This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: XchVSfeeUfbRGvnd7VX/oNKR3dBpt9qWCvTG+AEKA6E= Subject key identifier: C7:50:6D:1E:6E:9C:A9:40:2F:0F:5F:8B:13:DC:88:25:8B:0F:11:A3 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 48F5D6C55B66F96A2DEB5F19EC591726BAB539E9 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa Signing time: Mon 01 Dec 2025 14:54:04 +0000 ROA not before: Mon 01 Dec 2025 14:49:04 +0000 ROA not after: Mon 30 Nov 2026 14:54:04 +0000 asID: 20473 IP address blocks: 181.215.70.0/24 maxlen: 24 191.101.223.0/24 maxlen: 24 213.109.169.0/24 maxlen: 24 2a0b:500::/32 maxlen: 48 2a0b:501::/32 maxlen: 48 2a0b:502::/32 maxlen: 48 2a0b:503::/32 maxlen: 48 2a0b:504::/32 maxlen: 48 2a0b:505::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 48:f5:d6:c5:5b:66:f9:6a:2d:eb:5f:19:ec:59:17:26:ba:b5:39:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 1 14:49:04 2025 GMT Not After : Nov 30 14:54:04 2026 GMT Subject: CN=C7506D1E6E9CA9402F0F5F8B13DC88258B0F11A3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:82:e2:1e:66:cb:d2:4d:a0:8c:ef:0a:e1:02: 91:33:71:c4:82:4b:9a:3a:cd:84:8a:72:f7:68:fc: b5:f8:cd:2f:f2:aa:a9:7c:fc:ea:5f:4c:a1:8a:7d: ca:97:ed:d4:35:69:29:31:7a:05:6f:bc:67:07:cb: 4a:b4:31:4f:e4:12:68:c2:ab:eb:b5:d9:0c:50:18: 2a:37:93:69:24:8a:a7:f2:a8:2e:71:44:77:78:ec: a4:46:8d:c5:dd:0b:4f:1e:67:52:f2:83:0a:9b:da: c7:d8:af:c7:f3:7b:fd:3e:d5:89:d7:36:37:55:13: 3e:c6:bd:56:c1:7a:5e:4d:e5:5b:1d:de:61:a3:b8: 32:2d:1d:d3:77:fb:ae:d0:44:55:ea:ab:e5:c6:a8: 48:51:d0:49:e6:a0:9d:89:9d:1a:f0:1e:be:6e:a9: ca:61:04:14:98:61:63:b2:20:f9:a4:8a:45:8f:1f: 52:1f:a3:c7:af:94:84:11:df:be:0f:cd:31:fe:09: 5c:84:6f:98:9b:43:4d:f7:c2:c5:3b:77:be:e9:04: 4d:dc:b0:29:a8:7d:1c:b9:c4:1e:05:dd:ad:c6:d4: 1b:a0:fe:13:2f:7b:d3:cd:04:5a:29:a9:6e:27:81: b6:2f:32:b2:00:b5:11:8e:fc:4f:76:14:cb:0f:f8: af:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:50:6D:1E:6E:9C:A9:40:2F:0F:5F:8B:13:DC:88:25:8B:0F:11:A3 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.215.70.0/24 191.101.223.0/24 213.109.169.0/24 IPv6: 2a0b:500::-2a0b:505:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 71:36:52:00:2f:94:34:dd:b3:71:89:d5:16:00:91:79:c6:da: a4:5c:5f:5f:48:89:73:f1:8d:d7:07:2c:65:47:b9:1a:0e:90: 4b:1d:31:76:41:1e:03:7b:d4:ea:0a:e9:e7:07:47:4d:79:92: 41:93:0f:bb:36:5c:be:a2:fa:ec:07:b1:dc:cc:76:a3:d0:26: fd:a0:4a:eb:d5:c8:8a:b8:8c:2b:94:7a:27:c3:73:4f:3c:ad: 43:b8:ee:d9:3a:e0:24:ae:7e:16:a9:f5:38:3e:b6:c0:d9:59: 49:87:de:6d:40:4b:d0:c6:37:39:89:2c:c9:44:cb:60:af:18: ca:67:c9:a7:6a:5b:3d:74:dd:28:77:83:94:a7:0b:13:ea:10: 34:88:c4:4f:8e:c3:4c:0d:50:ab:87:58:27:92:5d:bc:10:4f: 7c:3b:9e:98:7e:19:95:e4:79:59:fe:fe:a1:24:29:2c:49:90: 35:0e:47:25:12:8f:0a:42:bd:69:a2:6e:04:70:10:8d:b4:da: 8d:ef:9f:dd:3e:39:d5:d1:70:d7:37:7f:d6:12:22:33:ea:e8: a7:8a:57:24:8d:2b:a7:9d:53:34:0a:c9:3e:dc:e8:e5:25:9b: fc:ff:b1:3c:12:94:40:31:56:cc:c7:b5:f5:a9:c2:92:47:f9: d6:cb:72:51 -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgIUSPXWxVtm+Wot618Z7FkXJrq1OekwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMDExNDQ5MDRaFw0yNjExMzAxNDU0MDRaMDMxMTAvBgNV BAMTKEM3NTA2RDFFNkU5Q0E5NDAyRjBGNUY4QjEzREM4ODI1OEIwRjExQTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBguIeZsvSTaCM7wrhApEzccSC S5o6zYSKcvdo/LX4zS/yqql8/OpfTKGKfcqX7dQ1aSkxegVvvGcHy0q0MU/kEmjC q+u12QxQGCo3k2kkiqfyqC5xRHd47KRGjcXdC08eZ1Lygwqb2sfYr8fze/0+1YnX NjdVEz7GvVbBel5N5Vsd3mGjuDItHdN3+67QRFXqq+XGqEhR0EnmoJ2JnRrwHr5u qcphBBSYYWOyIPmkikWPH1Ifo8evlIQR374PzTH+CVyEb5ibQ033wsU7d77pBE3c sCmofRy5xB4F3a3G1Bug/hMve9PNBFopqW4ngbYvMrIAtRGO/E92FMsP+K8DAgMB AAGjggIsMIICKDAdBgNVHQ4EFgQUx1BtHm6cqUAvD1+LE9yIJYsPEaMwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMBgEAgABMBIDBAC110YD BAC/Zd8DBADVbakwFQQCAAIwDzANAwQAKgsFAwUBKgsFBDANBgkqhkiG9w0BAQsF AAOCAQEAcTZSAC+UNN2zcYnVFgCRecbapFxfX0iJc/GN1wcsZUe5Gg6QSx0xdkEe A3vU6grp5wdHTXmSQZMPuzZcvqL67Aex3Mx2o9Am/aBK69XIiriMK5R6J8NzTzyt Q7ju2TrgJK5+Fqn1OD62wNlZSYfebUBL0MY3OYksyUTLYK8YymfJp2pbPXTdKHeD lKcLE+oQNIjET47DTA1Qq4dYJ5JdvBBPfDuemH4ZleR5Wf7+oSQpLEmQNQ5HJRKP CkK9aaJuBHAQjbTaje+f3T451dFw1zd/1hIiM+rop4pXJI0rp51TNArJPtzo5SWb /P+xPBKUQDFWzMe19anCkkf51styUQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:05:58 2025 by rpki-client