This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa File: AS395374.roa (raw, json) Hash identifier: l4+cxeLcDy+nKGZy89uytNjzLl0dbyPCswjiRw8Iqj4= Subject key identifier: 48:A1:99:73:20:34:5C:D6:3B:52:71:2E:49:66:FE:C2:AC:47:75:B7 Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 35DE7B0E041354E017CBB7CB0BA900B054995B90 Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa Signing time: Fri 28 Nov 2025 00:03:39 +0000 ROA not before: Thu 27 Nov 2025 23:58:39 +0000 ROA not after: Fri 27 Nov 2026 00:03:39 +0000 asID: 395374 IP address blocks: 143.14.255.0/24 maxlen: 24 162.141.119.0/24 maxlen: 24 162.141.120.0/24 maxlen: 24 167.148.149.0/24 maxlen: 24 168.222.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:de:7b:0e:04:13:54:e0:17:cb:b7:cb:0b:a9:00:b0:54:99:5b:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Nov 27 23:58:39 2025 GMT Not After : Nov 27 00:03:39 2026 GMT Subject: CN=48A1997320345CD63B52712E4966FEC2AC4775B7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b6:2a:71:1b:a5:44:b5:83:ae:8a:c7:3a:53: 1f:64:e0:3d:60:ee:cc:ba:f5:4a:19:83:ed:74:22: 65:a5:e3:0e:f3:27:e1:7f:dd:16:e9:ff:b7:c8:c0: 6e:e4:c6:ae:7e:5f:69:ef:29:d3:c1:59:07:c7:86: 5d:ab:35:90:22:32:3a:d8:ac:c4:54:28:3f:3b:40: ac:d3:b6:15:86:a5:5d:22:05:8f:34:c5:f4:2c:c8: 9b:49:45:6c:66:c0:4f:2e:59:c6:46:ea:34:17:11: 9a:c4:13:5a:ae:fa:62:dd:79:40:5e:55:a6:25:b7: 40:cb:7b:57:6f:21:e8:ec:1f:d1:e1:c2:41:f0:67: 5a:09:9c:a5:14:50:a3:74:4c:09:5d:4e:76:41:b3: 2d:2b:fa:7b:e4:1c:9f:b0:d9:f9:c1:67:f4:62:49: 5d:55:91:8c:af:be:c4:cf:2b:33:62:4c:55:2c:54: 02:27:1e:71:64:5c:03:10:b7:6a:cb:e9:fd:fa:53: 46:6c:ac:75:69:e7:d8:d8:5c:77:9e:93:a2:ee:6d: de:e9:f8:0f:4a:3c:d9:f7:14:91:71:e8:92:ea:f9: 12:0e:6c:94:e8:fc:eb:2b:95:1b:00:75:eb:23:ec: 95:02:c3:0a:57:29:a9:94:c1:22:8c:df:62:63:b0: 5f:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:A1:99:73:20:34:5C:D6:3B:52:71:2E:49:66:FE:C2:AC:47:75:B7 X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS395374.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.255.0/24 162.141.119.0-162.141.120.255 167.148.149.0/24 168.222.7.0/24 Signature Algorithm: sha256WithRSAEncryption 74:e5:b9:e1:7c:68:9c:06:8f:76:51:da:9a:c3:9c:a0:cb:b5: e2:75:b5:88:2b:53:a6:3f:2b:fb:99:7f:76:78:ba:f2:20:62: e1:50:6f:aa:da:c2:0c:67:e4:1a:04:d6:92:82:21:22:21:ab: 1e:3a:5f:88:93:84:e3:83:f3:81:5d:c0:e0:2a:fc:54:52:3d: 3f:fa:77:90:07:23:06:7a:e8:4d:d0:45:8c:b1:18:fa:ea:3d: 09:6e:bb:01:b6:83:dc:49:c1:f6:ec:30:39:98:73:74:f6:09: 03:fe:ca:80:9a:64:0b:4c:51:6f:f6:6c:be:e1:11:db:85:1b: 55:03:99:bc:80:79:19:98:92:4d:0f:43:1e:d6:96:db:0c:2e: e4:fa:e6:96:e3:1c:38:5a:97:8a:cf:25:66:f2:50:35:1f:71: 10:ac:b3:78:10:79:4b:0e:a6:51:bb:da:23:91:4f:37:d3:9a: 5d:7a:60:13:1e:cc:21:8d:5e:fe:86:0c:59:cc:4f:48:92:a0: f0:83:11:06:40:e2:f0:4b:05:d6:eb:6a:7c:2e:53:ef:13:3f: f5:33:0c:39:9a:cf:66:b3:d4:7e:04:e8:30:f2:16:2f:2c:ce: 2f:b7:1d:6f:ab:79:66:60:4b:7b:30:d0:07:2c:76:f4:d9:9f: 01:21:d1:84 -----BEGIN CERTIFICATE----- MIIFGjCCBAKgAwIBAgIUNd57DgQTVOAXy7fLC6kAsFSZW5AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNTExMjcyMzU4MzlaFw0yNjExMjcwMDAzMzlaMDMxMTAvBgNV BAMTKDQ4QTE5OTczMjAzNDVDRDYzQjUyNzEyRTQ5NjZGRUMyQUM0Nzc1QjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0tipxG6VEtYOuisc6Ux9k4D1g 7sy69UoZg+10ImWl4w7zJ+F/3Rbp/7fIwG7kxq5+X2nvKdPBWQfHhl2rNZAiMjrY rMRUKD87QKzTthWGpV0iBY80xfQsyJtJRWxmwE8uWcZG6jQXEZrEE1qu+mLdeUBe VaYlt0DLe1dvIejsH9HhwkHwZ1oJnKUUUKN0TAldTnZBsy0r+nvkHJ+w2fnBZ/Ri SV1VkYyvvsTPKzNiTFUsVAInHnFkXAMQt2rL6f36U0ZsrHVp59jYXHeek6Lubd7p +A9KPNn3FJFx6JLq+RIObJTo/OsrlRsAdesj7JUCwwpXKamUwSKM32JjsF/vAgMB AAGjggIkMIICIDAdBgNVHQ4EFgQUSKGZcyA0XNY7UnEuSWb+wqxHdbcwHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk1Mzc0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAjw7/ MAwDBACijXcDBACijXgDBACnlJUDBACo3gcwDQYJKoZIhvcNAQELBQADggEBAHTl ueF8aJwGj3ZR2prDnKDLteJ1tYgrU6Y/K/uZf3Z4uvIgYuFQb6rawgxn5BoE1pKC ISIhqx46X4iThOOD84FdwOAq/FRSPT/6d5AHIwZ66E3QRYyxGPrqPQluuwG2g9xJ wfbsMDmYc3T2CQP+yoCaZAtMUW/2bL7hEduFG1UDmbyAeRmYkk0PQx7WltsMLuT6 5pbjHDhal4rPJWbyUDUfcRCss3gQeUsOplG72iORTzfTml16YBMezCGNXv6GDFnM T0iSoPCDEQZA4vBLBdbranwuU+8TP/UzDDmaz2az1H4E6DDyFi8szi+3HW+reWZg S3sw0AcsdvTZnwEh0YQ= -----END CERTIFICATE-----Generated at Sat Dec 6 18:25:22 2025 by rpki-client