:34:c9:0f:80:c4:81:d2:97:99:2e:9a:1a:6a: f8:c8:54:0b:38:a9:82:22:61:e9:85:5a:ef:cb:f8: 0d:24:07:14:33:48:0f:fd:81:a6:e9:1b:d4:9e:1e: f3:58:56:3f:56:4a:58:6c:47:0e:df:db:11:0c:8f: 2e:9a:bc:f8:d0:f1:ee:5a:27:5b:f1:ac:d8:4c:cd: 88:65:12:f1:31:ad:9e:05:d5:b3:9c:35:ca:0c:d0: 0e:51:8a:b1:13:d0:24:46:a6:8c:1b:f9:49:e4:bc: 9d:8c:e6:e3:c0:92:a7:df:19:79:1f:aa:ef:f4:7e: 25:8d:d0:e6:4d:ca:06:f6:78:ad:de:34:14:d5:72: 90:41:1d:23:ea:26:af:be:5f:b3:25:b4:c6:9c:5d: c1:02:b5:03:9f:23:0e:28:a0:a2:45:e1:8a:b7:cc: fc:b5:0a:80:47:c6:0a:fe:d5:7b:1b:44:f3:56:35: cd:0a:e6:cf:94:48:06:f3:70:d5:ad:c1:63:57:91: 4b:a8:c6:80:a3:c5:e8:b5:87:d3:2c:23:cb:70:24: 63:f4:b8:dc:b8:28:be:20:34:d4:43:be:89:c2:7c: 73:43:b7:a6:8f:a4:57:2e:4d:ca:b4:c1:3f:86:3e: 98:4c:eb:94:a9:18:af:fd:e8:a0:c8:cf:35:62:9e: 75:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:88:08:8B:82:81:25:3C:B0:1B:5F:5F:2B:02:B1:63:C6:AF:F4:E7 X509v3 Authority Key Identifier: keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.155.222.0/24 193.29.98.0/24 195.206.235.0/24 Signature Algorithm: sha256WithRSAEncryption 29:bc:40:a5:60:bc:c1:a5:fa:23:f1:d2:3a:a8:dd:7f:61:c3: 01:14:bf:a2:ff:77:94:ba:6e:f9:1c:01:0d:ce:17:40:a3:1c: 1a:ca:2c:74:af:94:84:60:1c:bf:87:e7:b9:fd:ce:dc:79:61: cb:aa:05:d0:1d:3f:cc:cf:fb:73:98:49:35:c9:cd:41:b5:76: 96:97:a2:3f:ca:b7:05:39:5c:0e:5f:94:d4:6b:d3:e4:2b:bd: c7:06:5d:60:b9:50:10:45:8f:f6:1f:2b:44:ca:13:be:fc:64: 41:46:47:41:ba:4b:c5:f5:33:d5:83:e2:d4:7e:54:b9:d5:ee: 6d:2c:f4:80:97:87:5e:09:86:ac:e6:a4:d8:b9:b7:df:65:2b: 9e:5a:80:5b:18:21:f3:50:45:ca:91:72:c4:f7:51:7e:7c:4a: 1e:d8:8f:b0:6b:dc:52:1f:8f:0d:89:ae:dc:1b:c9:50:e8:4e: a9:05:4b:a1:50:e4:bb:69:9d:31:af:cd:8a:f2:c7:af:83:e6: cf:9a:88:fe:96:43:64:c4:80:fc:af:59:59:36:94:4e:1e:17: 04:8c:b2:04:6b:be:6d:b2:07:33:32:e5:26:ba:f6:68:3a:01: 31:64:66:93:ef:aa:12:ac:f0:a4:0e:94:c8:8b:5e:98:a5:d1: cc:2a:47:38 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIUEhZ+pxZQGATSYQMRYNsIFrMgw9YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi MmQ2ZWQ5ZDAeFw0yNTEyMTYwMjE0MzNaFw0yNjEyMTUwMjE5MzNaMDMxMTAvBgNV BAMTKDA3ODgwODhCODI4MTI1M0NCMDFCNUY1RjJCMDJCMTYzQzZBRkY0RTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUNMkPgMSB0peZLpoaavjIVAs4 qYIiYemFWu/L+A0kBxQzSA/9gabpG9SeHvNYVj9WSlhsRw7f2xEMjy6avPjQ8e5a J1vxrNhMzYhlEvExrZ4F1bOcNcoM0A5RirET0CRGpowb+UnkvJ2M5uPAkqffGXkf qu/0fiWN0OZNygb2eK3eNBTVcpBBHSPqJq++X7MltMacXcECtQOfIw4ooKJF4Yq3 zPy1CoBHxgr+1XsbRPNWNc0K5s+USAbzcNWtwWNXkUuoxoCjxei1h9MsI8twJGP0 uNy4KL4gNNRDvonCfHNDt6aPpFcuTcq0wT+GPphM65SpGK/96KDIzzVinnU9AgMB AAGjggIVMIICETAdBgNVHQ4EFgQUB4gIi4KBJTywG19fKwKxY8av9OcwHwYDVR0j BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBAC5m94D BADBHWIDBADDzuswDQYJKoZIhvcNAQELBQADggEBACm8QKVgvMGl+iPx0jqo3X9h wwEUv6L/d5S6bvkcAQ3OF0CjHBrKLHSvlIRgHL+H57n9ztx5YcuqBdAdP8zP+3OY STXJzUG1dpaXoj/KtwU5XA5flNRr0+QrvccGXWC5UBBFj/YfK0TKE778ZEFGR0G6 S8X1M9WD4tR+VLnV7m0s9ICXh14JhqzmpNi5t99lK55agFsYIfNQRcqRcsT3UX58 Sh7Yj7Br3FIfjw2JrtwbyVDoTqkFS6FQ5LtpnTGvzYryx6+D5s+aiP6WQ2TEgPyv WVk2lE4eFwSMsgRrvm2yBzMy5Sa69mg6ATFkZpPvqhKs8KQOlMiLXpil0cwqRzg= -----END CERTIFICATE-----Generated at Sun Dec 21 18:54:28 2025 by rpki-client