This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa File: AS16509.roa (raw, json) Hash identifier: ZHLUu9aKIaVeMPCdXC7NtgES05oCP1zMtrTDaNSbWgw= Subject key identifier: 02:4B:FE:0B:59:2F:98:F9:83:85:8F:80:6E:66:D9:0B:47:3F:0B:41 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 4FA85D6E6471F65D76A930DDA42AE2D0C533B9EF Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa Signing time: Thu 22 Jan 2026 13:42:06 +0000 ROA not before: Thu 22 Jan 2026 13:37:06 +0000 ROA not after: Thu 21 Jan 2027 13:42:06 +0000 asID: 16509 IP address blocks: 45.139.182.0/24 maxlen: 24 181.214.94.0/24 maxlen: 24 181.214.110.0/24 maxlen: 24 181.215.206.0/23 maxlen: 24 185.137.13.0/24 maxlen: 24 191.96.204.0/24 maxlen: 24 191.101.111.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:a8:5d:6e:64:71:f6:5d:76:a9:30:dd:a4:2a:e2:d0:c5:33:b9:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Jan 22 13:37:06 2026 GMT Not After : Jan 21 13:42:06 2027 GMT Subject: CN=024BFE0B592F98F983858F806E66D90B473F0B41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:96:03:b7:e2:95:32:af:04:ce:93:94:ab:3a: 66:be:69:ac:36:be:ac:38:28:89:9b:a9:af:46:2c: a4:1c:26:33:77:36:fa:d6:f1:6f:b4:7c:ec:41:ef: 2b:36:35:b0:7e:d6:b5:2a:a8:15:5d:3b:cd:9c:13: 47:37:04:16:64:23:ee:f5:35:9e:06:6b:c4:ac:77: 02:28:51:f4:61:c2:9d:d9:88:88:29:a4:61:95:7e: 8d:64:12:28:07:e4:d0:f1:d4:9d:ad:56:ca:ac:66: 31:4f:12:e8:3c:34:1f:da:0a:72:50:f5:5e:dc:bc: 0f:c1:1c:ae:a9:73:05:99:f0:18:38:76:bf:ed:c4: 6c:17:f9:95:03:d8:de:0e:f8:fa:f7:24:46:ab:c2: 23:3f:c9:c3:77:04:c1:5e:e9:5d:5a:86:ff:d5:e3: f9:e3:62:d6:e3:7d:f0:32:0e:d2:09:73:81:89:f8: 0f:11:d1:aa:18:30:65:a9:13:a1:bc:c0:9f:9c:41: 69:c5:0c:bf:14:bd:20:0c:e4:47:e4:0c:86:8f:ae: b3:7b:0b:9b:d7:d2:c9:bf:38:07:ca:44:50:dd:ac: 95:8c:65:ba:c5:c3:35:be:29:bf:b3:48:bf:97:b8: b3:9a:d3:b7:7d:8f:1d:96:e8:56:78:e1:5d:b4:81: bf:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:4B:FE:0B:59:2F:98:F9:83:85:8F:80:6E:66:D9:0B:47:3F:0B:41 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS16509.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.139.182.0/24 181.214.94.0/24 181.214.110.0/24 181.215.206.0/23 185.137.13.0/24 191.96.204.0/24 191.101.111.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:40:a2:67:bd:4b:18:76:d4:71:80:14:92:57:aa:03:af:04: 2d:04:e5:3f:13:01:5e:57:7f:78:9f:5c:28:15:2f:db:d6:08: 20:b8:25:fa:db:5b:29:2e:60:3f:8d:04:fe:1d:cc:6d:ce:d2: 93:ac:df:60:40:e7:3a:7d:2f:5a:65:f4:57:bd:61:94:ae:18: 1c:da:45:68:15:fb:89:0d:cc:63:d3:a0:81:67:af:ab:c4:58: 6a:7c:84:26:c1:64:f9:5e:de:a8:32:0b:22:6a:08:9e:b9:89: b8:26:e1:9d:ed:26:f2:36:2e:f1:ad:12:f1:b8:41:9c:75:0c: 5b:e9:82:d6:f5:36:b3:24:07:2c:ca:df:76:2a:a0:0c:dc:11: 5e:a7:6b:57:4f:b7:2a:d3:de:c4:1d:97:98:2a:d2:66:55:eb: 7c:37:33:2d:22:d8:49:bf:c5:34:bf:4a:ce:1a:24:30:c8:31: c7:a0:ff:68:5e:5d:05:65:0f:f8:8d:c3:e4:8d:fa:50:f6:5a: 1b:76:05:a8:96:10:d3:38:ed:32:19:dd:f1:09:a1:4b:af:e5: 3b:a3:ee:c6:f2:35:29:7f:80:4f:a2:21:4a:d9:6e:62:03:f0: 88:5a:13:ce:c2:bf:b3:c6:f6:57:5d:24:21:cc:e1:c5:cd:c9: 37:04:24:84 -----BEGIN CERTIFICATE----- MIIFIzCCBAugAwIBAgIUT6hdbmRx9l12qTDdpCri0MUzue8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNjAxMjIxMzM3MDZaFw0yNzAxMjExMzQyMDZaMDMxMTAvBgNV BAMTKDAyNEJGRTBCNTkyRjk4Rjk4Mzg1OEY4MDZFNjZEOTBCNDczRjBCNDEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvlgO34pUyrwTOk5SrOma+aaw2 vqw4KImbqa9GLKQcJjN3NvrW8W+0fOxB7ys2NbB+1rUqqBVdO82cE0c3BBZkI+71 NZ4Ga8SsdwIoUfRhwp3ZiIgppGGVfo1kEigH5NDx1J2tVsqsZjFPEug8NB/aCnJQ 9V7cvA/BHK6pcwWZ8Bg4dr/txGwX+ZUD2N4O+Pr3JEarwiM/ycN3BMFe6V1ahv/V 4/njYtbjffAyDtIJc4GJ+A8R0aoYMGWpE6G8wJ+cQWnFDL8UvSAM5EfkDIaPrrN7 C5vX0sm/OAfKRFDdrJWMZbrFwzW+Kb+zSL+XuLOa07d9jx2W6FZ44V20gb91AgMB AAGjggItMIICKTAdBgNVHQ4EFgQUAkv+C1kvmPmDhY+AbmbZC0c/C0EwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMTY1MDkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMDAEAgABMCoDBAAti7YD BAC11l4DBAC11m4DBAG1184DBAC5iQ0DBAC/YMwDBAC/ZW8wDQYJKoZIhvcNAQEL BQADggEBAC9Aome9Sxh21HGAFJJXqgOvBC0E5T8TAV5Xf3ifXCgVL9vWCCC4Jfrb WykuYD+NBP4dzG3O0pOs32BA5zp9L1pl9Fe9YZSuGBzaRWgV+4kNzGPToIFnr6vE WGp8hCbBZPle3qgyCyJqCJ65ibgm4Z3tJvI2LvGtEvG4QZx1DFvpgtb1NrMkByzK 33YqoAzcEV6na1dPtyrT3sQdl5gq0mZV63w3My0i2Em/xTS/Ss4aJDDIMceg/2he XQVlD/iNw+SN+lD2Wht2BaiWENM47TIZ3fEJoUuv5Tuj7sbyNSl/gE+iIUrZbmID 8IhaE87Cv7PG9lddJCHM4cXNyTcEJIQ= -----END CERTIFICATE-----Generated at Sun Jan 25 20:05:43 2026 by rpki-client