This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa File: AS397423.roa (raw, json) Hash identifier: oG65dg2k+kcSPKenexh1jFWNC6DXgJJHi/5xBT6zLCQ= Subject key identifier: 29:0B:63:F7:5B:93:94:77:0C:FE:66:BF:87:8A:E8:51:66:1E:09:AD Certificate issuer: /CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Certificate serial: 0DF047C71904C19503B6274A57370DCE6471B07A Authority key identifier: 4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa Signing time: Sun 18 Jan 2026 21:12:00 +0000 ROA not before: Sun 18 Jan 2026 21:07:00 +0000 ROA not after: Sun 17 Jan 2027 21:12:00 +0000 asID: 397423 IP address blocks: 143.14.180.0/24 maxlen: 24 145.223.44.0/24 maxlen: 24 145.223.54.0/24 maxlen: 24 145.223.58.0/24 maxlen: 24 146.103.5.0/24 maxlen: 24 150.241.226.0/23 maxlen: 24 155.117.246.0/24 maxlen: 24 167.148.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.mft rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 20:24:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:f0:47:c7:19:04:c1:95:03:b6:27:4a:57:37:0d:ce:64:71:b0:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4fc336bf9f3de5ce41414bd1971945f4b246bfcc Validity Not Before: Jan 18 21:07:00 2026 GMT Not After : Jan 17 21:12:00 2027 GMT Subject: CN=290B63F75B9394770CFE66BF878AE851661E09AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:d2:f8:91:66:66:90:c5:66:0c:59:cb:6f:62: 0a:bc:cc:45:27:51:89:67:88:09:1f:6a:85:fd:de: 01:51:42:fd:2f:4e:b4:4b:0e:8e:ea:01:4d:fa:5f: 49:1f:0a:17:03:86:08:fa:81:09:0f:94:30:b3:19: 2a:44:58:97:b3:12:73:92:55:74:69:b8:8a:84:26: 86:07:3f:a5:b5:9f:33:ff:54:d4:c3:43:65:6e:30: 2c:fd:c4:30:bd:00:14:64:b4:d9:0d:73:4a:c4:8e: 61:9c:fd:e9:96:e0:ca:ed:98:14:a3:63:61:2a:60: 63:2d:a4:cf:5f:ba:85:f7:a6:48:4c:d7:ac:93:36: 20:14:e5:ba:71:84:c0:9f:4b:fa:ef:7a:4f:fc:60: 8b:8a:0b:7e:1f:b4:3d:ef:99:49:f9:14:06:74:76: 0e:12:4a:e7:d4:21:e2:06:48:be:ce:4c:70:b6:a2: ad:7c:26:cf:75:18:37:bb:72:53:65:8b:08:04:23: a5:21:52:ee:08:e2:d2:4c:e1:58:1f:9e:65:8d:a0: 31:f2:ca:ff:d1:3d:9f:c7:be:55:6b:19:98:8b:1d: 56:2d:72:c2:48:b0:15:e6:2f:24:c0:8a:0a:72:08: fe:15:24:4b:7a:f5:ed:f5:6d:dd:c9:eb:59:ac:5b: bf:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:0B:63:F7:5B:93:94:77:0C:FE:66:BF:87:8A:E8:51:66:1E:09:AD X509v3 Authority Key Identifier: keyid:4F:C3:36:BF:9F:3D:E5:CE:41:41:4B:D1:97:19:45:F4:B2:46:BF:CC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/4FC336BF9F3DE5CE41414BD1971945F4B246BFCC.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T8M2v5895c5BQUvRlxlF9LJGv8w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/09be3aae-aea1-41dc-b1b9-95ac5918244d/0/AS397423.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.14.180.0/24 145.223.44.0/24 145.223.54.0/24 145.223.58.0/24 146.103.5.0/24 150.241.226.0/23 155.117.246.0/24 167.148.158.0/24 Signature Algorithm: sha256WithRSAEncryption 61:7b:00:76:eb:e1:ee:df:73:cc:d2:16:20:02:5d:e1:38:70: 2b:13:d3:19:eb:15:31:25:92:d9:2c:b6:3b:c2:78:4e:87:78: a8:f1:62:c5:80:0a:68:1c:c2:18:95:ab:c2:22:fd:ab:03:57: 90:50:1a:7e:35:6f:4f:ab:dd:00:10:80:dc:d2:56:d7:9a:25: 99:c9:9b:c4:1b:08:bb:cb:90:6e:03:2d:c5:db:42:84:91:0d: be:4b:78:12:f1:41:ba:98:74:94:60:02:b4:3a:ac:18:8f:b9: db:73:40:ad:98:10:03:56:22:9c:af:79:c0:29:fc:14:3d:ca: 01:25:56:eb:86:ab:d2:34:91:57:79:d2:c6:15:b8:6c:c5:d3: e4:34:bb:e6:6f:24:d8:44:f2:bb:17:b7:41:11:25:fc:04:fd: dc:35:c1:8e:a6:89:a8:9a:7e:d2:c9:d8:da:f8:a2:50:39:a9: 72:fc:4a:56:d6:9c:c7:5b:48:a8:02:05:e1:35:e8:79:40:5a: a5:3e:16:f6:c8:99:e9:12:e9:d1:6e:de:46:e2:4f:49:ac:6e: aa:0a:57:39:b4:53:55:d2:66:ac:8a:e0:51:1d:f5:2a:4d:3c: cb:0f:c4:82:cb:70:5a:12:c7:d1:1f:1a:b4:8f:43:bc:f2:74: a6:2a:86:df -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIUDfBHxxkEwZUDtidKVzcNzmRxsHowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGZjMzM2YmY5ZjNkZTVjZTQxNDE0YmQxOTcxOTQ1ZjRi MjQ2YmZjYzAeFw0yNjAxMTgyMTA3MDBaFw0yNzAxMTcyMTEyMDBaMDMxMTAvBgNV BAMTKDI5MEI2M0Y3NUI5Mzk0NzcwQ0ZFNjZCRjg3OEFFODUxNjYxRTA5QUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc0viRZmaQxWYMWctvYgq8zEUn UYlniAkfaoX93gFRQv0vTrRLDo7qAU36X0kfChcDhgj6gQkPlDCzGSpEWJezEnOS VXRpuIqEJoYHP6W1nzP/VNTDQ2VuMCz9xDC9ABRktNkNc0rEjmGc/emW4MrtmBSj Y2EqYGMtpM9fuoX3pkhM16yTNiAU5bpxhMCfS/rvek/8YIuKC34ftD3vmUn5FAZ0 dg4SSufUIeIGSL7OTHC2oq18Js91GDe7clNliwgEI6UhUu4I4tJM4VgfnmWNoDHy yv/RPZ/HvlVrGZiLHVYtcsJIsBXmLyTAigpyCP4VJEt69e31bd3J61msW795AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUKQtj91uTlHcM/ma/h4roUWYeCa0wHwYDVR0j BBgwFoAUT8M2v5895c5BQUvRlxlF9LJGv8wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDliZTNhYWUtYWVhMS00MWRjLWIxYjktOTVhYzU5MTgy NDRkLzAvNEZDMzM2QkY5RjNERTVDRTQxNDE0QkQxOTcxOTQ1RjRCMjQ2QkZDQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1Q4TTJ2NTg5NWM1QlFVdlJseGxGOUxK R3Y4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzA5YmUzYWFlLWFlYTEt NDFkYy1iMWI5LTk1YWM1OTE4MjQ0ZC8wL0FTMzk3NDIzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAjw60 AwQAkd8sAwQAkd82AwQAkd86AwQAkmcFAwQBlvHiAwQAm3X2AwQAp5SeMA0GCSqG SIb3DQEBCwUAA4IBAQBhewB26+Hu33PM0hYgAl3hOHArE9MZ6xUxJZLZLLY7wnhO h3io8WLFgApoHMIYlavCIv2rA1eQUBp+NW9Pq90AEIDc0lbXmiWZyZvEGwi7y5Bu Ay3F20KEkQ2+S3gS8UG6mHSUYAK0OqwYj7nbc0CtmBADViKcr3nAKfwUPcoBJVbr hqvSNJFXedLGFbhsxdPkNLvmbyTYRPK7F7dBESX8BP3cNcGOpomomn7Sydja+KJQ Oaly/EpW1pzHW0ioAgXhNeh5QFqlPhb2yJnpEunRbt5G4k9JrG6qClc5tFNV0mas iuBRHfUqTTzLD8SCy3BaEsfRHxq0j0O88nSmKobf -----END CERTIFICATE-----Generated at Sun Jan 25 07:28:31 2026 by rpki-client