This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211008.roa File: AS211008.roa (raw, json) Hash identifier: 5nQZTIeXYkspqJIFODG/zBLayHTn1bWsdtLB16fFeq0= Subject key identifier: 27:1B:5A:86:9D:79:FB:37:73:36:57:4B:2E:D8:C5:B4:29:68:2E:37 Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 17A9E8FA7897E0E4059CD8E772A54C14CBB31101 Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211008.roa Signing time: Wed 07 Jan 2026 12:09:59 +0000 ROA not before: Wed 07 Jan 2026 12:04:59 +0000 ROA not after: Wed 06 Jan 2027 12:09:59 +0000 asID: 211008 IP address blocks: 2a0f:85c1:c41::/48 maxlen: 48 2a0f:85c1:e37::/48 maxlen: 48 2a0f:85c1:e3b::/48 maxlen: 48 2a0f:85c1:e3c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:a9:e8:fa:78:97:e0:e4:05:9c:d8:e7:72:a5:4c:14:cb:b3:11:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Jan 7 12:04:59 2026 GMT Not After : Jan 6 12:09:59 2027 GMT Subject: CN=271B5A869D79FB377336574B2ED8C5B429682E37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:b4:cd:06:f0:da:23:f1:42:1e:eb:53:2b:ca: 5f:82:74:ad:e3:bd:20:18:f5:40:1f:9f:5d:7c:04: b8:60:91:69:b8:43:d8:95:0a:7e:20:75:4d:ea:ce: 25:68:f4:ec:79:b4:97:40:37:98:4b:75:2e:0a:6c: ae:1c:80:62:54:5a:63:77:1f:03:06:04:38:1b:bc: ec:76:2c:60:e3:eb:f8:59:3a:e3:17:9c:be:5d:68: 27:e1:6f:00:5e:de:35:ca:ba:20:a9:f2:cf:86:f7: f1:f0:25:74:a4:3a:b8:b1:9f:36:34:84:e9:a7:81: d4:e2:c8:61:9a:ec:b0:fd:75:00:5e:07:e5:a3:6b: d3:87:e7:da:da:fe:03:84:ee:bc:df:4c:f0:6d:14: 30:a7:c8:2b:d6:53:9d:4e:21:b7:14:63:07:b0:fb: d8:53:e9:5d:dd:16:00:86:6f:ca:7b:17:cc:bf:45: ed:95:18:28:57:8c:7e:66:72:fc:67:41:de:92:42: a0:95:d0:64:79:11:b8:d1:0b:15:82:a3:54:ac:64: 57:ae:cb:0d:f1:da:9a:cb:23:2f:61:e1:eb:9f:bc: 95:ff:7b:cf:d7:cb:d1:7c:a0:cf:89:c3:6f:f1:38: df:71:01:5b:da:9a:f4:7f:a8:2d:b4:10:73:7d:cd: 20:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:1B:5A:86:9D:79:FB:37:73:36:57:4B:2E:D8:C5:B4:29:68:2E:37 X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS211008.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:c41::/48 2a0f:85c1:e37::/48 2a0f:85c1:e3b::-2a0f:85c1:e3c:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption ca:bf:8a:8f:d1:8d:3f:aa:6f:18:ff:da:0c:44:ef:a4:a9:4c: bb:3d:80:3a:72:5b:4a:87:43:05:5d:d5:24:81:ea:9a:fc:9e: 5b:34:13:3d:60:30:10:a2:c1:3b:e6:28:ec:e1:4e:1e:e9:07: 59:c5:c9:e2:dc:c3:95:3b:83:01:1a:38:f8:6f:b4:b6:19:95: 1f:a3:df:f6:90:36:be:de:5e:f8:f3:8b:93:5a:8d:85:29:5d: 37:1d:d7:ee:21:60:43:f2:4f:60:ef:ca:6e:ce:54:fe:54:99: 4d:ae:36:6d:05:ba:45:5b:f1:98:f9:bd:97:c1:82:fc:fa:7c: 8d:7a:6b:3b:68:e7:22:ac:22:6e:1e:e3:55:7c:98:2a:cd:44: 64:cf:8b:9d:41:41:b7:fd:83:0e:46:92:1a:57:1c:ad:0b:da: 6d:08:cb:c1:55:93:15:3b:6d:99:9b:92:75:15:03:4f:43:b0: 5b:da:22:0f:12:9d:0b:7f:2f:4a:7e:49:9f:dd:de:50:7a:1f: 22:22:de:99:de:88:f3:38:e7:53:31:a4:cc:25:b3:3a:55:36: 4f:5a:75:6b:9e:4e:ae:55:f7:74:fa:cf:cb:bc:af:19:7d:bb: c9:72:eb:85:b5:2f:f9:a9:ac:a2:96:f4:b9:42:dc:4b:9c:65: f0:e2:14:db -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgIUF6no+niX4OQFnNjncqVMFMuzEQEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNjAxMDcxMjA0NTlaFw0yNzAxMDYxMjA5NTlaMDMxMTAvBgNV BAMTKDI3MUI1QTg2OUQ3OUZCMzc3MzM2NTc0QjJFRDhDNUI0Mjk2ODJFMzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDItM0G8Noj8UIe61Mryl+CdK3j vSAY9UAfn118BLhgkWm4Q9iVCn4gdU3qziVo9Ox5tJdAN5hLdS4KbK4cgGJUWmN3 HwMGBDgbvOx2LGDj6/hZOuMXnL5daCfhbwBe3jXKuiCp8s+G9/HwJXSkOrixnzY0 hOmngdTiyGGa7LD9dQBeB+Wja9OH59ra/gOE7rzfTPBtFDCnyCvWU51OIbcUYwew +9hT6V3dFgCGb8p7F8y/Re2VGChXjH5mcvxnQd6SQqCV0GR5EbjRCxWCo1SsZFeu yw3x2prLIy9h4eufvJX/e8/Xy9F8oM+Jw2/xON9xAVvamvR/qC20EHN9zSCfAgMB AAGjggIqMIICJjAdBgNVHQ4EFgQUJxtahp15+zdzNldLLtjFtCloLjcwHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjExMDA4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmAwcAKg+F wQxBAwcAKg+FwQ43MBIDBwAqD4XBDjsDBwAqD4XBDjwwDQYJKoZIhvcNAQELBQAD ggEBAMq/io/RjT+qbxj/2gxE76SpTLs9gDpyW0qHQwVd1SSB6pr8nls0Ez1gMBCi wTvmKOzhTh7pB1nFyeLcw5U7gwEaOPhvtLYZlR+j3/aQNr7eXvjzi5NajYUpXTcd 1+4hYEPyT2Dvym7OVP5UmU2uNm0FukVb8Zj5vZfBgvz6fI16azto5yKsIm4e41V8 mCrNRGTPi51BQbf9gw5GkhpXHK0L2m0Iy8FVkxU7bZmbknUVA09DsFvaIg8SnQt/ L0p+SZ/d3lB6HyIi3pneiPM451MxpMwlszpVNk9adWueTq5V93T6z8u8rxl9u8ly 64W1L/mprKKW9LlC3EucZfDiFNs= -----END CERTIFICATE-----Generated at Mon Jan 19 21:00:54 2026 by rpki-client