This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60949.roa File: AS60949.roa (raw, json) Hash identifier: eSNjL83iVjZCt2ENhKKaUwxEFLHLpDVrAamsZ69Qe7Q= Subject key identifier: 37:6E:2E:03:6E:36:90:77:72:36:70:C7:19:96:E9:0F:74:01:62:EA Certificate issuer: /CN=c2302af143c15daad50042d8455e689d0828eca9 Certificate serial: 5DF02D16863D466B41FEE3DC4E848EB6628A2CBE Authority key identifier: C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60949.roa Signing time: Wed 31 Dec 2025 13:55:33 +0000 ROA not before: Wed 31 Dec 2025 13:50:33 +0000 ROA not after: Wed 30 Dec 2026 13:55:33 +0000 asID: 60949 IP address blocks: 141.11.28.0/24 maxlen: 24 141.11.106.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.mft rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 31 Jan 2026 14:28:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5d:f0:2d:16:86:3d:46:6b:41:fe:e3:dc:4e:84:8e:b6:62:8a:2c:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c2302af143c15daad50042d8455e689d0828eca9 Validity Not Before: Dec 31 13:50:33 2025 GMT Not After : Dec 30 13:55:33 2026 GMT Subject: CN=376E2E036E369077723670C71996E90F740162EA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:e7:55:4a:bd:60:5f:28:fb:20:e7:72:6d:ac: c4:b3:ad:c8:dc:c0:c6:df:8f:36:b8:3a:d8:96:3b: 90:ee:6b:0e:13:5a:8f:e0:2e:30:36:0d:f8:95:2a: 05:da:d6:8a:4b:3d:ed:ff:d9:2d:33:43:78:c4:0f: b5:6d:5c:b4:3e:e8:aa:70:79:eb:54:bc:5d:a6:e4: 12:46:cb:42:d5:d8:cc:47:37:5a:5d:46:95:61:66: 83:e3:c3:cb:4d:17:f2:4d:43:e7:cf:d5:99:d0:89: 2b:96:99:e0:2c:a8:a3:3c:af:8d:af:db:d2:37:fa: 4d:fc:20:08:2a:97:e7:b2:56:94:36:52:49:97:f0: 2b:b7:0f:de:d1:95:94:f0:8a:2f:dd:7d:f9:4a:68: 67:87:ff:7a:f8:83:ee:ed:73:79:03:06:e5:3a:1a: 61:10:04:31:30:cc:00:1a:eb:a8:fd:10:f3:bb:69: b9:be:82:43:4d:fd:0e:0e:6d:df:be:31:ba:a4:10: ab:bf:91:51:b3:6e:37:b3:af:1d:6e:0f:52:41:53: 9e:a3:06:84:f8:94:f1:5f:44:7d:bd:ee:14:64:23: bb:47:5a:b7:05:bc:44:8c:e1:f7:52:be:b1:2b:14: 1f:35:ba:74:cf:d9:55:22:9f:3b:9c:41:96:56:87: 3c:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:6E:2E:03:6E:36:90:77:72:36:70:C7:19:96:E9:0F:74:01:62:EA X509v3 Authority Key Identifier: keyid:C2:30:2A:F1:43:C1:5D:AA:D5:00:42:D8:45:5E:68:9D:08:28:EC:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/C2302AF143C15DAAD50042D8455E689D0828ECA9.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjAq8UPBXarVAELYRV5onQgo7Kk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a93cb55c-9571-44c8-90e1-965b92769e4e/0/AS60949.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 141.11.28.0/24 141.11.106.0/24 Signature Algorithm: sha256WithRSAEncryption 16:a7:ae:70:34:30:e9:18:d3:1e:ae:1c:26:11:31:e9:5a:4d: fa:57:4f:63:93:74:f5:20:be:05:1f:d5:d2:ae:56:87:8b:3e: 59:0b:c2:35:a8:77:92:91:ba:a1:e4:b8:9c:31:28:35:a4:6e: 94:eb:e3:5f:c8:0d:d4:93:50:c2:21:57:13:3a:63:55:72:52: 66:19:ed:15:d3:40:5d:da:b5:b0:29:18:f1:7e:8f:35:f9:7a: 5b:22:e9:84:4e:4e:1a:d4:b7:3e:50:89:ce:c4:d3:3c:60:f0: a3:94:ba:e3:6e:7c:9c:d5:88:3e:2c:df:d1:f9:97:cb:3e:cb: f3:f1:84:84:78:9b:02:17:48:d4:22:d3:87:57:d1:97:69:40: 9d:81:c6:96:46:b9:ce:89:7b:f8:24:d2:72:f9:c5:54:20:47: 8e:30:86:eb:02:e5:78:ba:7c:b1:a3:11:07:ec:f4:85:00:28: 07:01:88:21:95:a3:30:38:51:c2:08:f2:95:98:11:19:2a:d4: 4d:5f:1c:36:2c:ab:d7:97:c0:bd:01:d7:9f:b2:5f:f7:c8:03: 7d:1d:5c:c5:07:9c:c7:c1:b7:ab:ef:75:8f:3c:db:c8:9a:ae: 6c:ae:10:f9:19:27:f4:94:49:76:63:81:28:78:c7:39:3d:05: 0f:a6:0c:76 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgIUXfAtFoY9RmtB/uPcToSOtmKKLL4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzIzMDJhZjE0M2MxNWRhYWQ1MDA0MmQ4NDU1ZTY4OWQw ODI4ZWNhOTAeFw0yNTEyMzExMzUwMzNaFw0yNjEyMzAxMzU1MzNaMDMxMTAvBgNV BAMTKDM3NkUyRTAzNkUzNjkwNzc3MjM2NzBDNzE5OTZFOTBGNzQwMTYyRUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDm51VKvWBfKPsg53JtrMSzrcjc wMbfjza4OtiWO5Duaw4TWo/gLjA2DfiVKgXa1opLPe3/2S0zQ3jED7VtXLQ+6Kpw eetUvF2m5BJGy0LV2MxHN1pdRpVhZoPjw8tNF/JNQ+fP1ZnQiSuWmeAsqKM8r42v 29I3+k38IAgql+eyVpQ2UkmX8Cu3D97RlZTwii/dfflKaGeH/3r4g+7tc3kDBuU6 GmEQBDEwzAAa66j9EPO7abm+gkNN/Q4Obd++MbqkEKu/kVGzbjezrx1uD1JBU56j BoT4lPFfRH297hRkI7tHWrcFvESM4fdSvrErFB81unTP2VUinzucQZZWhzwBAgMB AAGjggIPMIICCzAdBgNVHQ4EFgQUN24uA242kHdyNnDHGZbpD3QBYuowHwYDVR0j BBgwFoAUwjAq8UPBXarVAELYRV5onQgo7KkwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTkzY2I1NWMtOTU3MS00NGM4LTkwZTEtOTY1YjkyNzY5 ZTRlLzAvQzIzMDJBRjE0M0MxNURBQUQ1MDA0MkQ4NDU1RTY4OUQwODI4RUNBOS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3dqQXE4VVBCWGFyVkFFTFlSVjVvblFn bzdLay5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2E5M2NiNTVjLTk1NzEt NDRjOC05MGUxLTk2NWI5Mjc2OWU0ZS8wL0FTNjA5NDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBACNCxwD BACNC2owDQYJKoZIhvcNAQELBQADggEBABanrnA0MOkY0x6uHCYRMelaTfpXT2OT dPUgvgUf1dKuVoeLPlkLwjWod5KRuqHkuJwxKDWkbpTr41/IDdSTUMIhVxM6Y1Vy UmYZ7RXTQF3atbApGPF+jzX5elsi6YROThrUtz5Qic7E0zxg8KOUuuNufJzViD4s 39H5l8s+y/PxhIR4mwIXSNQi04dX0ZdpQJ2BxpZGuc6Je/gk0nL5xVQgR44whusC 5Xi6fLGjEQfs9IUAKAcBiCGVozA4UcII8pWYERkq1E1fHDYsq9eXwL0B15+yX/fI A30dXMUHnMfBt6vvdY8828iarmyuEPkZJ/SUSXZjgSh4xzk9BQ+mDHY= -----END CERTIFICATE-----Generated at Sat Jan 31 04:53:56 2026 by rpki-client