This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa File: AS25198.roa (raw, json) Hash identifier: w5pS27noueKAvC7Km3f0tOtI4V4H6LQas4ZyqCE+Oio= Subject key identifier: A3:16:D6:B0:4B:C7:79:D5:04:53:91:4C:40:D3:60:C2:7E:DF:6C:11 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: C11624CCE367D4158F4BB10564FA3B888DAFEC Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa Signing time: Sat 29 Nov 2025 09:21:26 +0000 ROA not before: Sat 29 Nov 2025 09:16:26 +0000 ROA not after: Sat 28 Nov 2026 09:21:26 +0000 asID: 25198 IP address blocks: 140.150.156.0/24 maxlen: 24 143.14.71.0/24 maxlen: 24 143.14.75.0/24 maxlen: 24 143.14.133.0/24 maxlen: 24 143.14.174.0/24 maxlen: 24 143.14.193.0/24 maxlen: 24 148.135.171.0/24 maxlen: 24 148.135.175.0/24 maxlen: 24 148.135.198.0/24 maxlen: 24 150.241.240.0/24 maxlen: 24 150.241.242.0/24 maxlen: 24 155.117.1.0/24 maxlen: 24 155.117.254.0/24 maxlen: 24 162.141.48.0/24 maxlen: 24 162.141.152.0/24 maxlen: 24 162.141.160.0/24 maxlen: 24 162.141.166.0/24 maxlen: 24 167.148.42.0/24 maxlen: 24 167.148.105.0/24 maxlen: 24 167.148.175.0/24 maxlen: 24 168.222.3.0/24 maxlen: 24 168.222.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: c1:16:24:cc:e3:67:d4:15:8f:4b:b1:05:64:fa:3b:88:8d:af:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 29 09:16:26 2025 GMT Not After : Nov 28 09:21:26 2026 GMT Subject: CN=A316D6B04BC779D50453914C40D360C27EDF6C11 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:bd:2f:d7:62:29:81:c7:a2:df:1f:e1:db:48: b7:10:b1:74:3f:77:48:1c:78:e7:e1:6e:91:59:92: d7:4f:01:ad:af:c1:75:7b:db:35:fb:1e:a8:c1:a6: a0:a9:05:a8:aa:57:aa:6a:01:4e:19:da:c1:f2:a7: dd:3a:49:41:3f:ef:32:ca:df:55:66:34:0b:39:2e: ed:d6:2d:b8:06:38:45:be:0f:a1:c4:26:01:b8:6e: 8a:8e:9d:b2:31:97:6b:a8:95:d4:75:c5:f9:d9:bb: 31:5c:10:44:8e:96:4d:f6:65:7d:a0:96:f7:ef:bd: 58:e5:4f:dc:f0:fc:f3:77:b8:84:c7:d4:53:b0:2a: a1:7a:1b:dc:00:ba:cb:3b:92:db:46:ca:04:a1:20: 06:4d:c2:61:2e:c1:8d:86:03:4b:f7:8c:0b:f8:74: a2:65:24:94:d8:62:5e:09:07:b5:ea:bf:b3:d1:f4: ed:4f:e2:af:9e:5a:ef:f1:32:75:72:df:44:94:90: 42:d6:b8:0a:6a:9b:49:f7:a3:0f:f6:94:e6:64:6b: 2b:41:48:a6:e5:8a:32:7f:c7:18:24:1e:50:e5:3c: 6d:27:5e:96:cd:3a:06:8d:00:5c:0c:83:8f:08:bc: 3d:c0:e5:fe:f0:15:04:06:15:10:66:81:3a:56:dd: 5e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:16:D6:B0:4B:C7:79:D5:04:53:91:4C:40:D3:60:C2:7E:DF:6C:11 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS25198.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 140.150.156.0/24 143.14.71.0/24 143.14.75.0/24 143.14.133.0/24 143.14.174.0/24 143.14.193.0/24 148.135.171.0/24 148.135.175.0/24 148.135.198.0/24 150.241.240.0/24 150.241.242.0/24 155.117.1.0/24 155.117.254.0/24 162.141.48.0/24 162.141.152.0/24 162.141.160.0/24 162.141.166.0/24 167.148.42.0/24 167.148.105.0/24 167.148.175.0/24 168.222.3.0/24 168.222.63.0/24 Signature Algorithm: sha256WithRSAEncryption 0a:74:22:5a:74:dc:60:d9:76:54:38:4f:42:86:1a:ab:98:bd: 5f:b3:2e:3a:8c:19:2e:a1:97:97:46:bd:ed:b8:02:85:55:2f: d5:65:9e:19:91:57:f4:5b:df:f5:56:6c:4b:2d:d8:ba:f6:e6: a7:ce:a4:36:61:c1:64:c9:28:37:c7:c8:0c:19:4f:57:42:07: 77:e9:4f:df:09:a4:26:3d:5f:e1:a9:66:23:81:0f:8f:49:0c: 94:d4:e0:ed:da:22:bd:49:4c:16:46:b3:de:48:8a:92:ff:c5: 06:1e:1e:74:56:18:9b:cf:6e:95:31:a3:22:53:05:48:a3:b9: ec:f5:ea:0d:a5:7a:4d:12:98:2f:40:6d:44:2f:b0:fb:20:30: 80:0b:7a:da:2f:dc:7b:7d:5a:86:f4:f6:4e:67:a8:b9:f0:48: 4d:15:95:42:49:cd:ac:22:44:c8:b3:1f:be:9f:f8:59:b2:83: 4f:ed:b8:1e:2c:c4:91:03:ed:2c:fd:e8:66:90:87:24:b5:63: b8:b0:9d:6f:0e:ae:17:58:2e:1b:bd:69:d8:0e:e2:e8:a7:19: 66:b3:00:ef:fd:80:eb:ff:4e:21:da:58:3d:aa:5a:38:b0:18: 86:d0:4e:be:c3:28:56:97:52:6f:8e:75:dd:f9:af:40:09:d1: 5e:e4:fe:a8 -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgIUAMEWJMzjZ9QVj0uxBWT6O4iNr+wwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjkwOTE2MjZaFw0yNjExMjgwOTIxMjZaMDMxMTAvBgNV BAMTKEEzMTZENkIwNEJDNzc5RDUwNDUzOTE0QzQwRDM2MEMyN0VERjZDMTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgvS/XYimBx6LfH+HbSLcQsXQ/ d0gceOfhbpFZktdPAa2vwXV72zX7HqjBpqCpBaiqV6pqAU4Z2sHyp906SUE/7zLK 31VmNAs5Lu3WLbgGOEW+D6HEJgG4boqOnbIxl2uoldR1xfnZuzFcEESOlk32ZX2g lvfvvVjlT9zw/PN3uITH1FOwKqF6G9wAuss7kttGygShIAZNwmEuwY2GA0v3jAv4 dKJlJJTYYl4JB7Xqv7PR9O1P4q+eWu/xMnVy30SUkELWuApqm0n3ow/2lOZkaytB SKblijJ/xxgkHlDlPG0nXpbNOgaNAFwMg48IvD3A5f7wFQQGFRBmgTpW3V47AgMB AAGjggKMMIICiDAdBgNVHQ4EFgQUoxbWsEvHedUEU5FMQNNgwn7fbBEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjUxOTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwgaEGCCsGAQUFBwEHAQH/BIGRMIGOMIGLBAIAATCBhAME AIyWnAMEAI8ORwMEAI8OSwMEAI8OhQMEAI8OrgMEAI8OwQMEAJSHqwMEAJSHrwME AJSHxgMEAJbx8AMEAJbx8gMEAJt1AQMEAJt1/gMEAKKNMAMEAKKNmAMEAKKNoAME AKKNpgMEAKeUKgMEAKeUaQMEAKeUrwMEAKjeAwMEAKjePzANBgkqhkiG9w0BAQsF AAOCAQEACnQiWnTcYNl2VDhPQoYaq5i9X7MuOowZLqGXl0a97bgChVUv1WWeGZFX 9Fvf9VZsSy3Yuvbmp86kNmHBZMkoN8fIDBlPV0IHd+lP3wmkJj1f4almI4EPj0kM lNTg7doivUlMFkaz3kiKkv/FBh4edFYYm89ulTGjIlMFSKO57PXqDaV6TRKYL0Bt RC+w+yAwgAt62i/ce31ahvT2TmeoufBITRWVQknNrCJEyLMfvp/4WbKDT+24HizE kQPtLP3oZpCHJLVjuLCdbw6uF1guG71p2A7i6KcZZrMA7/2A6/9OIdpYPapaOLAY htBOvsMoVpdSb4513fmvQAnRXuT+qA== -----END CERTIFICATE-----Generated at Sat Dec 6 15:44:13 2025 by rpki-client