This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa File: AS215304.roa (raw, json) Hash identifier: mSzROnrNZdim0AjXhsnvM577tyz4/UU0JF1XQgnUR2g= Subject key identifier: F0:3F:5E:02:5E:48:A9:54:0F:1D:FB:C5:A1:BE:30:79:0E:A8:1A:10 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 4D0E329BE0284C77E8D5BB5A18743F8044106F00 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa Signing time: Wed 03 Dec 2025 09:51:48 +0000 ROA not before: Wed 03 Dec 2025 09:46:48 +0000 ROA not after: Wed 02 Dec 2026 09:51:48 +0000 asID: 215304 IP address blocks: 143.20.146.0/24 maxlen: 24 143.20.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 15:39:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4d:0e:32:9b:e0:28:4c:77:e8:d5:bb:5a:18:74:3f:80:44:10:6f:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Dec 3 09:46:48 2025 GMT Not After : Dec 2 09:51:48 2026 GMT Subject: CN=F03F5E025E48A9540F1DFBC5A1BE30790EA81A10 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:64:3f:b9:be:e4:dc:ea:4a:bb:11:d6:04:13: be:11:f5:91:d3:d5:5e:67:f6:26:78:fe:71:a6:1e: a1:a8:1b:82:39:60:74:05:49:ee:18:d6:3b:bb:53: 8d:6a:91:29:d1:78:51:01:c8:b4:16:27:23:78:fb: 58:27:ab:d2:83:66:a2:71:9f:51:3c:04:38:fa:b1: c2:33:8a:0b:a9:67:c3:71:4e:ef:9d:41:3c:6d:a8: 4e:03:45:96:fb:14:5b:92:e6:a5:6a:e0:8a:60:24: fc:d4:36:23:b1:8e:4c:e0:44:d0:1e:87:89:b8:f9: de:48:b4:72:93:e3:ef:36:82:bd:7b:c5:24:7d:0c: 04:66:15:df:21:93:98:58:e5:57:15:b2:11:da:4b: 6b:6e:30:e3:c1:98:19:a4:7f:18:7b:65:40:30:6f: af:ce:2a:5b:cf:ff:a9:3d:3e:36:c8:3b:ae:d0:fc: 3f:30:bc:81:c4:a0:8d:ac:e9:91:62:df:f3:dd:21: 48:7e:b6:d4:3c:1a:aa:b7:61:80:45:51:a3:90:df: d3:1e:e6:b2:9d:1d:60:6c:89:f0:53:6a:8d:4f:05: 7b:8e:3e:11:0f:e6:8e:59:a2:77:2f:3d:8d:14:f1: 95:78:28:fd:51:b2:26:ff:25:42:12:94:a9:f3:79: 18:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:3F:5E:02:5E:48:A9:54:0F:1D:FB:C5:A1:BE:30:79:0E:A8:1A:10 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS215304.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.146.0/24 143.20.148.0/24 Signature Algorithm: sha256WithRSAEncryption b4:72:cd:eb:18:03:41:28:cd:95:f7:66:51:39:a3:02:d1:1a: 3f:94:94:9b:16:15:ed:5f:36:a4:78:8b:e9:88:91:eb:e4:52: e8:69:bc:4d:d7:70:19:eb:12:e5:c2:32:4a:91:a6:63:52:d3: 12:2e:2f:ed:70:40:0a:0b:74:da:f0:04:df:d6:8d:24:a5:2b: 46:e0:25:43:cf:63:04:e2:5e:f2:b5:d6:d7:cf:e5:9a:fc:47: bf:99:e0:59:05:96:16:bc:10:84:58:8d:95:5b:95:28:40:61: 53:52:e6:a8:24:c9:98:36:b0:4f:de:72:50:18:4e:93:ab:21: f2:c0:6b:bf:90:a0:b7:36:d2:89:9b:46:95:59:61:ee:1e:21: 47:38:ce:6f:f9:e4:15:ec:55:73:db:0d:8b:e0:a3:76:0f:b2: a7:50:4c:fb:ad:6c:d2:6b:c3:24:67:59:d8:67:82:b1:17:70: 9b:c0:59:f5:88:61:b4:40:b7:95:da:33:4e:d8:33:79:6f:a5: 51:d6:18:d0:b7:ba:c0:dd:d5:ce:23:53:3b:c4:ec:44:7e:6d: aa:e9:cc:c8:a4:14:f8:2a:e6:e2:6d:57:8d:8e:9c:be:75:79: 2d:be:51:c4:11:a8:54:35:05:4d:f7:7e:6c:d4:9d:e4:ef:ee: cd:15:14:e9 -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUTQ4ym+AoTHfo1btaGHQ/gEQQbwAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTEyMDMwOTQ2NDhaFw0yNjEyMDIwOTUxNDhaMDMxMTAvBgNV BAMTKEYwM0Y1RTAyNUU0OEE5NTQwRjFERkJDNUExQkUzMDc5MEVBODFBMTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfZD+5vuTc6kq7EdYEE74R9ZHT 1V5n9iZ4/nGmHqGoG4I5YHQFSe4Y1ju7U41qkSnReFEByLQWJyN4+1gnq9KDZqJx n1E8BDj6scIzigupZ8NxTu+dQTxtqE4DRZb7FFuS5qVq4IpgJPzUNiOxjkzgRNAe h4m4+d5ItHKT4+82gr17xSR9DARmFd8hk5hY5VcVshHaS2tuMOPBmBmkfxh7ZUAw b6/OKlvP/6k9PjbIO67Q/D8wvIHEoI2s6ZFi3/PdIUh+ttQ8Gqq3YYBFUaOQ39Me 5rKdHWBsifBTao1PBXuOPhEP5o5ZoncvPY0U8ZV4KP1Rsib/JUISlKnzeRi5AgMB AAGjggIQMIICDDAdBgNVHQ4EFgQU8D9eAl5IqVQPHfvFob4weQ6oGhAwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjE1MzA0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjxSS AwQAjxSUMA0GCSqGSIb3DQEBCwUAA4IBAQC0cs3rGANBKM2V92ZROaMC0Ro/lJSb FhXtXzakeIvpiJHr5FLoabxN13AZ6xLlwjJKkaZjUtMSLi/tcEAKC3Ta8ATf1o0k pStG4CVDz2ME4l7ytdbXz+Wa/Ee/meBZBZYWvBCEWI2VW5UoQGFTUuaoJMmYNrBP 3nJQGE6TqyHywGu/kKC3NtKJm0aVWWHuHiFHOM5v+eQV7FVz2w2L4KN2D7KnUEz7 rWzSa8MkZ1nYZ4KxF3CbwFn1iGG0QLeV2jNO2DN5b6VR1hjQt7rA3dXOI1M7xOxE fm2q6czIpBT4KubibVeNjpy+dXktvlHEEahUNQVN935s1J3k7+7NFRTp -----END CERTIFICATE-----Generated at Sat Dec 6 06:14:46 2025 by rpki-client