This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa File: AS214456.roa (raw, json) Hash identifier: F87Z8f16PXvunbai6KZjdE8a3zeApgPr+way3oCc2ik= Subject key identifier: C8:8D:64:F7:B2:C2:17:16:6C:97:2A:5E:D9:89:C4:AA:F9:73:3F:23 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 7F009D2B94C83E451329A109E2824EF37D7D2B61 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa Signing time: Tue 06 Jan 2026 01:00:45 +0000 ROA not before: Tue 06 Jan 2026 00:55:45 +0000 ROA not after: Tue 05 Jan 2027 01:00:45 +0000 asID: 214456 IP address blocks: 2a14:7581:300::/40 maxlen: 48 2a14:7581:c00::/40 maxlen: 48 2a14:7581:fe1::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 08:50:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:00:9d:2b:94:c8:3e:45:13:29:a1:09:e2:82:4e:f3:7d:7d:2b:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 6 00:55:45 2026 GMT Not After : Jan 5 01:00:45 2027 GMT Subject: CN=C88D64F7B2C217166C972A5ED989C4AAF9733F23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:60:a9:ae:82:e2:34:67:fb:89:bc:13:f8:5b: ed:c6:86:e8:28:ed:ca:3a:ae:4b:51:e5:32:8c:76: eb:36:03:f4:e9:43:f5:70:f5:27:66:af:4f:85:06: ba:cd:fb:b8:ee:ca:e6:2c:e7:61:01:15:8c:3b:7e: a7:45:f8:45:a7:2a:72:b9:7c:72:ee:c3:77:f5:ae: 16:88:2d:47:6c:33:e5:92:b2:d0:47:f3:e8:33:97: 9d:66:57:d1:ac:83:d9:1d:d9:a4:ce:02:2f:43:72: 22:e4:44:e0:f3:d3:e3:64:57:b9:cd:87:c2:e7:46: 6a:5a:be:5a:31:52:0a:e7:af:2d:de:2c:17:0e:f1: 37:62:3b:b9:37:13:c7:c5:79:c2:ff:3a:32:c7:30: 77:8c:79:0b:bc:7e:ec:67:92:a3:27:1c:ff:5e:f9: ad:55:d9:21:79:4b:0f:c0:a4:10:78:64:ee:e1:34: d9:e5:c0:dc:a5:c8:53:8e:b6:a6:3d:c4:45:80:8c: 8d:52:35:62:a5:e8:e5:6a:91:95:80:73:04:30:ba: ad:4b:88:cc:6e:eb:c9:af:95:b6:62:6d:8c:67:5b: 44:e6:1c:2e:ee:64:1d:30:e1:91:7b:a1:c1:a6:39: d9:83:05:20:4d:aa:ce:2c:6a:43:52:8a:bc:3c:c8: cc:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:8D:64:F7:B2:C2:17:16:6C:97:2A:5E:D9:89:C4:AA:F9:73:3F:23 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214456.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:300::/40 2a14:7581:c00::/40 2a14:7581:fe1::/48 Signature Algorithm: sha256WithRSAEncryption 37:f8:f2:cd:63:a1:de:a2:cc:55:99:4f:54:d6:02:e8:0e:9e: 19:a1:4c:9f:f7:92:e5:33:42:cb:1d:c9:33:5e:23:be:6d:c0: a1:34:b4:e8:8f:1a:94:2b:34:8c:60:36:c6:ed:e2:05:11:22: 9c:e3:00:92:26:9d:86:b0:b7:80:53:01:7d:fd:4c:cb:8d:98: 11:a7:aa:e5:55:70:01:ee:e8:bd:6a:18:cc:b6:62:e8:cb:a7: 2f:92:40:f5:bc:e3:73:6b:a8:2b:64:69:5a:e6:39:00:1b:5c: 2c:26:b5:60:80:1c:a3:b1:4a:cb:78:7d:4a:0d:6d:ef:1d:96: 72:76:26:97:39:5d:b0:53:b4:7a:b0:04:75:db:cd:13:7f:d6: 7b:e8:d5:8f:13:96:59:2a:cd:47:f6:17:60:bc:32:82:e9:07: e8:8f:3e:e7:30:73:9a:7d:78:75:4a:03:41:fd:a2:02:35:01: 3e:c8:27:07:5a:14:68:e7:89:7a:91:7d:eb:83:cc:ac:bd:c9: 1c:da:12:5a:92:e0:b0:2a:b8:0f:9d:73:e1:6c:36:dd:de:ad: 7f:e5:59:de:c5:13:fa:ea:92:6c:8d:d1:56:c3:17:90:76:d8: d7:fa:b5:22:dd:55:e6:6e:4b:9a:2b:b1:b9:15:52:8f:fe:8a: 15:36:5a:25 -----BEGIN CERTIFICATE----- MIIFEzCCA/ugAwIBAgIUfwCdK5TIPkUTKaEJ4oJO8319K2EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMDYwMDU1NDVaFw0yNzAxMDUwMTAwNDVaMDMxMTAvBgNV BAMTKEM4OEQ2NEY3QjJDMjE3MTY2Qzk3MkE1RUQ5ODlDNEFBRjk3MzNGMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2YKmuguI0Z/uJvBP4W+3Ghugo 7co6rktR5TKMdus2A/TpQ/Vw9Sdmr0+FBrrN+7juyuYs52EBFYw7fqdF+EWnKnK5 fHLuw3f1rhaILUdsM+WSstBH8+gzl51mV9Gsg9kd2aTOAi9DciLkRODz0+NkV7nN h8LnRmpavloxUgrnry3eLBcO8TdiO7k3E8fFecL/OjLHMHeMeQu8fuxnkqMnHP9e +a1V2SF5Sw/ApBB4ZO7hNNnlwNylyFOOtqY9xEWAjI1SNWKl6OVqkZWAcwQwuq1L iMxu68mvlbZibYxnW0TmHC7uZB0w4ZF7ocGmOdmDBSBNqs4sakNSirw8yMy5AgMB AAGjggIdMIICGTAdBgNVHQ4EFgQUyI1k97LCFxZslype2YnEqvlzPyMwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NDU2LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDIGCCsGAQUFBwEHAQH/BCMwITAfBAIAAjAZAwYAKhR1 gQMDBgAqFHWBDAMHACoUdYEP4TANBgkqhkiG9w0BAQsFAAOCAQEAN/jyzWOh3qLM VZlPVNYC6A6eGaFMn/eS5TNCyx3JM14jvm3AoTS06I8alCs0jGA2xu3iBREinOMA kiadhrC3gFMBff1My42YEaeq5VVwAe7ovWoYzLZi6MunL5JA9bzjc2uoK2RpWuY5 ABtcLCa1YIAco7FKy3h9Sg1t7x2WcnYmlzldsFO0erAEddvNE3/We+jVjxOWWSrN R/YXYLwygukH6I8+5zBzmn14dUoDQf2iAjUBPsgnB1oUaOeJepF964PMrL3JHNoS WpLgsCq4D51z4Ww23d6tf+VZ3sUT+uqSbI3RVsMXkHbY1/q1It1V5m5LmiuxuRVS j/6KFTZaJQ== -----END CERTIFICATE-----Generated at Sat Jan 10 22:08:48 2026 by rpki-client