This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa File: AS212238.roa (raw, json) Hash identifier: FPDVsAAPw5mmfHU4zu3pv+b1Qfvk9Q1N0syqP+RHZEk= Subject key identifier: 82:70:4D:71:B4:EF:20:07:EF:65:B8:01:8B:5D:4F:98:7E:75:EA:41 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 04A9215E28775FE3A92C66ADC26BB3CA640F0ECA Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa Signing time: Thu 08 Jan 2026 15:29:40 +0000 ROA not before: Thu 08 Jan 2026 15:24:40 +0000 ROA not after: Thu 07 Jan 2027 15:29:40 +0000 asID: 212238 IP address blocks: 96.62.96.0/23 maxlen: 23 96.62.111.0/24 maxlen: 24 96.62.127.0/24 maxlen: 24 96.62.190.0/24 maxlen: 24 96.62.214.0/24 maxlen: 24 136.143.247.0/24 maxlen: 24 140.233.178.0/23 maxlen: 24 140.233.188.0/23 maxlen: 24 143.14.219.0/24 maxlen: 24 146.103.45.0/24 maxlen: 24 146.103.51.0/24 maxlen: 24 146.103.53.0/24 maxlen: 24 147.79.10.0/24 maxlen: 24 148.135.183.0/24 maxlen: 24 148.135.195.0/24 maxlen: 24 150.241.200.0/23 maxlen: 23 150.241.243.0/24 maxlen: 24 150.241.251.0/24 maxlen: 24 155.117.144.0/24 maxlen: 24 158.140.193.0/24 maxlen: 24 158.140.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:a9:21:5e:28:77:5f:e3:a9:2c:66:ad:c2:6b:b3:ca:64:0f:0e:ca Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 8 15:24:40 2026 GMT Not After : Jan 7 15:29:40 2027 GMT Subject: CN=82704D71B4EF2007EF65B8018B5D4F987E75EA41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:1c:e9:59:f6:a6:c4:fd:cf:7d:68:8b:c6:66: 3f:3c:42:3b:da:f4:d4:13:2c:c2:c4:55:f0:4d:37: d9:84:4a:30:4a:23:dc:13:51:bb:40:ea:4b:2c:e1: 1b:94:f6:2c:4d:d1:25:fb:fc:1a:f0:d9:91:2d:e1: 2a:62:c2:be:93:3d:2d:8e:01:fa:2c:35:37:37:c7: f6:12:a8:ee:b4:ac:ac:48:cf:d8:1c:93:4a:67:ed: a6:75:4b:be:ab:26:da:ae:47:7a:3a:c5:02:f4:74: 3a:0e:ec:07:94:22:f1:3f:49:7d:d0:a2:ba:b6:f0: cb:cb:05:76:e4:54:e7:ce:2f:02:76:1d:f8:a9:7b: 64:45:a0:e7:22:d1:74:eb:9b:28:88:cf:f7:e7:28: 93:d0:30:fc:22:b5:dc:64:01:aa:49:f2:5e:67:bf: 22:2e:08:94:c7:f3:a5:c3:91:f6:18:07:bf:8b:fd: 21:21:64:5a:40:d9:00:00:df:5b:7c:43:fb:a5:bf: 06:f1:77:88:19:8d:fd:3b:9f:94:88:b8:f3:0c:47: 6f:d5:ea:b9:a6:9a:ba:d4:08:49:d1:a2:4d:d6:b2: cb:cd:fe:b0:dc:b0:64:3b:8e:3d:4e:46:74:24:a0: 5e:d3:e7:61:3b:5d:a0:33:52:64:60:ff:80:fe:94: 53:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:70:4D:71:B4:EF:20:07:EF:65:B8:01:8B:5D:4F:98:7E:75:EA:41 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.96.0/23 96.62.111.0/24 96.62.127.0/24 96.62.190.0/24 96.62.214.0/24 136.143.247.0/24 140.233.178.0/23 140.233.188.0/23 143.14.219.0/24 146.103.45.0/24 146.103.51.0/24 146.103.53.0/24 147.79.10.0/24 148.135.183.0/24 148.135.195.0/24 150.241.200.0/23 150.241.243.0/24 150.241.251.0/24 155.117.144.0/24 158.140.193.0/24 158.140.208.0/22 Signature Algorithm: sha256WithRSAEncryption 72:c8:13:de:56:fa:0a:7c:80:a8:f1:30:26:80:9e:96:a4:cb: 24:8f:bd:26:71:7b:bc:90:17:b2:7d:3d:06:ad:38:7f:22:24: 73:05:a0:d1:22:4f:6f:14:25:7b:1c:7e:00:4c:50:6c:86:11: be:a3:c9:a5:94:c4:63:99:97:42:a3:aa:a7:9a:1f:22:fc:25: 57:47:b5:41:93:1e:64:bd:72:a8:b5:99:63:90:86:06:af:61: fd:f8:68:33:87:09:50:a9:cd:b6:bb:c8:43:29:5e:dd:61:7a: ad:5c:a6:d2:be:1f:f3:b3:d4:05:7b:ea:58:f6:8f:d2:62:6a: 3e:ee:36:39:3d:48:10:46:78:da:53:a5:51:9f:8d:46:8e:a5: b8:a5:d1:e9:03:d7:ef:82:da:a1:28:58:65:8e:e6:ad:ed:a3: 3a:85:51:96:b9:31:86:fa:2b:d6:fb:5f:e3:5e:f8:40:ca:15: d5:8d:14:6d:94:6b:ac:36:5a:02:66:70:1f:5e:29:67:d7:21: d2:89:b2:78:45:00:db:82:98:98:2b:e5:eb:cf:8f:37:cc:14: bf:07:b6:ce:50:a6:c5:40:fb:c9:46:37:99:dd:d9:b3:df:38: bb:df:48:1e:a6:b8:c9:d6:87:3e:1e:e4:a5:ca:6a:0e:d9:28: 11:77:50:0f -----BEGIN CERTIFICATE----- MIIFfDCCBGSgAwIBAgIUBKkhXih3X+OpLGatwmuzymQPDsowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMDgxNTI0NDBaFw0yNzAxMDcxNTI5NDBaMDMxMTAvBgNV BAMTKDgyNzA0RDcxQjRFRjIwMDdFRjY1QjgwMThCNUQ0Rjk4N0U3NUVBNDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2HOlZ9qbE/c99aIvGZj88Qjva 9NQTLMLEVfBNN9mESjBKI9wTUbtA6kss4RuU9ixN0SX7/Brw2ZEt4Spiwr6TPS2O AfosNTc3x/YSqO60rKxIz9gck0pn7aZ1S76rJtquR3o6xQL0dDoO7AeUIvE/SX3Q orq28MvLBXbkVOfOLwJ2Hfipe2RFoOci0XTrmyiIz/fnKJPQMPwitdxkAapJ8l5n vyIuCJTH86XDkfYYB7+L/SEhZFpA2QAA31t8Q/ulvwbxd4gZjf07n5SIuPMMR2/V 6rmmmrrUCEnRok3WssvN/rDcsGQ7jj1ORnQkoF7T52E7XaAzUmRg/4D+lFNxAgMB AAGjggKGMIICgjAdBgNVHQ4EFgQUgnBNcbTvIAfvZbgBi11PmH516kEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgME AWA+YAMEAGA+bwMEAGA+fwMEAGA+vgMEAGA+1gMEAIiP9wMEAYzpsgMEAYzpvAME AI8O2wMEAJJnLQMEAJJnMwMEAJJnNQMEAJNPCgMEAJSHtwMEAJSHwwMEAZbxyAME AJbx8wMEAJbx+wMEAJt1kAMEAJ6MwQMEAp6M0DANBgkqhkiG9w0BAQsFAAOCAQEA csgT3lb6CnyAqPEwJoCelqTLJI+9JnF7vJAXsn09Bq04fyIkcwWg0SJPbxQlexx+ AExQbIYRvqPJpZTEY5mXQqOqp5ofIvwlV0e1QZMeZL1yqLWZY5CGBq9h/fhoM4cJ UKnNtrvIQyle3WF6rVym0r4f87PUBXvqWPaP0mJqPu42OT1IEEZ42lOlUZ+NRo6l uKXR6QPX74LaoShYZY7mre2jOoVRlrkxhvor1vtf4174QMoV1Y0UbZRrrDZaAmZw H14pZ9ch0omyeEUA24KYmCvl68+PN8wUvwe2zlCmxUD7yUY3md3Zs984u99IHqa4 ydaHPh7kpcpqDtkoEXdQDw== -----END CERTIFICATE-----Generated at Sun Jan 25 07:28:24 2026 by rpki-client