This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS214025.roa File: AS214025.roa (raw, json) Hash identifier: 9kaYsFsa43mPWDCP6o47Pd5lkP0VoGQd7mTs2jsNPrI= Subject key identifier: CE:04:BD:7E:52:97:F2:17:72:02:85:EA:83:39:FF:12:AA:3D:D4:40 Certificate issuer: /CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Certificate serial: 2ED6E1F02589E58518EBA5D4CA5780ED2299AACD Authority key identifier: 3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS214025.roa Signing time: Fri 23 Jan 2026 13:36:35 +0000 ROA not before: Fri 23 Jan 2026 13:31:35 +0000 ROA not after: Fri 22 Jan 2027 13:36:35 +0000 asID: 214025 IP address blocks: 46.236.192.0/24 maxlen: 24 46.236.209.0/24 maxlen: 24 46.236.241.0/24 maxlen: 24 46.236.254.0/24 maxlen: 24 82.139.248.0/24 maxlen: 24 212.60.144.0/24 maxlen: 24 212.60.147.0/24 maxlen: 24 212.60.155.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.mft rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2e:d6:e1:f0:25:89:e5:85:18:eb:a5:d4:ca:57:80:ed:22:99:aa:cd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3feccb17be51ee59ec74d64eed917e221ee28a1b Validity Not Before: Jan 23 13:31:35 2026 GMT Not After : Jan 22 13:36:35 2027 GMT Subject: CN=CE04BD7E5297F217720285EA8339FF12AA3DD440 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:88:da:59:69:a8:7b:fb:85:41:b4:ad:1b:c4: 63:6e:8e:e1:a2:79:1a:fb:50:94:d5:95:af:72:2e: 08:71:0a:ea:d4:1f:f4:f0:83:c5:a1:87:f1:a7:6a: b1:dc:0d:8b:eb:f3:4a:9f:d7:ae:bc:fe:c5:17:da: 6d:ed:26:13:b6:b4:3f:99:8b:cd:1a:17:2d:5b:71: 5f:10:50:99:fe:65:b6:98:11:36:22:16:5f:a4:76: 54:77:1c:cb:aa:e5:47:33:39:43:a1:82:6a:cf:20: 6c:69:6d:c9:dd:9d:85:5d:cc:29:61:eb:e9:42:15: e8:90:49:f8:c0:85:fa:26:ad:98:62:ba:c6:cd:d3: 3e:cd:fd:3c:f1:64:85:98:f8:7b:f0:f4:47:e9:fa: e5:c0:ee:a9:bd:62:1f:39:bc:15:7a:37:49:e1:f8: e9:ac:4e:59:9e:ce:65:d7:74:90:31:96:35:16:30: 46:7c:76:8c:90:b8:9b:48:ed:33:4a:1a:4d:96:aa: 86:31:f0:48:ea:f8:b2:9f:c3:cd:f8:b1:37:94:91: f2:66:59:70:41:e7:ea:6f:2f:40:6a:62:79:a6:9f: 0d:a6:5e:5b:0b:7b:55:ee:8c:ac:b0:f1:d4:b9:47: 0f:9a:aa:89:e7:72:55:ae:42:df:b0:d4:a8:bf:c8: 2c:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:04:BD:7E:52:97:F2:17:72:02:85:EA:83:39:FF:12:AA:3D:D4:40 X509v3 Authority Key Identifier: keyid:3F:EC:CB:17:BE:51:EE:59:EC:74:D6:4E:ED:91:7E:22:1E:E2:8A:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/3FECCB17BE51EE59EC74D64EED917E221EE28A1B.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P-zLF75R7lnsdNZO7ZF-Ih7iihs.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/22db7555-9aa4-4983-9316-73809dd354bc/0/AS214025.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.236.192.0/24 46.236.209.0/24 46.236.241.0/24 46.236.254.0/24 82.139.248.0/24 212.60.144.0/24 212.60.147.0/24 212.60.155.0/24 Signature Algorithm: sha256WithRSAEncryption 83:75:66:9d:b6:94:0b:09:7f:37:74:d9:a1:6f:f4:a8:52:83: 23:ef:a3:20:1b:49:1a:a7:f8:10:e3:fb:6c:74:71:93:55:ad: ba:bd:35:be:0f:12:51:1b:bd:8b:01:9f:76:22:1d:c2:ac:45: 22:b6:aa:cd:09:32:96:d6:81:28:48:d7:71:bb:36:03:6c:0e: 9f:ba:99:b1:ba:3d:40:09:bf:1b:7b:8d:c8:ce:5a:9c:37:d7: b4:5b:ec:fa:5a:99:1a:9f:0a:41:66:b2:3f:f8:c0:72:e1:f4: bc:fe:15:30:70:1f:cc:bf:d6:64:35:a5:66:4f:d1:01:8d:7f: 9d:4d:55:d0:fb:17:1d:6e:5c:0b:91:9b:16:bb:00:8b:39:88: 17:fe:54:94:83:33:0c:6e:83:a8:bc:a5:20:37:84:56:8d:59: 5e:f7:82:e0:5a:68:0a:de:84:de:d3:8f:9d:83:04:26:64:24: f7:03:75:1b:a1:68:9e:39:35:54:47:f4:d8:30:6f:99:33:88: 39:bd:ac:2b:36:11:44:29:36:26:4d:ba:24:98:44:73:bf:dc: ab:3a:03:24:db:ad:4a:5c:b4:5a:fb:fd:a0:08:41:6a:f5:3a: b4:b5:96:ff:41:4f:a0:25:50:6a:3c:4d:73:88:7e:fc:53:46: cb:4a:5b:9b -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgIULtbh8CWJ5YUY66XUyleA7SKZqs0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoM2ZlY2NiMTdiZTUxZWU1OWVjNzRkNjRlZWQ5MTdlMjIx ZWUyOGExYjAeFw0yNjAxMjMxMzMxMzVaFw0yNzAxMjIxMzM2MzVaMDMxMTAvBgNV BAMTKENFMDRCRDdFNTI5N0YyMTc3MjAyODVFQTgzMzlGRjEyQUEzREQ0NDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDViNpZaah7+4VBtK0bxGNujuGi eRr7UJTVla9yLghxCurUH/Twg8Whh/GnarHcDYvr80qf1668/sUX2m3tJhO2tD+Z i80aFy1bcV8QUJn+ZbaYETYiFl+kdlR3HMuq5UczOUOhgmrPIGxpbcndnYVdzClh 6+lCFeiQSfjAhfomrZhiusbN0z7N/TzxZIWY+Hvw9Efp+uXA7qm9Yh85vBV6N0nh +OmsTlmezmXXdJAxljUWMEZ8doyQuJtI7TNKGk2WqoYx8Ejq+LKfw834sTeUkfJm WXBB5+pvL0BqYnmmnw2mXlsLe1XujKyw8dS5Rw+aqonnclWuQt+w1Ki/yCw9AgMB AAGjggI0MIICMDAdBgNVHQ4EFgQUzgS9flKX8hdyAoXqgzn/Eqo91EAwHwYDVR0j BBgwFoAUP+zLF75R7lnsdNZO7ZF+Ih7iihswDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMjJkYjc1NTUtOWFhNC00OTgzLTkzMTYtNzM4MDlkZDM1 NGJjLzAvM0ZFQ0NCMTdCRTUxRUU1OUVDNzRENjRFRUQ5MTdFMjIxRUUyOEExQi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1AtekxGNzVSN2xuc2ROWk83WkYtSWg3 aWlocy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzIyZGI3NTU1LTlhYTQt NDk4My05MzE2LTczODA5ZGQzNTRiYy8wL0FTMjE0MDI1LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALuzA AwQALuzRAwQALuzxAwQALuz+AwQAUov4AwQA1DyQAwQA1DyTAwQA1DybMA0GCSqG SIb3DQEBCwUAA4IBAQCDdWadtpQLCX83dNmhb/SoUoMj76MgG0kap/gQ4/tsdHGT Va26vTW+DxJRG72LAZ92Ih3CrEUitqrNCTKW1oEoSNdxuzYDbA6fupmxuj1ACb8b e43IzlqcN9e0W+z6WpkanwpBZrI/+MBy4fS8/hUwcB/Mv9ZkNaVmT9EBjX+dTVXQ +xcdblwLkZsWuwCLOYgX/lSUgzMMboOovKUgN4RWjVle94LgWmgK3oTe04+dgwQm ZCT3A3UboWieOTVUR/TYMG+ZM4g5vawrNhFEKTYmTbokmERzv9yrOgMk261KXLRa +/2gCEFq9Tq0tZb/QU+gJVBqPE1ziH78U0bLSlub -----END CERTIFICATE-----Generated at Sun Jan 25 11:50:11 2026 by rpki-client