This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa File: AS152868.roa (raw, json) Hash identifier: HQOBHpCJyLnknLU1YvxofsKiEEe4BsGji527c50E25c= Subject key identifier: AE:3F:30:ED:26:81:B7:16:A4:B3:65:80:62:2C:41:E5:FC:54:9D:7C Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 7BB84B2420767DB108946188A7D43F8A89D4AB1A Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa Signing time: Sat 15 Nov 2025 00:00:47 +0000 ROA not before: Fri 14 Nov 2025 23:55:47 +0000 ROA not after: Sat 14 Nov 2026 00:00:47 +0000 asID: 152868 IP address blocks: 143.20.41.0/24 maxlen: 24 143.20.175.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 24 Nov 2025 06:00:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7b:b8:4b:24:20:76:7d:b1:08:94:61:88:a7:d4:3f:8a:89:d4:ab:1a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Nov 14 23:55:47 2025 GMT Not After : Nov 14 00:00:47 2026 GMT Subject: CN=AE3F30ED2681B716A4B36580622C41E5FC549D7C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:4b:48:16:80:05:d7:4f:80:4a:82:63:c2:9f: 15:db:98:b0:3d:a1:ca:f7:c5:1e:bf:56:7e:84:3a: 67:e2:a8:95:7c:50:da:8d:0b:5c:ec:43:49:34:e6: 9a:55:43:67:45:a6:22:b6:38:f9:7c:55:19:0f:d6: 1d:38:de:d2:2a:80:c6:ff:f1:06:b4:a3:d2:48:a7: 21:c4:f1:3b:22:0c:79:db:d0:10:de:50:a4:40:c6: 94:79:59:b7:d1:3c:9d:8b:d9:09:4b:5c:55:c2:ba: b3:8e:d0:f1:30:b8:b9:7c:dc:56:66:0e:94:a4:90: 9d:69:82:7e:6d:3b:a3:1a:0c:e3:9b:09:94:89:7c: 5c:32:d3:3d:8b:e1:95:ab:c5:c1:fa:c7:2f:f1:d6: 4e:41:04:d1:83:69:a0:eb:b0:e5:6e:df:62:07:7c: 8d:09:35:bf:b6:11:14:12:7c:82:1a:6d:2c:22:c1: 65:d0:8e:63:19:e7:5b:24:f4:b2:db:64:ea:bf:bf: b3:11:49:d1:37:56:d8:95:1f:b8:06:80:8a:cc:6d: 1a:27:5d:36:34:5f:5b:b0:3b:75:1a:83:47:d2:f9: 27:2a:6d:c0:5f:6d:2c:3d:68:b7:ea:98:3c:88:41: ed:b2:fc:01:e2:34:be:4a:a7:65:c4:5f:fb:5a:27: ab:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:3F:30:ED:26:81:B7:16:A4:B3:65:80:62:2C:41:E5:FC:54:9D:7C X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS152868.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.41.0/24 143.20.175.0/24 Signature Algorithm: sha256WithRSAEncryption 66:2b:4d:17:82:a9:41:54:6d:8c:59:06:84:7a:b5:1c:5c:4e: c9:ce:e2:84:80:44:3a:cf:95:83:d1:1c:1c:30:36:9b:38:45: 95:3f:fd:31:a2:2d:ef:d8:80:17:36:23:4b:a0:68:c7:bf:54: bf:e2:fc:c7:e1:3b:5b:0a:59:57:a5:20:67:49:70:a8:9d:33: 18:31:6f:0e:e1:4f:55:c7:e8:39:0b:c6:ac:5c:66:5b:c2:5a: 84:10:6a:1d:fb:85:12:57:7f:a9:4f:38:09:5a:35:1c:f8:e6: af:6b:9f:ea:88:69:90:38:5e:ae:c4:9b:4d:13:29:16:c2:c8: de:a5:da:79:5c:db:f3:3d:6e:b5:38:43:f0:59:ed:e9:b8:cc: fd:a7:9f:1e:69:51:1a:a3:58:55:56:a7:0e:ab:11:bf:76:47: 00:9e:17:17:47:c3:96:bd:a7:b0:a9:3c:98:6f:37:6f:fe:3a: 50:73:93:f9:66:80:2d:e1:79:01:09:84:f0:c9:51:ed:f5:38: c7:66:a5:3c:0b:59:6d:60:36:81:63:93:87:f9:85:6e:85:a9: d5:17:e8:0c:71:4e:1a:12:77:c1:9a:b1:f0:87:a0:b7:a6:4b: 42:2d:30:48:e2:88:14:54:ce:bd:e8:d0:74:40:d1:aa:cc:d8: 62:af:ed:6b -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUe7hLJCB2fbEIlGGIp9Q/ionUqxowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTExMTQyMzU1NDdaFw0yNjExMTQwMDAwNDdaMDMxMTAvBgNV BAMTKEFFM0YzMEVEMjY4MUI3MTZBNEIzNjU4MDYyMkM0MUU1RkM1NDlEN0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2S0gWgAXXT4BKgmPCnxXbmLA9 ocr3xR6/Vn6EOmfiqJV8UNqNC1zsQ0k05ppVQ2dFpiK2OPl8VRkP1h043tIqgMb/ 8Qa0o9JIpyHE8TsiDHnb0BDeUKRAxpR5WbfRPJ2L2QlLXFXCurOO0PEwuLl83FZm DpSkkJ1pgn5tO6MaDOObCZSJfFwy0z2L4ZWrxcH6xy/x1k5BBNGDaaDrsOVu32IH fI0JNb+2ERQSfIIabSwiwWXQjmMZ51sk9LLbZOq/v7MRSdE3VtiVH7gGgIrMbRon XTY0X1uwO3Uag0fS+ScqbcBfbSw9aLfqmDyIQe2y/AHiNL5Kp2XEX/taJ6tFAgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUrj8w7SaBtxaks2WAYixB5fxUnXwwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMTUyODY4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxQp AwQAjxSvMA0GCSqGSIb3DQEBCwUAA4IBAQBmK00XgqlBVG2MWQaEerUcXE7JzuKE gEQ6z5WD0RwcMDabOEWVP/0xoi3v2IAXNiNLoGjHv1S/4vzH4TtbCllXpSBnSXCo nTMYMW8O4U9Vx+g5C8asXGZbwlqEEGod+4USV3+pTzgJWjUc+Oava5/qiGmQOF6u xJtNEykWwsjepdp5XNvzPW61OEPwWe3puMz9p58eaVEao1hVVqcOqxG/dkcAnhcX R8OWvaewqTyYbzdv/jpQc5P5ZoAt4XkBCYTwyVHt9TjHZqU8C1ltYDaBY5OH+YVu hanVF+gMcU4aEnfBmrHwh6C3pktCLTBI4ogUVM696NB0QNGqzNhir+1r -----END CERTIFICATE-----Generated at Sun Nov 23 13:04:43 2025 by rpki-client