This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: qmGnVDOF6Ex/IYUk23ZgV/HN5pVYAivIQ+NO2JVH5pY= Subject key identifier: 36:2B:1B:98:33:81:85:18:22:B2:EC:E0:8F:8F:61:04:AA:DB:FC:AC Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 13B2803F6EFEA57290851125307841D5B0F7852F Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa Signing time: Wed 19 Nov 2025 09:50:42 +0000 ROA not before: Wed 19 Nov 2025 09:45:42 +0000 ROA not after: Wed 18 Nov 2026 09:50:42 +0000 asID: 25198 IP address blocks: 143.20.28.0/24 maxlen: 24 143.20.52.0/24 maxlen: 24 143.20.65.0/24 maxlen: 24 143.20.152.0/24 maxlen: 24 143.20.198.0/24 maxlen: 24 143.20.222.0/24 maxlen: 24 143.20.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:b2:80:3f:6e:fe:a5:72:90:85:11:25:30:78:41:d5:b0:f7:85:2f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Nov 19 09:45:42 2025 GMT Not After : Nov 18 09:50:42 2026 GMT Subject: CN=362B1B983381851822B2ECE08F8F6104AADBFCAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:8c:c4:c4:fb:d3:6b:2f:77:37:bf:dd:5f:59: ae:84:c7:a6:af:19:be:9c:c1:2d:8f:7d:e5:ba:63: 96:5c:4d:15:10:64:af:60:a9:9d:48:31:cf:21:b9: af:b9:11:73:39:18:31:39:8c:36:db:75:62:39:40: 60:d3:bf:bb:ef:2d:15:39:26:b2:7c:f7:f8:d5:12: e3:21:86:59:4f:d7:71:02:1b:0f:ae:11:b0:35:d9: 24:66:cb:9a:aa:b1:24:a0:a4:5b:57:72:83:73:ea: 6f:d3:e1:0e:19:bd:72:fd:42:66:6a:df:9d:b2:ad: 33:7e:2f:90:96:8c:bb:ba:56:1d:25:12:43:25:5c: 8b:cb:94:1d:b6:bc:f0:e4:47:f8:98:89:8d:2c:52: 7b:2a:f0:c3:e4:aa:f1:86:c4:36:7f:b3:67:72:74: 87:72:bf:af:69:e7:95:ff:03:ec:19:73:32:0a:81: d6:46:08:a3:b4:9a:50:43:0f:37:57:32:4a:4e:90: be:31:1e:86:1a:a7:be:91:8f:38:1d:9f:48:0e:b2: 4b:c9:2e:92:18:b5:06:0c:a8:e7:ed:91:db:dc:77: ce:72:86:bd:af:5a:7a:d0:c7:2a:b1:b4:ae:4c:76: 59:c5:08:03:fe:ca:76:2d:4a:4b:46:ed:51:c9:0b: dd:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:2B:1B:98:33:81:85:18:22:B2:EC:E0:8F:8F:61:04:AA:DB:FC:AC X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.28.0/24 143.20.52.0/24 143.20.65.0/24 143.20.152.0/24 143.20.198.0/24 143.20.222.0/24 143.20.231.0/24 Signature Algorithm: sha256WithRSAEncryption 31:35:04:67:e7:06:82:d1:5a:d9:3c:b0:3e:a2:0e:05:dd:e2: 4e:de:f0:58:64:4b:32:de:71:09:c2:e6:6d:c8:45:ff:56:8e: 7a:17:dd:b3:5a:b2:0b:bf:4c:b5:47:20:35:47:b8:ac:e1:0d: 31:fa:30:e2:33:11:b3:ff:12:2b:42:a4:da:10:f0:ee:67:e3: 48:90:4f:09:f4:c5:b0:cf:71:e7:5c:56:d1:f2:d8:fd:d8:57: ff:f7:68:71:15:70:4d:b3:3a:5a:0a:61:bb:50:73:2f:53:2c: b2:d9:62:40:b2:f6:47:c7:5c:7e:53:dd:c9:f3:83:5d:ba:ca: 46:ba:d0:e9:e7:a3:47:a3:41:d8:e0:23:a7:34:04:ab:a5:f0: ef:f2:b2:bc:d7:a7:af:d3:d0:f4:de:b7:a1:62:7b:73:cf:15: ab:33:99:1f:f2:23:bf:a0:3c:db:47:25:30:bb:9f:b5:0a:77: 48:0b:36:f9:74:b7:28:25:38:d0:8a:fc:f0:a3:e9:92:23:ef: b6:d8:85:6f:76:62:ad:99:90:c1:24:eb:15:67:b7:10:37:f3: 3f:e6:38:03:a1:9c:70:eb:f4:6c:80:f7:30:13:65:e2:7c:a8: e9:44:55:4b:47:ac:f0:1a:ea:71:09:7c:1f:4a:a7:9c:fb:28: 6a:5f:4d:2e -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIUE7KAP27+pXKQhRElMHhB1bD3hS8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTExMTkwOTQ1NDJaFw0yNjExMTgwOTUwNDJaMDMxMTAvBgNV BAMTKDM2MkIxQjk4MzM4MTg1MTgyMkIyRUNFMDhGOEY2MTA0QUFEQkZDQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdjMTE+9NrL3c3v91fWa6Ex6av Gb6cwS2PfeW6Y5ZcTRUQZK9gqZ1IMc8hua+5EXM5GDE5jDbbdWI5QGDTv7vvLRU5 JrJ89/jVEuMhhllP13ECGw+uEbA12SRmy5qqsSSgpFtXcoNz6m/T4Q4ZvXL9QmZq 352yrTN+L5CWjLu6Vh0lEkMlXIvLlB22vPDkR/iYiY0sUnsq8MPkqvGGxDZ/s2dy dIdyv69p55X/A+wZczIKgdZGCKO0mlBDDzdXMkpOkL4xHoYap76Rjzgdn0gOskvJ LpIYtQYMqOftkdvcd85yhr2vWnrQxyqxtK5MdlnFCAP+ynYtSktG7VHJC937AgMB AAGjggItMIICKTAdBgNVHQ4EFgQUNisbmDOBhRgisuzgj49hBKrb/KwwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBACPFBwD BACPFDQDBACPFEEDBACPFJgDBACPFMYDBACPFN4DBACPFOcwDQYJKoZIhvcNAQEL BQADggEBADE1BGfnBoLRWtk8sD6iDgXd4k7e8FhkSzLecQnC5m3IRf9WjnoX3bNa sgu/TLVHIDVHuKzhDTH6MOIzEbP/EitCpNoQ8O5n40iQTwn0xbDPcedcVtHy2P3Y V//3aHEVcE2zOloKYbtQcy9TLLLZYkCy9kfHXH5T3cnzg126yka60Onno0ejQdjg I6c0BKul8O/ysrzXp6/T0PTet6Fie3PPFaszmR/yI7+gPNtHJTC7n7UKd0gLNvl0 tyglONCK/PCj6ZIj77bYhW92Yq2ZkMEk6xVntxA38z/mOAOhnHDr9GyA9zATZeJ8 qOlEVUtHrPAa6nEJfB9Kp5z7KGpfTS4= -----END CERTIFICATE-----Generated at Fri Dec 5 17:06:24 2025 by rpki-client