This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa File: AS2856.roa (raw, json) Hash identifier: 0IoCo9woLvcVGub6hLxawk8o9NsJaZ7Fqpg4sI7upTU= Subject key identifier: CB:0D:4A:5A:FC:E6:AA:0E:52:C0:9F:7D:40:B4:86:69:9F:9B:92:6B Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 0441FF5AD793BCF7DB8FE3287248E22FB0D29572 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa Signing time: Mon 10 Nov 2025 13:04:52 +0000 ROA not before: Mon 10 Nov 2025 12:59:52 +0000 ROA not after: Mon 09 Nov 2026 13:04:52 +0000 asID: 2856 IP address blocks: 167.148.60.0/22 maxlen: 24 168.222.50.0/24 maxlen: 24 168.222.51.0/24 maxlen: 24 168.222.52.0/24 maxlen: 24 168.222.53.0/24 maxlen: 24 168.222.54.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 08 Dec 2025 06:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:41:ff:5a:d7:93:bc:f7:db:8f:e3:28:72:48:e2:2f:b0:d2:95:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 10 12:59:52 2025 GMT Not After : Nov 9 13:04:52 2026 GMT Subject: CN=CB0D4A5AFCE6AA0E52C09F7D40B486699F9B926B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:99:e9:b7:6b:40:13:1f:7e:d3:2c:a4:c7:57: 7f:36:4c:c0:d9:45:73:97:1a:c3:4b:7f:be:e7:f4: 73:af:2f:19:de:0f:19:b0:b9:40:b6:07:c9:ee:12: e7:d5:13:38:b9:bc:b2:3b:25:c0:1d:91:85:57:f6: df:4c:78:80:de:71:95:da:15:0e:ef:c1:b6:12:24: 9f:a8:8c:78:31:61:8f:29:66:92:64:1e:57:18:26: ba:1f:ef:6e:a5:cb:b0:71:32:c4:54:b6:28:36:99: 69:fe:e5:14:7a:5e:91:66:1f:8c:9d:86:9c:cd:c0: cf:b2:9e:0d:a5:b7:27:a7:ca:9d:d7:91:3a:e7:96: 96:6a:a2:0e:3d:ce:72:ba:a7:c6:7b:0c:f7:5d:01: 3f:ab:25:a9:38:cc:fc:b5:99:17:34:b8:7e:95:b4: 14:cd:24:d4:60:20:39:a7:b0:bc:f2:10:72:97:59: 3e:5b:50:78:ba:51:5a:ed:27:4d:3a:38:81:28:c0: 13:42:ca:cd:35:91:f1:49:6c:4c:cd:47:91:3a:9f: 0c:55:b4:9e:9c:2f:c3:c1:5e:5b:85:2f:fd:ec:49: 86:20:a9:d6:28:1d:42:f0:20:22:2f:9b:1f:55:74: 29:76:eb:72:d8:c2:89:ec:f2:92:43:56:f7:cf:22: a8:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:0D:4A:5A:FC:E6:AA:0E:52:C0:9F:7D:40:B4:86:69:9F:9B:92:6B X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2856.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 167.148.60.0/22 168.222.50.0-168.222.54.255 Signature Algorithm: sha256WithRSAEncryption a4:16:01:4c:ae:21:01:84:29:6f:6d:69:e7:bd:a8:fe:ca:32: 7c:49:b2:07:52:d8:19:c6:5f:16:94:72:b9:73:7b:b7:35:e8: 0c:83:31:e6:19:d6:6a:4b:87:05:82:a0:3e:cf:0c:33:ec:55: c1:25:a4:a0:56:d7:67:56:ec:7b:45:77:81:b1:c3:b6:f7:ec: 8f:d8:bb:14:e9:40:51:c6:da:4b:f0:5c:90:42:ad:63:e5:8c: be:e1:eb:5e:81:d1:85:ba:82:3c:82:f4:23:2e:08:d1:81:41: ca:b6:57:e3:91:06:03:b9:99:7c:14:84:bb:0a:43:23:05:6c: d1:d0:0b:a5:33:b5:f0:96:a4:7c:57:e7:27:fd:a7:4f:68:0d: ad:1a:10:90:31:e9:85:52:73:97:00:9f:d3:67:f8:cc:96:b6: 67:ae:ae:b0:73:3f:e7:80:7c:91:60:bc:0d:e0:b5:b1:bb:b3: c4:a0:48:f1:f9:bd:42:41:34:05:56:dc:d5:b8:15:f5:50:6f: d4:9c:4b:59:61:fc:e7:a1:7e:da:b4:52:20:13:4e:b2:f6:13: b8:b3:26:90:98:43:9b:c8:55:80:25:35:67:e3:80:43:5a:b4: d1:88:27:ce:97:88:89:13:1e:c4:55:1c:7b:e0:9c:47:6a:0f: f6:a8:fa:60 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUBEH/WteTvPfbj+MockjiL7DSlXIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMTAxMjU5NTJaFw0yNjExMDkxMzA0NTJaMDMxMTAvBgNV BAMTKENCMEQ0QTVBRkNFNkFBMEU1MkMwOUY3RDQwQjQ4NjY5OUY5QjkyNkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQComem3a0ATH37TLKTHV382TMDZ RXOXGsNLf77n9HOvLxneDxmwuUC2B8nuEufVEzi5vLI7JcAdkYVX9t9MeIDecZXa FQ7vwbYSJJ+ojHgxYY8pZpJkHlcYJrof726ly7BxMsRUtig2mWn+5RR6XpFmH4yd hpzNwM+yng2ltyenyp3XkTrnlpZqog49znK6p8Z7DPddAT+rJak4zPy1mRc0uH6V tBTNJNRgIDmnsLzyEHKXWT5bUHi6UVrtJ006OIEowBNCys01kfFJbEzNR5E6nwxV tJ6cL8PBXluFL/3sSYYgqdYoHULwICIvmx9VdCl263LYwons8pJDVvfPIqhJAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUyw1KWvzmqg5SwJ99QLSGaZ+bkmswHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjg1Ni5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAtBggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAqeUPDAM AwQBqN4yAwQAqN42MA0GCSqGSIb3DQEBCwUAA4IBAQCkFgFMriEBhClvbWnnvaj+ yjJ8SbIHUtgZxl8WlHK5c3u3NegMgzHmGdZqS4cFgqA+zwwz7FXBJaSgVtdnVux7 RXeBscO29+yP2LsU6UBRxtpL8FyQQq1j5Yy+4etegdGFuoI8gvQjLgjRgUHKtlfj kQYDuZl8FIS7CkMjBWzR0AulM7XwlqR8V+cn/adPaA2tGhCQMemFUnOXAJ/TZ/jM lrZnrq6wcz/ngHyRYLwN4LWxu7PEoEjx+b1CQTQFVtzVuBX1UG/UnEtZYfznoX7a tFIgE06y9hO4syaQmEObyFWAJTVn44BDWrTRiCfOl4iJEx7EVRx74JxHag/2qPpg -----END CERTIFICATE-----Generated at Sun Dec 7 13:34:41 2025 by rpki-client