This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: L3zRevf60TknOho++IEiZ+jh6KttDG76IOIDLJhT7Gk= Subject key identifier: 98:E3:6C:90:9F:E4:1E:54:6D:34:8C:BE:9A:11:CC:8F:FF:1A:CF:E2 Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 69AB25DF610FCFEAB4B47DC36A9AE22752AE64D3 Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa Signing time: Fri 07 Nov 2025 18:03:05 +0000 ROA not before: Fri 07 Nov 2025 17:58:05 +0000 ROA not after: Fri 06 Nov 2026 18:03:05 +0000 asID: 0 IP address blocks: 2a0f:85c1:295::/48 maxlen: 48 2a0f:85c1:340::/48 maxlen: 48 2a0f:85c1:343::/48 maxlen: 48 2a0f:85c1:354::/48 maxlen: 48 2a0f:85c1:35a::/48 maxlen: 48 2a0f:85c1:362::/48 maxlen: 48 2a0f:85c1:396::/48 maxlen: 48 2a0f:85c1:399::/48 maxlen: 48 2a0f:85c1:39a::/48 maxlen: 48 2a0f:85c1:3a0::/48 maxlen: 48 2a0f:85c1:3a1::/48 maxlen: 48 2a0f:85c1:3a7::/48 maxlen: 48 2a0f:85c1:3af::/48 maxlen: 48 2a0f:85c1:3b2::/48 maxlen: 48 2a0f:85c1:3b3::/48 maxlen: 48 2a0f:85c1:3bb::/48 maxlen: 48 2a0f:85c1:3c8::/48 maxlen: 48 2a0f:85c1:3d0::/48 maxlen: 48 2a0f:85c1:3f3::/48 maxlen: 48 2a0f:85c1:834::/48 maxlen: 48 2a0f:85c1:885::/48 maxlen: 48 2a0f:85c1:bfa::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 23 Nov 2025 12:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:ab:25:df:61:0f:cf:ea:b4:b4:7d:c3:6a:9a:e2:27:52:ae:64:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Nov 7 17:58:05 2025 GMT Not After : Nov 6 18:03:05 2026 GMT Subject: CN=98E36C909FE41E546D348CBE9A11CC8FFF1ACFE2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:6d:b2:1d:dd:32:b6:f1:87:89:d4:a9:5c:63: ad:55:cc:31:26:88:c1:a1:8b:ef:78:7e:d4:f6:7e: 94:3a:f6:f6:7e:c4:b0:c0:a8:4e:dd:65:4d:13:97: e7:84:8c:20:e1:9b:e5:8a:7b:29:08:61:fe:7a:eb: a6:25:9d:d3:02:40:6b:c9:89:cd:8e:02:54:06:a7: b2:83:8f:7a:2d:5f:35:40:bf:3c:01:b9:95:0b:67: f2:f7:09:d2:09:cf:c0:7e:d0:b0:6f:d8:6a:57:db: 89:8f:1a:65:51:c1:b2:49:87:44:89:dd:a7:f0:15: d8:d9:df:e6:65:d3:46:1c:74:da:4f:51:58:25:c7: 1d:82:87:db:23:22:f4:30:b1:26:e2:3a:6e:41:ca: ae:60:a3:6d:4a:ca:7a:0e:7b:b3:68:13:c9:26:64: 8a:d6:47:91:5b:81:08:f8:3c:10:41:ff:f7:0c:cf: 23:ef:85:b6:c1:10:5f:3c:33:bd:9a:1f:fc:2f:bc: 0f:c0:31:96:00:da:2a:15:83:1f:81:79:54:f2:09: 2f:20:8f:04:43:ee:fe:6a:67:68:b7:32:d9:c3:54: a2:0e:e3:56:92:fd:20:61:ae:3d:e3:8b:c2:d3:8b: 04:d6:0e:b5:a5:da:7e:ac:98:4a:17:45:c7:fe:36: 1e:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:E3:6C:90:9F:E4:1E:54:6D:34:8C:BE:9A:11:CC:8F:FF:1A:CF:E2 X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:295::/48 2a0f:85c1:340::/48 2a0f:85c1:343::/48 2a0f:85c1:354::/48 2a0f:85c1:35a::/48 2a0f:85c1:362::/48 2a0f:85c1:396::/48 2a0f:85c1:399::-2a0f:85c1:39a:ffff:ffff:ffff:ffff:ffff 2a0f:85c1:3a0::/47 2a0f:85c1:3a7::/48 2a0f:85c1:3af::/48 2a0f:85c1:3b2::/47 2a0f:85c1:3bb::/48 2a0f:85c1:3c8::/48 2a0f:85c1:3d0::/48 2a0f:85c1:3f3::/48 2a0f:85c1:834::/48 2a0f:85c1:885::/48 2a0f:85c1:bfa::/48 Signature Algorithm: sha256WithRSAEncryption 20:e9:5e:09:e1:6c:81:77:a4:bc:01:85:5b:2b:54:af:85:ac: 97:3d:b6:0a:97:84:40:fa:b9:61:98:8a:56:a7:2d:c6:24:32: bc:08:9c:fb:c7:c7:de:1e:fb:93:cf:f0:97:2e:f8:b3:dd:9d: 35:74:94:09:b5:39:2d:94:38:80:4b:ca:b5:3a:50:a4:ab:54: 79:7c:e9:c2:1d:28:7d:68:9d:c2:36:af:0c:c1:d9:21:f9:51: 4e:21:6a:c7:b3:66:ad:04:63:fc:9c:ba:9a:1e:e1:07:8c:9e: 07:53:1f:9c:2f:8b:af:85:d6:e2:02:64:e6:7b:e7:57:57:1b: 7b:80:82:a1:01:c5:f4:e1:3c:04:00:fe:66:d9:9f:90:d0:c7: 6d:21:b3:57:65:45:e4:c0:75:d0:7f:cf:a8:11:56:94:02:68: d6:20:57:4c:5d:06:43:6e:73:8d:51:7e:bc:ff:c5:5c:c5:35: a6:3a:0b:10:2f:e0:58:ce:11:e3:66:8f:dc:ae:74:21:92:12: 47:9e:6d:e7:d2:0c:84:17:e2:8c:5d:eb:6a:fc:c2:02:b5:14: d7:c9:cb:0f:0c:ac:5e:95:b6:b9:ec:53:f7:71:a9:5b:85:2c: 1a:4e:30:b0:33:1d:30:aa:05:5b:64:7b:a7:0f:ad:99:96:3e: af:a1:19:d5 -----BEGIN CERTIFICATE----- MIIFsDCCBJigAwIBAgIUaasl32EPz+q0tH3DapriJ1KuZNMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNTExMDcxNzU4MDVaFw0yNjExMDYxODAzMDVaMDMxMTAvBgNV BAMTKDk4RTM2QzkwOUZFNDFFNTQ2RDM0OENCRTlBMTFDQzhGRkYxQUNGRTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCibbId3TK28YeJ1KlcY61VzDEm iMGhi+94ftT2fpQ69vZ+xLDAqE7dZU0Tl+eEjCDhm+WKeykIYf5666YlndMCQGvJ ic2OAlQGp7KDj3otXzVAvzwBuZULZ/L3CdIJz8B+0LBv2GpX24mPGmVRwbJJh0SJ 3afwFdjZ3+Zl00YcdNpPUVglxx2Ch9sjIvQwsSbiOm5Byq5go21KynoOe7NoE8km ZIrWR5FbgQj4PBBB//cMzyPvhbbBEF88M72aH/wvvA/AMZYA2ioVgx+BeVTyCS8g jwRD7v5qZ2i3MtnDVKIO41aS/SBhrj3ji8LTiwTWDrWl2n6smEoXRcf+Nh5LAgMB AAGjggK6MIICtjAdBgNVHQ4EFgQUmONskJ/kHlRtNIy+mhHMj/8az+IwHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjCB0wYIKwYBBQUHAQcBAf8EgcMwgcAwgb0EAgACMIG2AwcAKg+F wQKVAwcAKg+FwQNAAwcAKg+FwQNDAwcAKg+FwQNUAwcAKg+FwQNaAwcAKg+FwQNi AwcAKg+FwQOWMBIDBwAqD4XBA5kDBwAqD4XBA5oDBwEqD4XBA6ADBwAqD4XBA6cD BwAqD4XBA68DBwEqD4XBA7IDBwAqD4XBA7sDBwAqD4XBA8gDBwAqD4XBA9ADBwAq D4XBA/MDBwAqD4XBCDQDBwAqD4XBCIUDBwAqD4XBC/owDQYJKoZIhvcNAQELBQAD ggEBACDpXgnhbIF3pLwBhVsrVK+FrJc9tgqXhED6uWGYilanLcYkMrwInPvHx94e +5PP8Jcu+LPdnTV0lAm1OS2UOIBLyrU6UKSrVHl86cIdKH1oncI2rwzB2SH5UU4h asezZq0EY/ycupoe4QeMngdTH5wvi6+F1uICZOZ751dXG3uAgqEBxfThPAQA/mbZ n5DQx20hs1dlReTAddB/z6gRVpQCaNYgV0xdBkNuc41Rfrz/xVzFNaY6CxAv4FjO EeNmj9yudCGSEkeebefSDIQX4oxd62r8wgK1FNfJyw8MrF6VtrnsU/dxqVuFLBpO MLAzHTCqBVtke6cPrZmWPq+hGdU= -----END CERTIFICATE-----Generated at Sat Nov 22 21:49:14 2025 by rpki-client