This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa File: AS214488.roa (raw, json) Hash identifier: PlcTxeVlfU60ibKkzFZQDaQd/DWzApOK5XgRxe47lzo= Subject key identifier: 1E:D5:88:CB:B0:4F:A6:E0:AF:7F:9F:73:2F:C1:86:D4:7B:0C:5D:80 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 361DC642A570A15F703C9BC00B3B68FC3C0B0703 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa Signing time: Tue 06 Jan 2026 01:00:43 +0000 ROA not before: Tue 06 Jan 2026 00:55:43 +0000 ROA not after: Tue 05 Jan 2027 01:00:43 +0000 asID: 214488 IP address blocks: 2a14:7581:ff3::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 15:30:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:1d:c6:42:a5:70:a1:5f:70:3c:9b:c0:0b:3b:68:fc:3c:0b:07:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Jan 6 00:55:43 2026 GMT Not After : Jan 5 01:00:43 2027 GMT Subject: CN=1ED588CBB04FA6E0AF7F9F732FC186D47B0C5D80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:3a:86:9d:0a:d7:ac:e1:3d:93:11:c8:df:82: 4c:c1:2f:01:7a:44:cf:a4:09:c6:75:cc:e5:49:6b: 2e:4a:d4:2e:bc:b6:27:19:b8:18:c1:4c:64:84:4c: 56:8b:6a:2c:c0:eb:28:8d:c0:99:0f:fa:ad:d1:ac: 51:06:bf:7d:6c:43:25:96:13:86:5d:be:05:39:0d: 9a:57:21:8d:b0:de:a9:0b:2a:74:b8:78:e8:ba:44: 0d:2f:be:80:c5:29:1e:64:15:f0:0c:b3:02:c7:4d: 04:12:12:31:20:40:77:91:0b:18:02:4e:cf:75:97: 79:5a:9d:ac:d0:38:87:1e:7d:6c:ae:92:79:33:65: 21:3e:54:9c:1e:a5:bd:70:70:df:37:36:40:0c:82: ba:4a:ff:d9:0d:99:06:48:d8:fe:fe:ca:c3:41:5f: cd:94:08:29:53:16:19:a1:a4:17:52:ab:5b:f4:07: 6c:df:c5:07:74:0e:6c:98:05:c8:8e:b3:dd:6e:8d: 56:d6:a2:1b:1f:b6:3b:35:97:44:98:d3:13:5d:6a: f7:3b:a6:92:43:5c:94:76:09:63:82:d1:ca:51:19: ed:21:9b:0c:e1:89:ac:c5:dd:27:f7:27:af:34:79: fd:16:f9:5f:cb:9a:eb:a4:f8:13:02:25:7f:f1:17: 63:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:D5:88:CB:B0:4F:A6:E0:AF:7F:9F:73:2F:C1:86:D4:7B:0C:5D:80 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214488.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:ff3::/48 Signature Algorithm: sha256WithRSAEncryption 79:a0:2c:cf:79:ae:e7:5c:26:50:ff:10:df:20:0e:65:9d:61: f6:13:3f:94:0b:14:21:6e:9f:02:46:31:af:38:10:f8:e9:f4: c0:f9:5d:63:4d:d8:6c:01:3d:62:d5:4d:4c:30:96:ae:26:4d: f1:ab:93:b7:50:56:87:4e:7e:86:dc:f1:52:0e:6d:8a:bc:62: 7a:6b:9e:30:40:68:ce:df:95:13:74:21:6a:fe:31:6e:1e:83: de:c8:ad:b3:8b:b9:c5:5b:e6:ec:7a:11:e6:4f:e8:cb:a9:ed: 07:a6:63:79:67:ba:08:4d:b9:be:9d:cf:29:08:3d:7e:e2:38: 7f:5a:e8:81:9c:95:05:c1:18:f9:d4:a5:05:bc:87:ce:db:e4: d9:58:45:6d:f0:62:38:8b:79:47:c9:a3:29:40:4c:4a:36:60: a0:a1:57:5d:fd:49:4c:02:dc:84:7c:b0:92:d4:4a:e2:9e:5f: a4:08:6f:2e:70:34:da:c6:fe:51:ba:b5:4e:ab:fe:b8:6c:1a: 7e:b7:fc:8b:ad:20:ea:8a:5c:73:7d:44:1c:fd:cf:0a:61:65: 59:43:e5:a8:ae:80:1e:5d:41:fe:fb:81:94:32:2b:1b:24:5c: 0a:5c:f0:47:48:2a:f2:7e:59:41:b0:9d:8b:d6:7e:cb:45:0a: 8b:ab:ef:8d -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgIUNh3GQqVwoV9wPJvACzto/DwLBwMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNjAxMDYwMDU1NDNaFw0yNzAxMDUwMTAwNDNaMDMxMTAvBgNV BAMTKDFFRDU4OENCQjA0RkE2RTBBRjdGOUY3MzJGQzE4NkQ0N0IwQzVEODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUOoadCtes4T2TEcjfgkzBLwF6 RM+kCcZ1zOVJay5K1C68ticZuBjBTGSETFaLaizA6yiNwJkP+q3RrFEGv31sQyWW E4ZdvgU5DZpXIY2w3qkLKnS4eOi6RA0vvoDFKR5kFfAMswLHTQQSEjEgQHeRCxgC Ts91l3lanazQOIcefWyuknkzZSE+VJwepb1wcN83NkAMgrpK/9kNmQZI2P7+ysNB X82UCClTFhmhpBdSq1v0B2zfxQd0DmyYBciOs91ujVbWohsftjs1l0SY0xNdavc7 ppJDXJR2CWOC0cpRGe0hmwzhiazF3Sf3J680ef0W+V/Lmuuk+BMCJX/xF2PXAgMB AAGjggINMIICCTAdBgNVHQ4EFgQUHtWIy7BPpuCvf59zL8GG1HsMXYAwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NDg4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhR1 gQ/zMA0GCSqGSIb3DQEBCwUAA4IBAQB5oCzPea7nXCZQ/xDfIA5lnWH2Ez+UCxQh bp8CRjGvOBD46fTA+V1jTdhsAT1i1U1MMJauJk3xq5O3UFaHTn6G3PFSDm2KvGJ6 a54wQGjO35UTdCFq/jFuHoPeyK2zi7nFW+bsehHmT+jLqe0HpmN5Z7oITbm+nc8p CD1+4jh/WuiBnJUFwRj51KUFvIfO2+TZWEVt8GI4i3lHyaMpQExKNmCgoVdd/UlM AtyEfLCS1Erinl+kCG8ucDTaxv5RurVOq/64bBp+t/yLrSDqilxzfUQc/c8KYWVZ Q+WoroAeXUH++4GUMisbJFwKXPBHSCryfllBsJ2L1n7LRQqLq++N -----END CERTIFICATE-----Generated at Tue Jan 20 22:21:12 2026 by rpki-client