This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: Y9K1VTP3sdmOD4Zh6u2zCFIM7pWpFL362Uuj3lWp2OE= Subject key identifier: 06:31:11:A6:CC:90:FC:DB:9F:72:9A:5B:07:11:E8:00:92:72:8D:D6 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 1362BF815DB4EA32E56EC7D83113E7769562F43A Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa Signing time: Mon 24 Nov 2025 14:20:34 +0000 ROA not before: Mon 24 Nov 2025 14:15:34 +0000 ROA not after: Mon 23 Nov 2026 14:20:34 +0000 asID: 16509 IP address blocks: 181.214.94.0/24 maxlen: 24 181.214.110.0/24 maxlen: 24 181.215.206.0/23 maxlen: 24 185.135.159.0/24 maxlen: 24 185.137.12.0/24 maxlen: 24 185.137.13.0/24 maxlen: 24 185.141.166.0/24 maxlen: 24 191.96.204.0/24 maxlen: 24 191.101.111.0/24 maxlen: 24 191.101.223.0/24 maxlen: 24 213.109.169.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:62:bf:81:5d:b4:ea:32:e5:6e:c7:d8:31:13:e7:76:95:62:f4:3a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Nov 24 14:15:34 2025 GMT Not After : Nov 23 14:20:34 2026 GMT Subject: CN=063111A6CC90FCDB9F729A5B0711E80092728DD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:e8:c2:17:f7:f4:6f:60:72:41:22:67:bb:ac: 12:7a:a4:e6:2c:a4:44:d3:06:17:38:4f:89:6a:1b: c7:c8:3b:95:50:f9:ca:dc:e3:4d:ad:90:06:26:d5: bf:f0:e2:83:bd:ae:14:df:b7:d2:81:23:a6:6b:83: ce:a8:17:21:13:af:e6:90:a2:64:37:fe:a1:c1:f2: 9c:b9:48:5c:7e:88:4c:34:63:cd:0b:f8:05:50:bb: fd:b2:bb:76:94:e0:05:ee:9e:94:8e:9a:fc:a4:7a: e5:76:8f:98:08:67:69:2a:49:0f:29:dc:ed:ed:54: 80:5d:8d:0a:20:0c:09:35:b3:d5:62:7e:d9:9b:d3: 0b:15:76:5d:b6:36:f0:bb:7c:6d:64:69:1b:14:30: 21:76:f7:48:42:e2:75:10:0e:80:b6:0e:b5:0e:ba: 55:31:1e:5c:50:2d:a1:06:c5:85:db:e1:9b:16:9d: 01:f3:fa:6d:be:df:46:a5:7a:db:17:77:0b:f6:6a: db:85:be:63:37:7a:2a:da:42:a6:a5:6d:ac:53:5c: 5b:c9:9e:a8:2b:68:7d:aa:40:1a:5b:f7:1a:69:37: 3d:27:36:3f:ad:cc:8c:1b:25:f9:a7:dc:0b:2e:91: f6:0b:5e:6f:0c:f0:20:81:1e:d0:02:ad:2c:65:26: a7:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 06:31:11:A6:CC:90:FC:DB:9F:72:9A:5B:07:11:E8:00:92:72:8D:D6 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.214.94.0/24 181.214.110.0/24 181.215.206.0/23 185.135.159.0/24 185.137.12.0/23 185.141.166.0/24 191.96.204.0/24 191.101.111.0/24 191.101.223.0/24 213.109.169.0/24 Signature Algorithm: sha256WithRSAEncryption b2:78:49:e4:6a:43:44:d5:87:5f:b3:9f:8c:fc:65:3a:74:76: 25:ca:7c:ba:2e:0c:d8:93:8d:cc:b4:89:05:9b:02:50:1a:05: 4b:bc:48:7c:03:82:42:4f:3b:e9:df:4d:a5:8b:f9:da:34:50: f1:3c:f8:08:fc:df:96:97:6c:bc:80:78:b2:d4:47:87:81:ea: 6e:99:90:00:36:aa:35:06:f6:10:fb:69:70:a8:84:6f:4e:72: 39:57:8b:ae:7d:fa:cc:22:90:de:27:c6:d2:11:2f:67:33:b8: 31:d5:02:c1:68:a0:6f:ba:7c:06:25:d1:e3:8f:2b:99:e2:44: 28:21:0b:57:b6:dd:41:48:cf:c0:7f:c0:83:b1:5d:20:b9:ed: df:55:ae:82:db:fa:a9:23:e1:a6:ea:62:1b:22:ad:82:a4:a9: 69:a6:bf:97:c8:b5:7a:f4:11:c0:61:0c:cb:f0:0c:dd:3f:2d: e2:50:29:05:7a:7d:9e:60:b6:14:a9:44:5e:75:24:85:93:d0: bf:35:20:5a:0e:56:c3:fc:88:92:14:a2:cd:8a:4b:9a:e1:39: b3:73:9c:ab:f7:c0:f9:08:15:de:a2:8e:ae:8a:9c:02:8c:47: 7e:0d:bf:3f:ba:73:20:89:bc:06:ec:07:3c:dd:03:82:1a:a3: 45:52:e2:cd -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUE2K/gV206jLlbsfYMRPndpVi9DowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTExMjQxNDE1MzRaFw0yNjExMjMxNDIwMzRaMDMxMTAvBgNV BAMTKDA2MzExMUE2Q0M5MEZDREI5RjcyOUE1QjA3MTFFODAwOTI3MjhERDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn6MIX9/RvYHJBIme7rBJ6pOYs pETTBhc4T4lqG8fIO5VQ+crc402tkAYm1b/w4oO9rhTft9KBI6Zrg86oFyETr+aQ omQ3/qHB8py5SFx+iEw0Y80L+AVQu/2yu3aU4AXunpSOmvykeuV2j5gIZ2kqSQ8p 3O3tVIBdjQogDAk1s9Viftmb0wsVdl22NvC7fG1kaRsUMCF290hC4nUQDoC2DrUO ulUxHlxQLaEGxYXb4ZsWnQHz+m2+30aletsXdwv2atuFvmM3eiraQqalbaxTXFvJ nqgraH2qQBpb9xppNz0nNj+tzIwbJfmn3AsukfYLXm8M8CCBHtACrSxlJqe7AgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUBjERpsyQ/NufcppbBxHoAJJyjdYwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwVQYIKwYBBQUHAQcBAf8ERjBEMEIEAgABMDwDBAC11l4D BAC11m4DBAG1184DBAC5h58DBAG5iQwDBAC5jaYDBAC/YMwDBAC/ZW8DBAC/Zd8D BADVbakwDQYJKoZIhvcNAQELBQADggEBALJ4SeRqQ0TVh1+zn4z8ZTp0diXKfLou DNiTjcy0iQWbAlAaBUu8SHwDgkJPO+nfTaWL+do0UPE8+Aj835aXbLyAeLLUR4eB 6m6ZkAA2qjUG9hD7aXCohG9OcjlXi659+swikN4nxtIRL2czuDHVAsFooG+6fAYl 0eOPK5niRCghC1e23UFIz8B/wIOxXSC57d9VroLb+qkj4abqYhsirYKkqWmmv5fI tXr0EcBhDMvwDN0/LeJQKQV6fZ5gthSpRF51JIWT0L81IFoOVsP8iJIUos2KS5rh ObNznKv3wPkIFd6ijq6KnAKMR34Nvz+6cyCJvAbsBzzdA4Iao0VS4s0= -----END CERTIFICATE-----Generated at Sat Dec 6 11:51:25 2025 by rpki-client