This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: 7a9SVLKjwcI3wM7gjz+5XuidcCSbqrGY1KNtU2NdeKw= Subject key identifier: 9A:AF:14:58:8F:25:F8:8E:56:A4:18:A6:61:1E:23:8F:D9:F5:5B:9C Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 0CD61C0DF22BB35EF62BAE792D43CF3F45172D2E Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa Signing time: Wed 10 Dec 2025 15:28:39 +0000 ROA not before: Wed 10 Dec 2025 15:23:39 +0000 ROA not after: Wed 09 Dec 2026 15:28:39 +0000 asID: 20473 IP address blocks: 2a14:7580:100::/40 maxlen: 48 2a14:7581:f30::/44 maxlen: 48 2a14:7581:f70::/48 maxlen: 48 2a14:7581:f71::/48 maxlen: 48 2a14:7581:fa0::/44 maxlen: 48 2a14:7581:3600::/40 maxlen: 48 2a14:7581:3e00::/40 maxlen: 48 2a14:7581:3f00::/40 maxlen: 48 2a14:7583:f000::/40 maxlen: 48 2a14:7583:f100::/40 maxlen: 48 2a14:7584:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 11:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:d6:1c:0d:f2:2b:b3:5e:f6:2b:ae:79:2d:43:cf:3f:45:17:2d:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 10 15:23:39 2025 GMT Not After : Dec 9 15:28:39 2026 GMT Subject: CN=9AAF14588F25F88E56A418A6611E238FD9F55B9C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:2c:9d:a7:06:25:56:66:c6:91:db:8b:cf:2e: 0b:68:bb:2d:4a:f1:a3:5b:76:a1:ff:00:ef:8a:8b: e8:9c:b4:59:94:3b:c0:9f:7f:ce:d4:16:b8:53:f5: e0:a7:90:2d:e8:97:00:ec:1d:36:c2:82:ce:e0:43: e7:f1:d0:3e:9c:cb:a7:73:71:aa:44:70:80:a4:66: b4:9d:49:23:39:a5:7f:4d:c4:87:2b:6f:f3:e3:f7: 22:b2:f0:1c:cd:c9:55:bf:70:a0:1d:c5:d4:5d:64: 41:de:37:b7:a5:27:63:8f:02:4d:e2:4c:fa:de:24: 85:75:ac:fc:dc:ca:dc:b9:3a:a7:79:ba:b2:f9:75: a4:f2:e6:17:45:0a:a4:4a:44:0f:5a:cd:3e:94:b0: ae:32:e5:5d:51:83:33:06:23:fd:7e:71:3d:04:84: 4f:28:b5:ab:63:0e:75:0c:bf:5a:aa:09:6f:6c:19: 6d:d4:88:eb:53:54:4d:99:01:3c:32:cd:79:73:c3: af:e1:80:b6:93:bd:7c:a8:d6:26:a2:30:4c:65:7e: 7c:e4:40:01:86:ad:02:32:20:62:c7:7a:33:a9:2d: aa:19:e6:cb:2c:af:0f:1c:82:a4:b5:34:9c:d9:69: 46:56:69:45:29:cc:8d:e2:ca:6f:b8:1f:b2:4f:2e: 18:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:AF:14:58:8F:25:F8:8E:56:A4:18:A6:61:1E:23:8F:D9:F5:5B:9C X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:100::/40 2a14:7581:f30::/44 2a14:7581:f70::/47 2a14:7581:fa0::/44 2a14:7581:3600::/40 2a14:7581:3e00::/39 2a14:7583:f000::/39 2a14:7584:8000::/36 Signature Algorithm: sha256WithRSAEncryption 4e:c6:91:4d:04:8f:35:ba:97:db:4a:fa:be:96:65:8a:8d:8d: 75:b5:cb:cd:76:d6:d6:80:e2:80:9a:49:d4:84:12:e7:e8:71: 97:a5:e9:89:cd:a3:91:ef:d0:0d:75:99:ee:69:4f:94:bf:c4: 71:5c:a1:67:58:de:9b:80:24:32:39:43:7c:81:0e:78:fa:e5: c3:f0:96:cb:1f:d9:c6:53:f4:d5:ef:af:32:c0:94:17:8c:aa: b8:d3:42:30:90:55:06:a8:6f:6c:e2:ad:90:71:91:14:35:e7: 15:0b:d8:9c:15:43:48:2b:d1:3f:72:b5:70:a9:2a:08:05:1d: ef:42:e6:49:08:c3:0a:2b:f9:17:10:a4:90:c0:c1:be:2a:c6: 79:67:fb:cb:e0:59:37:3a:b4:78:3b:2f:8a:b2:c1:99:f2:ff: 14:9b:bd:3f:f0:15:40:c5:bc:07:2e:a2:4c:8c:88:d8:95:5e: f8:15:79:05:ee:e2:26:0f:86:6e:7d:f4:61:6d:89:d5:af:5e: 8c:35:d7:4c:45:0a:4f:a2:dd:30:a8:34:d0:14:50:46:e4:66: 0f:1c:d3:2f:18:e2:9f:ad:47:eb:ad:89:61:d7:e3:51:ff:75: c2:a5:4e:0a:f4:18:95:f2:0e:4e:bd:78:8c:2e:be:45:ce:e0: 44:e2:45:81 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUDNYcDfIrs172K655LUPPP0UXLS4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMTAxNTIzMzlaFw0yNjEyMDkxNTI4MzlaMDMxMTAvBgNV BAMTKDlBQUYxNDU4OEYyNUY4OEU1NkE0MThBNjYxMUUyMzhGRDlGNTVCOUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtLJ2nBiVWZsaR24vPLgtouy1K 8aNbdqH/AO+Ki+ictFmUO8Cff87UFrhT9eCnkC3olwDsHTbCgs7gQ+fx0D6cy6dz capEcICkZrSdSSM5pX9NxIcrb/Pj9yKy8BzNyVW/cKAdxdRdZEHeN7elJ2OPAk3i TPreJIV1rPzcyty5Oqd5urL5daTy5hdFCqRKRA9azT6UsK4y5V1RgzMGI/1+cT0E hE8otatjDnUMv1qqCW9sGW3UiOtTVE2ZATwyzXlzw6/hgLaTvXyo1iaiMExlfnzk QAGGrQIyIGLHejOpLaoZ5sssrw8cgqS1NJzZaUZWaUUpzI3iym+4H7JPLhiLAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUmq8UWI8l+I5WpBimYR4jj9n1W5wwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwXAYIKwYBBQUHAQcBAf8ETTBLMEkEAgACMEMDBgAqFHWA AQMHBCoUdYEPMAMHASoUdYEPcAMHBCoUdYEPoAMGACoUdYE2AwYBKhR1gT4DBgEq FHWD8AMGBCoUdYSAMA0GCSqGSIb3DQEBCwUAA4IBAQBOxpFNBI81upfbSvq+lmWK jY11tcvNdtbWgOKAmknUhBLn6HGXpemJzaOR79ANdZnuaU+Uv8RxXKFnWN6bgCQy OUN8gQ54+uXD8JbLH9nGU/TV768ywJQXjKq400IwkFUGqG9s4q2QcZEUNecVC9ic FUNIK9E/crVwqSoIBR3vQuZJCMMKK/kXEKSQwMG+KsZ5Z/vL4Fk3OrR4Oy+KssGZ 8v8Um70/8BVAxbwHLqJMjIjYlV74FXkF7uImD4ZuffRhbYnVr16MNddMRQpPot0w qDTQFFBG5GYPHNMvGOKfrUfrrYlh1+NR/3XCpU4K9BiV8g5OvXiMLr5FzuBE4kWB -----END CERTIFICATE-----Generated at Sat Dec 13 17:31:06 2025 by rpki-client