This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa File: AS135391.roa (raw, json) Hash identifier: tuMAeSA64YxmehfNCtJFVGqWbzHhN6zuE5ySNm1jP9M= Subject key identifier: CF:87:0E:FB:B0:10:2C:80:67:EB:62:44:67:A9:1E:76:81:E6:33:40 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1DCB5FB3557A944C2BC535B10B523F6FA54F7A4E Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa Signing time: Tue 18 Nov 2025 05:50:10 +0000 ROA not before: Tue 18 Nov 2025 05:45:10 +0000 ROA not after: Tue 17 Nov 2026 05:50:10 +0000 asID: 135391 IP address blocks: 146.103.31.0/24 maxlen: 24 147.79.56.0/24 maxlen: 24 148.135.201.0/24 maxlen: 24 155.117.216.0/24 maxlen: 24 162.141.39.0/24 maxlen: 24 162.141.65.0/24 maxlen: 24 162.141.140.0/24 maxlen: 24 162.141.179.0/24 maxlen: 24 162.141.183.0/24 maxlen: 24 168.222.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:cb:5f:b3:55:7a:94:4c:2b:c5:35:b1:0b:52:3f:6f:a5:4f:7a:4e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 18 05:45:10 2025 GMT Not After : Nov 17 05:50:10 2026 GMT Subject: CN=CF870EFBB0102C8067EB624467A91E7681E63340 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:89:b8:08:52:df:75:78:2d:2c:5f:7a:ab:3f: 6f:0a:37:ff:aa:c7:8f:d0:65:fe:01:82:36:04:6a: 3e:af:bb:1a:cc:d2:bc:e6:78:4b:6b:a9:12:e9:bd: 08:08:7d:2a:12:04:d7:0e:8a:5a:d9:11:29:df:44: 18:57:af:a9:0a:f7:59:ae:34:e1:bf:36:32:c0:f4: f4:a6:41:65:a1:f1:5c:01:90:43:a8:93:33:ec:b9: 17:a0:07:6e:01:1a:fc:ae:5e:95:4d:3b:df:a3:70: 65:31:23:69:f8:66:f0:08:95:62:e7:40:47:39:fc: 15:20:f4:a6:cd:74:a0:72:dd:25:cc:40:bc:61:d2: 06:8b:2f:cc:15:63:21:5b:22:57:bb:67:aa:e5:6a: 1b:63:b2:0d:8e:42:bc:26:e1:ea:77:86:37:58:f3: a8:a8:74:20:61:fc:c3:01:37:1b:45:9c:39:85:78: b0:d1:cc:ce:5d:f6:92:0a:ce:18:61:c9:1e:e8:d3: d9:03:26:f0:5b:04:1e:99:ce:7c:da:6b:4d:20:11: 01:3b:3b:71:63:f2:3a:13:1e:f7:b3:e5:09:0c:6b: 80:39:32:2a:0f:b7:25:2d:de:c9:4a:3e:69:15:b6: bc:c8:2d:42:b7:72:4e:47:91:07:a0:1d:0d:89:78: f4:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:87:0E:FB:B0:10:2C:80:67:EB:62:44:67:A9:1E:76:81:E6:33:40 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS135391.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 146.103.31.0/24 147.79.56.0/24 148.135.201.0/24 155.117.216.0/24 162.141.39.0/24 162.141.65.0/24 162.141.140.0/24 162.141.179.0/24 162.141.183.0/24 168.222.22.0/24 Signature Algorithm: sha256WithRSAEncryption b9:c6:86:bd:7b:d9:10:ef:51:ec:a0:fe:96:39:26:6b:aa:11: d2:2f:29:96:59:f0:a5:58:b0:77:31:c0:fb:c1:e9:8c:f3:c7: eb:07:e0:fc:2f:86:0e:c9:72:c5:53:2e:63:b3:4c:51:56:f7: 3a:92:49:87:4e:c4:89:4d:4b:7e:aa:36:b1:d5:d9:72:88:e9: 03:df:d2:67:4f:99:1d:78:81:15:c7:51:6f:b5:57:a3:1d:ca: 65:5b:f5:43:a1:da:55:a6:9a:59:c8:1d:e3:a8:fd:3e:d5:7f: c7:88:83:06:af:9a:25:a3:79:a4:5a:8d:a4:08:6c:fe:9f:b7: 3e:c5:f4:9e:d2:cc:00:16:fc:1e:e8:59:ba:d6:ec:59:6e:6d: 94:40:53:7d:09:a0:c4:f5:ac:ae:0f:0f:01:c8:00:6e:13:bf: 03:31:1e:d0:c1:6d:dc:95:26:68:9b:47:ec:7f:40:08:46:d7: 7a:31:72:28:f8:d3:a1:3f:f6:f3:cd:3e:2e:2a:1b:74:a4:95: 4e:7a:96:fb:46:cb:a7:68:f8:b2:54:21:5e:ae:f5:b1:32:0d: 29:cf:fc:14:1d:f1:b4:cb:6e:6a:4e:5c:a8:be:67:97:10:1c: 13:c6:97:47:85:3e:3d:79:01:50:0c:3c:f9:5f:06:a2:d8:59: 4b:87:83:26 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIUHctfs1V6lEwrxTWxC1I/b6VPek4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTgwNTQ1MTBaFw0yNjExMTcwNTUwMTBaMDMxMTAvBgNV BAMTKENGODcwRUZCQjAxMDJDODA2N0VCNjI0NDY3QTkxRTc2ODFFNjMzNDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzibgIUt91eC0sX3qrP28KN/+q x4/QZf4BgjYEaj6vuxrM0rzmeEtrqRLpvQgIfSoSBNcOilrZESnfRBhXr6kK91mu NOG/NjLA9PSmQWWh8VwBkEOokzPsuRegB24BGvyuXpVNO9+jcGUxI2n4ZvAIlWLn QEc5/BUg9KbNdKBy3SXMQLxh0gaLL8wVYyFbIle7Z6rlahtjsg2OQrwm4ep3hjdY 86iodCBh/MMBNxtFnDmFeLDRzM5d9pIKzhhhyR7o09kDJvBbBB6Zznzaa00gEQE7 O3Fj8joTHvez5QkMa4A5MioPtyUt3slKPmkVtrzILUK3ck5HkQegHQ2JePStAgMB AAGjggJAMIICPDAdBgNVHQ4EFgQUz4cO+7AQLIBn62JEZ6kedoHmM0AwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM1MzkxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAkmcf AwQAk084AwQAlIfJAwQAm3XYAwQAoo0nAwQAoo1BAwQAoo2MAwQAoo2zAwQAoo23 AwQAqN4WMA0GCSqGSIb3DQEBCwUAA4IBAQC5xoa9e9kQ71HsoP6WOSZrqhHSLymW WfClWLB3McD7wemM88frB+D8L4YOyXLFUy5js0xRVvc6kkmHTsSJTUt+qjax1dly iOkD39JnT5kdeIEVx1FvtVejHcplW/VDodpVpppZyB3jqP0+1X/HiIMGr5olo3mk Wo2kCGz+n7c+xfSe0swAFvwe6Fm61uxZbm2UQFN9CaDE9ayuDw8ByABuE78DMR7Q wW3clSZom0fsf0AIRtd6MXIo+NOhP/bzzT4uKht0pJVOepb7RsunaPiyVCFervWx Mg0pz/wUHfG0y25qTlyovmeXEBwTxpdHhT49eQFQDDz5Xwai2FlLh4Mm -----END CERTIFICATE-----Generated at Sat Dec 6 14:00:16 2025 by rpki-client