This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: +xErCD8QenoJcScdQGxcPDce2g7TxEbjoL85d22BoGs= Subject key identifier: 0C:A8:7B:A2:2F:FC:D0:FA:F5:24:88:AA:E8:9A:21:D8:23:6C:FC:66 Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9 Certificate serial: 7200300EFF0D7ECDC2596ECE2F99C5E38808728E Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25198.roa Signing time: Mon 17 Nov 2025 04:24:53 +0000 ROA not before: Mon 17 Nov 2025 04:19:53 +0000 ROA not after: Mon 16 Nov 2026 04:24:53 +0000 asID: 25198 IP address blocks: 141.11.48.0/24 maxlen: 24 141.11.57.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 20:43:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72:00:30:0e:ff:0d:7e:cd:c2:59:6e:ce:2f:99:c5:e3:88:08:72:8e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9 Validity Not Before: Nov 17 04:19:53 2025 GMT Not After : Nov 16 04:24:53 2026 GMT Subject: CN=0CA87BA22FFCD0FAF52488AAE89A21D8236CFC66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:38:ff:b0:67:53:2e:90:f6:6b:a1:55:22:82: 67:cb:17:f2:b0:02:31:f1:d6:eb:66:65:75:e8:84: de:a8:68:df:b3:26:ba:dd:96:e2:97:9c:7b:54:d0: ca:f1:73:38:0c:67:72:74:20:88:dc:5d:f6:26:eb: 69:8e:07:26:57:3a:6b:b8:b8:90:97:9e:27:04:b0: 07:61:0b:b5:d2:e2:0d:6f:57:e2:94:93:7a:6f:85: 80:7c:ef:06:ed:23:a3:ab:c4:e1:e7:29:a8:52:a8: 7d:21:9e:76:f7:00:d7:8d:f6:89:1e:17:fb:25:9d: b1:02:00:14:65:d2:99:dd:b9:c6:db:e2:44:7e:49: 42:38:dc:78:1d:62:d0:10:19:5b:b6:83:2a:4e:8d: fc:7f:83:69:cd:60:e1:ee:af:ee:a2:aa:af:af:92: fa:52:84:df:a4:b2:42:1a:2c:65:52:c3:d8:e4:a3: 0e:30:1c:f4:25:4c:2c:d9:a4:d7:7c:e1:48:7f:21: 2f:17:ae:8a:fc:ba:ca:72:12:5c:3e:5d:68:ae:25: af:c3:d6:87:c1:7a:ee:f7:bc:bc:61:06:07:f9:61: 4e:64:a6:c3:1e:ab:27:42:a7:17:88:b6:e0:e2:1f: 0e:6e:bd:ed:ed:ca:29:1f:7f:e3:5f:c9:7b:a7:97: 4a:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:A8:7B:A2:2F:FC:D0:FA:F5:24:88:AA:E8:9A:21:D8:23:6C:FC:66 X509v3 Authority Key Identifier: keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.11.48.0/24 141.11.57.0/24 Signature Algorithm: sha256WithRSAEncryption 60:07:64:5d:34:3f:26:5d:7f:c8:38:29:ed:5d:26:56:e7:ac: f6:a4:89:22:c4:f1:44:b5:8d:ea:b3:1c:da:e4:61:68:82:e4: cf:42:57:55:1d:9a:54:24:d5:ad:49:e8:2a:c6:60:a1:85:ac: aa:c9:2c:1e:88:06:a6:8c:7b:a8:23:71:14:25:b5:59:93:69: 88:53:43:02:4d:eb:fc:e9:4a:22:12:01:37:2b:28:27:98:0f: dc:ce:94:bf:a7:f2:90:3b:7c:1a:73:4f:24:bd:c7:8f:1b:99: a9:a9:1d:ff:05:1c:bc:58:c8:b0:7b:e7:1f:11:a5:0f:0f:2f: 81:7b:1e:65:0f:ab:56:f7:9d:54:f4:b6:dd:11:e2:82:cb:cb: 6d:cd:dd:a5:92:11:19:b2:61:20:e3:99:fc:fc:bc:1b:6b:98: 47:70:e6:d8:c8:df:0a:ad:36:9b:2f:a4:ff:7d:52:7f:ce:e1: 01:f2:dd:d5:d6:d1:65:f6:85:4d:7b:b7:bb:f7:98:45:9d:c7: da:47:fe:0b:10:ae:a2:60:7e:5a:2e:c6:a3:72:b4:59:8c:09: 96:db:3e:c5:47:cc:c1:4c:96:5d:be:f4:b1:43:04:2c:f5:c5: 7b:14:d7:97:c2:71:80:b8:f7:4c:dc:b7:bd:8f:6b:38:f4:2e: 66:99:3a:7a -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUcgAwDv8Nfs3CWW7OL5nF44gIco4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw ODI4ZWNhOTAeFw0yNTExMTcwNDE5NTNaFw0yNjExMTYwNDI0NTNaMDMxMTAvBgNV BAMTKDBDQTg3QkEyMkZGQ0QwRkFGNTI0ODhBQUU4OUEyMUQ4MjM2Q0ZDNjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6OP+wZ1MukPZroVUigmfLF/Kw AjHx1utmZXXohN6oaN+zJrrdluKXnHtU0MrxczgMZ3J0IIjcXfYm62mOByZXOmu4 uJCXnicEsAdhC7XS4g1vV+KUk3pvhYB87wbtI6OrxOHnKahSqH0hnnb3ANeN9oke F/slnbECABRl0pnducbb4kR+SUI43HgdYtAQGVu2gypOjfx/g2nNYOHur+6iqq+v kvpShN+kskIaLGVSw9jkow4wHPQlTCzZpNd84Uh/IS8Xror8uspyElw+XWiuJa/D 1ofBeu73vLxhBgf5YU5kpsMeqydCpxeItuDiHw5uve3tyikff+NfyXunl0pHAgMB AAGjggIPMIICCzAdBgNVHQ4EFgQUDKh7oi/80Pr1JIiq6Joh2CNs/GYwHwYDVR0j BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5 ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACNCzAD BACNCzkwDQYJKoZIhvcNAQELBQADggEBAGAHZF00PyZdf8g4Ke1dJlbnrPakiSLE 8US1jeqzHNrkYWiC5M9CV1UdmlQk1a1J6CrGYKGFrKrJLB6IBqaMe6gjcRQltVmT aYhTQwJN6/zpSiISATcrKCeYD9zOlL+n8pA7fBpzTyS9x48bmampHf8FHLxYyLB7 5x8RpQ8PL4F7HmUPq1b3nVT0tt0R4oLLy23N3aWSERmyYSDjmfz8vBtrmEdw5tjI 3wqtNpsvpP99Un/O4QHy3dXW0WX2hU17t7v3mEWdx9pH/gsQrqJgflouxqNytFmM CZbbPsVHzMFMll2+9LFDBCz1xXsU15fCcYC490zct72Pazj0LmaZOno= -----END CERTIFICATE-----Generated at Fri Dec 5 09:30:34 2025 by rpki-client