This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa File: AS270353.roa (raw, json) Hash identifier: fAtIHbw2xozNpaKnOGXlD4IUVSSANNgTZtgF+90WpMI= Subject key identifier: AA:5D:5D:0D:A3:68:3B:E0:39:EA:1E:F3:A6:CE:EE:D0:B1:AA:38:62 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 21440EDEC7913CDD54A35C645E9DB21EEC3E9304 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa Signing time: Wed 03 Dec 2025 08:55:13 +0000 ROA not before: Wed 03 Dec 2025 08:50:13 +0000 ROA not after: Wed 02 Dec 2026 08:55:13 +0000 asID: 270353 IP address blocks: 191.96.78.0/23 maxlen: 23 191.96.78.0/24 maxlen: 24 191.96.79.0/24 maxlen: 24 191.96.224.0/23 maxlen: 24 191.101.131.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 22:12:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:44:0e:de:c7:91:3c:dd:54:a3:5c:64:5e:9d:b2:1e:ec:3e:93:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Dec 3 08:50:13 2025 GMT Not After : Dec 2 08:55:13 2026 GMT Subject: CN=AA5D5D0DA3683BE039EA1EF3A6CEEED0B1AA3862 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:29:5c:30:6d:be:6b:19:1a:9e:e4:56:bf:06: 29:d8:58:2a:2d:d6:7a:d4:df:83:3e:ab:e2:66:b2: 88:0f:ca:ee:f5:28:fc:88:ba:11:cc:de:c2:68:a4: 26:5b:d6:11:db:f4:95:64:a3:22:12:84:51:dd:c3: d6:9f:08:9a:5d:06:ab:a9:12:a9:d2:3d:4c:ae:d6: b5:3f:d4:a0:c0:db:97:02:dc:e2:4f:11:5f:c5:eb: f4:7e:49:20:4a:c0:84:df:b8:78:fb:cd:0c:c3:59: 7a:e9:23:7c:b1:fd:08:e0:ce:fb:9d:f4:b4:f2:f9: c7:6a:41:8b:55:01:e0:bb:e2:4a:b0:2e:b8:58:f7: 23:4f:96:19:6f:66:87:e8:5b:11:b2:6b:c0:a9:c5: 16:b7:4b:eb:15:bf:ed:0a:0b:9f:ae:8b:a2:e3:40: 09:f0:a8:46:81:16:75:58:45:64:1b:bb:b9:66:50: 2d:71:19:23:83:29:c7:86:4d:5f:ce:5f:22:09:cb: 0f:48:e3:83:29:10:53:5d:2c:a7:08:73:81:b2:84: 2a:73:d8:6e:31:fb:34:d6:fe:af:31:47:cf:e0:85: 9b:f3:cf:ce:fa:3d:b0:87:1f:69:15:57:21:bf:da: 48:7a:bf:7b:d4:cb:dd:6d:e5:44:d7:1b:54:f3:7b: b9:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:5D:5D:0D:A3:68:3B:E0:39:EA:1E:F3:A6:CE:EE:D0:B1:AA:38:62 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS270353.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 191.96.78.0/23 191.96.224.0/23 191.101.131.0/24 Signature Algorithm: sha256WithRSAEncryption 6e:13:7b:91:8c:55:ce:d9:c0:d0:e3:72:33:d9:e1:8c:36:60: b2:ac:ac:aa:cf:da:2f:db:7b:dd:9a:f6:7b:03:d7:4f:30:71: 6e:91:d0:e6:9e:67:2f:a4:91:00:3f:f1:e6:b1:25:dc:55:47: 6f:05:4d:44:bf:a8:e5:4d:1a:44:67:ba:10:4f:de:70:52:51: 86:0f:0f:2b:90:ca:32:61:ef:21:c0:b8:7e:12:31:6d:e3:cf: 7c:21:5b:95:32:9c:1c:27:1a:92:8e:48:08:35:48:6b:3e:90: dd:65:df:78:b2:3d:0c:ed:e6:68:ad:a3:cc:01:fd:9b:ae:72: d2:d3:a5:6e:2e:44:12:c6:b2:03:11:2a:88:8a:c2:5a:1c:71: 3c:67:c4:08:96:12:33:82:0e:65:83:d0:41:98:9c:97:ea:60: ed:ad:fb:bf:8b:eb:bc:f2:a0:ad:02:21:38:3d:5d:88:19:cc: 0b:0b:02:73:1a:c3:e1:6f:24:8c:66:a6:0c:82:93:70:f0:6a: 3b:b9:68:cc:5e:6a:fe:80:63:e0:8f:d6:a1:af:d6:bb:1f:a8: 3e:98:d7:7e:85:11:4b:36:e3:5c:90:ba:1c:60:3f:9e:65:a7: 91:dd:58:7d:79:69:2f:fd:6f:aa:18:a5:65:b7:3f:00:9b:c6: 9a:74:6d:19 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUIUQO3seRPN1Uo1xkXp2yHuw+kwQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTEyMDMwODUwMTNaFw0yNjEyMDIwODU1MTNaMDMxMTAvBgNV BAMTKEFBNUQ1RDBEQTM2ODNCRTAzOUVBMUVGM0E2Q0VFRUQwQjFBQTM4NjIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/KVwwbb5rGRqe5Fa/BinYWCot 1nrU34M+q+JmsogPyu71KPyIuhHM3sJopCZb1hHb9JVkoyIShFHdw9afCJpdBqup EqnSPUyu1rU/1KDA25cC3OJPEV/F6/R+SSBKwITfuHj7zQzDWXrpI3yx/Qjgzvud 9LTy+cdqQYtVAeC74kqwLrhY9yNPlhlvZofoWxGya8CpxRa3S+sVv+0KC5+ui6Lj QAnwqEaBFnVYRWQbu7lmUC1xGSODKceGTV/OXyIJyw9I44MpEFNdLKcIc4GyhCpz 2G4x+zTW/q8xR8/ghZvzz876PbCHH2kVVyG/2kh6v3vUy91t5UTXG1Tze7k/AgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUql1dDaNoO+A56h7zps7u0LGqOGIwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjcwMzUzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBv2BO AwQBv2DgAwQAv2WDMA0GCSqGSIb3DQEBCwUAA4IBAQBuE3uRjFXO2cDQ43Iz2eGM NmCyrKyqz9ov23vdmvZ7A9dPMHFukdDmnmcvpJEAP/HmsSXcVUdvBU1Ev6jlTRpE Z7oQT95wUlGGDw8rkMoyYe8hwLh+EjFt4898IVuVMpwcJxqSjkgINUhrPpDdZd94 sj0M7eZoraPMAf2brnLS06VuLkQSxrIDESqIisJaHHE8Z8QIlhIzgg5lg9BBmJyX 6mDtrfu/i+u88qCtAiE4PV2IGcwLCwJzGsPhbySMZqYMgpNw8Go7uWjMXmr+gGPg j9ahr9a7H6g+mNd+hRFLNuNckLocYD+eZaeR3Vh9eWkv/W+qGKVltz8Am8aadG0Z -----END CERTIFICATE-----Generated at Sat Dec 6 11:05:49 2025 by rpki-client