This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: JDWXnK+Wp7yQBlyvWC6yXc+ML7SBZykQoDHqol35c70= Subject key identifier: 08:70:01:B7:A1:18:E8:98:C6:61:34:86:0F:01:FA:8A:4A:A3:36:F7 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 11EEF5D46ED51895DF884BCAC31ACDB517FF7AE8 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa Signing time: Fri 02 Jan 2026 08:55:37 +0000 ROA not before: Fri 02 Jan 2026 08:50:37 +0000 ROA not after: Fri 01 Jan 2027 08:55:37 +0000 asID: 25198 IP address blocks: 143.20.52.0/24 maxlen: 24 143.20.65.0/24 maxlen: 24 143.20.182.0/24 maxlen: 24 143.20.222.0/24 maxlen: 24 143.20.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:ee:f5:d4:6e:d5:18:95:df:88:4b:ca:c3:1a:cd:b5:17:ff:7a:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Jan 2 08:50:37 2026 GMT Not After : Jan 1 08:55:37 2027 GMT Subject: CN=087001B7A118E898C66134860F01FA8A4AA336F7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:d2:d0:ce:55:c9:75:f4:73:84:e1:72:c7:15: 18:84:b7:7d:7c:60:d4:8b:2d:72:ee:f9:2a:42:76: 1a:f4:d9:e0:4e:4e:68:13:a3:4e:5b:f6:5f:7b:43: ab:f6:d6:fc:16:e6:b5:74:9f:6b:46:30:e5:e5:9d: 0c:06:6a:29:60:48:c2:e5:9a:8c:62:c3:4e:41:4c: a0:1e:82:ee:cf:b5:cc:db:72:0e:c6:c5:34:bb:e1: 7f:2c:16:69:44:31:19:70:7d:b4:f8:30:49:5e:a6: 45:59:53:59:2c:9c:b3:a8:9c:f0:e0:1c:83:fb:56: 07:00:1d:cd:b1:53:ab:78:b0:37:0a:cb:89:d5:d7: 8d:18:b8:1b:a9:35:0c:d1:c1:7f:e5:6a:b1:e0:5a: b7:90:52:b8:19:c4:ba:f6:49:a0:d8:80:af:d3:4c: 9c:f4:20:77:ef:23:60:ed:dc:f2:92:cf:5c:84:d8: d6:6c:82:66:bd:81:68:4b:ff:90:7b:52:4a:4d:1b: f5:e8:6a:e6:d2:69:a1:dc:c7:fd:8d:a0:2c:1a:42: 98:97:9d:53:2a:d7:eb:31:e3:b7:6b:86:18:29:99: 82:c8:74:0c:ac:dc:6a:b2:f6:76:a7:10:d7:8a:86: b2:ab:8d:d7:55:f6:2b:4f:76:75:4e:ea:47:ac:cc: 87:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:70:01:B7:A1:18:E8:98:C6:61:34:86:0F:01:FA:8A:4A:A3:36:F7 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.52.0/24 143.20.65.0/24 143.20.182.0/24 143.20.222.0/24 143.20.231.0/24 Signature Algorithm: sha256WithRSAEncryption 0b:bf:9e:96:69:9a:d0:6d:04:e8:47:1d:d3:ee:04:f7:3b:45: 0d:c3:a2:2a:c3:99:a2:17:16:23:d2:1e:5c:c8:54:98:cc:71: 97:f5:69:47:1c:d2:ab:12:4c:49:89:67:e0:37:65:58:7c:f6: b3:6d:94:bd:0f:5d:48:d0:55:57:28:e1:27:f6:12:cb:86:c8: 0a:d9:b2:e6:ee:eb:56:28:76:7b:8a:5c:6f:6a:68:b2:55:10: 22:e8:69:0a:62:b3:ad:c2:8e:76:4f:a4:a8:0f:ca:6e:0c:20: cd:fc:d6:6d:3d:c8:54:ba:89:2b:6a:9f:36:fb:28:ca:4b:03: 7d:8b:d2:be:79:df:4c:25:43:68:24:ec:3a:45:f6:7f:aa:4a: 66:0b:20:67:89:9e:dc:d0:2d:7c:85:fa:42:05:fa:50:94:24: 1d:4a:f4:76:ab:b6:76:5f:19:d0:c9:8f:bb:a0:0a:ac:54:9d: 1d:3b:58:d5:c2:e9:d5:87:37:3e:e4:58:3b:db:1e:7c:af:64: d7:a7:7b:5e:5f:bd:c4:40:e9:08:7a:b1:68:28:d5:86:eb:67: 33:29:39:31:f8:aa:33:77:20:81:2f:7d:30:b2:05:68:5f:56: cf:5d:a2:4b:e8:d2:85:e6:c6:b4:cc:f0:18:bd:02:bd:87:bb: 02:db:5a:5a -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIUEe711G7VGJXfiEvKwxrNtRf/eugwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNjAxMDIwODUwMzdaFw0yNzAxMDEwODU1MzdaMDMxMTAvBgNV BAMTKDA4NzAwMUI3QTExOEU4OThDNjYxMzQ4NjBGMDFGQThBNEFBMzM2RjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB0tDOVcl19HOE4XLHFRiEt318 YNSLLXLu+SpCdhr02eBOTmgTo05b9l97Q6v21vwW5rV0n2tGMOXlnQwGailgSMLl moxiw05BTKAegu7Ptczbcg7GxTS74X8sFmlEMRlwfbT4MElepkVZU1ksnLOonPDg HIP7VgcAHc2xU6t4sDcKy4nV140YuBupNQzRwX/larHgWreQUrgZxLr2SaDYgK/T TJz0IHfvI2Dt3PKSz1yE2NZsgma9gWhL/5B7UkpNG/XoaubSaaHcx/2NoCwaQpiX nVMq1+sx47drhhgpmYLIdAys3Gqy9nanENeKhrKrjddV9itPdnVO6keszIdpAgMB AAGjggIhMIICHTAdBgNVHQ4EFgQUCHABt6EY6JjGYTSGDwH6ikqjNvcwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMCQEAgABMB4DBACPFDQD BACPFEEDBACPFLYDBACPFN4DBACPFOcwDQYJKoZIhvcNAQELBQADggEBAAu/npZp mtBtBOhHHdPuBPc7RQ3DoirDmaIXFiPSHlzIVJjMcZf1aUcc0qsSTEmJZ+A3ZVh8 9rNtlL0PXUjQVVco4Sf2EsuGyArZsubu61YodnuKXG9qaLJVECLoaQpis63CjnZP pKgPym4MIM381m09yFS6iStqnzb7KMpLA32L0r5530wlQ2gk7DpF9n+qSmYLIGeJ ntzQLXyF+kIF+lCUJB1K9HartnZfGdDJj7ugCqxUnR07WNXC6dWHNz7kWDvbHnyv ZNene15fvcRA6Qh6sWgo1YbrZzMpOTH4qjN3IIEvfTCyBWhfVs9dokvo0oXmxrTM 8Bi9Ar2HuwLbWlo= -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:42 2026 by rpki-client