This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa File: AS21859.roa (raw, json) Hash identifier: +uhdk1duRIocBin71ueZwM9TnHP8fclsTLhhm/oMYa8= Subject key identifier: 18:40:5A:00:87:01:47:0F:65:03:19:F0:18:1A:22:3D:D1:C3:FF:44 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 1A4DCC1B59A1FCBC24E4E8BF959DD580515DAB3D Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa Signing time: Thu 27 Nov 2025 05:36:16 +0000 ROA not before: Thu 27 Nov 2025 05:31:16 +0000 ROA not after: Thu 26 Nov 2026 05:36:16 +0000 asID: 21859 IP address blocks: 96.62.255.0/24 maxlen: 24 140.233.187.0/24 maxlen: 24 143.14.125.0/24 maxlen: 24 148.135.196.0/23 maxlen: 23 148.135.204.0/23 maxlen: 23 155.117.245.0/24 maxlen: 24 167.148.223.0/24 maxlen: 24 168.222.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1a:4d:cc:1b:59:a1:fc:bc:24:e4:e8:bf:95:9d:d5:80:51:5d:ab:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 27 05:31:16 2025 GMT Not After : Nov 26 05:36:16 2026 GMT Subject: CN=18405A008701470F650319F0181A223DD1C3FF44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:15:aa:05:c2:98:be:a5:3c:af:61:50:de:70: e0:45:be:ba:81:c3:14:24:39:5e:1a:e5:cf:f5:db: 77:7a:81:34:08:f5:20:38:af:60:a6:75:30:17:55: 1e:44:38:ad:04:5c:00:f5:35:94:2a:f6:d5:ed:2f: 51:d1:2f:15:f8:1f:90:ac:53:29:d0:3e:e0:4a:45: 4d:fd:d8:1b:8d:82:ad:de:26:5f:c7:5c:76:66:3d: e1:a8:ed:70:e0:1e:d7:a3:3a:65:76:fa:73:85:5b: b8:69:36:0b:ab:ad:4d:ce:df:2f:8e:4a:a6:bb:9d: db:59:5d:9a:00:af:ba:64:6f:8b:c2:a6:aa:07:4d: be:be:95:37:15:66:9f:e4:00:47:35:66:7e:50:d9: 98:c3:8a:2f:32:aa:9d:2e:e1:94:da:e2:8a:62:df: 29:6c:03:88:09:2e:c4:c4:2b:a3:64:b7:5c:b9:ef: a5:88:1c:46:ef:f6:ad:d2:cd:01:ca:1c:50:b6:65: 0e:46:83:cc:61:ab:cf:39:7e:0c:c5:21:1e:f6:2d: 3c:74:19:1c:65:b1:6b:0c:c5:dc:2a:17:c6:ac:2b: 5e:a0:2c:b3:6e:c9:04:56:15:83:ab:eb:0c:96:ce: d4:6b:c2:c7:a3:81:ea:fa:b3:e3:83:8f:81:dc:ab: b0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:40:5A:00:87:01:47:0F:65:03:19:F0:18:1A:22:3D:D1:C3:FF:44 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS21859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.255.0/24 140.233.187.0/24 143.14.125.0/24 148.135.196.0/23 148.135.204.0/23 155.117.245.0/24 167.148.223.0/24 168.222.4.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:52:a4:d5:b0:89:23:d0:bc:39:80:d6:8c:31:9e:20:21:60: 60:f2:d8:6d:45:2b:43:62:49:f8:1e:0a:33:f7:ab:14:3f:97: 90:74:57:9b:23:ce:21:aa:b3:28:81:c1:31:36:ba:94:6e:3d: 1f:8e:93:af:69:14:ca:9b:30:c1:96:fc:48:10:48:26:a7:4f: 1b:2f:ba:51:c1:80:f1:7a:71:71:8b:dc:5b:25:2c:48:6f:94: 7b:dc:e2:83:8f:65:f6:53:a4:6b:17:11:bf:c2:0c:9e:67:be: de:91:89:1b:2e:b5:48:52:28:0e:b0:9b:bb:18:72:ba:93:28: e4:8c:15:dd:46:1d:49:87:5c:3c:b5:e0:3d:57:c2:13:a7:78: 85:c9:8b:44:11:0e:d1:2c:4a:ea:f5:b8:81:a2:a5:40:1d:cd: 74:d2:48:4f:92:41:6a:44:d3:56:a4:41:63:36:92:5d:61:29: 10:cb:40:4d:04:b5:ea:f3:8c:15:f1:1d:fa:a9:84:79:cf:98: d7:dd:e5:72:58:b7:2a:18:42:6a:df:02:21:39:e7:f8:89:97: f2:9c:4d:42:bd:eb:ff:59:07:4a:45:e3:52:de:e9:b7:e0:5e: 98:27:db:8d:d8:3d:80:3e:32:fd:f2:76:6d:3f:73:0e:c7:00: bd:f3:dd:05 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUGk3MG1mh/Lwk5Oi/lZ3VgFFdqz0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjcwNTMxMTZaFw0yNjExMjYwNTM2MTZaMDMxMTAvBgNV BAMTKDE4NDA1QTAwODcwMTQ3MEY2NTAzMTlGMDE4MUEyMjNERDFDM0ZGNDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKFaoFwpi+pTyvYVDecOBFvrqB wxQkOV4a5c/123d6gTQI9SA4r2CmdTAXVR5EOK0EXAD1NZQq9tXtL1HRLxX4H5Cs UynQPuBKRU392BuNgq3eJl/HXHZmPeGo7XDgHtejOmV2+nOFW7hpNgurrU3O3y+O Sqa7ndtZXZoAr7pkb4vCpqoHTb6+lTcVZp/kAEc1Zn5Q2ZjDii8yqp0u4ZTa4opi 3ylsA4gJLsTEK6Nkt1y576WIHEbv9q3SzQHKHFC2ZQ5Gg8xhq885fgzFIR72LTx0 GRxlsWsMxdwqF8asK16gLLNuyQRWFYOr6wyWztRrwsejger6s+ODj4Hcq7AFAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUGEBaAIcBRw9lAxnwGBoiPdHD/0QwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBABgPv8D BACM6bsDBACPDn0DBAGUh8QDBAGUh8wDBACbdfUDBACnlN8DBACo3gQwDQYJKoZI hvcNAQELBQADggEBAD5SpNWwiSPQvDmA1owxniAhYGDy2G1FK0NiSfgeCjP3qxQ/ l5B0V5sjziGqsyiBwTE2upRuPR+Ok69pFMqbMMGW/EgQSCanTxsvulHBgPF6cXGL 3FslLEhvlHvc4oOPZfZTpGsXEb/CDJ5nvt6RiRsutUhSKA6wm7sYcrqTKOSMFd1G HUmHXDy14D1XwhOneIXJi0QRDtEsSur1uIGipUAdzXTSSE+SQWpE01akQWM2kl1h KRDLQE0EterzjBXxHfqphHnPmNfd5XJYtyoYQmrfAiE55/iJl/KcTUK96/9ZB0pF 41Le6bfgXpgn243YPYA+Mv3ydm0/cw7HAL3z3QU= -----END CERTIFICATE-----Generated at Sat Dec 6 15:44:49 2025 by rpki-client