This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa File: AS42689.roa (raw, json) Hash identifier: zXI5ysB/XrJtQcq8JDfFFxfM0GZXgm6qcov8gw9YgQg= Subject key identifier: 59:7E:2A:63:E5:C8:71:DE:A6:1A:CF:0B:59:01:81:75:E2:BE:59:D9 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 7DF8C28C2FB514FB41C983BC9C1049F8C35BDB20 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa Signing time: Mon 15 Dec 2025 11:16:50 +0000 ROA not before: Mon 15 Dec 2025 11:11:50 +0000 ROA not after: Mon 14 Dec 2026 11:16:50 +0000 asID: 42689 IP address blocks: 46.202.28.0/24 maxlen: 24 46.202.52.0/24 maxlen: 24 91.124.4.0/24 maxlen: 24 91.124.5.0/24 maxlen: 24 91.124.25.0/24 maxlen: 24 91.124.53.0/24 maxlen: 24 91.124.56.0/24 maxlen: 24 91.124.61.0/24 maxlen: 24 91.124.193.0/24 maxlen: 24 91.124.218.0/24 maxlen: 24 91.124.239.0/24 maxlen: 24 91.124.240.0/24 maxlen: 24 91.124.254.0/24 maxlen: 24 92.113.62.0/24 maxlen: 24 178.92.31.0/24 maxlen: 24 178.92.228.0/24 maxlen: 24 178.92.248.0/24 maxlen: 24 178.93.87.0/24 maxlen: 24 178.93.90.0/24 maxlen: 24 178.94.54.0/24 maxlen: 24 178.94.68.0/24 maxlen: 24 178.94.123.0/24 maxlen: 24 178.95.11.0/24 maxlen: 24 178.95.21.0/24 maxlen: 24 178.95.91.0/24 maxlen: 24 178.95.112.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 15:58:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:f8:c2:8c:2f:b5:14:fb:41:c9:83:bc:9c:10:49:f8:c3:5b:db:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 15 11:11:50 2025 GMT Not After : Dec 14 11:16:50 2026 GMT Subject: CN=597E2A63E5C871DEA61ACF0B59018175E2BE59D9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:c6:5f:2d:97:60:aa:a8:19:18:72:ad:c6:7c: 80:98:db:79:07:05:da:c2:7c:d5:db:70:8b:5f:e5: 75:5c:32:66:35:70:2e:29:ec:5a:43:e6:83:11:72: 46:dd:56:21:4e:13:9b:2a:8d:4d:ab:3b:6f:5e:e5: 50:db:be:d2:c2:85:a5:fe:23:2a:bb:97:f9:54:97: 6c:bc:82:58:31:6f:76:c7:ab:5a:44:c0:75:c5:bb: 16:56:47:53:b5:56:cd:0a:e7:eb:b4:0b:43:64:34: 09:41:55:2d:a4:5a:9e:85:b4:d9:99:9e:9e:70:16: f7:8e:6d:80:ae:57:47:15:f8:31:dc:72:16:ac:24: b2:50:ab:76:57:90:4b:ce:d6:cb:b8:d2:c1:15:5a: 0d:2d:80:a7:69:c5:ed:56:fb:fd:90:ba:2b:c0:29: 79:d9:3d:43:d7:8e:d2:b7:7e:6e:0d:29:2e:6d:26: 33:e1:67:f8:89:17:b6:de:40:dc:16:39:29:c9:f8: 69:72:d3:d5:78:bb:87:4b:9d:c1:a2:72:e8:b3:0c: 53:13:ea:d2:75:f9:53:ab:26:3f:93:c9:e1:51:11: 91:b0:36:d0:08:72:5d:aa:1b:9c:dc:94:c9:50:6c: 6c:01:1b:e0:72:93:90:dc:03:90:30:70:e6:9c:04: ec:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:7E:2A:63:E5:C8:71:DE:A6:1A:CF:0B:59:01:81:75:E2:BE:59:D9 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS42689.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.202.28.0/24 46.202.52.0/24 91.124.4.0/23 91.124.25.0/24 91.124.53.0/24 91.124.56.0/24 91.124.61.0/24 91.124.193.0/24 91.124.218.0/24 91.124.239.0-91.124.240.255 91.124.254.0/24 92.113.62.0/24 178.92.31.0/24 178.92.228.0/24 178.92.248.0/24 178.93.87.0/24 178.93.90.0/24 178.94.54.0/24 178.94.68.0/24 178.94.123.0/24 178.95.11.0/24 178.95.21.0/24 178.95.91.0/24 178.95.112.0/24 Signature Algorithm: sha256WithRSAEncryption 1e:d0:6a:33:c8:39:b4:15:0e:22:81:c1:8d:4f:50:8a:5f:e8: 11:b0:b8:6d:b9:2e:72:2a:bd:a5:47:b2:bc:77:06:77:f6:b1: c8:88:cc:d6:7e:e4:b0:77:fe:fb:f3:89:7f:74:1b:b0:8b:5f: e4:dd:f1:3a:1f:af:bb:48:e6:1d:08:e9:81:f1:b0:30:80:99: 22:f9:3b:63:97:94:6f:db:7f:6c:e6:d6:b9:0d:ab:31:be:76: 3b:f6:ce:73:5c:7b:39:45:29:60:f7:26:af:ff:66:8d:1d:ac: 6c:62:2f:d2:f8:03:99:b3:cd:96:6e:8e:a5:83:19:c7:f3:c2: 7c:8d:27:5e:a7:f6:be:d4:4f:9b:fe:ff:3b:e8:91:1d:d2:d2: 5a:f8:ea:89:d3:a7:55:e6:77:b3:b7:77:74:d9:25:f9:f1:81: fb:b0:68:5c:02:07:9c:45:82:29:15:a0:ad:23:10:a1:0b:42: 08:9e:91:b0:de:50:46:15:51:57:5d:9f:4a:dd:6e:c2:7b:49: 74:34:c7:1b:34:18:99:88:5e:72:0b:b5:21:68:ae:b1:07:8c: 30:98:0a:18:6b:3e:9c:fe:3e:16:7f:68:73:03:22:c2:6d:19: cb:ac:6a:88:89:4c:9c:64:c5:ab:42:ae:cd:e1:e0:6d:5f:55: 23:56:0e:24 -----BEGIN CERTIFICATE----- MIIFljCCBH6gAwIBAgIUffjCjC+1FPtByYO8nBBJ+MNb2yAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMTUxMTExNTBaFw0yNjEyMTQxMTE2NTBaMDMxMTAvBgNV BAMTKDU5N0UyQTYzRTVDODcxREVBNjFBQ0YwQjU5MDE4MTc1RTJCRTU5RDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsxl8tl2CqqBkYcq3GfICY23kH BdrCfNXbcItf5XVcMmY1cC4p7FpD5oMRckbdViFOE5sqjU2rO29e5VDbvtLChaX+ Iyq7l/lUl2y8glgxb3bHq1pEwHXFuxZWR1O1Vs0K5+u0C0NkNAlBVS2kWp6FtNmZ np5wFveObYCuV0cV+DHcchasJLJQq3ZXkEvO1su40sEVWg0tgKdpxe1W+/2QuivA KXnZPUPXjtK3fm4NKS5tJjPhZ/iJF7beQNwWOSnJ+Gly09V4u4dLncGicuizDFMT 6tJ1+VOrJj+TyeFREZGwNtAIcl2qG5zclMlQbGwBG+Byk5DcA5AwcOacBOxHAgMB AAGjggKgMIICnDAdBgNVHQ4EFgQUWX4qY+XIcd6mGs8LWQGBdeK+WdkwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTNDI2ODkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwgbUGCCsGAQUFBwEHAQH/BIGlMIGiMIGfBAIAATCBmAME AC7KHAMEAC7KNAMEAVt8BAMEAFt8GQMEAFt8NQMEAFt8OAMEAFt8PQMEAFt8wQME AFt82jAMAwQAW3zvAwQAW3zwAwQAW3z+AwQAXHE+AwQAslwfAwQAslzkAwQAslz4 AwQAsl1XAwQAsl1aAwQAsl42AwQAsl5EAwQAsl57AwQAsl8LAwQAsl8VAwQAsl9b AwQAsl9wMA0GCSqGSIb3DQEBCwUAA4IBAQAe0GozyDm0FQ4igcGNT1CKX+gRsLht uS5yKr2lR7K8dwZ39rHIiMzWfuSwd/7784l/dBuwi1/k3fE6H6+7SOYdCOmB8bAw gJki+Ttjl5Rv239s5ta5DasxvnY79s5zXHs5RSlg9yav/2aNHaxsYi/S+AOZs82W bo6lgxnH88J8jSdep/a+1E+b/v876JEd0tJa+OqJ06dV5nezt3d02SX58YH7sGhc AgecRYIpFaCtIxChC0IInpGw3lBGFVFXXZ9K3W7Ce0l0NMcbNBiZiF5yC7UhaK6x B4wwmAoYaz6c/j4Wf2hzAyLCbRnLrGqIiUycZMWrQq7N4eBtX1UjVg4k -----END CERTIFICATE-----Generated at Sat Dec 27 01:38:49 2025 by rpki-client