This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: RxcLCG2p1NBeG0ZsZb41Zfgiw9GJaB7XJHZOfTQHgrE= Subject key identifier: 4A:DD:25:93:52:AB:A7:35:05:D6:D0:60:AD:7E:F0:5F:87:AE:27:E2 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 27EFF6FD98431346B86A24DB2CC1AA7F0E5F344F Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa Signing time: Wed 21 Jan 2026 02:45:16 +0000 ROA not before: Wed 21 Jan 2026 02:40:16 +0000 ROA not after: Wed 20 Jan 2027 02:45:16 +0000 asID: 25198 IP address blocks: 140.150.156.0/24 maxlen: 24 140.233.165.0/24 maxlen: 24 143.14.185.0/24 maxlen: 24 147.79.16.0/24 maxlen: 24 148.135.198.0/24 maxlen: 24 150.241.238.0/24 maxlen: 24 150.241.240.0/24 maxlen: 24 155.117.1.0/24 maxlen: 24 155.117.145.0/24 maxlen: 24 155.117.254.0/24 maxlen: 24 167.148.105.0/24 maxlen: 24 167.148.123.0/24 maxlen: 24 168.222.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:ef:f6:fd:98:43:13:46:b8:6a:24:db:2c:c1:aa:7f:0e:5f:34:4f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 21 02:40:16 2026 GMT Not After : Jan 20 02:45:16 2027 GMT Subject: CN=4ADD259352ABA73505D6D060AD7EF05F87AE27E2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:00:f7:cf:3f:a6:8d:43:b7:ab:b4:49:77:72: cd:c8:f9:b5:60:44:af:27:c3:5f:2d:f5:af:5e:01: 9f:d8:fa:d8:80:3d:01:87:ac:10:74:7e:cc:8a:4d: a4:07:76:0c:fd:69:b7:2b:81:4d:4e:f1:cd:37:57: f5:74:15:d6:2a:af:f0:c8:8f:07:5a:c0:17:8d:94: b3:61:e3:d3:76:03:74:1b:15:37:ea:f1:6c:85:71: d9:26:53:e0:d6:6d:63:ff:49:94:ca:f7:a5:05:35: cd:86:54:7f:88:08:a9:69:47:a0:13:3e:43:9d:dd: bf:59:91:6e:4b:e0:6b:d5:2d:84:52:d3:29:d5:40: 77:05:29:01:a1:be:0f:df:45:84:28:f1:10:80:c3: c4:e0:e8:ca:13:21:8f:65:ee:28:a7:9a:12:65:46: 55:2a:17:3f:0e:a9:6d:93:d5:b3:a7:c6:33:5b:a0: c4:30:3d:c5:64:52:f2:43:ac:c2:31:14:0a:4f:94: 09:46:bf:2a:2b:7c:a9:ab:5b:c2:bb:40:f4:96:27: 5f:e6:35:61:65:8e:2f:ee:ed:8f:fd:50:58:96:46: 12:a1:1e:12:81:60:da:26:85:4d:d4:d1:17:94:8f: 29:ac:b4:fe:b0:ba:c8:d5:c5:7e:fe:61:69:70:33: 6b:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:DD:25:93:52:AB:A7:35:05:D6:D0:60:AD:7E:F0:5F:87:AE:27:E2 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.150.156.0/24 140.233.165.0/24 143.14.185.0/24 147.79.16.0/24 148.135.198.0/24 150.241.238.0/24 150.241.240.0/24 155.117.1.0/24 155.117.145.0/24 155.117.254.0/24 167.148.105.0/24 167.148.123.0/24 168.222.63.0/24 Signature Algorithm: sha256WithRSAEncryption b8:13:74:ab:cd:62:0b:77:8d:7f:5b:ee:17:18:87:77:81:43: 6c:0e:d3:ea:4c:cb:b4:d9:a3:69:c1:ae:14:06:44:a6:f2:5d: 84:f5:39:23:83:a0:c1:2a:6f:35:e5:54:0e:02:a9:87:ec:b5: 4c:d2:f2:ca:ad:20:cc:17:42:ca:bc:08:b7:a9:0f:dd:8c:60: de:58:6e:d9:81:d0:0c:4a:2d:b2:cb:a3:ed:12:72:b0:37:f5: 97:6c:d4:21:db:5c:8f:90:b0:94:e8:f5:3b:c3:22:bf:e1:0b: 7e:74:d1:6a:7d:33:a2:e8:b3:05:74:a0:60:b1:b5:a2:c1:1c: b6:36:75:10:c7:3f:b2:51:7e:14:14:98:80:cb:52:9d:70:c6: a7:99:7c:6f:3c:be:ab:24:11:61:cb:bc:47:dd:6b:0c:05:50: b5:a4:7c:62:f6:6c:52:5a:94:26:94:aa:38:94:54:d1:78:5f: e0:9f:83:f4:30:7a:50:7c:c8:f0:fc:00:4a:5b:36:89:ed:0c: 21:7e:bf:16:e9:4b:1a:14:d9:21:4e:32:16:69:39:7f:3c:af: 40:13:fa:72:d3:00:2f:c8:28:bf:3e:fc:ff:5e:51:60:0b:4b: 23:31:d9:52:0d:75:5f:68:81:0c:62:0e:23:16:b7:b0:fd:7b: 92:ae:21:e1 -----BEGIN CERTIFICATE----- MIIFRzCCBC+gAwIBAgIUJ+/2/ZhDE0a4aiTbLMGqfw5fNE8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMjEwMjQwMTZaFw0yNzAxMjAwMjQ1MTZaMDMxMTAvBgNV BAMTKDRBREQyNTkzNTJBQkE3MzUwNUQ2RDA2MEFEN0VGMDVGODdBRTI3RTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKAPfPP6aNQ7ertEl3cs3I+bVg RK8nw18t9a9eAZ/Y+tiAPQGHrBB0fsyKTaQHdgz9abcrgU1O8c03V/V0FdYqr/DI jwdawBeNlLNh49N2A3QbFTfq8WyFcdkmU+DWbWP/SZTK96UFNc2GVH+ICKlpR6AT PkOd3b9ZkW5L4GvVLYRS0ynVQHcFKQGhvg/fRYQo8RCAw8Tg6MoTIY9l7iinmhJl RlUqFz8OqW2T1bOnxjNboMQwPcVkUvJDrMIxFApPlAlGvyorfKmrW8K7QPSWJ1/m NWFlji/u7Y/9UFiWRhKhHhKBYNomhU3U0ReUjymstP6wusjVxX7+YWlwM2tvAgMB AAGjggJRMIICTTAdBgNVHQ4EFgQUSt0lk1KrpzUF1tBgrX7wX4euJ+IwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwZwYIKwYBBQUHAQcBAf8EWDBWMFQEAgABME4DBACMlpwD BACM6aUDBACPDrkDBACTTxADBACUh8YDBACW8e4DBACW8fADBACbdQEDBACbdZED BACbdf4DBACnlGkDBACnlHsDBACo3j8wDQYJKoZIhvcNAQELBQADggEBALgTdKvN Ygt3jX9b7hcYh3eBQ2wO0+pMy7TZo2nBrhQGRKbyXYT1OSODoMEqbzXlVA4CqYfs tUzS8sqtIMwXQsq8CLepD92MYN5YbtmB0AxKLbLLo+0ScrA39Zds1CHbXI+QsJTo 9TvDIr/hC3500Wp9M6LoswV0oGCxtaLBHLY2dRDHP7JRfhQUmIDLUp1wxqeZfG88 vqskEWHLvEfdawwFULWkfGL2bFJalCaUqjiUVNF4X+Cfg/QwelB8yPD8AEpbNont DCF+vxbpSxoU2SFOMhZpOX88r0AT+nLTAC/IKL8+/P9eUWALSyMx2VINdV9ogQxi DiMWt7D9e5KuIeE= -----END CERTIFICATE-----Generated at Sun Jan 25 07:28:32 2026 by rpki-client