This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa File: AS213655.roa (raw, json) Hash identifier: WSEzR1GGZl6UUXSbVKDd+Qod5OLlcYeiyrx4adAYjUE= Subject key identifier: 74:54:C0:7B:48:57:0F:54:D2:86:95:70:76:E3:CB:1A:48:58:47:3D Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 18209A06B40FC72423E4CC3D1A422857C3E9D45A Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa Signing time: Tue 13 Jan 2026 04:08:16 +0000 ROA not before: Tue 13 Jan 2026 04:03:16 +0000 ROA not after: Tue 12 Jan 2027 04:08:16 +0000 asID: 213655 IP address blocks: 2a0f:85c1:b80::/44 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 18:20:9a:06:b4:0f:c7:24:23:e4:cc:3d:1a:42:28:57:c3:e9:d4:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Jan 13 04:03:16 2026 GMT Not After : Jan 12 04:08:16 2027 GMT Subject: CN=7454C07B48570F54D286957076E3CB1A4858473D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:94:19:ef:a3:49:96:c8:5e:62:36:8c:c9:bf: 05:3c:70:ae:bc:ea:66:34:90:64:60:25:38:af:1f: fe:ed:e0:f8:df:a1:b5:43:42:1c:33:19:86:44:c9: 99:b4:dc:fd:c5:a6:d8:e9:18:83:37:4c:d3:13:f1: 48:33:82:3d:65:ef:4a:05:a8:74:4a:f4:97:9e:1b: 66:d9:e9:b6:46:c1:4a:ff:5b:81:70:ba:9e:47:5e: 5c:ad:a9:cb:93:0d:b9:df:fc:4b:58:a8:b5:b9:b8: d4:04:15:88:81:4b:97:42:cf:07:17:0d:d3:26:08: e5:4e:a7:bf:e5:14:24:f6:ca:3d:bc:ad:56:4c:d1: 1c:b2:7e:35:80:75:5b:bf:02:a1:fa:2f:35:65:1f: a6:17:83:db:76:95:22:82:d0:9e:d0:e3:48:21:bc: ca:90:c0:0c:c2:9c:07:d3:db:6c:97:18:e7:db:b7: 8e:cc:4f:45:0f:6d:0a:52:ae:43:20:d0:c7:aa:3c: d8:ea:16:27:a9:48:e6:c1:53:8c:6e:59:a2:94:ba: 18:d7:2d:40:f0:83:16:9d:f8:f6:d3:24:9d:2b:e4: 3d:60:2c:ea:8e:1e:96:f0:ef:d8:f7:80:f4:44:a5: 13:71:0c:64:36:51:7b:f2:2b:9f:81:a6:9e:50:97: a7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:54:C0:7B:48:57:0F:54:D2:86:95:70:76:E3:CB:1A:48:58:47:3D X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213655.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:b80::/44 Signature Algorithm: sha256WithRSAEncryption a8:f2:a4:f8:ee:74:41:0d:c5:5b:80:48:4b:d7:a2:d3:7a:f6: 1b:c6:0a:ef:3a:3f:c1:20:3f:22:1c:e7:b8:df:ee:67:f4:1e: f7:7f:15:ff:73:f8:b4:51:bb:d5:9d:94:3d:5f:72:12:b1:c3: e6:8a:9a:92:1f:42:06:3e:a3:06:19:65:ef:ea:20:35:ff:d6: 2e:32:2c:79:64:ba:10:39:77:01:dd:bc:40:72:a8:a1:7d:fc: 28:51:85:53:76:50:41:38:2a:ee:e9:1e:00:ba:2e:ae:18:a4: b7:72:e1:d9:a5:38:ce:d9:8d:11:7c:5f:4e:bc:3e:3a:2d:2d: e5:21:94:ee:d8:53:91:a6:e7:b6:67:cb:ba:e7:da:4e:0e:40: 5e:21:2e:64:9c:17:0f:0f:39:c4:cb:d6:af:3f:91:14:65:29: c4:2a:c0:02:6c:c8:86:d0:35:53:0a:ed:e8:5a:1d:ff:98:1b: 18:82:70:b0:27:e0:40:3c:0a:35:ec:4d:4e:5a:e5:15:4a:e9: 25:c3:2e:4f:7e:d8:82:6c:85:f1:aa:77:40:20:02:a0:af:fa: 80:6f:ea:47:0f:88:33:23:5d:58:3b:01:4b:61:f0:68:4c:a2: 4a:81:14:bd:d2:64:99:ee:d1:f0:64:4d:c9:2a:57:12:ad:b6: 60:ff:da:33 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUGCCaBrQPxyQj5Mw9GkIoV8Pp1FowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNjAxMTMwNDAzMTZaFw0yNzAxMTIwNDA4MTZaMDMxMTAvBgNV BAMTKDc0NTRDMDdCNDg1NzBGNTREMjg2OTU3MDc2RTNDQjFBNDg1ODQ3M0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBlBnvo0mWyF5iNozJvwU8cK68 6mY0kGRgJTivH/7t4PjfobVDQhwzGYZEyZm03P3FptjpGIM3TNMT8Ugzgj1l70oF qHRK9JeeG2bZ6bZGwUr/W4Fwup5HXlytqcuTDbnf/EtYqLW5uNQEFYiBS5dCzwcX DdMmCOVOp7/lFCT2yj28rVZM0RyyfjWAdVu/AqH6LzVlH6YXg9t2lSKC0J7Q40gh vMqQwAzCnAfT22yXGOfbt47MT0UPbQpSrkMg0MeqPNjqFiepSObBU4xuWaKUuhjX LUDwgxad+PbTJJ0r5D1gLOqOHpbw79j3gPREpRNxDGQ2UXvyK5+Bpp5Ql6cNAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUdFTAe0hXD1TShpVwduPLGkhYRz0wHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNjU1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg+F wQuAMA0GCSqGSIb3DQEBCwUAA4IBAQCo8qT47nRBDcVbgEhL16LTevYbxgrvOj/B ID8iHOe43+5n9B73fxX/c/i0UbvVnZQ9X3ISscPmipqSH0IGPqMGGWXv6iA1/9Yu Mix5ZLoQOXcB3bxAcqihffwoUYVTdlBBOCru6R4Aui6uGKS3cuHZpTjO2Y0RfF9O vD46LS3lIZTu2FORpue2Z8u659pODkBeIS5knBcPDznEy9avP5EUZSnEKsACbMiG 0DVTCu3oWh3/mBsYgnCwJ+BAPAo17E1OWuUVSuklwy5PftiCbIXxqndAIAKgr/qA b+pHD4gzI11YOwFLYfBoTKJKgRS90mSZ7tHwZE3JKlcSrbZg/9oz -----END CERTIFICATE-----Generated at Mon Jan 19 20:58:28 2026 by rpki-client