This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209601.roa File: AS209601.roa (raw, json) Hash identifier: JSb98WZ6eXbEt8LRmKcO+ApdtEdEAZ3M7vnpDUOi558= Subject key identifier: 58:D0:9F:D8:8E:34:DC:F9:EB:E4:DC:A3:BB:F9:46:C6:D5:00:E8:44 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 2D744B957FD4A4C2C8AA08E517733157E448B006 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209601.roa Signing time: Tue 06 Jan 2026 10:54:03 +0000 ROA not before: Tue 06 Jan 2026 10:49:03 +0000 ROA not after: Tue 05 Jan 2027 10:54:03 +0000 asID: 209601 IP address blocks: 2a14:7581:fe6::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:74:4b:95:7f:d4:a4:c2:c8:aa:08:e5:17:73:31:57:e4:48:b0:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 6 10:49:03 2026 GMT Not After : Jan 5 10:54:03 2027 GMT Subject: CN=58D09FD88E34DCF9EBE4DCA3BBF946C6D500E844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f1:99:ed:0f:b6:8b:47:08:90:66:1d:2a:ba:7c: 1e:68:63:ab:c2:89:53:2e:5f:a1:a9:b9:93:ff:d6: 38:19:c8:65:0f:59:cb:1c:9d:c9:57:0c:01:f1:3e: d1:db:64:bd:3d:fa:5a:1e:b3:11:7a:39:c5:e6:65: ff:7b:90:b7:a0:29:5f:2b:0f:44:cf:59:f4:bb:1e: ca:cb:10:2e:b4:ff:0b:12:4e:c2:36:e9:eb:d8:59: c8:e4:4c:11:10:e6:66:cc:76:a2:dd:26:e3:f5:32: da:d1:0d:15:1d:b4:cc:52:0c:b8:60:c6:9f:59:e6: ed:f3:fc:33:a6:00:0f:52:9a:50:6e:c6:c4:74:65: b4:3b:99:af:b2:7c:15:1f:fc:8d:52:4b:a5:4e:63: 48:d7:de:82:dd:93:17:37:51:66:67:84:a4:e0:11: 30:8a:97:39:ea:d0:a7:9f:03:ea:8e:de:bc:37:c2: 4a:f9:25:02:76:2e:89:2b:e7:6d:9f:dd:20:91:da: f4:52:7c:e8:69:55:32:7d:f1:e2:13:84:5b:fb:b4: c2:d8:44:a7:3d:72:be:e2:3b:54:05:02:77:c0:7e: d1:bb:2d:e6:2d:b8:b7:41:ab:22:96:d2:b4:d2:fc: cb:9a:77:53:fe:2a:a4:6f:21:ca:02:b6:99:e6:d8: 15:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:D0:9F:D8:8E:34:DC:F9:EB:E4:DC:A3:BB:F9:46:C6:D5:00:E8:44 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS209601.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:fe6::/48 Signature Algorithm: sha256WithRSAEncryption 6a:57:0a:b9:ca:e7:59:82:22:de:b8:35:1d:6b:2d:18:b3:cf: 2c:85:d3:44:88:3f:d4:ad:51:7f:2a:b2:a3:f6:63:1d:c5:f1: 78:f6:88:e4:de:ed:94:db:27:78:c8:89:96:22:af:38:d4:b4: 62:9f:55:f0:20:17:1e:dd:cd:c3:0a:3a:b8:85:32:86:de:19: c2:cd:db:e6:a3:c3:d2:fa:fe:99:8b:2e:55:98:aa:41:2f:90: 0c:bb:2e:81:f0:1b:cf:41:98:c7:8e:d1:65:f1:70:9e:ca:41: 9f:e3:bd:d5:e7:bd:ea:a8:72:88:c1:49:44:d3:0f:6b:db:b9: 4b:74:d9:02:8d:db:8c:67:08:05:68:52:2b:22:2c:1f:d6:f2: dc:fd:c0:27:7e:73:6d:32:7e:07:70:6c:6e:58:91:8c:c9:23: c6:0e:32:90:dd:db:f5:3e:ae:a2:21:09:b4:b8:ae:b2:f5:26: f3:db:d7:8d:cd:62:e9:55:7e:18:39:f3:86:bb:4f:c4:7f:47: cd:da:23:8a:be:14:25:6d:ee:9c:77:c2:55:b3:a9:aa:43:7d: 53:51:fd:cf:8e:06:95:27:3e:19:dd:75:32:5d:0b:85:6e:db: c4:9e:6f:d8:bb:eb:6d:11:a7:09:34:02:58:90:3b:75:c0:31: 25:b8:e3:9b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIULXRLlX/UpMLIqgjlF3MxV+RIsAYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMDYxMDQ5MDNaFw0yNzAxMDUxMDU0MDNaMDMxMTAvBgNV BAMTKDU4RDA5RkQ4OEUzNERDRjlFQkU0RENBM0JCRjk0NkM2RDUwMEU4NDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDxme0PtotHCJBmHSq6fB5oY6vC iVMuX6GpuZP/1jgZyGUPWcscnclXDAHxPtHbZL09+loesxF6OcXmZf97kLegKV8r D0TPWfS7HsrLEC60/wsSTsI26evYWcjkTBEQ5mbMdqLdJuP1MtrRDRUdtMxSDLhg xp9Z5u3z/DOmAA9SmlBuxsR0ZbQ7ma+yfBUf/I1SS6VOY0jX3oLdkxc3UWZnhKTg ETCKlznq0KefA+qO3rw3wkr5JQJ2Lokr522f3SCR2vRSfOhpVTJ98eIThFv7tMLY RKc9cr7iO1QFAnfAftG7LeYtuLdBqyKW0rTS/Muad1P+KqRvIcoCtpnm2BVbAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUWNCf2I403Pnr5Nyju/lGxtUA6EQwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA5NjAxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1 gQ/mMA0GCSqGSIb3DQEBCwUAA4IBAQBqVwq5yudZgiLeuDUday0Ys88shdNEiD/U rVF/KrKj9mMdxfF49ojk3u2U2yd4yImWIq841LRin1XwIBce3c3DCjq4hTKG3hnC zdvmo8PS+v6Ziy5VmKpBL5AMuy6B8BvPQZjHjtFl8XCeykGf473V573qqHKIwUlE 0w9r27lLdNkCjduMZwgFaFIrIiwf1vLc/cAnfnNtMn4HcGxuWJGMySPGDjKQ3dv1 Pq6iIQm0uK6y9Sbz29eNzWLpVX4YOfOGu0/Ef0fN2iOKvhQlbe6cd8JVs6mqQ31T Uf3PjgaVJz4Z3XUyXQuFbtvEnm/Yu+ttEacJNAJYkDt1wDEluOOb -----END CERTIFICATE-----Generated at Tue Jan 20 22:19:41 2026 by rpki-client