This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa File: AS2914.roa (raw, json) Hash identifier: 1xyWKLveF7UKavoJdMwxO/q6AEsm9M54Mq7x0Y1bf9I= Subject key identifier: 8C:95:C3:E2:55:02:FF:33:29:D2:EF:CA:1E:42:29:73:B9:F4:5E:69 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 56F1856562CA09B6E37D4BB89AEA69F23F4037D3 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa Signing time: Wed 21 Jan 2026 12:41:32 +0000 ROA not before: Wed 21 Jan 2026 12:36:32 +0000 ROA not after: Wed 20 Jan 2027 12:41:32 +0000 asID: 2914 IP address blocks: 96.62.32.0/24 maxlen: 24 96.62.33.0/24 maxlen: 24 96.62.34.0/24 maxlen: 24 96.62.35.0/24 maxlen: 24 96.62.36.0/24 maxlen: 24 96.62.38.0/24 maxlen: 24 96.62.39.0/24 maxlen: 24 96.62.40.0/24 maxlen: 24 96.62.41.0/24 maxlen: 24 96.62.42.0/24 maxlen: 24 96.62.43.0/24 maxlen: 24 96.62.44.0/24 maxlen: 24 96.62.46.0/24 maxlen: 24 96.62.64.0/24 maxlen: 24 96.62.65.0/24 maxlen: 24 96.62.66.0/24 maxlen: 24 96.62.67.0/24 maxlen: 24 96.62.68.0/24 maxlen: 24 96.62.70.0/24 maxlen: 24 96.62.102.0/24 maxlen: 24 96.62.104.0/24 maxlen: 24 96.62.106.0/24 maxlen: 24 96.62.107.0/24 maxlen: 24 96.62.108.0/24 maxlen: 24 96.62.109.0/24 maxlen: 24 96.62.110.0/24 maxlen: 24 96.62.112.0/24 maxlen: 24 96.62.113.0/24 maxlen: 24 96.62.116.0/24 maxlen: 24 96.62.117.0/24 maxlen: 24 96.62.118.0/24 maxlen: 24 96.62.119.0/24 maxlen: 24 96.62.120.0/24 maxlen: 24 96.62.121.0/24 maxlen: 24 96.62.122.0/24 maxlen: 24 96.62.123.0/24 maxlen: 24 96.62.124.0/24 maxlen: 24 96.62.125.0/24 maxlen: 24 96.62.126.0/24 maxlen: 24 96.62.132.0/24 maxlen: 24 96.62.133.0/24 maxlen: 24 96.62.134.0/24 maxlen: 24 96.62.136.0/24 maxlen: 24 96.62.137.0/24 maxlen: 24 96.62.138.0/24 maxlen: 24 96.62.139.0/24 maxlen: 24 96.62.141.0/24 maxlen: 24 96.62.142.0/24 maxlen: 24 96.62.143.0/24 maxlen: 24 96.62.144.0/23 maxlen: 24 96.62.146.0/24 maxlen: 24 96.62.147.0/24 maxlen: 24 96.62.156.0/22 maxlen: 24 96.62.160.0/24 maxlen: 24 96.62.161.0/24 maxlen: 24 96.62.162.0/24 maxlen: 24 96.62.163.0/24 maxlen: 24 96.62.164.0/24 maxlen: 24 96.62.165.0/24 maxlen: 24 96.62.166.0/24 maxlen: 24 96.62.167.0/24 maxlen: 24 96.62.168.0/24 maxlen: 24 96.62.169.0/24 maxlen: 24 96.62.170.0/24 maxlen: 24 96.62.171.0/24 maxlen: 24 96.62.172.0/24 maxlen: 24 96.62.173.0/24 maxlen: 24 96.62.174.0/24 maxlen: 24 96.62.175.0/24 maxlen: 24 96.62.177.0/24 maxlen: 24 96.62.178.0/24 maxlen: 24 96.62.179.0/24 maxlen: 24 96.62.188.0/24 maxlen: 24 96.62.189.0/24 maxlen: 24 96.62.196.0/24 maxlen: 24 96.62.198.0/24 maxlen: 24 96.62.199.0/24 maxlen: 24 96.62.212.0/24 maxlen: 24 96.62.213.0/24 maxlen: 24 96.62.215.0/24 maxlen: 24 96.62.225.0/24 maxlen: 24 96.62.226.0/24 maxlen: 24 96.62.230.0/24 maxlen: 24 96.62.236.0/24 maxlen: 24 96.62.237.0/24 maxlen: 24 96.62.238.0/24 maxlen: 24 96.62.239.0/24 maxlen: 24 96.62.240.0/24 maxlen: 24 96.62.241.0/24 maxlen: 24 96.62.245.0/24 maxlen: 24 96.62.246.0/24 maxlen: 24 96.62.252.0/24 maxlen: 24 143.14.60.0/24 maxlen: 24 143.14.61.0/24 maxlen: 24 143.14.72.0/24 maxlen: 24 143.14.84.0/24 maxlen: 24 143.14.85.0/24 maxlen: 24 143.14.108.0/24 maxlen: 24 143.14.109.0/24 maxlen: 24 143.14.154.0/24 maxlen: 24 143.14.181.0/24 maxlen: 24 143.14.182.0/24 maxlen: 24 143.14.191.0/24 maxlen: 24 143.14.192.0/24 maxlen: 24 143.14.193.0/24 maxlen: 24 150.241.253.0/24 maxlen: 24 155.117.101.0/24 maxlen: 24 155.117.104.0/24 maxlen: 24 155.117.160.0/24 maxlen: 24 162.141.16.0/24 maxlen: 24 162.141.18.0/24 maxlen: 24 162.141.20.0/24 maxlen: 24 162.141.45.0/24 maxlen: 24 162.141.48.0/24 maxlen: 24 162.141.53.0/24 maxlen: 24 162.141.67.0/24 maxlen: 24 162.141.68.0/24 maxlen: 24 162.141.69.0/24 maxlen: 24 162.141.81.0/24 maxlen: 24 162.141.89.0/24 maxlen: 24 162.141.99.0/24 maxlen: 24 162.141.100.0/24 maxlen: 24 162.141.102.0/24 maxlen: 24 162.141.108.0/24 maxlen: 24 162.141.132.0/24 maxlen: 24 162.141.143.0/24 maxlen: 24 162.141.154.0/24 maxlen: 24 162.141.162.0/24 maxlen: 24 162.141.176.0/24 maxlen: 24 162.141.177.0/24 maxlen: 24 162.141.182.0/24 maxlen: 24 167.148.7.0/24 maxlen: 24 167.148.9.0/24 maxlen: 24 167.148.11.0/24 maxlen: 24 167.148.13.0/24 maxlen: 24 167.148.31.0/24 maxlen: 24 167.148.32.0/24 maxlen: 24 167.148.34.0/24 maxlen: 24 167.148.42.0/24 maxlen: 24 167.148.47.0/24 maxlen: 24 167.148.71.0/24 maxlen: 24 167.148.72.0/24 maxlen: 24 167.148.73.0/24 maxlen: 24 167.148.74.0/24 maxlen: 24 167.148.99.0/24 maxlen: 24 167.148.101.0/24 maxlen: 24 167.148.103.0/24 maxlen: 24 167.148.107.0/24 maxlen: 24 167.148.113.0/24 maxlen: 24 167.148.114.0/24 maxlen: 24 167.148.124.0/24 maxlen: 24 167.148.129.0/24 maxlen: 24 167.148.132.0/24 maxlen: 24 167.148.133.0/24 maxlen: 24 167.148.137.0/24 maxlen: 24 167.148.142.0/24 maxlen: 24 167.148.143.0/24 maxlen: 24 167.148.146.0/24 maxlen: 24 167.148.151.0/24 maxlen: 24 167.148.155.0/24 maxlen: 24 167.148.160.0/24 maxlen: 24 167.148.174.0/24 maxlen: 24 167.148.176.0/24 maxlen: 24 167.148.192.0/24 maxlen: 24 167.148.197.0/24 maxlen: 24 167.148.200.0/24 maxlen: 24 167.148.202.0/24 maxlen: 24 167.148.205.0/24 maxlen: 24 167.148.211.0/24 maxlen: 24 168.222.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:f1:85:65:62:ca:09:b6:e3:7d:4b:b8:9a:ea:69:f2:3f:40:37:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 21 12:36:32 2026 GMT Not After : Jan 20 12:41:32 2027 GMT Subject: CN=8C95C3E25502FF3329D2EFCA1E422973B9F45E69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:57:f1:b6:c7:2f:9b:88:c8:1d:26:cd:03:d5: 32:84:f6:aa:5d:66:5b:dc:dd:21:4d:fe:70:b9:15: a3:1e:26:40:ac:77:c2:7e:aa:cc:16:b7:ac:3d:99: b0:9b:f6:3e:02:b2:4e:ce:41:7b:9f:78:e9:f1:99: b6:36:d4:0e:a6:a4:6f:da:e9:30:6b:24:a1:79:73: bb:9a:b2:1a:1d:67:9b:5f:8c:0e:34:45:a3:31:56: bb:65:ba:c1:11:a7:80:29:26:0c:8a:f8:f0:65:f7: 19:5f:dc:22:ee:5e:2a:b4:52:7b:73:72:08:83:eb: b8:99:cd:72:bb:cf:11:14:c8:1e:26:75:6c:51:cf: c5:f0:32:1f:f2:c2:66:c7:cc:ee:7a:bf:70:16:07: 13:5e:3c:f3:ba:67:89:9f:29:17:02:bf:dd:98:a2: 80:72:19:d0:ee:40:35:f8:2a:6e:dc:be:7c:67:61: 64:44:28:4a:68:cc:0d:78:ca:6d:10:e8:ee:1e:62: e3:7a:8c:c0:2d:fa:b5:11:ab:9e:f7:3b:7d:51:bc: 2b:89:9f:03:5f:02:1a:d8:5a:6b:b9:57:5f:b0:22: 61:09:d4:2b:40:08:7a:c5:30:05:6c:e0:2b:11:ba: 83:b7:ad:f4:9b:3c:27:db:57:10:6a:a7:f8:4c:b9: c9:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:95:C3:E2:55:02:FF:33:29:D2:EF:CA:1E:42:29:73:B9:F4:5E:69 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS2914.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 96.62.32.0-96.62.36.255 96.62.38.0-96.62.44.255 96.62.46.0/24 96.62.64.0-96.62.68.255 96.62.70.0/24 96.62.102.0/24 96.62.104.0/24 96.62.106.0-96.62.110.255 96.62.112.0/23 96.62.116.0-96.62.126.255 96.62.132.0-96.62.134.255 96.62.136.0/22 96.62.141.0-96.62.147.255 96.62.156.0-96.62.175.255 96.62.177.0-96.62.179.255 96.62.188.0/23 96.62.196.0/24 96.62.198.0/23 96.62.212.0/23 96.62.215.0/24 96.62.225.0-96.62.226.255 96.62.230.0/24 96.62.236.0-96.62.241.255 96.62.245.0-96.62.246.255 96.62.252.0/24 143.14.60.0/23 143.14.72.0/24 143.14.84.0/23 143.14.108.0/23 143.14.154.0/24 143.14.181.0-143.14.182.255 143.14.191.0-143.14.193.255 150.241.253.0/24 155.117.101.0/24 155.117.104.0/24 155.117.160.0/24 162.141.16.0/24 162.141.18.0/24 162.141.20.0/24 162.141.45.0/24 162.141.48.0/24 162.141.53.0/24 162.141.67.0-162.141.69.255 162.141.81.0/24 162.141.89.0/24 162.141.99.0-162.141.100.255 162.141.102.0/24 162.141.108.0/24 162.141.132.0/24 162.141.143.0/24 162.141.154.0/24 162.141.162.0/24 162.141.176.0/23 162.141.182.0/24 167.148.7.0/24 167.148.9.0/24 167.148.11.0/24 167.148.13.0/24 167.148.31.0-167.148.32.255 167.148.34.0/24 167.148.42.0/24 167.148.47.0/24 167.148.71.0-167.148.74.255 167.148.99.0/24 167.148.101.0/24 167.148.103.0/24 167.148.107.0/24 167.148.113.0-167.148.114.255 167.148.124.0/24 167.148.129.0/24 167.148.132.0/23 167.148.137.0/24 167.148.142.0/23 167.148.146.0/24 167.148.151.0/24 167.148.155.0/24 167.148.160.0/24 167.148.174.0/24 167.148.176.0/24 167.148.192.0/24 167.148.197.0/24 167.148.200.0/24 167.148.202.0/24 167.148.205.0/24 167.148.211.0/24 168.222.22.0/24 Signature Algorithm: sha256WithRSAEncryption 49:56:a9:4e:ff:51:3a:5b:95:cd:80:a7:b7:d8:b3:69:32:36: 28:15:25:4a:5d:9c:4f:39:81:f3:01:86:39:72:77:52:ae:f4: 1c:d7:7d:87:18:2f:71:31:c1:4c:06:d1:2d:eb:9b:6f:34:21: c1:5a:e5:12:d1:84:6d:ff:29:46:71:bf:d3:6e:db:47:c9:d3: 24:e1:4c:0c:3a:86:d8:37:90:36:45:71:59:b7:fa:e2:6f:de: d1:76:be:8d:b6:f9:a7:81:ee:ed:22:68:7d:8f:46:01:dd:7b: 96:39:bf:86:23:6b:9f:af:f3:2f:99:2a:e3:47:de:12:37:2d: 68:45:26:23:7c:f0:f4:60:d9:c9:c8:17:bb:39:3b:c5:e1:2f: 2d:48:64:dc:04:19:8f:15:cf:7a:e9:78:3f:17:8a:da:6c:40: 10:2e:02:59:b6:f2:57:a2:44:ca:5c:dd:ef:0d:ad:bc:cf:5e: 47:41:8f:72:9e:d3:96:99:9f:1b:59:d9:a4:52:53:2a:41:0c: b1:3a:2d:e9:15:3b:a2:14:f0:6c:84:c2:fc:55:47:29:0f:ba: f8:5e:c7:fc:10:85:50:99:ed:e6:2a:f4:9c:ea:3e:05:6c:34: 5e:2b:ea:a5:38:26:6f:0b:e5:a9:83:75:62:b7:95:f5:7f:5c: 9d:ad:2c:e9 -----BEGIN CERTIFICATE----- MIIHnjCCBoagAwIBAgIUVvGFZWLKCbbjfUu4mupp8j9AN9MwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMjExMjM2MzJaFw0yNzAxMjAxMjQxMzJaMDMxMTAvBgNV BAMTKDhDOTVDM0UyNTUwMkZGMzMyOUQyRUZDQTFFNDIyOTczQjlGNDVFNjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgV/G2xy+biMgdJs0D1TKE9qpd Zlvc3SFN/nC5FaMeJkCsd8J+qswWt6w9mbCb9j4Csk7OQXufeOnxmbY21A6mpG/a 6TBrJKF5c7uashodZ5tfjA40RaMxVrtlusERp4ApJgyK+PBl9xlf3CLuXiq0Untz cgiD67iZzXK7zxEUyB4mdWxRz8XwMh/ywmbHzO56v3AWBxNePPO6Z4mfKRcCv92Y ooByGdDuQDX4Km7cvnxnYWREKEpozA14ym0Q6O4eYuN6jMAt+rURq573O31RvCuJ nwNfAhrYWmu5V1+wImEJ1CtACHrFMAVs4CsRuoO3rfSbPCfbVxBqp/hMuckZAgMB AAGjggSoMIIEpDAdBgNVHQ4EFgQUjJXD4lUC/zMp0u/KHkIpc7n0XmkwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIweQYIKwYBBQUHAQsEbTBrMGkGCCsGAQUFBzALhl1yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMjkxNC5yb2EwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjCCAr0GCCsGAQUFBwEHAQH/BIICrDCCAqgwggKkBAIAATCC ApwwDAMEBWA+IAMEAGA+JDAMAwQBYD4mAwQAYD4sAwQAYD4uMAwDBAZgPkADBABg PkQDBABgPkYDBABgPmYDBABgPmgwDAMEAWA+agMEAGA+bgMEAWA+cDAMAwQCYD50 AwQAYD5+MAwDBAJgPoQDBABgPoYDBAJgPogwDAMEAGA+jQMEAmA+kDAMAwQCYD6c AwQEYD6gMAwDBABgPrEDBAJgPrADBAFgPrwDBABgPsQDBAFgPsYDBAFgPtQDBABg PtcwDAMEAGA+4QMEAGA+4gMEAGA+5jAMAwQCYD7sAwQBYD7wMAwDBABgPvUDBABg PvYDBABgPvwDBAGPDjwDBACPDkgDBAGPDlQDBAGPDmwDBACPDpowDAMEAI8OtQME AI8OtjAMAwQAjw6/AwQBjw7AAwQAlvH9AwQAm3VlAwQAm3VoAwQAm3WgAwQAoo0Q AwQAoo0SAwQAoo0UAwQAoo0tAwQAoo0wAwQAoo01MAwDBACijUMDBAGijUQDBACi jVEDBACijVkwDAMEAKKNYwMEAKKNZAMEAKKNZgMEAKKNbAMEAKKNhAMEAKKNjwME AKKNmgMEAKKNogMEAaKNsAMEAKKNtgMEAKeUBwMEAKeUCQMEAKeUCwMEAKeUDTAM AwQAp5QfAwQAp5QgAwQAp5QiAwQAp5QqAwQAp5QvMAwDBACnlEcDBACnlEoDBACn lGMDBACnlGUDBACnlGcDBACnlGswDAMEAKeUcQMEAKeUcgMEAKeUfAMEAKeUgQME AaeUhAMEAKeUiQMEAaeUjgMEAKeUkgMEAKeUlwMEAKeUmwMEAKeUoAMEAKeUrgME AKeUsAMEAKeUwAMEAKeUxQMEAKeUyAMEAKeUygMEAKeUzQMEAKeU0wMEAKjeFjAN BgkqhkiG9w0BAQsFAAOCAQEASVapTv9ROluVzYCnt9izaTI2KBUlSl2cTzmB8wGG OXJ3Uq70HNd9hxgvcTHBTAbRLeubbzQhwVrlEtGEbf8pRnG/027bR8nTJOFMDDqG 2DeQNkVxWbf64m/e0Xa+jbb5p4Hu7SJofY9GAd17ljm/hiNrn6/zL5kq40feEjct aEUmI3zw9GDZycgXuzk7xeEvLUhk3AQZjxXPeul4PxeK2mxAEC4CWbbyV6JEylzd 7w2tvM9eR0GPcp7TlpmfG1nZpFJTKkEMsTot6RU7ohTwbITC/FVHKQ+6+F7H/BCF UJnt5ir0nOo+BWw0XivqpTgmbwvlqYN1YreV9X9cna0s6Q== -----END CERTIFICATE-----Generated at Sun Jan 25 04:00:02 2026 by rpki-client