This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa File: AS212238.roa (raw, json) Hash identifier: DVY+TrwuDHeYhFT9B6WVU4exxJ/QVwE7fG2V9K7wrW4= Subject key identifier: C8:D7:98:13:50:5B:4F:44:DE:BE:40:51:80:C1:BD:6D:23:02:F4:20 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 418E80B4D367BDBDEFFB7EE1DDC16383BF88258F Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa Signing time: Fri 05 Dec 2025 07:49:27 +0000 ROA not before: Fri 05 Dec 2025 07:44:27 +0000 ROA not after: Fri 04 Dec 2026 07:49:27 +0000 asID: 212238 IP address blocks: 96.62.96.0/23 maxlen: 23 96.62.111.0/24 maxlen: 24 96.62.127.0/24 maxlen: 24 96.62.214.0/24 maxlen: 24 136.143.247.0/24 maxlen: 24 140.233.178.0/23 maxlen: 24 140.233.188.0/23 maxlen: 24 143.14.219.0/24 maxlen: 24 146.103.45.0/24 maxlen: 24 146.103.51.0/24 maxlen: 24 146.103.53.0/24 maxlen: 24 148.135.183.0/24 maxlen: 24 148.135.195.0/24 maxlen: 24 150.241.200.0/23 maxlen: 23 150.241.243.0/24 maxlen: 24 150.241.251.0/24 maxlen: 24 158.140.193.0/24 maxlen: 24 158.140.208.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:8e:80:b4:d3:67:bd:bd:ef:fb:7e:e1:dd:c1:63:83:bf:88:25:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 5 07:44:27 2025 GMT Not After : Dec 4 07:49:27 2026 GMT Subject: CN=C8D79813505B4F44DEBE405180C1BD6D2302F420 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:a2:09:70:a1:ca:cf:ea:65:22:34:af:1c:80: c5:4c:a0:00:14:e3:a3:85:9c:b2:87:08:02:6d:10: a1:ae:2c:52:d3:34:a6:7e:42:1c:dc:54:2f:f5:65: 34:95:61:aa:07:fd:14:8a:1c:75:01:fc:02:5b:fc: d6:7b:7d:94:37:77:c7:94:38:d3:ec:cc:df:60:92: f4:3c:b2:1a:3f:0d:b8:39:4a:e7:c6:84:cc:b9:bd: 3f:3d:39:6b:dc:78:db:20:b0:3b:3f:8d:63:7d:93: 54:89:08:60:69:1e:6c:28:a4:aa:5d:2a:af:2b:56: 21:89:87:b8:55:be:c7:4c:ba:98:99:7b:19:19:fd: 08:66:09:7b:dc:74:78:2b:d2:a2:a6:7c:e5:d1:64: 0c:bc:df:28:e9:b4:83:15:c3:d8:77:5a:92:79:1a: 7f:5c:29:d1:07:26:57:b0:ad:11:4a:6f:96:cc:e4: 1c:86:fb:56:75:4d:a4:db:52:97:7a:d1:80:79:bf: 83:43:3c:88:ee:12:ae:d1:ea:58:d9:ca:4d:e4:3a: f9:b9:d6:92:40:45:c8:a4:f6:d0:d0:ed:2f:f9:5d: 68:cf:12:34:44:2f:a4:1f:38:d8:df:4f:41:d9:22: 5b:0b:48:b2:81:ac:17:27:a2:8d:48:68:c2:22:7c: b5:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:D7:98:13:50:5B:4F:44:DE:BE:40:51:80:C1:BD:6D:23:02:F4:20 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS212238.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.96.0/23 96.62.111.0/24 96.62.127.0/24 96.62.214.0/24 136.143.247.0/24 140.233.178.0/23 140.233.188.0/23 143.14.219.0/24 146.103.45.0/24 146.103.51.0/24 146.103.53.0/24 148.135.183.0/24 148.135.195.0/24 150.241.200.0/23 150.241.243.0/24 150.241.251.0/24 158.140.193.0/24 158.140.208.0/22 Signature Algorithm: sha256WithRSAEncryption 2b:1a:08:4d:6b:48:e4:4a:f2:bb:c9:f9:30:74:29:92:8d:a0: b7:41:41:f5:aa:49:35:c6:35:46:4c:a7:2b:00:7b:5a:3d:dd: 98:6c:d0:99:bb:9b:00:a1:cf:31:e4:6f:2b:d2:8d:2c:b5:8d: a4:6f:d3:2d:ef:52:9b:51:fb:1c:54:f9:1c:e1:35:5a:4d:3b: 10:be:d9:0c:6b:5a:ee:62:ad:fd:ed:09:69:e5:77:15:aa:82: 30:79:c3:27:79:a8:06:fb:b6:ea:c6:58:d5:ea:2e:b3:58:90: 65:dc:5d:db:42:4e:c5:05:23:bc:18:84:49:a6:6d:c6:b7:bb: c1:90:44:dc:1e:c4:ed:0d:29:6c:20:3a:ae:63:1a:aa:9b:04: ca:ea:65:1c:61:cc:fb:cf:54:98:41:6a:ae:61:61:85:30:39: e7:b2:67:40:9c:52:e2:93:5d:29:ff:71:55:56:fe:d9:84:79: 90:28:3b:d0:bf:4c:a9:70:b1:1f:b2:03:2a:b3:44:cb:10:51: 0e:01:13:73:db:21:e4:3e:74:d2:89:a6:36:6c:d6:ea:77:3b: 70:79:0f:ef:3a:a1:db:8c:37:21:34:dd:12:87:96:01:18:53: d2:c4:51:8a:5f:18:62:54:b6:34:82:1f:53:fc:dc:9a:b4:3f: c3:2f:f1:71 -----BEGIN CERTIFICATE----- MIIFZzCCBE+gAwIBAgIUQY6AtNNnvb3v+37h3cFjg7+IJY8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMDUwNzQ0MjdaFw0yNjEyMDQwNzQ5MjdaMDMxMTAvBgNV BAMTKEM4RDc5ODEzNTA1QjRGNDRERUJFNDA1MTgwQzFCRDZEMjMwMkY0MjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNoglwocrP6mUiNK8cgMVMoAAU 46OFnLKHCAJtEKGuLFLTNKZ+QhzcVC/1ZTSVYaoH/RSKHHUB/AJb/NZ7fZQ3d8eU ONPszN9gkvQ8sho/Dbg5SufGhMy5vT89OWvceNsgsDs/jWN9k1SJCGBpHmwopKpd Kq8rViGJh7hVvsdMupiZexkZ/QhmCXvcdHgr0qKmfOXRZAy83yjptIMVw9h3WpJ5 Gn9cKdEHJlewrRFKb5bM5ByG+1Z1TaTbUpd60YB5v4NDPIjuEq7R6ljZyk3kOvm5 1pJARcik9tDQ7S/5XWjPEjREL6QfONjfT0HZIlsLSLKBrBcnoo1IaMIifLVFAgMB AAGjggJxMIICbTAdBgNVHQ4EFgQUyNeYE1BbT0TevkBRgMG9bSMC9CAwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjEyMjM4LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAWA+ YAMEAGA+bwMEAGA+fwMEAGA+1gMEAIiP9wMEAYzpsgMEAYzpvAMEAI8O2wMEAJJn LQMEAJJnMwMEAJJnNQMEAJSHtwMEAJSHwwMEAZbxyAMEAJbx8wMEAJbx+wMEAJ6M wQMEAp6M0DANBgkqhkiG9w0BAQsFAAOCAQEAKxoITWtI5Eryu8n5MHQpko2gt0FB 9apJNcY1RkynKwB7Wj3dmGzQmbubAKHPMeRvK9KNLLWNpG/TLe9Sm1H7HFT5HOE1 Wk07EL7ZDGta7mKt/e0JaeV3FaqCMHnDJ3moBvu26sZY1eous1iQZdxd20JOxQUj vBiESaZtxre7wZBE3B7E7Q0pbCA6rmMaqpsEyuplHGHM+89UmEFqrmFhhTA557Jn QJxS4pNdKf9xVVb+2YR5kCg70L9MqXCxH7IDKrNEyxBRDgETc9sh5D500ommNmzW 6nc7cHkP7zqh24w3ITTdEoeWARhT0sRRil8YYlS2NIIfU/zcmrQ/wy/xcQ== -----END CERTIFICATE-----Generated at Sat Dec 6 13:15:34 2025 by rpki-client