This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: K49+uldoh3PYmRBwLsZZ0/lRmbJ2IutZp3AkBBQ69lM= Subject key identifier: 5D:05:D3:02:28:F7:D6:54:C6:A9:7A:86:A9:AB:D5:84:80:A2:69:E1 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 31DE07F64760F2397D6B06CF48522CDFE7198BB3 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa Signing time: Thu 27 Nov 2025 08:16:06 +0000 ROA not before: Thu 27 Nov 2025 08:11:06 +0000 ROA not after: Thu 26 Nov 2026 08:16:06 +0000 asID: 214025 IP address blocks: 143.20.26.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 04:35:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:de:07:f6:47:60:f2:39:7d:6b:06:cf:48:52:2c:df:e7:19:8b:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Nov 27 08:11:06 2025 GMT Not After : Nov 26 08:16:06 2026 GMT Subject: CN=5D05D30228F7D654C6A97A86A9ABD58480A269E1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:71:54:61:63:5c:79:1c:90:63:00:d0:f4:13: 12:47:98:e7:3d:bf:b5:88:9f:51:bd:07:23:50:80: 7d:21:31:79:b5:e5:f5:f1:72:be:00:c1:a4:9d:89: fb:6c:e5:7a:fe:29:bf:02:57:7e:6f:74:85:e3:2d: 02:22:db:a2:54:a2:2e:44:43:23:9d:17:84:cd:63: ba:a8:f0:ff:81:79:3f:48:49:0f:44:35:58:28:cc: 9c:38:59:1f:ce:04:c7:20:83:a4:2e:f9:36:af:56: e7:4d:2d:01:7d:44:6b:ab:fb:96:2b:35:71:ca:64: fb:75:61:fc:24:9e:82:a6:21:92:79:c6:cf:6f:1a: c7:a7:11:db:31:d3:d2:e4:ae:20:29:43:6a:12:b6: 14:99:12:dd:8b:69:7b:99:5c:c3:84:7f:3c:15:e4: 44:80:9d:f6:a5:3f:ef:fc:66:7e:bc:17:47:12:b2: 33:29:d1:84:ff:1b:94:69:ac:a1:7d:0c:6d:3b:31: 1e:04:e9:b9:b2:0d:cc:3e:8c:8f:89:83:57:af:33: 77:65:5a:23:7e:2b:2c:54:80:8d:23:ea:7d:bb:a4: 24:c8:7e:0f:40:47:63:dd:fc:f0:47:65:f1:61:18: 6e:37:6e:35:19:3b:ad:53:fe:84:7f:5b:45:0b:59: 21:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:05:D3:02:28:F7:D6:54:C6:A9:7A:86:A9:AB:D5:84:80:A2:69:E1 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.26.0/24 Signature Algorithm: sha256WithRSAEncryption c6:b0:cd:7e:92:05:72:24:32:9a:f6:02:f8:d9:8a:c7:06:af: 90:3a:34:de:88:40:cb:63:4d:41:c7:a9:1a:66:e3:a8:e2:e7: b7:f7:e0:67:59:0b:82:4e:12:be:41:fe:f0:cc:ae:7e:eb:38: 74:b4:df:65:74:81:c6:fb:8b:c5:8c:eb:5e:eb:99:3b:74:33: 23:5c:91:c6:a4:c1:14:58:d3:49:b5:da:24:c9:40:45:11:c6: 31:f3:9c:f9:cf:c9:90:46:ad:f6:1e:6c:9c:44:5a:96:ef:db: ac:8d:29:55:23:7c:3a:5c:38:f8:c6:4a:7e:b8:b5:15:4d:26: d4:0f:08:a3:70:fb:4c:94:95:67:3c:3c:44:c3:c3:48:e6:77: e1:ba:bf:fb:0d:98:0c:cc:ae:82:35:64:22:98:8c:e4:2f:d2: 7a:98:5e:2f:0c:7f:bd:d0:2c:97:04:d3:38:36:97:62:64:d8: 8d:f6:9d:97:92:71:31:87:32:3c:b1:0d:cf:b5:25:a3:07:e6: dc:9e:8b:3d:60:0d:c7:bd:ed:7e:97:7c:e9:16:55:b6:7f:53: 5c:c4:a2:2c:31:60:20:d3:fd:36:f3:a7:1d:7d:90:6e:8a:c8: 47:45:df:bd:31:a8:da:b8:bc:2f:42:10:59:df:d8:3a:7a:37: e6:09:cc:6e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgIUMd4H9kdg8jl9awbPSFIs3+cZi7MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTExMjcwODExMDZaFw0yNjExMjYwODE2MDZaMDMxMTAvBgNV BAMTKDVEMDVEMzAyMjhGN0Q2NTRDNkE5N0E4NkE5QUJENTg0ODBBMjY5RTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9cVRhY1x5HJBjAND0ExJHmOc9 v7WIn1G9ByNQgH0hMXm15fXxcr4AwaSdifts5Xr+Kb8CV35vdIXjLQIi26JUoi5E QyOdF4TNY7qo8P+BeT9ISQ9ENVgozJw4WR/OBMcgg6Qu+TavVudNLQF9RGur+5Yr NXHKZPt1YfwknoKmIZJ5xs9vGsenEdsx09LkriApQ2oSthSZEt2LaXuZXMOEfzwV 5ESAnfalP+/8Zn68F0cSsjMp0YT/G5RprKF9DG07MR4E6bmyDcw+jI+Jg1evM3dl WiN+KyxUgI0j6n27pCTIfg9AR2Pd/PBHZfFhGG43bjUZO61T/oR/W0ULWSFPAgMB AAGjggIKMIICBjAdBgNVHQ4EFgQUXQXTAij31lTGqXqGqavVhICiaeEwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjxQa MA0GCSqGSIb3DQEBCwUAA4IBAQDGsM1+kgVyJDKa9gL42YrHBq+QOjTeiEDLY01B x6kaZuOo4ue39+BnWQuCThK+Qf7wzK5+6zh0tN9ldIHG+4vFjOte65k7dDMjXJHG pMEUWNNJtdokyUBFEcYx85z5z8mQRq32HmycRFqW79usjSlVI3w6XDj4xkp+uLUV TSbUDwijcPtMlJVnPDxEw8NI5nfhur/7DZgMzK6CNWQimIzkL9J6mF4vDH+90CyX BNM4NpdiZNiN9p2XknExhzI8sQ3PtSWjB+bcnos9YA3Hve1+l3zpFlW2f1NcxKIs MWAg0/0286cdfZBuishHRd+9MajauLwvQhBZ39g6ejfmCcxu -----END CERTIFICATE-----Generated at Thu Dec 4 21:23:48 2025 by rpki-client