This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: b6P9ggTq3El9T2RHHtH3Wa0Oi/tn+l5mH4kUvG3dP3Q= Subject key identifier: 89:98:DF:F4:6D:3D:25:74:18:0F:DB:58:33:7A:C8:E0:C1:1B:08:2C Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 6D2E7972E62D86B4718F07EE6F39EF710E7D6EC4 Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS20473.roa Signing time: Fri 28 Nov 2025 03:22:11 +0000 ROA not before: Fri 28 Nov 2025 03:17:11 +0000 ROA not after: Fri 27 Nov 2026 03:22:11 +0000 asID: 20473 IP address blocks: 2a0f:85c1:393::/48 maxlen: 48 2a0f:85c1:c18::/48 maxlen: 48 2a0f:85c1:c46::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 20:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:2e:79:72:e6:2d:86:b4:71:8f:07:ee:6f:39:ef:71:0e:7d:6e:c4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Nov 28 03:17:11 2025 GMT Not After : Nov 27 03:22:11 2026 GMT Subject: CN=8998DFF46D3D2574180FDB58337AC8E0C11B082C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:62:74:17:3b:00:5a:1a:49:c0:eb:4d:3b:43: b9:9f:1b:73:ad:69:c6:7c:7c:48:8b:60:97:ef:c8: 0a:a6:86:d3:ea:6b:09:fe:12:ed:d3:5b:3a:ff:d5: 1b:ec:25:3b:51:72:23:37:f3:10:66:af:31:0d:e1: 29:6e:22:7f:61:c0:ee:85:e3:cc:7d:a4:19:17:85: cf:de:e8:f0:4f:8f:d1:93:da:89:3e:c1:ba:aa:73: 17:f6:35:21:34:64:22:f5:33:c5:68:8c:da:ea:9a: fc:ca:73:d2:eb:99:2f:03:05:c6:c5:32:05:a2:c5: 28:d7:61:4b:24:1d:9b:2b:cf:29:ec:6a:9d:a2:de: 7e:72:23:e2:94:03:66:c4:0d:f5:b9:f5:a2:a4:b2: cf:dd:2d:27:3d:25:c4:3e:c0:3c:1e:b5:6b:8c:b8: 88:4b:c2:37:20:66:01:5f:9a:24:04:e5:a4:40:32: af:ed:b0:42:d3:ba:5e:3f:49:23:bc:b9:bb:9a:78: d4:22:23:c9:04:3a:d6:4b:d1:a4:a1:c4:92:02:99: fb:41:12:80:47:05:23:ad:34:c4:6b:d6:f1:0e:af: c7:97:38:d7:eb:6d:b5:a6:52:e4:b3:04:21:2b:81: 96:85:dc:30:8b:6d:69:cb:c7:fc:d7:50:44:0a:ec: 58:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:98:DF:F4:6D:3D:25:74:18:0F:DB:58:33:7A:C8:E0:C1:1B:08:2C X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:393::/48 2a0f:85c1:c18::/48 2a0f:85c1:c46::/48 Signature Algorithm: sha256WithRSAEncryption da:79:bc:34:a1:26:ef:3f:43:b9:ff:2e:9d:65:76:55:27:f9: c8:da:93:f9:a9:f0:e9:b5:d3:fb:15:00:ac:9b:4c:f4:04:bd: 7b:4d:59:5c:21:d8:45:b6:d9:85:61:e2:1e:d3:e6:f4:40:90: 74:19:44:10:39:15:93:8e:bd:d5:4a:66:35:b9:6e:d2:e3:6c: 88:ec:57:5c:11:6e:d7:18:0b:87:b0:64:53:74:97:74:10:78: 09:02:77:95:1c:80:a1:0a:15:31:80:b0:09:50:0e:8e:f8:c0: 8c:e5:d4:80:49:5c:10:6c:0e:14:0b:15:64:72:9d:f9:80:ac: 5b:9e:fe:b1:03:63:3e:aa:8f:7c:52:be:6d:a5:bd:9b:db:9f: f7:62:e0:eb:9d:9c:70:90:11:af:ac:25:9a:27:7e:b4:9b:7c: 99:a3:73:89:83:dd:64:8b:27:3e:5e:c1:b3:49:45:9f:42:94: 1e:7a:03:62:5c:24:12:ed:f9:78:90:06:8d:4e:8b:3c:50:ca: 99:ff:e8:bf:e1:a2:1e:82:dc:ff:4d:54:35:c0:3d:dc:c2:ef: 99:85:94:4d:30:3e:80:1e:b4:d0:fd:b1:0e:c0:fa:70:ab:d7: 97:cb:9f:f6:d7:86:89:ba:33:47:ea:53:f1:be:0b:26:0d:78: 79:8d:7a:ef -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgIUbS55cuYthrRxjwfubznvcQ59bsQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNTExMjgwMzE3MTFaFw0yNjExMjcwMzIyMTFaMDMxMTAvBgNV BAMTKDg5OThERkY0NkQzRDI1NzQxODBGREI1ODMzN0FDOEUwQzExQjA4MkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYYnQXOwBaGknA6007Q7mfG3Ot acZ8fEiLYJfvyAqmhtPqawn+Eu3TWzr/1RvsJTtRciM38xBmrzEN4SluIn9hwO6F 48x9pBkXhc/e6PBPj9GT2ok+wbqqcxf2NSE0ZCL1M8VojNrqmvzKc9LrmS8DBcbF MgWixSjXYUskHZsrzynsap2i3n5yI+KUA2bEDfW59aKkss/dLSc9JcQ+wDwetWuM uIhLwjcgZgFfmiQE5aRAMq/tsELTul4/SSO8ubuaeNQiI8kEOtZL0aShxJICmftB EoBHBSOtNMRr1vEOr8eXONfrbbWmUuSzBCErgZaF3DCLbWnLx/zXUEQK7Fj3AgMB AAGjggIeMIICGjAdBgNVHQ4EFgQUiZjf9G09JXQYD9tYM3rI4MEbCCwwHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNAYIKwYBBQUHAQcBAf8EJTAjMCEEAgACMBsDBwAqD4XB A5MDBwAqD4XBDBgDBwAqD4XBDEYwDQYJKoZIhvcNAQELBQADggEBANp5vDShJu8/ Q7n/Lp1ldlUn+cjak/mp8Om10/sVAKybTPQEvXtNWVwh2EW22YVh4h7T5vRAkHQZ RBA5FZOOvdVKZjW5btLjbIjsV1wRbtcYC4ewZFN0l3QQeAkCd5UcgKEKFTGAsAlQ Do74wIzl1IBJXBBsDhQLFWRynfmArFue/rEDYz6qj3xSvm2lvZvbn/di4OudnHCQ Ea+sJZonfrSbfJmjc4mD3WSLJz5ewbNJRZ9ClB56A2JcJBLt+XiQBo1OizxQypn/ 6L/hoh6C3P9NVDXAPdzC75mFlE0wPoAetND9sQ7A+nCr15fLn/bXhom6M0fqU/G+ CyYNeHmNeu8= -----END CERTIFICATE-----Generated at Fri Nov 28 05:02:07 2025 by rpki-client