This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: F6q/KCL7zyD9wv8eCKsdyUivKhiIEJKQH1nqaZDbyh4= Subject key identifier: D6:C1:3F:6A:74:DB:26:C5:EF:E7:AC:88:D0:1E:AF:B2:6C:20:03:99 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 7320251C1ED2965E296753F3936171CEB75E242E Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa Signing time: Wed 21 Jan 2026 02:58:25 +0000 ROA not before: Wed 21 Jan 2026 02:53:25 +0000 ROA not after: Wed 20 Jan 2027 02:58:25 +0000 asID: 214025 IP address blocks: 96.62.220.0/24 maxlen: 24 140.233.165.0/24 maxlen: 24 143.14.46.0/24 maxlen: 24 155.117.127.0/24 maxlen: 24 162.141.104.0/24 maxlen: 24 162.141.163.0/24 maxlen: 24 167.148.141.0/24 maxlen: 24 168.222.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73:20:25:1c:1e:d2:96:5e:29:67:53:f3:93:61:71:ce:b7:5e:24:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 21 02:53:25 2026 GMT Not After : Jan 20 02:58:25 2027 GMT Subject: CN=D6C13F6A74DB26C5EFE7AC88D01EAFB26C200399 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a0:7b:40:a9:d7:96:83:8f:76:af:db:00:40: 2b:f3:75:1d:f5:f2:02:4d:44:81:b3:28:24:58:84: 52:34:9c:7c:e4:2b:ba:37:91:ff:11:6c:58:04:64: 56:75:09:13:90:80:de:54:ff:63:a9:30:bc:62:2d: 0f:ba:9d:00:8e:bd:5c:eb:d7:57:e0:1b:10:09:3c: 7e:2b:a5:ac:61:50:31:07:62:54:bf:0c:43:b1:45: 29:bd:30:ee:e5:f0:9b:07:4a:39:de:af:44:d5:7f: 6a:ef:c8:c0:49:c6:97:07:d7:db:7c:c1:02:af:9f: 7b:dc:88:08:c7:98:28:45:36:04:fe:be:ef:d7:a3: 91:40:c7:24:8c:98:2c:f7:42:22:e2:ae:c0:6a:ac: dc:58:1f:ae:ac:50:d2:4f:cc:05:b4:84:e4:ae:40: fa:92:58:f1:d5:f5:01:71:92:1c:ac:61:ca:9a:b9: 30:e6:ba:e6:23:04:cf:b7:68:7e:cc:95:18:73:0d: 77:f0:48:4e:d6:2a:33:5c:87:c8:74:30:16:ef:67: d9:28:22:cf:5c:f4:f7:b4:53:89:2c:d2:e0:09:6a: d0:78:6b:c6:d9:aa:ea:f7:55:4d:f0:24:98:15:5f: 9e:ee:9c:f1:9c:73:dc:23:11:24:90:99:13:5d:68: 6d:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:C1:3F:6A:74:DB:26:C5:EF:E7:AC:88:D0:1E:AF:B2:6C:20:03:99 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.220.0/24 140.233.165.0/24 143.14.46.0/24 155.117.127.0/24 162.141.104.0/24 162.141.163.0/24 167.148.141.0/24 168.222.12.0/24 Signature Algorithm: sha256WithRSAEncryption b9:fc:d0:23:2c:11:4e:ba:c0:e8:17:d3:d3:fc:26:3d:f1:26: 53:f1:61:39:49:1c:56:f0:b7:da:22:57:cd:0d:b2:95:27:80: a4:83:9c:65:8f:91:fb:a2:5f:80:a2:9b:9b:30:a2:16:06:d2: d1:8e:ec:77:da:f9:e5:7f:b2:11:23:1f:f4:01:eb:35:68:6f: a4:53:8a:fe:93:d9:d8:54:7a:50:92:ab:da:2b:53:14:e3:fb: 1e:da:63:ee:db:8a:74:16:c6:ab:4c:ba:4d:a7:10:c3:a4:42: 3d:3b:a2:ca:ee:b1:b3:0d:0d:cb:13:81:d1:9a:f2:db:65:76: 48:1a:09:d3:23:16:b8:58:00:4e:c5:8f:9f:c2:c1:16:7f:8f: 90:c2:dc:b1:d0:04:df:d0:9f:4d:c1:dd:cc:51:63:46:1a:e9: 07:5d:54:fa:81:ea:9c:d8:f3:bd:92:09:3a:56:93:81:a5:dc: 7a:9e:dd:2f:12:be:cd:22:35:6f:56:32:d6:79:4f:65:d2:de: 71:41:d7:0b:a1:7d:6e:7d:c4:d8:c4:9d:16:4b:49:2e:d8:b8: 39:3d:ef:6b:f9:ad:d5:1c:c0:c0:70:2a:a7:43:3d:7d:50:92: 87:4c:81:18:47:86:dd:b2:e0:30:bb:20:58:5b:36:a7:22:42: b4:db:e2:4b -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUcyAlHB7Sll4pZ1Pzk2FxzrdeJC4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMjEwMjUzMjVaFw0yNzAxMjAwMjU4MjVaMDMxMTAvBgNV BAMTKEQ2QzEzRjZBNzREQjI2QzVFRkU3QUM4OEQwMUVBRkIyNkMyMDAzOTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChoHtAqdeWg492r9sAQCvzdR31 8gJNRIGzKCRYhFI0nHzkK7o3kf8RbFgEZFZ1CROQgN5U/2OpMLxiLQ+6nQCOvVzr 11fgGxAJPH4rpaxhUDEHYlS/DEOxRSm9MO7l8JsHSjner0TVf2rvyMBJxpcH19t8 wQKvn3vciAjHmChFNgT+vu/Xo5FAxySMmCz3QiLirsBqrNxYH66sUNJPzAW0hOSu QPqSWPHV9QFxkhysYcqauTDmuuYjBM+3aH7MlRhzDXfwSE7WKjNch8h0MBbvZ9ko Is9c9Pe0U4ks0uAJatB4a8bZqur3VU3wJJgVX57unPGcc9wjESSQmRNdaG0VAgMB AAGjggI0MIICMDAdBgNVHQ4EFgQU1sE/anTbJsXv56yI0B6vsmwgA5kwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAYD7c AwQAjOmlAwQAjw4uAwQAm3V/AwQAoo1oAwQAoo2jAwQAp5SNAwQAqN4MMA0GCSqG SIb3DQEBCwUAA4IBAQC5/NAjLBFOusDoF9PT/CY98SZT8WE5SRxW8LfaIlfNDbKV J4Ckg5xlj5H7ol+AopubMKIWBtLRjux32vnlf7IRIx/0Aes1aG+kU4r+k9nYVHpQ kqvaK1MU4/se2mPu24p0FsarTLpNpxDDpEI9O6LK7rGzDQ3LE4HRmvLbZXZIGgnT Ixa4WABOxY+fwsEWf4+Qwtyx0ATf0J9Nwd3MUWNGGukHXVT6geqc2PO9kgk6VpOB pdx6nt0vEr7NIjVvVjLWeU9l0t5xQdcLoX1ufcTYxJ0WS0ku2Lg5Pe9r+a3VHMDA cCqnQz19UJKHTIEYR4bdsuAwuyBYWzanIkK02+JL -----END CERTIFICATE-----Generated at Sun Jan 25 07:29:05 2026 by rpki-client