This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: bW0Y8SKefkM3K+TrzwtiqLxMP6H14cnrvpNEX+Ys1uo= Subject key identifier: 35:94:99:CE:DD:0C:63:70:73:19:1C:92:98:2C:01:F4:9D:20:C9:71 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 2945619FAE1D9669D7E7553741DC136DF7C58A21 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa Signing time: Sun 28 Dec 2025 12:01:38 +0000 ROA not before: Sun 28 Dec 2025 11:56:38 +0000 ROA not after: Sun 27 Dec 2026 12:01:38 +0000 asID: 214025 IP address blocks: 143.20.45.0/24 maxlen: 24 143.20.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 19:27:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 29:45:61:9f:ae:1d:96:69:d7:e7:55:37:41:dc:13:6d:f7:c5:8a:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 28 11:56:38 2025 GMT Not After : Dec 27 12:01:38 2026 GMT Subject: CN=359499CEDD0C637073191C92982C01F49D20C971 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:2a:a7:1d:51:99:82:a8:30:a1:cf:d1:2b:ee: ae:73:71:f3:8a:43:5e:9c:8b:30:b1:bb:54:18:f9: 49:fb:57:b5:f6:fa:80:0c:37:1a:fd:2c:09:4d:26: f9:4a:c2:42:7a:92:3c:68:00:18:96:3d:bb:74:20: f7:55:b0:63:f4:f3:19:af:bc:c0:18:cf:4f:52:b5: 83:a2:04:75:ac:e4:f3:d5:29:04:13:25:25:a4:60: 48:2f:a8:23:1c:32:78:c7:21:72:9f:28:23:0a:5a: 6c:2b:3f:82:ab:c1:a8:a3:2c:91:cc:02:01:97:4b: 88:b7:e8:a3:9c:5c:a7:da:3d:eb:2d:f8:9a:28:2f: ba:dc:d6:82:ea:1e:cd:98:19:7b:c5:af:4a:d5:c0: 20:88:e6:42:97:b3:c0:bb:96:d9:5a:12:7c:53:9b: 59:68:c1:39:56:ce:d4:c4:bf:50:5e:54:d1:02:9b: cd:79:aa:68:82:22:2a:02:64:10:67:76:2c:5a:82: 85:11:44:aa:9c:7d:78:43:9c:92:cf:21:cd:8f:bf: c5:33:10:bf:25:da:77:53:5c:52:f8:19:54:b7:c3: e5:2a:a4:6b:49:2e:e1:b7:f9:cc:92:ff:e1:10:53: 66:02:e4:f2:e5:e6:7f:14:c2:50:40:96:32:15:bb: 75:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:94:99:CE:DD:0C:63:70:73:19:1C:92:98:2C:01:F4:9D:20:C9:71 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.45.0/24 143.20.148.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:b9:b9:03:1c:10:2c:56:bb:03:b5:2a:79:fd:9b:c8:c1:13: e0:75:35:3d:d0:eb:e6:08:26:04:08:e2:e7:e3:78:a4:74:07: 88:f8:37:c1:79:76:75:ca:9e:0c:70:3e:f3:b9:df:da:6b:48: 95:d4:50:3a:70:3f:2b:40:1b:4c:b5:14:27:b2:3f:6a:98:92: 77:ed:de:86:f9:66:04:b8:6a:4b:b7:42:2c:eb:39:b3:d0:f8: 41:8f:78:5f:f8:16:b3:57:59:1c:f5:7d:32:7f:a3:f0:39:75: 26:ae:12:d0:b0:9f:2c:28:be:ec:7b:48:10:bb:0f:e7:b0:21: 07:56:f9:d3:b6:28:55:04:f4:03:a7:3f:d5:24:5a:22:34:60: c2:1c:30:ad:7b:16:58:47:ab:c0:2e:8f:17:34:31:37:7c:7e: 35:c6:67:88:27:5f:f7:df:90:91:a1:ac:08:bf:db:e6:e7:52: d1:67:d7:ec:3b:79:b2:04:a3:24:e5:4d:82:52:78:1e:ef:7b: 19:46:d3:b0:fa:61:c4:d5:f6:00:45:06:ba:26:0d:3e:64:10: da:a4:50:ee:45:40:fe:3f:0e:39:e3:fb:a5:90:cd:4d:0d:1a: 4f:b9:95:79:f8:28:77:84:36:90:75:74:f9:5f:5d:37:71:16: f6:2e:5b:0d -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUKUVhn64dlmnX51U3QdwTbffFiiEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMjgxMTU2MzhaFw0yNjEyMjcxMjAxMzhaMDMxMTAvBgNV BAMTKDM1OTQ5OUNFREQwQzYzNzA3MzE5MUM5Mjk4MkMwMUY0OUQyMEM5NzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChKqcdUZmCqDChz9Er7q5zcfOK Q16cizCxu1QY+Un7V7X2+oAMNxr9LAlNJvlKwkJ6kjxoABiWPbt0IPdVsGP08xmv vMAYz09StYOiBHWs5PPVKQQTJSWkYEgvqCMcMnjHIXKfKCMKWmwrP4KrwaijLJHM AgGXS4i36KOcXKfaPest+JooL7rc1oLqHs2YGXvFr0rVwCCI5kKXs8C7ltlaEnxT m1lowTlWztTEv1BeVNECm815qmiCIioCZBBndixagoURRKqcfXhDnJLPIc2Pv8Uz EL8l2ndTXFL4GVS3w+UqpGtJLuG3+cyS/+EQU2YC5PLl5n8UwlBAljIVu3WVAgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUNZSZzt0MY3BzGRySmCwB9J0gyXEwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxQt AwQAjxSUMA0GCSqGSIb3DQEBCwUAA4IBAQCNubkDHBAsVrsDtSp5/ZvIwRPgdTU9 0OvmCCYECOLn43ikdAeI+DfBeXZ1yp4McD7zud/aa0iV1FA6cD8rQBtMtRQnsj9q mJJ37d6G+WYEuGpLt0Is6zmz0PhBj3hf+BazV1kc9X0yf6PwOXUmrhLQsJ8sKL7s e0gQuw/nsCEHVvnTtihVBPQDpz/VJFoiNGDCHDCtexZYR6vALo8XNDE3fH41xmeI J1/335CRoawIv9vm51LRZ9fsO3myBKMk5U2CUnge73sZRtOw+mHE1fYARQa6Jg0+ ZBDapFDuRUD+Pw454/ulkM1NDRpPuZV5+Ch3hDaQdXT5X103cRb2LlsN -----END CERTIFICATE-----Generated at Mon Jan 19 05:24:48 2026 by rpki-client