This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa File: AS21859.roa (raw, json) Hash identifier: Ngzvik6z5B4d2cBcAGC+KFVAr5PjtbVVABmWgECb860= Subject key identifier: 77:F4:6E:FA:D3:E8:4A:BD:EC:81:99:E0:E9:30:41:ED:85:E8:DF:BA Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 377502C948606D4DC22EF3E20B00DFADB00BFE2C Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa Signing time: Mon 19 Jan 2026 07:02:48 +0000 ROA not before: Mon 19 Jan 2026 06:57:48 +0000 ROA not after: Mon 18 Jan 2027 07:02:48 +0000 asID: 21859 IP address blocks: 96.62.255.0/24 maxlen: 24 140.233.187.0/24 maxlen: 24 143.14.125.0/24 maxlen: 24 148.135.196.0/23 maxlen: 23 148.135.204.0/23 maxlen: 23 155.117.245.0/24 maxlen: 24 167.148.120.0/23 maxlen: 23 167.148.223.0/24 maxlen: 24 168.222.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:75:02:c9:48:60:6d:4d:c2:2e:f3:e2:0b:00:df:ad:b0:0b:fe:2c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 19 06:57:48 2026 GMT Not After : Jan 18 07:02:48 2027 GMT Subject: CN=77F46EFAD3E84ABDEC8199E0E93041ED85E8DFBA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:90:76:d2:a7:f6:03:d0:9a:d0:d4:2d:63:ce:dd: ca:8f:8b:32:c5:96:10:6d:82:d9:1c:17:37:96:33: 87:80:79:af:71:b0:3e:fb:d5:9e:95:a5:8c:24:c6: c7:32:30:ee:48:3a:f4:e5:5f:6a:19:e1:bc:11:7b: 57:2f:9c:7c:73:0d:c3:6c:d0:d4:e4:c6:00:73:e2: 31:48:d7:53:44:d8:c2:ff:09:f5:da:ae:be:4b:09: 96:c7:69:e9:0a:92:76:38:71:de:7b:f2:02:0b:24: 0c:54:61:e4:9f:b2:e2:05:b6:2e:86:2c:7d:9f:8e: 7c:6b:ef:fa:b3:08:d8:4b:63:d1:bc:32:90:76:ba: 7e:10:a6:21:13:d2:ca:af:e7:42:9a:ec:9b:95:14: 33:df:7b:6a:98:22:0f:10:90:f1:ea:12:ab:33:7f: 9d:fc:1f:3e:d6:f1:28:8d:bc:26:20:95:8f:5e:b4: 04:bd:e4:43:3d:0c:45:0d:7c:6e:dc:92:50:c6:3b: 4d:e4:14:5a:17:8d:72:a6:5b:0e:f4:09:65:ab:02: 0a:c5:78:b7:7a:c8:c6:9e:d6:dd:89:1f:c0:1a:2e: a7:46:63:a5:95:56:45:d7:f7:d5:bb:09:47:8c:e9: 1d:67:3b:82:8b:54:1e:34:b1:ba:a5:d3:07:6f:17: 05:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 77:F4:6E:FA:D3:E8:4A:BD:EC:81:99:E0:E9:30:41:ED:85:E8:DF:BA X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.255.0/24 140.233.187.0/24 143.14.125.0/24 148.135.196.0/23 148.135.204.0/23 155.117.245.0/24 167.148.120.0/23 167.148.223.0/24 168.222.4.0/24 Signature Algorithm: sha256WithRSAEncryption 7f:f1:48:28:01:63:30:f5:1d:c8:b1:d8:61:34:75:05:74:88: 5f:e0:5b:88:b9:c3:e7:e7:70:74:f9:19:d9:b9:97:e0:62:e4: ca:8f:1f:a8:f4:0c:fa:46:07:96:7d:eb:ef:d1:38:28:43:17: e8:02:13:8c:ae:a8:13:27:08:bf:6b:fc:f9:78:73:52:3a:7e: 3b:38:a4:84:5d:7e:57:9b:37:0b:c0:8d:38:d3:04:0d:65:d0: 66:27:9d:f4:01:e3:45:47:8a:5b:8c:fa:56:79:f5:1e:78:1f: 89:94:a3:64:ec:66:d8:44:1e:54:4e:cc:69:08:fa:9b:3c:25: c7:0f:90:61:9c:ab:03:3d:94:7e:b0:71:2d:d0:0c:3a:fe:e6: 0c:f0:ad:17:0c:88:4d:f7:8a:50:56:84:40:52:a3:9a:b0:b6: 0b:f1:ea:15:20:aa:cd:83:d1:98:0d:12:35:32:8f:6b:d7:73: fd:f3:12:dd:6b:c5:7a:a4:f6:97:f4:94:d5:c4:2f:15:a9:70: e7:e1:a4:19:83:8e:ed:6d:ff:f4:4a:86:a0:c1:50:3a:dc:bd: 57:05:bf:a7:04:aa:26:2d:4d:78:d5:71:0b:1a:cb:f9:bb:b3: d5:04:65:2a:cd:85:fa:5f:76:44:df:27:9d:73:e9:1f:f7:64: 4c:39:9b:16 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUN3UCyUhgbU3CLvPiCwDfrbAL/iwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTkwNjU3NDhaFw0yNzAxMTgwNzAyNDhaMDMxMTAvBgNV BAMTKDc3RjQ2RUZBRDNFODRBQkRFQzgxOTlFMEU5MzA0MUVEODVFOERGQkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQdtKn9gPQmtDULWPO3cqPizLF lhBtgtkcFzeWM4eAea9xsD771Z6VpYwkxscyMO5IOvTlX2oZ4bwRe1cvnHxzDcNs 0NTkxgBz4jFI11NE2ML/CfXarr5LCZbHaekKknY4cd578gILJAxUYeSfsuIFti6G LH2fjnxr7/qzCNhLY9G8MpB2un4QpiET0sqv50Ka7JuVFDPfe2qYIg8QkPHqEqsz f538Hz7W8SiNvCYglY9etAS95EM9DEUNfG7cklDGO03kFFoXjXKmWw70CWWrAgrF eLd6yMae1t2JH8AaLqdGY6WVVkXX99W7CUeM6R1nO4KLVB40sbql0wdvFwV3AgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUd/Ru+tPoSr3sgZng6TBB7YXo37owHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwTwYIKwYBBQUHAQcBAf8EQDA+MDwEAgABMDYDBABgPv8D BACM6bsDBACPDn0DBAGUh8QDBAGUh8wDBACbdfUDBAGnlHgDBACnlN8DBACo3gQw DQYJKoZIhvcNAQELBQADggEBAH/xSCgBYzD1Hcix2GE0dQV0iF/gW4i5w+fncHT5 Gdm5l+Bi5MqPH6j0DPpGB5Z96+/ROChDF+gCE4yuqBMnCL9r/Pl4c1I6fjs4pIRd flebNwvAjTjTBA1l0GYnnfQB40VHiluM+lZ59R54H4mUo2TsZthEHlROzGkI+ps8 JccPkGGcqwM9lH6wcS3QDDr+5gzwrRcMiE33ilBWhEBSo5qwtgvx6hUgqs2D0ZgN EjUyj2vXc/3zEt1rxXqk9pf0lNXELxWpcOfhpBmDju1t//RKhqDBUDrcvVcFv6cE qiYtTXjVcQsay/m7s9UEZSrNhfpfdkTfJ51z6R/3ZEw5mxY= -----END CERTIFICATE-----Generated at Sun Jan 25 07:29:18 2026 by rpki-client