This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: hJnSnI+dhReR54wH+EMbyiKyvbbIHVE8VQFCkycKDck= Subject key identifier: D6:46:DF:7B:18:51:0F:92:BE:1B:8D:77:B1:E7:18:CD:53:F1:0B:D2 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1DD4111E82A6916B4DE8517194C5BDD2AFB350BE Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa Signing time: Sat 17 Jan 2026 01:14:54 +0000 ROA not before: Sat 17 Jan 2026 01:09:54 +0000 ROA not after: Sat 16 Jan 2027 01:14:54 +0000 asID: 16509 IP address blocks: 96.62.208.0/22 maxlen: 22 140.233.128.0/19 maxlen: 24 143.14.227.0/24 maxlen: 24 145.223.64.0/24 maxlen: 24 145.223.65.0/24 maxlen: 24 146.103.60.0/24 maxlen: 24 146.103.62.0/23 maxlen: 24 147.79.25.0/24 maxlen: 24 148.135.180.0/24 maxlen: 24 148.135.186.0/24 maxlen: 24 155.117.0.0/24 maxlen: 24 155.117.60.0/24 maxlen: 24 155.117.185.0/24 maxlen: 24 155.117.187.0/24 maxlen: 24 155.117.203.0/24 maxlen: 24 162.141.159.0/24 maxlen: 24 162.141.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1d:d4:11:1e:82:a6:91:6b:4d:e8:51:71:94:c5:bd:d2:af:b3:50:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 17 01:09:54 2026 GMT Not After : Jan 16 01:14:54 2027 GMT Subject: CN=D646DF7B18510F92BE1B8D77B1E718CD53F10BD2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:49:f6:27:0f:1c:8b:ff:1d:96:0a:c1:cb:49: ae:d2:47:fa:40:68:a5:d4:6d:2e:13:2c:61:9d:b7: e4:a4:aa:75:96:f0:e0:c4:e6:67:5d:18:f6:b1:15: 64:13:a2:bc:0e:4f:56:2e:9e:1d:de:4b:7d:f4:9b: e2:ae:d5:86:bd:d4:90:4f:59:0f:2d:9b:c9:35:11: 18:01:87:a0:67:a3:b2:6c:8b:f8:d6:4f:07:80:a7: a2:22:05:79:68:de:11:ae:ed:37:38:e6:78:82:e7: e8:6f:9a:a7:ce:de:ca:94:4c:bf:3f:19:de:a5:c4: 35:14:f9:41:60:48:a3:60:25:84:52:f8:83:d6:96: 93:a0:ff:2d:f8:b7:a4:2b:0e:ee:22:39:fc:82:a6: e6:50:65:41:9a:cd:f6:37:c7:f7:81:a3:df:e2:51: 03:0f:67:3b:6c:d0:bc:0a:f2:64:42:de:ba:e4:3f: f0:ac:d9:55:3d:56:16:ea:88:7f:2c:a6:a8:77:de: 47:cc:57:12:37:64:00:6a:db:f4:7e:7a:48:3c:1a: a3:5f:f1:36:6c:3f:2d:60:b3:81:d9:8e:39:a9:3b: ff:ac:6f:d2:c5:3d:9a:ef:57:ae:80:23:54:e5:a8: 4f:4c:fe:d7:f6:47:cb:97:f2:80:72:7b:1e:b3:f3: 1f:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:46:DF:7B:18:51:0F:92:BE:1B:8D:77:B1:E7:18:CD:53:F1:0B:D2 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.208.0/22 140.233.128.0/19 143.14.227.0/24 145.223.64.0/23 146.103.60.0/24 146.103.62.0/23 147.79.25.0/24 148.135.180.0/24 148.135.186.0/24 155.117.0.0/24 155.117.60.0/24 155.117.185.0/24 155.117.187.0/24 155.117.203.0/24 162.141.159.0/24 162.141.180.0/24 Signature Algorithm: sha256WithRSAEncryption 6c:f7:9b:25:6f:7b:df:bf:b5:22:27:5c:06:85:82:5e:a4:15: 61:d2:ff:d7:57:bd:24:90:24:1e:cd:a1:b9:b7:23:21:04:37: 07:9b:0e:a4:d6:54:c6:fa:7a:f0:0c:02:50:72:eb:4d:96:7e: b1:76:3c:30:e1:30:09:04:04:90:1d:5a:e7:0e:a0:e1:07:b1: 0e:60:23:d4:8b:50:ed:33:47:11:90:ea:7b:4a:18:b0:6a:69: f2:65:af:aa:0e:3c:c8:86:2f:54:66:ed:fa:b6:fc:ca:6b:f7: 60:65:5d:6a:6f:2d:fd:e0:09:35:73:c2:c1:24:f4:d1:19:ac: 7b:f2:6b:78:e4:6d:42:06:f5:f2:13:2f:dd:39:07:e9:96:b3: ea:81:0b:f0:ab:b3:68:9e:38:90:10:f8:82:63:dc:9b:77:a1: 95:55:0b:64:c6:ca:a3:cb:80:c6:02:8e:1e:2b:2c:d3:9f:59: ee:0f:2a:6e:2a:7c:4f:0c:ff:d0:14:65:04:ff:ad:41:bb:35: 41:a9:f5:ef:2f:5d:f9:ae:c7:c2:b7:a0:36:3f:10:70:80:89: 34:6e:c3:e0:99:61:2e:43:d1:77:b7:20:fb:d3:cc:22:bc:77: 40:5d:3a:77:f7:1a:8e:f1:a7:9f:14:36:7b:77:8b:a5:30:8f: 51:d3:a2:96 -----BEGIN CERTIFICATE----- MIIFWTCCBEGgAwIBAgIUHdQRHoKmkWtN6FFxlMW90q+zUL4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTcwMTA5NTRaFw0yNzAxMTYwMTE0NTRaMDMxMTAvBgNV BAMTKEQ2NDZERjdCMTg1MTBGOTJCRTFCOEQ3N0IxRTcxOENENTNGMTBCRDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDhSfYnDxyL/x2WCsHLSa7SR/pA aKXUbS4TLGGdt+SkqnWW8ODE5mddGPaxFWQTorwOT1Yunh3eS330m+Ku1Ya91JBP WQ8tm8k1ERgBh6Bno7Jsi/jWTweAp6IiBXlo3hGu7Tc45niC5+hvmqfO3sqUTL8/ Gd6lxDUU+UFgSKNgJYRS+IPWlpOg/y34t6QrDu4iOfyCpuZQZUGazfY3x/eBo9/i UQMPZzts0LwK8mRC3rrkP/Cs2VU9VhbqiH8spqh33kfMVxI3ZABq2/R+ekg8GqNf 8TZsPy1gs4HZjjmpO/+sb9LFPZrvV66AI1TlqE9M/tf2R8uX8oByex6z8x8zAgMB AAGjggJjMIICXzAdBgNVHQ4EFgQU1kbfexhRD5K+G413secYzVPxC9IwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIweQYIKwYBBQUHAQcBAf8EajBoMGYEAgABMGADBAJgPtAD BAWM6YADBACPDuMDBAGR30ADBACSZzwDBAGSZz4DBACTTxkDBACUh7QDBACUh7oD BACbdQADBACbdTwDBACbdbkDBACbdbsDBACbdcsDBACijZ8DBACijbQwDQYJKoZI hvcNAQELBQADggEBAGz3myVve9+/tSInXAaFgl6kFWHS/9dXvSSQJB7Nobm3IyEE NwebDqTWVMb6evAMAlBy602WfrF2PDDhMAkEBJAdWucOoOEHsQ5gI9SLUO0zRxGQ 6ntKGLBqafJlr6oOPMiGL1Rm7fq2/Mpr92BlXWpvLf3gCTVzwsEk9NEZrHvya3jk bUIG9fITL905B+mWs+qBC/Crs2ieOJAQ+IJj3Jt3oZVVC2TGyqPLgMYCjh4rLNOf We4PKm4qfE8M/9AUZQT/rUG7NUGp9e8vXfmux8K3oDY/EHCAiTRuw+CZYS5D0Xe3 IPvTzCK8d0BdOnf3Go7xp58UNnt3i6Uwj1HTopY= -----END CERTIFICATE-----Generated at Sun Jan 25 07:29:08 2026 by rpki-client