This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: aNERyutpzLRKKalk796LAqE6o6/36fOH9ICViGu3zOs= Subject key identifier: BE:83:58:AE:73:F8:68:AB:1F:99:D5:9D:7C:7B:08:19:C9:A8:C3:58 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 105FB1AB7D801CC41D6D90040BC6A10D2F9F1C9D Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa Signing time: Tue 02 Dec 2025 07:43:10 +0000 ROA not before: Tue 02 Dec 2025 07:38:10 +0000 ROA not after: Tue 01 Dec 2026 07:43:10 +0000 asID: 16509 IP address blocks: 96.62.208.0/22 maxlen: 22 140.233.128.0/19 maxlen: 24 143.14.132.0/24 maxlen: 24 143.14.227.0/24 maxlen: 24 145.223.64.0/24 maxlen: 24 145.223.65.0/24 maxlen: 24 146.103.60.0/24 maxlen: 24 146.103.62.0/23 maxlen: 24 147.79.25.0/24 maxlen: 24 148.135.180.0/24 maxlen: 24 148.135.186.0/24 maxlen: 24 155.117.0.0/24 maxlen: 24 155.117.60.0/24 maxlen: 24 155.117.185.0/24 maxlen: 24 155.117.187.0/24 maxlen: 24 155.117.203.0/24 maxlen: 24 162.141.159.0/24 maxlen: 24 162.141.180.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:5f:b1:ab:7d:80:1c:c4:1d:6d:90:04:0b:c6:a1:0d:2f:9f:1c:9d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 2 07:38:10 2025 GMT Not After : Dec 1 07:43:10 2026 GMT Subject: CN=BE8358AE73F868AB1F99D59D7C7B0819C9A8C358 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:4c:b9:5d:aa:b0:84:8c:5d:9c:f9:cb:10:24: 6b:3d:42:51:96:8c:96:1f:da:a6:d0:1a:6a:9b:ee: 1b:cc:e4:c2:62:da:4c:73:ab:87:9b:88:b7:80:8c: c8:ca:ff:4f:20:7b:02:be:04:57:44:eb:5b:57:76: 15:65:79:08:d8:93:f7:0e:05:43:76:24:39:68:5a: c9:57:20:58:d3:fc:f9:ba:26:32:d5:7c:bc:8a:21: 1f:f5:5f:96:43:78:bf:27:f5:f1:cc:ed:2b:25:19: 13:af:a4:c2:4e:ae:4d:63:2e:14:6b:70:dc:b8:eb: aa:49:51:3e:3d:33:51:07:a7:90:62:3f:46:f8:66: 4b:21:4e:d5:94:30:b9:33:d6:f2:69:70:eb:39:c1: 09:23:65:28:2f:93:ef:a1:37:0a:48:d7:1b:34:51: 7a:7b:41:1d:e2:99:d9:a7:f6:77:5e:2e:17:d4:d7: e8:ba:97:2d:b6:73:dc:fb:35:72:c3:94:e5:38:6d: 1b:e7:a4:13:6e:82:d1:93:ba:1d:29:9a:60:5e:0e: 2d:33:e9:c6:55:15:ae:d4:06:16:17:f3:ba:d0:e9: bd:87:96:03:d0:87:5c:89:79:6d:e5:3f:e1:76:99: b4:f5:e7:6b:ef:0c:a4:38:67:34:ca:3e:4e:1d:a9: 9b:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:83:58:AE:73:F8:68:AB:1F:99:D5:9D:7C:7B:08:19:C9:A8:C3:58 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.208.0/22 140.233.128.0/19 143.14.132.0/24 143.14.227.0/24 145.223.64.0/23 146.103.60.0/24 146.103.62.0/23 147.79.25.0/24 148.135.180.0/24 148.135.186.0/24 155.117.0.0/24 155.117.60.0/24 155.117.185.0/24 155.117.187.0/24 155.117.203.0/24 162.141.159.0/24 162.141.180.0/24 Signature Algorithm: sha256WithRSAEncryption 77:46:6c:52:58:44:25:2b:a3:38:75:d1:0a:b1:39:e5:77:55: a4:3e:d8:96:c3:7e:d5:7d:a6:58:da:50:38:3f:5f:e5:48:95: d7:03:ef:e1:2d:c4:a1:ec:b9:bd:fd:6b:12:a3:99:a2:8b:0f: 95:39:d1:55:e7:64:63:e6:70:33:10:67:c5:0a:76:d2:42:84: 3b:0c:37:eb:1e:5b:cb:b1:cc:80:77:a0:50:9c:4e:2e:97:88: ec:7d:24:aa:62:67:7b:b0:1b:6e:82:31:b4:0b:dd:d4:4b:22: 5c:02:22:8c:bd:73:59:8e:8a:30:97:0e:07:2a:de:e1:60:af: d0:d4:b7:9f:c7:5b:82:b3:ea:c6:88:e7:e3:25:2e:56:fd:39: 4d:96:94:a1:8a:06:9b:97:5e:46:35:f4:66:06:29:7e:15:c3: 17:90:ed:f6:cd:ad:d6:74:f3:a9:48:f0:d3:94:96:5f:81:28: ae:0b:5d:e1:cc:99:71:fc:05:db:15:a2:18:70:76:9e:bd:d1: 3d:d7:67:a0:12:cc:02:55:1d:65:18:af:e4:49:43:2c:f9:ad: 6f:e4:b2:ad:bb:75:7f:4f:54:13:5c:a3:03:b9:7b:dd:d4:8d: c5:3d:ef:39:55:f7:9e:2e:4e:29:03:ef:9b:95:65:5b:b3:81: 29:a5:1a:ae -----BEGIN CERTIFICATE----- MIIFXzCCBEegAwIBAgIUEF+xq32AHMQdbZAEC8ahDS+fHJ0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDIwNzM4MTBaFw0yNjEyMDEwNzQzMTBaMDMxMTAvBgNV BAMTKEJFODM1OEFFNzNGODY4QUIxRjk5RDU5RDdDN0IwODE5QzlBOEMzNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvTLldqrCEjF2c+csQJGs9QlGW jJYf2qbQGmqb7hvM5MJi2kxzq4ebiLeAjMjK/08gewK+BFdE61tXdhVleQjYk/cO BUN2JDloWslXIFjT/Pm6JjLVfLyKIR/1X5ZDeL8n9fHM7SslGROvpMJOrk1jLhRr cNy466pJUT49M1EHp5BiP0b4ZkshTtWUMLkz1vJpcOs5wQkjZSgvk++hNwpI1xs0 UXp7QR3imdmn9ndeLhfU1+i6ly22c9z7NXLDlOU4bRvnpBNugtGTuh0pmmBeDi0z 6cZVFa7UBhYX87rQ6b2HlgPQh1yJeW3lP+F2mbT152vvDKQ4ZzTKPk4dqZsdAgMB AAGjggJpMIICZTAdBgNVHQ4EFgQUvoNYrnP4aKsfmdWdfHsIGcmow1gwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwfwYIKwYBBQUHAQcBAf8EcDBuMGwEAgABMGYDBAJgPtAD BAWM6YADBACPDoQDBACPDuMDBAGR30ADBACSZzwDBAGSZz4DBACTTxkDBACUh7QD BACUh7oDBACbdQADBACbdTwDBACbdbkDBACbdbsDBACbdcsDBACijZ8DBACijbQw DQYJKoZIhvcNAQELBQADggEBAHdGbFJYRCUrozh10QqxOeV3VaQ+2JbDftV9plja UDg/X+VIldcD7+EtxKHsub39axKjmaKLD5U50VXnZGPmcDMQZ8UKdtJChDsMN+se W8uxzIB3oFCcTi6XiOx9JKpiZ3uwG26CMbQL3dRLIlwCIoy9c1mOijCXDgcq3uFg r9DUt5/HW4Kz6saI5+MlLlb9OU2WlKGKBpuXXkY19GYGKX4VwxeQ7fbNrdZ086lI 8NOUll+BKK4LXeHMmXH8BdsVohhwdp690T3XZ6ASzAJVHWUYr+RJQyz5rW/ksq27 dX9PVBNcowO5e93UjcU97zlV954uTikD75uVZVuzgSmlGq4= -----END CERTIFICATE-----Generated at Sat Dec 6 11:51:01 2025 by rpki-client