This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa File: AS137235.roa (raw, json) Hash identifier: JUHHBORUHylChwnvcAepboCdPFMsmuvk1GtXrVfdKTc= Subject key identifier: 65:7B:32:0F:9C:D7:6A:B4:2F:1E:BF:5B:BD:99:54:81:BC:A8:29:67 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 2521B8EE88174088046DD23CB8F6ACD70008552E Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa Signing time: Thu 27 Nov 2025 01:43:26 +0000 ROA not before: Thu 27 Nov 2025 01:38:26 +0000 ROA not after: Thu 26 Nov 2026 01:43:26 +0000 asID: 137235 IP address blocks: 143.14.162.0/24 maxlen: 24 162.141.78.0/24 maxlen: 24 162.141.114.0/24 maxlen: 24 167.148.3.0/24 maxlen: 24 167.148.209.0/24 maxlen: 24 168.222.11.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:21:b8:ee:88:17:40:88:04:6d:d2:3c:b8:f6:ac:d7:00:08:55:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 27 01:38:26 2025 GMT Not After : Nov 26 01:43:26 2026 GMT Subject: CN=657B320F9CD76AB42F1EBF5BBD995481BCA82967 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:28:92:de:d4:98:c5:84:b0:c8:37:79:0f:aa: 0b:b5:8d:a2:40:b2:43:df:80:ea:7d:b0:6d:4a:67: ca:0a:d6:f2:ed:fa:32:bb:98:73:95:a1:f3:f8:6f: 72:68:68:0a:b1:0b:7d:10:59:62:82:8f:8b:f6:63: e1:8b:f7:63:ea:25:29:62:66:0a:80:b1:41:ec:75: 1a:55:3b:6a:73:3a:c4:ce:83:f7:ec:b2:e5:81:b6: 6b:c4:22:71:05:8a:b5:cd:41:ef:dc:e1:13:7a:5e: a2:48:71:03:56:0d:fb:00:34:c9:77:50:e3:1a:92: 92:e5:d2:cb:52:b5:15:11:a7:27:e2:24:cf:06:36: 9c:05:16:c5:53:2e:3e:81:a2:6b:79:d8:7f:cf:2c: 1b:c5:ba:06:5a:77:0d:67:4e:b1:95:e7:53:be:31: 65:34:a9:a6:17:bf:a3:f0:af:28:7a:4d:d7:be:45: ea:04:95:12:a8:52:c6:cd:b9:d3:97:83:d4:15:b5: 5a:5b:05:83:3c:e2:b1:f7:68:0c:a9:82:00:3a:1e: 32:8f:58:c6:4b:0d:04:ca:1c:dc:d6:f5:2a:23:59: 30:cd:97:00:88:a4:81:10:fd:63:0b:4a:29:a1:ca: 71:63:21:69:ac:b5:70:10:30:f9:e1:57:da:4e:8e: b1:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:7B:32:0F:9C:D7:6A:B4:2F:1E:BF:5B:BD:99:54:81:BC:A8:29:67 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137235.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.162.0/24 162.141.78.0/24 162.141.114.0/24 167.148.3.0/24 167.148.209.0/24 168.222.11.0/24 Signature Algorithm: sha256WithRSAEncryption b8:03:ce:48:6c:90:ae:26:8d:5b:5a:f3:66:4d:81:b2:8e:57: d6:71:7f:0d:65:ba:09:53:93:7a:59:2c:dc:f5:60:87:1b:b1: e6:6b:df:80:8c:87:6a:94:b8:1d:bb:37:33:bc:11:48:e3:2a: a6:51:23:7a:39:ee:19:2c:d8:6c:25:e2:8e:79:86:f2:2e:f4: a9:de:b5:bb:d2:5b:95:19:15:73:2f:20:15:48:db:f3:8c:34: 8f:c8:7c:df:e6:b6:49:be:21:c0:06:dc:4f:c7:09:79:6b:b6: 1b:b9:04:7c:9b:55:c5:7d:1c:6b:ec:d8:2b:0e:77:d5:1d:5d: 35:f9:62:e7:6b:3a:2e:00:cb:e7:40:1a:6b:d7:16:a5:92:07: 2a:ec:48:91:fa:3b:80:ea:73:0e:17:0c:26:b8:db:71:7b:56: 9d:6d:25:00:84:58:7b:9b:ee:61:65:53:77:a7:af:1b:91:43: b0:21:7e:a1:f7:9e:e0:cc:4e:76:09:c6:c7:5b:78:dd:a5:28: c0:f5:e4:48:70:51:0a:f8:1e:b4:3d:07:38:cd:8b:e0:7f:2f: 45:16:ab:72:2d:46:9e:41:0e:57:b6:82:fb:fa:83:f4:10:e2: e0:23:a1:8b:f6:7c:69:68:61:93:71:d8:80:77:e8:9a:69:77: 98:79:32:7a -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgIUJSG47ogXQIgEbdI8uPas1wAIVS4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjcwMTM4MjZaFw0yNjExMjYwMTQzMjZaMDMxMTAvBgNV BAMTKDY1N0IzMjBGOUNENzZBQjQyRjFFQkY1QkJEOTk1NDgxQkNBODI5NjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiKJLe1JjFhLDIN3kPqgu1jaJA skPfgOp9sG1KZ8oK1vLt+jK7mHOVofP4b3JoaAqxC30QWWKCj4v2Y+GL92PqJSli ZgqAsUHsdRpVO2pzOsTOg/fssuWBtmvEInEFirXNQe/c4RN6XqJIcQNWDfsANMl3 UOMakpLl0stStRURpyfiJM8GNpwFFsVTLj6Bomt52H/PLBvFugZadw1nTrGV51O+ MWU0qaYXv6Pwryh6Tde+ReoElRKoUsbNudOXg9QVtVpbBYM84rH3aAypggA6HjKP WMZLDQTKHNzW9SojWTDNlwCIpIEQ/WMLSimhynFjIWmstXAQMPnhV9pOjrEHAgMB AAGjggIoMIICJDAdBgNVHQ4EFgQUZXsyD5zXarQvHr9bvZlUgbyoKWcwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3MjM1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAjw6i AwQAoo1OAwQAoo1yAwQAp5QDAwQAp5TRAwQAqN4LMA0GCSqGSIb3DQEBCwUAA4IB AQC4A85IbJCuJo1bWvNmTYGyjlfWcX8NZboJU5N6WSzc9WCHG7Hma9+AjIdqlLgd uzczvBFI4yqmUSN6Oe4ZLNhsJeKOeYbyLvSp3rW70luVGRVzLyAVSNvzjDSPyHzf 5rZJviHABtxPxwl5a7YbuQR8m1XFfRxr7NgrDnfVHV01+WLnazouAMvnQBpr1xal kgcq7EiR+juA6nMOFwwmuNtxe1adbSUAhFh7m+5hZVN3p68bkUOwIX6h957gzE52 CcbHW3jdpSjA9eRIcFEK+B60PQc4zYvgfy9FFqtyLUaeQQ5XtoL7+oP0EOLgI6GL 9nxpaGGTcdiAd+iaaXeYeTJ6 -----END CERTIFICATE-----Generated at Sat Dec 6 14:55:52 2025 by rpki-client