This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa File: AS137517.roa (raw, json) Hash identifier: kssno8dXylvHMBgQo8Qkdjcdw3SejZ8H+7kfJzy8xvs= Subject key identifier: A6:CB:D1:D6:76:8C:8F:E8:97:39:CE:89:86:7C:96:7F:3F:AD:9A:59 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 74A74DDBC179725E5A54C7E05D628A33D402EB0B Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa Signing time: Wed 24 Dec 2025 02:37:01 +0000 ROA not before: Wed 24 Dec 2025 02:32:01 +0000 ROA not after: Wed 23 Dec 2026 02:37:01 +0000 asID: 137517 IP address blocks: 143.14.95.0/24 maxlen: 24 167.148.168.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 74:a7:4d:db:c1:79:72:5e:5a:54:c7:e0:5d:62:8a:33:d4:02:eb:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 24 02:32:01 2025 GMT Not After : Dec 23 02:37:01 2026 GMT Subject: CN=A6CBD1D6768C8FE89739CE89867C967F3FAD9A59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:0b:a2:d2:49:02:e8:7f:ce:46:c6:f7:d9:dc: 33:50:fe:31:43:d6:5d:d7:84:91:51:89:a4:0d:fe: e8:6a:b0:dc:a2:eb:87:6f:be:60:d0:f5:37:df:81: 8e:4d:09:f6:15:17:2c:7a:ec:e3:9d:82:80:c1:9c: 79:30:89:d5:98:4a:ad:4c:20:ba:a8:b5:53:33:2d: d4:cd:98:01:3c:78:76:8d:9e:ca:1c:93:df:5d:05: 2e:01:0a:8f:fa:0d:d2:bf:36:d5:71:d7:bb:fe:b2: 38:33:7f:a5:d4:b7:11:bd:00:66:bd:5f:ad:62:cd: d7:d8:b9:5e:7a:69:64:93:0c:cb:a2:f8:62:e6:39: 8c:e8:fd:d8:c1:a3:fe:51:91:8d:d3:d0:f0:75:a0: 56:bb:36:66:e9:72:17:cf:8b:34:49:af:d3:51:ec: 9a:a8:d7:73:69:1f:30:bf:5b:1b:df:5a:b2:38:80: 61:f3:4b:38:d0:a4:88:85:86:14:8c:5d:59:6b:f1: e7:04:bd:ba:2a:41:c0:f4:9f:bd:e7:90:d3:fb:44: 01:d3:b6:f7:6b:5d:ab:af:14:28:a3:cf:bf:fe:85: 33:2e:fd:78:fb:8f:f8:30:5d:4b:b5:95:67:b1:5b: b5:4b:ee:7c:02:d8:ab:1e:0a:9f:a5:d7:97:f6:ee: 92:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:CB:D1:D6:76:8C:8F:E8:97:39:CE:89:86:7C:96:7F:3F:AD:9A:59 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS137517.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.95.0/24 167.148.168.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:e9:5a:cc:5f:52:db:c0:b7:18:ec:52:fa:70:26:e2:9b:42: fa:90:61:cf:ee:bc:8b:64:cf:44:69:af:f3:4e:1f:14:5c:f6: 46:63:bf:ab:74:f4:96:c3:f1:42:51:6f:30:ca:44:4e:76:9a: 8c:14:53:ff:92:59:d1:fc:98:5d:e7:de:35:f9:4f:f4:8f:e5: f7:50:44:c2:fe:8d:7b:68:be:03:7a:77:af:04:ba:ba:79:a7: 12:03:9f:cb:6a:30:76:c1:01:7b:63:fa:a5:de:01:e5:f8:7a: 71:f9:5c:b0:61:07:ea:81:d0:e3:e9:a2:3f:77:46:4a:f2:e4: 19:6c:bf:81:49:47:07:25:dd:31:d7:82:5c:4c:9b:3b:77:7b: e7:a6:3c:f0:07:dd:53:bf:36:8c:b5:fc:fd:47:19:e1:97:41: 04:1f:4f:17:2b:62:a9:11:05:be:42:a9:5f:53:01:36:31:3e: 12:67:d6:eb:8a:19:7c:95:33:b8:2b:3f:6c:c5:f5:c0:af:2e: f3:c8:fe:3b:73:47:07:22:29:83:ed:34:f7:8c:6f:01:ce:96: 0f:19:22:85:25:c0:6b:14:31:c7:1d:1e:82:c1:55:46:d1:b0: 0e:98:8e:e0:b2:cf:f3:55:f2:4e:1b:85:49:f4:4f:89:40:dd: e5:77:88:17 -----BEGIN CERTIFICATE----- MIIFBjCCA+6gAwIBAgIUdKdN28F5cl5aVMfgXWKKM9QC6wswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMjQwMjMyMDFaFw0yNjEyMjMwMjM3MDFaMDMxMTAvBgNV BAMTKEE2Q0JEMUQ2NzY4QzhGRTg5NzM5Q0U4OTg2N0M5NjdGM0ZBRDlBNTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDC6LSSQLof85GxvfZ3DNQ/jFD 1l3XhJFRiaQN/uhqsNyi64dvvmDQ9TffgY5NCfYVFyx67OOdgoDBnHkwidWYSq1M ILqotVMzLdTNmAE8eHaNnsock99dBS4BCo/6DdK/NtVx17v+sjgzf6XUtxG9AGa9 X61izdfYuV56aWSTDMui+GLmOYzo/djBo/5RkY3T0PB1oFa7NmbpchfPizRJr9NR 7Jqo13NpHzC/WxvfWrI4gGHzSzjQpIiFhhSMXVlr8ecEvboqQcD0n73nkNP7RAHT tvdrXauvFCijz7/+hTMu/Xj7j/gwXUu1lWexW7VL7nwC2KseCp+l15f27pLvAgMB AAGjggIQMIICDDAdBgNVHQ4EFgQUpsvR1naMj+iXOc6JhnyWfz+tmlkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTM3NTE3LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAjw5f AwQAp5SoMA0GCSqGSIb3DQEBCwUAA4IBAQB/6VrMX1LbwLcY7FL6cCbim0L6kGHP 7ryLZM9Eaa/zTh8UXPZGY7+rdPSWw/FCUW8wykROdpqMFFP/klnR/Jhd5941+U/0 j+X3UETC/o17aL4DenevBLq6eacSA5/LajB2wQF7Y/ql3gHl+Hpx+VywYQfqgdDj 6aI/d0ZK8uQZbL+BSUcHJd0x14JcTJs7d3vnpjzwB91TvzaMtfz9Rxnhl0EEH08X K2KpEQW+QqlfUwE2MT4SZ9brihl8lTO4Kz9sxfXAry7zyP47c0cHIimD7TT3jG8B zpYPGSKFJcBrFDHHHR6CwVVG0bAOmI7gss/zVfJOG4VJ9E+JQN3ld4gX -----END CERTIFICATE-----Generated at Sun Jan 25 07:28:33 2026 by rpki-client