This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa File: AS21840.roa (raw, json) Hash identifier: 6PLh4xfVLEstqgSgGMaNBOESpuMM5xmLjJwnORQPovY= Subject key identifier: F4:87:0B:8B:12:31:55:90:BE:23:CD:66:08:F6:0B:57:60:1D:38:BB Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 4547ADD39E64DF4119EC7227C6A065D5A913C23E Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa Signing time: Sat 22 Nov 2025 02:06:49 +0000 ROA not before: Sat 22 Nov 2025 02:01:49 +0000 ROA not after: Sat 21 Nov 2026 02:06:49 +0000 asID: 21840 IP address blocks: 92.112.37.0/24 maxlen: 24 178.92.184.0/24 maxlen: 24 178.95.123.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 02 Dec 2025 00:00:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:47:ad:d3:9e:64:df:41:19:ec:72:27:c6:a0:65:d5:a9:13:c2:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Nov 22 02:01:49 2025 GMT Not After : Nov 21 02:06:49 2026 GMT Subject: CN=F4870B8B12315590BE23CD6608F60B57601D38BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:eb:c4:19:e2:74:d5:d5:37:89:36:9b:49:ae: f2:78:b7:65:38:c7:bc:53:8d:ce:ef:ee:ab:15:64: ae:88:b4:97:cd:32:fc:59:cb:f1:02:03:59:88:7a: 16:f1:5a:5b:28:6a:b8:8b:ab:69:05:d0:1a:52:ce: ef:d0:98:87:d5:b1:f1:98:a5:ad:1b:2e:20:67:99: b2:93:e3:d9:f2:15:7b:a5:dc:98:5a:80:d1:d2:6a: 0c:02:2b:b0:6f:43:0a:80:7c:f3:05:b9:60:1d:88: 0b:28:bd:4f:75:0e:4b:31:3a:40:58:18:d0:ea:84: 0b:c7:38:b2:f3:56:01:d3:55:ac:f0:a2:6d:55:6b: d9:9b:73:df:bc:1b:8f:de:0d:78:f1:4c:02:8e:96: 42:49:9b:77:4e:ad:45:d3:4e:c4:a3:27:28:43:45: 83:77:82:18:ff:21:2f:e2:89:c3:97:8f:9a:53:ff: 4f:c0:d7:65:61:73:f0:a1:50:e0:c0:5f:b3:c9:51: 4e:ee:37:5d:fc:24:94:58:32:ba:84:c6:1e:b2:e9: 0c:07:16:b2:42:7e:6b:85:95:0d:c8:95:84:9d:2e: 1b:4e:1e:ca:20:5d:52:db:0c:a3:77:54:17:e5:38: 33:d0:30:4a:ac:f2:30:42:1c:99:2e:c9:e4:80:ac: 4b:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:87:0B:8B:12:31:55:90:BE:23:CD:66:08:F6:0B:57:60:1D:38:BB X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS21840.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 92.112.37.0/24 178.92.184.0/24 178.95.123.0/24 Signature Algorithm: sha256WithRSAEncryption 1a:40:60:57:42:ed:00:80:45:9b:28:3a:a1:47:73:f2:b1:e7: c0:26:a2:8b:d3:a7:fe:99:7b:ed:ab:46:a3:08:bb:a1:c1:00: 94:18:05:c9:8c:b1:c2:88:e6:56:d9:50:3a:f1:f7:a7:2e:07: e8:7e:37:62:ff:14:14:77:73:2a:b6:08:30:1c:80:16:4a:47: ee:7b:72:68:32:bf:6c:44:f5:17:99:af:7f:24:f3:4c:73:49: 16:ce:f7:2e:d6:46:4a:e5:6d:43:56:12:c5:29:f1:26:1c:c5: 9c:3b:b9:5f:ff:2f:5c:30:c2:e2:65:b6:90:55:1f:b7:49:5f: 3c:d3:97:cd:b4:02:e1:6e:09:ac:ea:4a:bf:23:e4:86:b1:58: ac:66:b3:94:7f:03:e5:e1:86:64:bb:aa:a8:9a:23:bb:48:81: 01:87:40:ae:10:7d:bf:6a:2d:82:6f:16:bf:4a:e2:bf:97:ba: 9c:77:86:06:fa:f9:ec:30:7b:88:a2:d2:3b:1f:19:9f:18:0a: 7c:c5:38:e1:5d:8c:6b:eb:f2:22:cc:e9:c3:fe:cd:a2:83:28: 21:cc:be:86:64:aa:4e:8d:f5:77:01:a5:26:14:02:9a:2b:ee: c9:bb:c1:e6:85:d2:fd:f4:f2:83:ef:24:91:6f:5f:ae:03:c6: 1b:09:7d:96 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIURUet055k30EZ7HInxqBl1akTwj4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTExMjIwMjAxNDlaFw0yNjExMjEwMjA2NDlaMDMxMTAvBgNV BAMTKEY0ODcwQjhCMTIzMTU1OTBCRTIzQ0Q2NjA4RjYwQjU3NjAxRDM4QkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZ68QZ4nTV1TeJNptJrvJ4t2U4 x7xTjc7v7qsVZK6ItJfNMvxZy/ECA1mIehbxWlsoariLq2kF0BpSzu/QmIfVsfGY pa0bLiBnmbKT49nyFXul3JhagNHSagwCK7BvQwqAfPMFuWAdiAsovU91DksxOkBY GNDqhAvHOLLzVgHTVazwom1Va9mbc9+8G4/eDXjxTAKOlkJJm3dOrUXTTsSjJyhD RYN3ghj/IS/iicOXj5pT/0/A12Vhc/ChUODAX7PJUU7uN138JJRYMrqExh6y6QwH FrJCfmuFlQ3IlYSdLhtOHsogXVLbDKN3VBflODPQMEqs8jBCHJkuyeSArEsZAgMB AAGjggIVMIICETAdBgNVHQ4EFgQU9IcLixIxVZC+I81mCPYLV2AdOLswHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE4NDAucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwKwYIKwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABccCUD BACyXLgDBACyX3swDQYJKoZIhvcNAQELBQADggEBABpAYFdC7QCARZsoOqFHc/Kx 58AmoovTp/6Ze+2rRqMIu6HBAJQYBcmMscKI5lbZUDrx96cuB+h+N2L/FBR3cyq2 CDAcgBZKR+57cmgyv2xE9ReZr38k80xzSRbO9y7WRkrlbUNWEsUp8SYcxZw7uV// L1wwwuJltpBVH7dJXzzTl820AuFuCazqSr8j5IaxWKxms5R/A+XhhmS7qqiaI7tI gQGHQK4Qfb9qLYJvFr9K4r+Xupx3hgb6+ewwe4ii0jsfGZ8YCnzFOOFdjGvr8iLM 6cP+zaKDKCHMvoZkqk6N9XcBpSYUApor7sm7weaF0v308oPvJJFvX64DxhsJfZY= -----END CERTIFICATE-----Generated at Mon Dec 1 07:52:22 2025 by rpki-client