This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: Ys9j5PvTarET0OAUQ6nN39tX40TQDR1tOwyCGuvH8q4= Subject key identifier: CF:70:AB:8E:B1:01:AF:75:B7:6A:A0:29:71:B3:2A:40:93:61:7D:C2 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 6D51A34E8E87C8B4B28D6416A0DD7C66331D7F55 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa Signing time: Sat 13 Dec 2025 20:08:17 +0000 ROA not before: Sat 13 Dec 2025 20:03:17 +0000 ROA not after: Sat 12 Dec 2026 20:08:17 +0000 asID: 0 IP address blocks: 193.150.40.0/24 maxlen: 24 2a14:7580:50::/44 maxlen: 44 2a14:7580:5000::/36 maxlen: 48 2a14:7580:9000::/36 maxlen: 48 2a14:7580:c000::/36 maxlen: 48 2a14:7580:e100::/40 maxlen: 48 2a14:7580:f400::/40 maxlen: 48 2a14:7580:f500::/40 maxlen: 48 2a14:7580:f600::/40 maxlen: 48 2a14:7580:f700::/40 maxlen: 48 2a14:7580:f800::/40 maxlen: 48 2a14:7580:f900::/40 maxlen: 48 2a14:7580:fa00::/40 maxlen: 48 2a14:7580:ff00::/44 maxlen: 48 2a14:7580:ff30::/44 maxlen: 48 2a14:7580:ffef::/48 maxlen: 48 2a14:7581:fc0::/44 maxlen: 48 2a14:7581:fd0::/44 maxlen: 48 2a14:7581:fe6::/48 maxlen: 48 2a14:7581:ff0::/48 maxlen: 48 2a14:7581:ff2::/48 maxlen: 48 2a14:7581:ff7::/48 maxlen: 48 2a14:7581:ffc::/48 maxlen: 48 2a14:7581:9f00::/44 maxlen: 48 2a14:7581:9f10::/44 maxlen: 48 2a14:7581:e000::/36 maxlen: 48 2a14:7582::/32 maxlen: 48 2a14:7583:4000::/36 maxlen: 48 2a14:7583:5000::/36 maxlen: 48 2a14:7584:1000::/36 maxlen: 48 2a14:7584:6000::/36 maxlen: 48 2a14:7584:a000::/36 maxlen: 48 2a14:7584:b000::/36 maxlen: 48 2a14:7584:c000::/36 maxlen: 48 2a14:7585::/32 maxlen: 48 2a14:7586::/32 maxlen: 48 2a14:7587::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 17:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:51:a3:4e:8e:87:c8:b4:b2:8d:64:16:a0:dd:7c:66:33:1d:7f:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 13 20:03:17 2025 GMT Not After : Dec 12 20:08:17 2026 GMT Subject: CN=CF70AB8EB101AF75B76AA02971B32A4093617DC2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:02:f7:31:3b:9f:e9:10:28:2f:ed:f3:7a:cb: c8:9f:be:fa:e5:ed:a5:44:09:70:de:7f:47:06:b2: 0c:bc:26:e5:04:30:2e:b7:16:b6:a1:46:61:e1:56: 56:6c:36:84:2b:a3:02:1f:1b:67:df:cd:1e:29:f7: 2f:aa:27:33:d1:73:0a:0b:e8:38:c7:ec:52:e8:71: ea:85:72:53:7c:95:0e:d0:cc:28:46:b6:83:c9:ce: 8d:34:28:8e:55:98:15:3b:31:bc:8d:4b:80:15:f7: 1c:bd:77:d8:7a:b4:ff:36:8b:3b:d6:19:4b:91:03: 2b:9b:58:ca:7b:85:75:fc:b7:b1:5f:37:58:0b:98: ed:14:92:47:ee:d0:76:fd:fe:19:18:2e:9b:e4:bc: 45:35:21:99:5a:c7:ae:74:5f:44:42:8e:04:97:fa: 2f:6e:0a:60:f4:2b:65:e5:6c:84:95:9c:60:10:61: 6e:7b:ca:f5:50:fc:7c:60:61:dd:e6:34:d1:02:55: 7c:f2:66:c5:33:02:69:d7:b1:ad:2f:d3:be:5a:31: e9:e3:5c:f5:ad:4b:f6:b6:16:d5:f9:ca:bb:3c:e4: a7:70:ef:31:fe:96:cd:b7:a1:82:c0:bb:51:9d:db: 27:75:93:fa:ec:6d:c0:5a:88:0e:c9:08:f8:b4:ef: 26:21 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:70:AB:8E:B1:01:AF:75:B7:6A:A0:29:71:B3:2A:40:93:61:7D:C2 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.150.40.0/24 IPv6: 2a14:7580:50::/44 2a14:7580:5000::/36 2a14:7580:9000::/36 2a14:7580:c000::/36 2a14:7580:e100::/40 2a14:7580:f400::-2a14:7580:faff:ffff:ffff:ffff:ffff:ffff 2a14:7580:ff00::/44 2a14:7580:ff30::/44 2a14:7580:ffef::/48 2a14:7581:fc0::/43 2a14:7581:fe6::/48 2a14:7581:ff0::/48 2a14:7581:ff2::/48 2a14:7581:ff7::/48 2a14:7581:ffc::/48 2a14:7581:9f00::/43 2a14:7581:e000::/36 2a14:7582::/32 2a14:7583:4000::/35 2a14:7584:1000::/36 2a14:7584:6000::/36 2a14:7584:a000::-2a14:7584:cfff:ffff:ffff:ffff:ffff:ffff 2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 87:93:db:60:dc:c6:c0:42:04:18:9e:cc:9c:33:6e:5c:be:62: 34:cb:3b:99:6e:7c:18:3a:69:3f:21:ca:a0:3f:2c:b5:ea:7c: 51:77:00:e2:e5:8c:01:99:b6:10:db:07:60:d1:3c:24:dd:8c: 24:a5:f0:4b:b6:73:6b:0f:65:25:44:5b:c2:38:71:b9:10:af: ed:39:0a:ea:68:9a:8b:72:f8:18:39:69:21:ea:36:b4:60:e1: ce:49:10:33:18:e9:a3:52:7a:ea:dc:32:14:0b:95:85:57:4a: 04:fb:e5:6d:6e:35:48:92:11:ed:b5:8e:20:27:f3:e7:fd:ad: a6:52:38:37:b5:db:68:bf:61:ef:46:b0:c9:e0:f4:53:fc:99: fd:70:85:14:b2:1e:1a:af:dc:b3:31:4e:e6:70:9a:d3:64:11: 37:e9:9e:83:a9:67:f8:92:5c:1c:e3:22:4d:e4:c2:1d:a4:88: 17:4f:0d:ad:aa:7c:0c:b6:7a:25:09:e6:d1:dd:9f:68:c3:d9: 1f:76:48:17:df:36:40:d7:8f:9a:55:92:3f:24:1f:3d:07:47: ad:12:8a:bd:64:44:b5:5f:27:0e:5a:f6:6f:bf:c7:a5:6c:e8: 39:40:14:24:de:66:e8:dc:40:75:ab:c4:57:c6:01:36:95:b3: 3b:7e:62:44 -----BEGIN CERTIFICATE----- MIIF5zCCBM+gAwIBAgIUbVGjTo6HyLSyjWQWoN18ZjMdf1UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMTMyMDAzMTdaFw0yNjEyMTIyMDA4MTdaMDMxMTAvBgNV BAMTKENGNzBBQjhFQjEwMUFGNzVCNzZBQTAyOTcxQjMyQTQwOTM2MTdEQzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeAvcxO5/pECgv7fN6y8ifvvrl 7aVECXDef0cGsgy8JuUEMC63FrahRmHhVlZsNoQrowIfG2ffzR4p9y+qJzPRcwoL 6DjH7FLoceqFclN8lQ7QzChGtoPJzo00KI5VmBU7MbyNS4AV9xy9d9h6tP82izvW GUuRAyubWMp7hXX8t7FfN1gLmO0Ukkfu0Hb9/hkYLpvkvEU1IZlax650X0RCjgSX +i9uCmD0K2XlbISVnGAQYW57yvVQ/HxgYd3mNNECVXzyZsUzAmnXsa0v075aMenj XPWtS/a2FtX5yrs85Kdw7zH+ls23oYLAu1Gd2yd1k/rsbcBaiA7JCPi07yYhAgMB AAGjggLxMIIC7TAdBgNVHQ4EFgQUz3CrjrEBr3W3aqApcbMqQJNhfcIwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjCCAQkGCCsGAQUFBwEHAQH/BIH5MIH2MAwEAgABMAYDBADBligw geUEAgACMIHeAwcEKhR1gABQAwYEKhR1gFADBgQqFHWAkAMGBCoUdYDAAwYAKhR1 gOEwEAMGAioUdYD0AwYAKhR1gPoDBwQqFHWA/wADBwQqFHWA/zADBwAqFHWA/+8D BwUqFHWBD8ADBwAqFHWBD+YDBwAqFHWBD/ADBwAqFHWBD/IDBwAqFHWBD/cDBwAq FHWBD/wDBwUqFHWBnwADBgQqFHWB4AMFACoUdYIDBgUqFHWDQAMGBCoUdYQQAwYE KhR1hGAwEAMGBSoUdYSgAwYEKhR1hMAwDgMFACoUdYUDBQMqFHWAMA0GCSqGSIb3 DQEBCwUAA4IBAQCHk9tg3MbAQgQYnsycM25cvmI0yzuZbnwYOmk/IcqgPyy16nxR dwDi5YwBmbYQ2wdg0Twk3YwkpfBLtnNrD2UlRFvCOHG5EK/tOQrqaJqLcvgYOWkh 6ja0YOHOSRAzGOmjUnrq3DIUC5WFV0oE++VtbjVIkhHttY4gJ/Pn/a2mUjg3tdto v2HvRrDJ4PRT/Jn9cIUUsh4ar9yzMU7mcJrTZBE36Z6DqWf4klwc4yJN5MIdpIgX Tw2tqnwMtnolCebR3Z9ow9kfdkgX3zZA14+aVZI/JB89B0etEoq9ZES1XycOWvZv v8elbOg5QBQk3mbo3EB1q8RXxgE2lbM7fmJE -----END CERTIFICATE-----Generated at Sun Dec 14 00:03:18 2025 by rpki-client