This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa File: AS834.roa (raw, json) Hash identifier: wRtDYL2U69dCMeaWbA5P0LQLVzOOA/4hE2N+hN9Mogs= Subject key identifier: 6D:3A:7B:5D:70:07:C3:F0:70:A0:78:DF:8E:23:D3:95:87:4E:45:F2 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 035B4B626EC675D6508BCFE2506D8EFD2A619787 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa Signing time: Sat 17 Jan 2026 13:35:28 +0000 ROA not before: Sat 17 Jan 2026 13:30:28 +0000 ROA not after: Sat 16 Jan 2027 13:35:28 +0000 asID: 834 IP address blocks: 143.20.47.0/24 maxlen: 24 143.20.63.0/24 maxlen: 24 143.20.103.0/24 maxlen: 24 143.20.116.0/24 maxlen: 24 143.20.128.0/24 maxlen: 24 143.20.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 03:5b:4b:62:6e:c6:75:d6:50:8b:cf:e2:50:6d:8e:fd:2a:61:97:87 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Jan 17 13:30:28 2026 GMT Not After : Jan 16 13:35:28 2027 GMT Subject: CN=6D3A7B5D7007C3F070A078DF8E23D395874E45F2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:91:14:9c:75:db:9a:80:d5:18:e3:b5:51:bf: ea:d7:40:f5:af:0b:4d:49:95:ab:59:d7:76:65:2a: 30:7a:97:80:10:c7:9f:51:ea:10:3c:9a:13:eb:1d: dd:53:3b:20:ec:b2:cf:5f:99:9c:5e:0d:3f:ef:e0: ee:b1:84:43:b9:c0:4d:25:e5:24:2f:c4:7f:a8:a4: ea:76:21:7f:50:c0:4c:be:ca:55:6f:ec:68:6d:7e: c8:3c:fb:e7:38:db:c9:5e:88:06:47:6b:4c:95:7e: b6:f0:a7:63:5e:40:9c:1e:0d:34:30:65:c9:ee:d5: 48:f7:72:6b:75:91:07:7d:1b:19:f3:c0:d8:52:ec: 57:72:c0:5a:e7:25:b1:1d:d6:3b:bb:8d:53:16:fb: c2:2e:56:48:8c:85:39:2b:ad:59:2c:5c:68:32:c8: 74:dd:83:89:77:7a:17:30:ef:96:e2:45:a5:c0:e8: bd:38:e9:31:84:8d:a2:2a:19:8f:4c:98:bf:d9:d5: 9d:12:f3:74:ff:ab:7d:eb:fd:16:e0:57:01:43:66: 27:6b:c3:65:7e:29:e1:6b:20:f6:1a:f2:7f:8b:27: 00:59:70:8b:e8:b3:79:2e:5c:94:11:74:4e:21:5e: 9a:5a:d6:74:15:1a:92:ee:18:e6:25:5f:ad:4b:9f: 26:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:3A:7B:5D:70:07:C3:F0:70:A0:78:DF:8E:23:D3:95:87:4E:45:F2 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.47.0/24 143.20.63.0/24 143.20.103.0/24 143.20.116.0/24 143.20.128.0/24 143.20.131.0/24 Signature Algorithm: sha256WithRSAEncryption 77:c3:f5:ec:c6:98:fc:d3:ee:cc:91:94:dd:5b:a4:cb:d8:aa: eb:df:c1:24:03:4a:31:69:36:45:fd:bd:13:51:73:cd:eb:90: 91:8b:02:2d:fa:da:5c:3f:13:a9:31:db:63:52:a2:65:cf:34: 81:3a:01:80:10:53:01:ce:53:55:d3:20:5b:a9:ab:b1:09:4e: 86:7c:97:39:b0:80:29:d8:15:67:09:52:96:9d:45:1f:f3:2e: c5:94:7e:59:32:56:91:25:d3:7d:6f:c4:5a:0a:a7:c9:22:20: 33:d3:48:85:6b:59:b4:83:74:8e:66:52:f1:e6:3b:41:ac:72: 4b:e8:46:87:a7:2e:0e:4d:a3:a5:ae:a3:96:9a:f9:ea:02:94: f2:e9:ee:a1:f6:a2:bf:65:02:8c:42:85:b1:38:25:ff:6d:da: 96:b8:85:f1:6d:0c:4c:6c:88:ac:f5:9e:6d:45:fb:e3:69:40: f1:02:28:fe:9e:9c:e8:06:14:94:ae:e3:57:ca:b1:15:c7:99: 8e:30:f0:2a:3d:b7:18:78:18:d6:5b:ad:7f:ac:d3:e8:f2:82: ac:90:31:68:1b:58:21:15:e6:2b:68:4a:89:36:ac:0f:25:a2: b6:ec:88:4e:d0:98:26:d6:57:2a:a9:da:ee:54:3c:84:34:df: cf:51:39:3a -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgIUA1tLYm7GddZQi8/iUG2O/Sphl4cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNjAxMTcxMzMwMjhaFw0yNzAxMTYxMzM1MjhaMDMxMTAvBgNV BAMTKDZEM0E3QjVENzAwN0MzRjA3MEEwNzhERjhFMjNEMzk1ODc0RTQ1RjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpkRScdduagNUY47VRv+rXQPWv C01JlatZ13ZlKjB6l4AQx59R6hA8mhPrHd1TOyDsss9fmZxeDT/v4O6xhEO5wE0l 5SQvxH+opOp2IX9QwEy+ylVv7Ghtfsg8++c428leiAZHa0yVfrbwp2NeQJweDTQw Zcnu1Uj3cmt1kQd9GxnzwNhS7FdywFrnJbEd1ju7jVMW+8IuVkiMhTkrrVksXGgy yHTdg4l3ehcw75biRaXA6L046TGEjaIqGY9MmL/Z1Z0S83T/q33r/RbgVwFDZidr w2V+KeFrIPYa8n+LJwBZcIvos3kuXJQRdE4hXppa1nQVGpLuGOYlX61LnybVAgMB AAGjggIlMIICITAdBgNVHQ4EFgQUbTp7XXAHw/BwoHjfjiPTlYdORfIwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIweAYIKwYBBQUHAQsEbDBqMGgGCCsGAQUFBzALhlxyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTODM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjxQvAwQA jxQ/AwQAjxRnAwQAjxR0AwQAjxSAAwQAjxSDMA0GCSqGSIb3DQEBCwUAA4IBAQB3 w/Xsxpj80+7MkZTdW6TL2Krr38EkA0oxaTZF/b0TUXPN65CRiwIt+tpcPxOpMdtj UqJlzzSBOgGAEFMBzlNV0yBbqauxCU6GfJc5sIAp2BVnCVKWnUUf8y7FlH5ZMlaR JdN9b8RaCqfJIiAz00iFa1m0g3SOZlLx5jtBrHJL6EaHpy4OTaOlrqOWmvnqApTy 6e6h9qK/ZQKMQoWxOCX/bdqWuIXxbQxMbIis9Z5tRfvjaUDxAij+npzoBhSUruNX yrEVx5mOMPAqPbcYeBjWW61/rNPo8oKskDFoG1ghFeYraEqJNqwPJaK27IhO0Jgm 1lcqqdruVDyENN/PUTk6 -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:44 2026 by rpki-client