This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: 4uAZAVzSX9tVhVATDnclU/zPinBX465jeswRtlmUGhw= Subject key identifier: 4A:48:04:9F:74:A4:A8:08:BF:E4:24:E9:58:44:9D:20:C3:1D:43:FA Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 77A354F0512C599F1F72FCA9601D1FE6990A3AEC Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa Signing time: Wed 07 Jan 2026 12:10:08 +0000 ROA not before: Wed 07 Jan 2026 12:05:08 +0000 ROA not after: Wed 06 Jan 2027 12:10:08 +0000 asID: 31898 IP address blocks: 2a0f:85c1:3f0::/48 maxlen: 48 2a0f:85c1:c18::/48 maxlen: 48 2a0f:85c1:cc0::/48 maxlen: 48 2a0f:85c1:e3c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:a3:54:f0:51:2c:59:9f:1f:72:fc:a9:60:1d:1f:e6:99:0a:3a:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Jan 7 12:05:08 2026 GMT Not After : Jan 6 12:10:08 2027 GMT Subject: CN=4A48049F74A4A808BFE424E958449D20C31D43FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:61:ee:8b:03:a3:5a:25:c4:1c:88:d4:bf:45: 2f:19:cb:f5:85:84:ce:89:eb:0b:9d:df:d0:dc:ca: 52:44:ba:3c:8e:aa:1a:ff:35:87:4c:2f:dc:75:d4: 2e:8d:5b:55:60:ef:ec:61:5f:cc:c5:d9:23:21:0a: b9:79:a3:9d:6f:c1:b2:f7:aa:72:96:3a:95:7b:a4: 73:77:c9:5d:f3:0c:64:d5:5d:87:fa:3b:cb:87:b5: 49:5e:b9:65:c5:53:0f:85:e2:cb:84:9c:6b:fc:d6: 7b:87:ae:46:01:b3:b6:63:60:cf:68:2e:a5:59:a0: e9:dc:16:51:76:46:64:d4:9b:31:cc:ce:fa:ae:c8: ef:9a:cf:8b:9e:03:e5:ff:b4:11:14:35:e3:41:f6: 31:a7:79:2b:b3:cf:4e:00:4a:10:ea:b0:f4:76:55: 6b:62:dc:38:4c:8e:14:48:08:c3:e1:16:f8:5d:b1: 89:83:ff:8f:ff:ec:fb:b3:31:6a:f3:cf:c5:04:df: 9c:84:1f:33:3f:86:b7:11:b8:9b:99:e2:db:8b:c3: 1a:14:4c:97:9f:8b:70:af:62:dd:73:3d:72:c5:76: 13:46:1b:08:a8:bd:df:52:d5:7e:d0:48:6a:01:96: 72:ce:69:28:61:2c:b6:71:56:5d:73:4b:68:e9:58: 19:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:48:04:9F:74:A4:A8:08:BF:E4:24:E9:58:44:9D:20:C3:1D:43:FA X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:3f0::/48 2a0f:85c1:c18::/48 2a0f:85c1:cc0::/48 2a0f:85c1:e3c::/48 Signature Algorithm: sha256WithRSAEncryption 5d:79:d5:63:3d:09:87:b2:ae:a6:68:eb:2e:04:f1:68:03:55: 11:af:dd:ee:79:e9:14:76:35:b8:26:68:3f:70:f3:dd:71:83: a1:f2:52:da:7a:a6:72:c3:86:b2:49:8a:e6:7b:c1:49:69:d4: 9d:03:2d:81:ff:4a:49:1f:3e:86:81:2e:05:64:fb:b5:1a:62: be:2a:09:2f:93:cf:17:37:be:ef:3b:8a:f0:75:a0:7d:f6:37: 7f:92:9f:c4:b5:d0:48:dc:a4:1d:91:fa:e1:eb:83:61:c8:a1: 95:43:74:47:5f:c6:21:b4:83:fc:da:af:59:42:d6:d9:82:52: 29:cb:d1:43:f6:e5:d1:7f:77:b3:09:ec:fe:be:a8:11:e5:b7: c1:23:22:e2:0a:d9:f5:56:ac:b5:d0:c6:12:37:f5:92:67:48: 34:1f:22:b8:b0:8b:c5:3d:0e:66:77:4f:c1:d9:fc:93:e7:33: 95:8f:33:00:c2:53:36:e4:2d:34:64:7a:fb:04:ba:4f:4d:b8: 1a:18:5b:92:31:17:5c:9e:07:f9:7e:66:45:2b:6e:2b:61:a9: f9:3e:a7:68:2a:fe:bb:b0:cd:da:94:fb:d3:58:76:f4:ee:19: 5a:d8:43:9e:03:bd:ba:0e:c3:51:f0:fa:06:72:f2:02:a9:90: 48:7c:58:48 -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgIUd6NU8FEsWZ8fcvypYB0f5pkKOuwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNjAxMDcxMjA1MDhaFw0yNzAxMDYxMjEwMDhaMDMxMTAvBgNV BAMTKDRBNDgwNDlGNzRBNEE4MDhCRkU0MjRFOTU4NDQ5RDIwQzMxRDQzRkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXYe6LA6NaJcQciNS/RS8Zy/WF hM6J6wud39DcylJEujyOqhr/NYdML9x11C6NW1Vg7+xhX8zF2SMhCrl5o51vwbL3 qnKWOpV7pHN3yV3zDGTVXYf6O8uHtUleuWXFUw+F4suEnGv81nuHrkYBs7ZjYM9o LqVZoOncFlF2RmTUmzHMzvquyO+az4ueA+X/tBEUNeNB9jGneSuzz04AShDqsPR2 VWti3DhMjhRICMPhFvhdsYmD/4//7PuzMWrzz8UE35yEHzM/hrcRuJuZ4tuLwxoU TJefi3CvYt1zPXLFdhNGGwiovd9S1X7QSGoBlnLOaShhLLZxVl1zS2jpWBlpAgMB AAGjggInMIICIzAdBgNVHQ4EFgQUSkgEn3SkqAi/5CTpWESdIMMdQ/owHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwPQYIKwYBBQUHAQcBAf8ELjAsMCoEAgACMCQDBwAqD4XB A/ADBwAqD4XBDBgDBwAqD4XBDMADBwAqD4XBDjwwDQYJKoZIhvcNAQELBQADggEB AF151WM9CYeyrqZo6y4E8WgDVRGv3e556RR2NbgmaD9w891xg6HyUtp6pnLDhrJJ iuZ7wUlp1J0DLYH/SkkfPoaBLgVk+7UaYr4qCS+Tzxc3vu87ivB1oH32N3+Sn8S1 0EjcpB2R+uHrg2HIoZVDdEdfxiG0g/zar1lC1tmCUinL0UP25dF/d7MJ7P6+qBHl t8EjIuIK2fVWrLXQxhI39ZJnSDQfIriwi8U9DmZ3T8HZ/JPnM5WPMwDCUzbkLTRk evsEuk9NuBoYW5IxF1yeB/l+ZkUrbithqfk+p2gq/ruwzdqU+9NYdvTuGVrYQ54D vboOw1Hw+gZy8gKpkEh8WEg= -----END CERTIFICATE-----Generated at Mon Jan 19 21:02:38 2026 by rpki-client