This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214481.roa File: AS214481.roa (raw, json) Hash identifier: q0/hxcN/O78c/v19+bUiRoMiuxTWUpwHIVuJYsqdIn4= Subject key identifier: 1F:4C:D9:60:1F:88:11:6B:D0:61:97:26:56:BE:A3:23:67:A3:FC:9B Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 30666C189809A5AC17AECB1D19E1D2CA68FFDC72 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214481.roa Signing time: Sat 03 Jan 2026 19:31:53 +0000 ROA not before: Sat 03 Jan 2026 19:26:53 +0000 ROA not after: Sat 02 Jan 2027 19:31:53 +0000 asID: 214481 IP address blocks: 2a14:7584:e700::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 17:03:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:66:6c:18:98:09:a5:ac:17:ae:cb:1d:19:e1:d2:ca:68:ff:dc:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 3 19:26:53 2026 GMT Not After : Jan 2 19:31:53 2027 GMT Subject: CN=1F4CD9601F88116BD061972656BEA32367A3FC9B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:b2:38:9b:7e:57:dd:c0:cb:de:e2:40:7d:61: e4:ff:86:2c:16:28:0f:3a:dc:d3:46:53:00:30:14: ce:a0:60:db:73:b0:6c:15:f3:75:11:5c:41:4c:1c: 89:8f:b0:7c:fc:75:ce:20:c0:70:ec:e7:68:ea:ba: 31:36:f0:b0:85:1b:e8:1d:56:2b:c1:51:1f:e1:bd: 28:f3:a9:82:7b:75:7f:a0:92:6f:b8:a1:4d:be:fb: 9a:45:63:62:a5:0b:17:45:88:0c:03:28:43:e1:a4: 52:36:6b:d3:7d:2b:ce:12:0a:77:82:05:28:19:48: 23:e1:4a:a0:3e:2a:0c:b0:98:6c:55:29:20:29:29: 40:b3:72:58:cb:2e:66:4d:77:14:a3:d2:f4:ca:54: fa:c4:ff:23:72:3b:f3:6c:6d:55:e5:dc:eb:fd:50: c7:c9:dd:c5:e5:0d:98:1f:cb:07:60:d8:9b:71:7c: 38:86:19:af:b3:20:18:a1:79:f7:af:1e:d7:a7:44: 93:77:5f:2d:3f:cd:56:9b:25:e7:67:0f:20:a5:f2: 5a:03:44:d0:4b:82:a1:7c:84:1c:a4:31:d8:ae:0e: 35:23:d2:fe:dd:35:21:be:88:b7:33:c6:16:8d:0a: cb:4c:66:3b:8c:ce:d1:9d:bc:e5:74:3d:70:bc:50: 81:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:4C:D9:60:1F:88:11:6B:D0:61:97:26:56:BE:A3:23:67:A3:FC:9B X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214481.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7584:e700::/40 Signature Algorithm: sha256WithRSAEncryption 95:e7:04:ef:53:18:cd:fc:69:4a:65:b1:71:a1:70:a8:75:b0: 22:15:db:a5:bb:59:6f:dd:ab:96:96:be:99:a9:f5:1e:eb:4f: 28:c0:20:bd:f8:06:77:b4:a8:c2:60:3f:98:0c:0d:32:33:b6: fd:8f:a5:e5:58:9e:f5:47:67:f9:90:a4:a2:af:19:ec:26:f9: 99:a2:9f:1f:99:33:43:48:2b:90:bb:d8:56:00:85:0d:1c:8f: f0:00:8f:ce:a5:24:36:f6:d2:aa:e5:d8:bb:f8:c3:a8:44:ea: 13:a4:97:71:cf:ef:bc:ee:2e:a4:f0:0b:b0:e5:c8:eb:3d:c6: b2:04:79:57:37:23:c0:22:35:b1:aa:2f:e0:5b:bd:01:08:3b: 12:6c:f0:b0:db:ee:24:05:f7:f9:8f:c9:9a:84:67:d7:c4:90: 16:03:9e:5f:e9:f5:10:5f:72:90:94:40:71:46:f1:99:0b:5a: 4d:bb:68:70:d3:51:ab:48:0d:cb:0f:ba:01:86:3b:51:06:4b: 19:78:f1:4d:0b:b1:d0:62:c7:0e:f0:fe:a3:0c:5e:47:ca:0d: 0a:d7:0a:c6:97:8f:aa:c8:14:84:be:f1:b1:a4:e2:b2:06:a3: b9:0b:f5:99:76:bc:e6:cd:15:50:14:fd:41:68:fb:17:13:f3: 18:a1:51:bc -----BEGIN CERTIFICATE----- MIIFAjCCA+qgAwIBAgIUMGZsGJgJpawXrssdGeHSymj/3HIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMDMxOTI2NTNaFw0yNzAxMDIxOTMxNTNaMDMxMTAvBgNV BAMTKDFGNENEOTYwMUY4ODExNkJEMDYxOTcyNjU2QkVBMzIzNjdBM0ZDOUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCusjibflfdwMve4kB9YeT/hiwW KA863NNGUwAwFM6gYNtzsGwV83URXEFMHImPsHz8dc4gwHDs52jqujE28LCFG+gd VivBUR/hvSjzqYJ7dX+gkm+4oU2++5pFY2KlCxdFiAwDKEPhpFI2a9N9K84SCneC BSgZSCPhSqA+KgywmGxVKSApKUCzcljLLmZNdxSj0vTKVPrE/yNyO/NsbVXl3Ov9 UMfJ3cXlDZgfywdg2JtxfDiGGa+zIBihefevHtenRJN3Xy0/zVabJednDyCl8loD RNBLgqF8hBykMdiuDjUj0v7dNSG+iLczxhaNCstMZjuMztGdvOV0PXC8UIEPAgMB AAGjggIMMIICCDAdBgNVHQ4EFgQUH0zZYB+IEWvQYZcmVr6jI2ej/JswHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NDgxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhR1 hOcwDQYJKoZIhvcNAQELBQADggEBAJXnBO9TGM38aUplsXGhcKh1sCIV26W7WW/d q5aWvpmp9R7rTyjAIL34Bne0qMJgP5gMDTIztv2PpeVYnvVHZ/mQpKKvGewm+Zmi nx+ZM0NIK5C72FYAhQ0cj/AAj86lJDb20qrl2Lv4w6hE6hOkl3HP77zuLqTwC7Dl yOs9xrIEeVc3I8AiNbGqL+BbvQEIOxJs8LDb7iQF9/mPyZqEZ9fEkBYDnl/p9RBf cpCUQHFG8ZkLWk27aHDTUatIDcsPugGGO1EGSxl48U0LsdBixw7w/qMMXkfKDQrX CsaXj6rIFIS+8bGk4rIGo7kL9Zl2vObNFVAU/UFo+xcT8xihUbw= -----END CERTIFICATE-----Generated at Mon Jan 19 23:20:35 2026 by rpki-client