This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa File: AS2856.roa (raw, json) Hash identifier: KtfDiGdrp0ZOngk+mj9F0xPW2LBVuD+23VSrkMmvd54= Subject key identifier: 18:D9:36:FF:DD:4D:0C:76:40:3A:42:CE:57:19:A6:81:39:6A:49:81 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 0696759EE21CAEE2A5EBD85F956FE4B69139551E Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa Signing time: Wed 31 Dec 2025 08:27:30 +0000 ROA not before: Wed 31 Dec 2025 08:22:30 +0000 ROA not after: Wed 30 Dec 2026 08:27:30 +0000 asID: 2856 IP address blocks: 167.148.60.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 12:16:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 06:96:75:9e:e2:1c:ae:e2:a5:eb:d8:5f:95:6f:e4:b6:91:39:55:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Dec 31 08:22:30 2025 GMT Not After : Dec 30 08:27:30 2026 GMT Subject: CN=18D936FFDD4D0C76403A42CE5719A681396A4981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:53:e4:93:7b:87:24:9d:04:9d:1f:12:79:04: c1:26:fc:59:67:36:b4:db:a7:4f:8b:e9:b7:eb:e7: 7c:73:08:54:9d:de:bb:93:44:68:7f:e4:f3:c5:54: 7d:d3:f6:9b:e2:88:fd:df:30:01:a4:34:12:ff:5f: 16:40:62:75:ef:36:a5:03:4b:c8:d4:a7:ed:71:17: 50:00:3c:a5:bd:73:cc:7e:a9:26:b8:0f:84:22:c7: 21:ef:a9:8b:d6:6f:c9:2d:68:3e:8f:d3:5c:b3:73: af:fa:e6:fb:73:5c:ab:43:83:7a:8e:8e:25:bf:ab: 7e:7a:49:bf:b3:d6:14:d6:f6:b1:7e:26:a7:f4:a1: e6:65:39:82:be:7e:c0:11:c4:27:da:45:49:97:fe: d2:cf:67:d9:ba:09:a1:93:8b:41:e3:59:84:7e:83: 91:f5:c8:b6:16:f5:9e:ee:a1:46:b7:9b:0a:cf:b2: 51:ac:6c:09:ea:1d:6e:bd:6c:f1:8e:a2:f2:70:04: a1:cb:b3:6f:9a:01:44:2f:4d:3d:db:05:d4:a6:b7: 82:79:5a:44:e9:7d:e3:27:22:5f:36:84:6b:5a:10: 6e:c5:59:77:81:3a:ad:9f:8c:aa:6a:39:e0:37:a0: 95:06:4a:74:0b:8b:6b:68:83:2a:8b:6d:05:93:67: 73:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 18:D9:36:FF:DD:4D:0C:76:40:3A:42:CE:57:19:A6:81:39:6A:49:81 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.148.60.0/22 Signature Algorithm: sha256WithRSAEncryption 19:62:f6:2e:c7:e0:75:e5:89:06:db:9d:25:87:82:2e:3e:54: 92:47:33:e2:b0:74:1d:4d:93:4c:9c:e1:c1:6e:84:0d:11:5f: ac:38:e5:ef:56:69:ba:fc:2e:dc:47:7a:ea:a4:7b:27:65:dd: 23:c4:87:65:ff:1c:d9:2a:e4:2d:bd:8c:b8:81:56:c0:02:8e: 38:97:fb:61:6c:3e:a3:1a:de:77:b0:db:b4:d3:65:b5:6a:85: 1d:22:54:93:8b:4c:27:c6:63:25:9b:c5:2a:a2:97:79:d2:29: d4:3f:72:28:c0:a8:07:06:03:fc:00:fa:38:72:bc:b2:a9:29: bc:24:e2:3f:3e:38:db:44:6c:72:80:71:1c:61:05:50:49:b9: 0a:66:49:47:36:61:94:5d:33:3b:d5:e9:7c:01:43:bd:e8:d7: 52:72:54:06:37:ee:04:a0:58:f1:f1:46:36:ba:c4:8c:72:42: 92:bb:d1:15:13:0b:72:e2:b4:ba:05:3b:20:26:3a:d2:f7:e7: 11:a0:a1:76:a3:fc:54:10:16:3d:7c:4e:dc:aa:1b:ec:f8:37: 9f:cd:fd:19:ce:75:35:98:2c:2c:86:36:47:02:84:4b:0a:67: ce:01:ba:3c:5a:3d:35:6c:92:fa:b0:7b:56:74:16:dd:5d:5d: a2:1e:5d:3a -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgIUBpZ1nuIcruKl69hflW/ktpE5VR4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTEyMzEwODIyMzBaFw0yNjEyMzAwODI3MzBaMDMxMTAvBgNV BAMTKDE4RDkzNkZGREQ0RDBDNzY0MDNBNDJDRTU3MTlBNjgxMzk2QTQ5ODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+U+STe4cknQSdHxJ5BMEm/Fln NrTbp0+L6bfr53xzCFSd3ruTRGh/5PPFVH3T9pviiP3fMAGkNBL/XxZAYnXvNqUD S8jUp+1xF1AAPKW9c8x+qSa4D4QixyHvqYvWb8ktaD6P01yzc6/65vtzXKtDg3qO jiW/q356Sb+z1hTW9rF+Jqf0oeZlOYK+fsARxCfaRUmX/tLPZ9m6CaGTi0HjWYR+ g5H1yLYW9Z7uoUa3mwrPslGsbAnqHW69bPGOovJwBKHLs2+aAUQvTT3bBdSmt4J5 WkTpfeMnIl82hGtaEG7FWXeBOq2fjKpqOeA3oJUGSnQLi2togyqLbQWTZ3OlAgMB AAGjggIIMIICBDAdBgNVHQ4EFgQUGNk2/91NDHZAOkLOVxmmgTlqSYEwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAqeUPDAN BgkqhkiG9w0BAQsFAAOCAQEAGWL2LsfgdeWJBtudJYeCLj5Ukkcz4rB0HU2TTJzh wW6EDRFfrDjl71Zpuvwu3Ed66qR7J2XdI8SHZf8c2SrkLb2MuIFWwAKOOJf7YWw+ oxred7DbtNNltWqFHSJUk4tMJ8ZjJZvFKqKXedIp1D9yKMCoBwYD/AD6OHK8sqkp vCTiPz4420RscoBxHGEFUEm5CmZJRzZhlF0zO9XpfAFDvejXUnJUBjfuBKBY8fFG NrrEjHJCkrvRFRMLcuK0ugU7ICY60vfnEaChdqP8VBAWPXxO3Kob7Pg3n839Gc51 NZgsLIY2RwKESwpnzgG6PFo9NWyS+rB7VnQW3V1doh5dOg== -----END CERTIFICATE-----Generated at Sun Jan 25 22:19:40 2026 by rpki-client