This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: KXFsAbnj6MHrCym8nc1G1hjoCws1nJvjojCy5STca04= Subject key identifier: 41:DF:CD:A8:E3:28:3E:0D:BE:0B:24:B8:03:94:44:A2:FA:CA:00:09 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 0E524F7156E2A8663DE7B817D5016AB8D1219CBC Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa Signing time: Tue 02 Dec 2025 07:43:08 +0000 ROA not before: Tue 02 Dec 2025 07:38:08 +0000 ROA not after: Tue 01 Dec 2026 07:43:08 +0000 asID: 16509 IP address blocks: 91.124.34.0/24 maxlen: 24 91.124.38.0/24 maxlen: 24 91.124.131.0/24 maxlen: 24 91.124.133.0/24 maxlen: 24 91.124.217.0/24 maxlen: 24 92.112.51.0/24 maxlen: 24 92.112.58.0/24 maxlen: 24 92.112.61.0/24 maxlen: 24 92.112.63.0/24 maxlen: 24 92.112.74.0/24 maxlen: 24 92.112.75.0/24 maxlen: 24 92.113.49.0/24 maxlen: 24 92.113.50.0/24 maxlen: 24 92.113.51.0/24 maxlen: 24 92.113.52.0/24 maxlen: 24 92.113.53.0/24 maxlen: 24 92.113.100.0/24 maxlen: 24 178.92.101.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:52:4f:71:56:e2:a8:66:3d:e7:b8:17:d5:01:6a:b8:d1:21:9c:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 2 07:38:08 2025 GMT Not After : Dec 1 07:43:08 2026 GMT Subject: CN=41DFCDA8E3283E0DBE0B24B8039444A2FACA0009 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:66:37:4c:4c:52:30:f8:13:bd:90:92:b4:0d: 03:3b:7b:41:6a:4b:19:b8:ad:31:68:54:b5:9c:e8: dd:fe:1e:c9:b3:17:02:9e:68:2c:50:cb:84:ff:bd: e1:60:d4:e9:08:6f:5c:3f:f7:f2:ba:1d:51:c0:46: 8d:e0:a9:7e:80:87:61:da:7e:f3:70:34:f1:54:ca: e6:fd:32:1d:53:0a:cd:40:50:8e:28:47:4e:5c:79: 37:11:79:43:3c:8b:d7:eb:e0:e5:85:44:e1:ac:a2: 54:09:1e:ff:27:a1:f6:29:15:4d:cf:1f:b1:fd:82: 02:43:24:fa:d2:ed:b7:d6:95:76:79:d8:6e:c4:34: 17:35:10:1a:e4:58:8c:9e:14:98:1a:d8:ed:06:1b: c2:f7:ea:c8:ab:1e:97:ca:7d:5b:ad:14:5a:c5:97: 90:f2:9c:75:06:ae:3d:5f:91:7d:00:85:2c:da:30: 93:61:2c:a1:65:06:59:40:58:49:a4:ca:8e:0a:ce: af:0f:0d:b7:75:99:52:6a:c5:34:2e:d8:b4:04:ee: 01:dd:d8:9e:85:c7:cf:36:d6:e8:7e:83:52:89:de: ef:72:37:32:4a:0b:46:7a:82:64:63:b4:cf:10:9b: 6f:47:3b:e5:bb:3e:75:8a:22:3e:5e:a5:e7:bc:68: 3d:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:DF:CD:A8:E3:28:3E:0D:BE:0B:24:B8:03:94:44:A2:FA:CA:00:09 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.124.34.0/24 91.124.38.0/24 91.124.131.0/24 91.124.133.0/24 91.124.217.0/24 92.112.51.0/24 92.112.58.0/24 92.112.61.0/24 92.112.63.0/24 92.112.74.0/23 92.113.49.0-92.113.53.255 92.113.100.0/24 178.92.101.0/24 Signature Algorithm: sha256WithRSAEncryption 14:08:f5:d2:5c:0d:87:a2:f5:5c:79:ab:59:75:99:ee:94:4d: 13:a8:c4:bb:f1:80:3b:a1:7b:d1:67:53:c1:12:a1:4d:cd:81: 27:9d:b7:64:c7:05:94:87:0e:fc:b7:63:a9:87:fb:bf:8d:e0: 98:b8:8b:62:54:87:61:08:8c:71:c9:a2:f5:94:df:cf:16:f7: 6a:cf:db:46:a3:9c:f3:f4:96:98:0e:14:12:a4:0e:44:ae:73: e0:5e:24:20:a8:d2:be:8e:10:9d:59:ca:41:99:2d:66:9b:34: db:e4:ab:f9:68:13:02:72:36:c3:a6:05:b3:ac:f5:ca:3b:ae: 4d:c2:64:93:6e:17:49:09:b2:8e:90:63:b3:8e:45:3a:f4:f0: 8a:d0:4d:6e:cc:e3:a7:fb:61:ac:9f:fd:61:c0:f9:3e:ef:78: 71:50:0b:13:d0:bd:49:5b:ac:65:ee:c4:eb:20:e6:01:47:9e: 88:2c:5d:b7:a4:79:c2:86:4c:61:7f:3d:d1:6e:91:c5:a5:d2: fb:80:ea:d5:0e:58:a9:23:c3:ea:54:e9:1c:d8:eb:7b:78:d5: 95:eb:35:73:45:3a:e4:f9:3a:36:8e:dc:0d:d1:00:77:55:67: d1:37:c0:4c:e3:d5:28:e6:14:e5:0e:40:ef:f2:ad:d6:c2:6e: 07:3e:47:39 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIUDlJPcVbiqGY957gX1QFquNEhnLwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMDIwNzM4MDhaFw0yNjEyMDEwNzQzMDhaMDMxMTAvBgNV BAMTKDQxREZDREE4RTMyODNFMERCRTBCMjRCODAzOTQ0NEEyRkFDQTAwMDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8ZjdMTFIw+BO9kJK0DQM7e0Fq Sxm4rTFoVLWc6N3+HsmzFwKeaCxQy4T/veFg1OkIb1w/9/K6HVHARo3gqX6Ah2Ha fvNwNPFUyub9Mh1TCs1AUI4oR05ceTcReUM8i9fr4OWFROGsolQJHv8nofYpFU3P H7H9ggJDJPrS7bfWlXZ52G7ENBc1EBrkWIyeFJga2O0GG8L36sirHpfKfVutFFrF l5DynHUGrj1fkX0AhSzaMJNhLKFlBllAWEmkyo4Kzq8PDbd1mVJqxTQu2LQE7gHd 2J6Fx8821uh+g1KJ3u9yNzJKC0Z6gmRjtM8Qm29HO+W7PnWKIj5epee8aD0rAgMB AAGjggJZMIICVTAdBgNVHQ4EFgQUQd/NqOMoPg2+CyS4A5REovrKAAkwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBABbfCID BABbfCYDBABbfIMDBABbfIUDBABbfNkDBABccDMDBABccDoDBABccD0DBABccD8D BAFccEowDAMEAFxxMQMEAVxxNAMEAFxxZAMEALJcZTANBgkqhkiG9w0BAQsFAAOC AQEAFAj10lwNh6L1XHmrWXWZ7pRNE6jEu/GAO6F70WdTwRKhTc2BJ523ZMcFlIcO /LdjqYf7v43gmLiLYlSHYQiMccmi9ZTfzxb3as/bRqOc8/SWmA4UEqQORK5z4F4k IKjSvo4QnVnKQZktZps02+Sr+WgTAnI2w6YFs6z1yjuuTcJkk24XSQmyjpBjs45F OvTwitBNbszjp/thrJ/9YcD5Pu94cVALE9C9SVusZe7E6yDmAUeeiCxdt6R5woZM YX890W6RxaXS+4Dq1Q5YqSPD6lTpHNjre3jVles1c0U65Pk6No7cDdEAd1Vn0TfA TOPVKOYU5Q5A7/Kt1sJuBz5HOQ== -----END CERTIFICATE-----Generated at Sat Dec 27 01:39:17 2025 by rpki-client