This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211567.roa File: AS211567.roa (raw, json) Hash identifier: l4bYjEfAKky4R5txrwQ1q03vtgcB1g0vbuvOkdJ6GE4= Subject key identifier: 3B:3F:0B:92:35:9F:FF:20:90:AA:A7:B8:2F:5B:21:F1:52:F2:B4:F8 Certificate issuer: /CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Certificate serial: 0B91740503FD6A19D56F4112AE20872294DD4BFE Authority key identifier: 70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211567.roa Signing time: Sun 28 Dec 2025 09:21:06 +0000 ROA not before: Sun 28 Dec 2025 09:16:06 +0000 ROA not after: Sun 27 Dec 2026 09:21:06 +0000 asID: 211567 IP address blocks: 31.40.198.0/24 maxlen: 24 141.98.48.0/24 maxlen: 24 176.96.129.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.mft rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 23:37:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0b:91:74:05:03:fd:6a:19:d5:6f:41:12:ae:20:87:22:94:dd:4b:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7051b4c2f7ae9ef80b53000b32ab8f5d2f2f415b Validity Not Before: Dec 28 09:16:06 2025 GMT Not After : Dec 27 09:21:06 2026 GMT Subject: CN=3B3F0B92359FFF2090AAA7B82F5B21F152F2B4F8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:ff:87:ce:7c:45:75:db:45:39:62:bc:bf:4d: 20:9c:c2:f5:31:e3:d7:30:5a:5c:fc:9e:f1:5a:4a: c0:61:0d:d6:c9:4d:6a:43:32:18:cf:63:ee:af:b6: 37:12:05:64:1b:44:9b:88:b7:fb:26:7c:65:b1:1b: 0a:fa:6c:1e:35:01:5a:f5:28:64:c1:6b:49:b5:52: 22:3d:73:f8:79:ed:eb:70:fe:b4:13:b8:de:25:e6: 9f:50:95:9e:fd:0d:d7:f4:a9:11:a2:ad:f7:15:89: 81:a7:7d:7d:2a:75:96:3a:5b:43:b0:df:db:08:a5: 2a:4b:83:5c:ae:7e:d9:8e:88:23:b2:af:b6:59:01: 27:c6:5b:bb:d5:63:9c:aa:77:e8:40:34:6a:49:2b: cb:79:b5:83:de:e3:f6:60:7f:85:cb:ad:b2:42:2b: 31:a1:6a:ae:ea:cf:74:f3:e7:60:4c:87:70:e5:e8: 6d:87:df:0b:0d:63:a1:c5:1c:a8:7e:d7:4e:e6:03: 4a:ae:33:f0:19:3b:61:a8:58:49:32:78:dd:c7:57: 82:94:3f:61:51:ad:95:87:9b:b8:23:99:da:02:7e: 2b:b3:c9:cb:03:76:d9:83:99:4a:bc:b6:a2:0e:4a: 60:60:4a:4d:ca:4f:85:6f:c4:bf:02:31:f7:87:9f: 07:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:3F:0B:92:35:9F:FF:20:90:AA:A7:B8:2F:5B:21:F1:52:F2:B4:F8 X509v3 Authority Key Identifier: keyid:70:51:B4:C2:F7:AE:9E:F8:0B:53:00:0B:32:AB:8F:5D:2F:2F:41:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/7051B4C2F7AE9EF80B53000B32AB8F5D2F2F415B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cFG0wveunvgLUwALMquPXS8vQVs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9c5ce9fa-9a6f-4e0c-9809-7a4788744893/0/AS211567.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.40.198.0/24 141.98.48.0/24 176.96.129.0/24 Signature Algorithm: sha256WithRSAEncryption 24:1e:3f:7a:bc:6c:06:90:f6:54:bd:90:6a:3e:45:1d:fa:7b: cf:79:ee:c7:b2:12:7e:d4:f7:81:13:ea:1e:78:3b:2b:90:ba: 4c:e4:39:3c:68:e6:68:7e:b3:66:43:29:68:dc:e8:3e:17:1e: d4:33:74:94:aa:1c:5c:12:55:5b:8f:b0:34:8f:e5:72:90:7c: 08:51:81:6e:dc:d0:db:29:44:70:c8:ea:24:a1:bd:09:8d:35: 77:bc:d6:3e:b9:03:59:24:6e:9a:38:50:01:17:5b:c6:33:d6: 99:ee:64:17:31:af:c1:be:aa:d6:32:c3:31:12:49:d2:87:0e: cd:9e:69:e5:d3:d7:e8:90:78:74:8d:92:ac:61:b2:b0:2d:90: be:cb:28:3d:56:35:4f:50:c9:44:a3:8d:c1:ba:ef:08:e2:2b: c9:2e:7c:af:9e:c5:a2:87:b9:e1:1f:16:a2:b1:c1:13:f0:f8: 53:85:71:7d:05:79:23:fc:65:37:a3:18:6b:0e:80:76:00:0d: 25:4f:39:96:01:5d:25:77:ce:7a:e0:4c:8d:eb:03:91:51:6c: 52:e5:22:ad:ed:b1:b1:fd:73:f4:3c:85:ef:04:f4:55:ad:d2: 93:c7:d2:3a:87:6b:eb:ff:22:c8:50:53:b7:8f:c8:51:a2:23: 70:31:2f:50 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUC5F0BQP9ahnVb0ESriCHIpTdS/4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzA1MWI0YzJmN2FlOWVmODBiNTMwMDBiMzJhYjhmNWQy ZjJmNDE1YjAeFw0yNTEyMjgwOTE2MDZaFw0yNjEyMjcwOTIxMDZaMDMxMTAvBgNV BAMTKDNCM0YwQjkyMzU5RkZGMjA5MEFBQTdCODJGNUIyMUYxNTJGMkI0RjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa/4fOfEV120U5Yry/TSCcwvUx 49cwWlz8nvFaSsBhDdbJTWpDMhjPY+6vtjcSBWQbRJuIt/smfGWxGwr6bB41AVr1 KGTBa0m1UiI9c/h57etw/rQTuN4l5p9QlZ79Ddf0qRGirfcViYGnfX0qdZY6W0Ow 39sIpSpLg1yuftmOiCOyr7ZZASfGW7vVY5yqd+hANGpJK8t5tYPe4/Zgf4XLrbJC KzGhaq7qz3Tz52BMh3Dl6G2H3wsNY6HFHKh+107mA0quM/AZO2GoWEkyeN3HV4KU P2FRrZWHm7gjmdoCfiuzycsDdtmDmUq8tqIOSmBgSk3KT4VvxL8CMfeHnwcRAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUOz8LkjWf/yCQqqe4L1sh8VLytPgwHwYDVR0j BBgwFoAUcFG0wveunvgLUwALMquPXS8vQVswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWM1Y2U5ZmEtOWE2Zi00ZTBjLTk4MDktN2E0Nzg4NzQ0 ODkzLzAvNzA1MUI0QzJGN0FFOUVGODBCNTMwMDBCMzJBQjhGNUQyRjJGNDE1Qi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NGRzB3dmV1bnZnTFV3QUxNcXVQWFM4 dlFWcy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzljNWNlOWZhLTlhNmYt NGUwYy05ODA5LTdhNDc4ODc0NDg5My8wL0FTMjExNTY3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAHyjG AwQAjWIwAwQAsGCBMA0GCSqGSIb3DQEBCwUAA4IBAQAkHj96vGwGkPZUvZBqPkUd +nvPee7HshJ+1PeBE+oeeDsrkLpM5Dk8aOZofrNmQylo3Og+Fx7UM3SUqhxcElVb j7A0j+VykHwIUYFu3NDbKURwyOokob0JjTV3vNY+uQNZJG6aOFABF1vGM9aZ7mQX Ma/BvqrWMsMxEknShw7Nnmnl09fokHh0jZKsYbKwLZC+yyg9VjVPUMlEo43Buu8I 4ivJLnyvnsWih7nhHxaiscET8PhThXF9BXkj/GU3oxhrDoB2AA0lTzmWAV0ld856 4EyN6wORUWxS5SKt7bGx/XP0PIXvBPRVrdKTx9I6h2vr/yLIUFO3j8hRoiNwMS9Q -----END CERTIFICATE-----Generated at Wed Jan 21 16:16:57 2026 by rpki-client