This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa File: AS40676.roa (raw, json) Hash identifier: NJDBV+hE9xBchrUc1CNi2eVGUDNB9R38oNOswEL04OY= Subject key identifier: 88:A0:34:F1:95:25:2C:9A:8A:0D:A7:03:BF:A9:85:45:16:E5:97:B9 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 31658FD1C678FF1F245CD23AF1EB2F373ACEE781 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa Signing time: Tue 02 Dec 2025 10:15:27 +0000 ROA not before: Tue 02 Dec 2025 10:10:27 +0000 ROA not after: Tue 01 Dec 2026 10:15:27 +0000 asID: 40676 IP address blocks: 46.202.224.0/24 maxlen: 24 46.203.55.0/24 maxlen: 24 91.124.87.0/24 maxlen: 24 91.124.135.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 14 Dec 2025 13:23:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:65:8f:d1:c6:78:ff:1f:24:5c:d2:3a:f1:eb:2f:37:3a:ce:e7:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 2 10:10:27 2025 GMT Not After : Dec 1 10:15:27 2026 GMT Subject: CN=88A034F195252C9A8A0DA703BFA9854516E597B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:85:b4:25:29:3f:8a:06:fa:34:b6:b3:0f:d0: f4:f3:f0:bd:be:f7:f0:2b:a1:d6:95:cf:c1:dd:b4: 0f:ba:42:4d:76:9d:11:0f:3e:05:21:15:c0:85:7e: 1e:ac:8c:69:fe:f1:92:7b:64:21:34:fc:a1:48:27: ef:87:3b:a6:96:75:ed:63:05:03:4d:86:87:c2:a5: fd:69:d4:d7:21:78:a4:01:bf:c2:90:c6:86:ee:b9: e6:0e:d8:0c:c8:a9:6b:db:38:7d:d4:90:89:7b:c1: 3d:f5:01:f1:47:a9:b4:d2:2a:af:07:3f:02:7b:93: 14:03:4f:15:50:63:90:1b:43:44:23:f3:88:1e:7f: 57:c2:17:90:8a:68:2f:a1:4f:32:5f:44:a7:5b:a8: 27:be:60:85:63:c5:76:3d:9a:3f:7d:d6:ea:aa:cf: d7:a3:a5:04:a6:b4:6a:83:35:41:e1:34:fd:1b:8f: cc:e0:f9:6b:92:df:41:65:dd:39:70:d8:a4:11:ee: b4:5a:1a:16:f2:17:ba:84:3b:9f:0d:b5:d3:3a:6f: 7f:89:b7:a8:0a:d7:c8:88:51:b6:28:df:07:72:d8: 06:6e:8a:dd:11:32:93:c4:d1:c3:01:9d:7e:a6:44: 82:29:28:ae:2e:e5:88:46:be:29:83:63:f0:cc:89: d0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:A0:34:F1:95:25:2C:9A:8A:0D:A7:03:BF:A9:85:45:16:E5:97:B9 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS40676.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.202.224.0/24 46.203.55.0/24 91.124.87.0/24 91.124.135.0/24 Signature Algorithm: sha256WithRSAEncryption 15:b9:06:6f:01:c8:a0:30:5b:85:4a:d6:59:6d:ad:1f:09:73: c5:02:53:4d:f6:b2:0e:35:68:16:14:bb:58:21:de:42:77:40: 6f:4f:42:36:73:1d:c0:36:79:14:80:2f:10:c3:ec:46:b1:16: eb:45:f0:2a:6d:02:74:08:e7:a9:37:4a:dd:52:14:b2:12:02: 34:24:d3:fe:64:af:ef:20:10:32:e4:1b:e5:bb:52:6b:cd:db: 7a:96:d0:dd:f1:e5:e2:71:d3:02:3d:a6:9a:dc:d5:a1:3f:cb: a8:84:c4:94:45:50:b0:7f:31:ef:27:af:44:42:39:ea:0d:15: 1e:ee:0a:fb:95:89:57:fc:08:21:5b:fc:37:d0:95:3a:28:56: 4f:98:7b:6e:b9:a1:a9:44:92:99:25:bd:99:17:55:76:81:10: 3c:cf:93:1e:00:4b:ca:b7:19:93:a5:9d:ed:5b:02:2c:d1:ee: 66:17:8a:d0:bd:0f:c6:1f:63:74:bd:10:67:75:a7:36:6d:01: f4:6a:7c:e9:3d:2a:55:4a:15:bf:e7:69:6f:c5:45:22:f4:a3: 75:1f:9e:e1:a1:8f:ba:34:31:3d:59:e0:d6:59:62:a4:f8:01: 06:fd:dd:26:42:07:34:5e:0d:dc:59:d1:97:f7:74:a1:64:fd: a2:58:c1:bc -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIUMWWP0cZ4/x8kXNI68esvNzrO54EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMDIxMDEwMjdaFw0yNjEyMDExMDE1MjdaMDMxMTAvBgNV BAMTKDg4QTAzNEYxOTUyNTJDOUE4QTBEQTcwM0JGQTk4NTQ1MTZFNTk3QjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnhbQlKT+KBvo0trMP0PTz8L2+ 9/ArodaVz8HdtA+6Qk12nREPPgUhFcCFfh6sjGn+8ZJ7ZCE0/KFIJ++HO6aWde1j BQNNhofCpf1p1NcheKQBv8KQxobuueYO2AzIqWvbOH3UkIl7wT31AfFHqbTSKq8H PwJ7kxQDTxVQY5AbQ0Qj84gef1fCF5CKaC+hTzJfRKdbqCe+YIVjxXY9mj991uqq z9ejpQSmtGqDNUHhNP0bj8zg+WuS30Fl3Tlw2KQR7rRaGhbyF7qEO58NtdM6b3+J t6gK18iIUbYo3wdy2AZuit0RMpPE0cMBnX6mRIIpKK4u5YhGvimDY/DMidANAgMB AAGjggIbMIICFzAdBgNVHQ4EFgQUiKA08ZUlLJqKDacDv6mFRRbll7kwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDA2NzYucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBAAuyuAD BAAuyzcDBABbfFcDBABbfIcwDQYJKoZIhvcNAQELBQADggEBABW5Bm8ByKAwW4VK 1lltrR8Jc8UCU032sg41aBYUu1gh3kJ3QG9PQjZzHcA2eRSALxDD7EaxFutF8Cpt AnQI56k3St1SFLISAjQk0/5kr+8gEDLkG+W7UmvN23qW0N3x5eJx0wI9pprc1aE/ y6iExJRFULB/Me8nr0RCOeoNFR7uCvuViVf8CCFb/DfQlTooVk+Ye265oalEkpkl vZkXVXaBEDzPkx4AS8q3GZOlne1bAizR7mYXitC9D8YfY3S9EGd1pzZtAfRqfOk9 KlVKFb/naW/FRSL0o3UfnuGhj7o0MT1Z4NZZYqT4AQb93SZCBzReDdxZ0Zf3dKFk /aJYwbw= -----END CERTIFICATE-----Generated at Sun Dec 14 00:02:53 2025 by rpki-client