This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa File: AS398704.roa (raw, json) Hash identifier: 8Q/x0Scs9JldwfqTvuZ3LlRouFlMSGoXSLqA4PUW428= Subject key identifier: CB:EF:DC:CC:8C:1B:E7:82:4E:A6:72:2C:DF:AF:BE:A1:7B:1C:54:83 Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 227DEA53B66C18EAB8B1AB9544B1C551034C5341 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa Signing time: Wed 12 Nov 2025 00:09:08 +0000 ROA not before: Wed 12 Nov 2025 00:04:08 +0000 ROA not after: Wed 11 Nov 2026 00:09:08 +0000 asID: 398704 IP address blocks: 181.214.119.0/24 maxlen: 24 181.214.216.0/24 maxlen: 24 191.96.111.0/24 maxlen: 24 191.101.9.0/24 maxlen: 24 191.101.39.0/24 maxlen: 24 191.101.63.0/24 maxlen: 24 191.101.88.0/24 maxlen: 24 191.101.123.0/24 maxlen: 24 191.101.135.0/24 maxlen: 24 191.101.144.0/23 maxlen: 24 191.101.148.0/24 maxlen: 24 191.101.206.0/24 maxlen: 24 191.101.212.0/22 maxlen: 24 191.101.238.0/23 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 13:09:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:7d:ea:53:b6:6c:18:ea:b8:b1:ab:95:44:b1:c5:51:03:4c:53:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Nov 12 00:04:08 2025 GMT Not After : Nov 11 00:09:08 2026 GMT Subject: CN=CBEFDCCC8C1BE7824EA6722CDFAFBEA17B1C5483 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:4a:4e:77:c5:0e:56:39:ee:17:d0:e3:0a:d9: e3:1d:4c:5e:9f:1b:2c:4a:39:84:4f:cf:04:ac:c4: 7f:90:b2:7d:e3:dd:f0:3c:25:56:fd:e2:ea:d1:87: 97:7e:d9:c8:31:f7:ad:6e:09:c9:fb:64:2d:d5:4e: c1:88:6c:b9:1d:9d:b5:3e:9c:15:93:f4:ab:30:cf: b4:71:a8:bd:fd:5d:71:36:5a:7e:a3:f0:d3:b6:52: 63:5b:57:3d:68:df:cb:ae:ca:7d:69:7c:51:fb:b8: 48:21:47:6e:9f:1e:9c:bb:85:99:99:9f:e0:57:75: d0:91:87:ed:04:e5:d0:c7:2d:e7:f5:29:e5:f2:d2: a6:20:59:89:42:52:90:e8:99:ee:c5:26:13:db:24: c1:49:32:b4:84:82:f3:f1:7a:71:72:73:c1:31:d1: d9:ca:14:98:64:d3:89:bd:52:22:c1:b8:b0:48:de: 71:f3:e0:53:84:47:2b:af:96:d7:7a:69:75:c2:65: a0:bb:20:f8:a5:b0:fa:6e:8b:11:a9:ce:26:3d:72: 33:16:79:af:1d:92:8c:61:a4:b7:84:80:f8:97:d5: 29:92:8c:22:48:32:a2:dc:57:3f:a8:88:8c:9f:16: 7f:df:b5:83:2f:74:9c:b2:9a:39:13:65:9b:16:a3: da:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:EF:DC:CC:8C:1B:E7:82:4E:A6:72:2C:DF:AF:BE:A1:7B:1C:54:83 X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 181.214.119.0/24 181.214.216.0/24 191.96.111.0/24 191.101.9.0/24 191.101.39.0/24 191.101.63.0/24 191.101.88.0/24 191.101.123.0/24 191.101.135.0/24 191.101.144.0/23 191.101.148.0/24 191.101.206.0/24 191.101.212.0/22 191.101.238.0/23 Signature Algorithm: sha256WithRSAEncryption 69:ad:8e:2c:77:f9:85:bc:7c:55:5a:c2:c1:8e:b1:a6:2b:18: 55:7b:3a:99:0c:38:3a:02:9c:ae:79:a5:29:e2:40:91:85:a9: 9a:6a:bb:59:f3:8b:0a:9f:90:87:8b:5d:4c:98:24:f8:02:90: fa:81:5a:33:19:5f:c1:bb:a1:80:fd:25:44:6a:e9:c5:19:4d: de:51:dc:e3:31:68:3a:09:ba:d0:f9:c0:14:d8:10:73:03:24: d6:43:98:b4:dd:5f:96:5e:bb:29:11:05:04:c0:1c:49:97:39: a3:e3:3d:c1:08:93:64:d4:0d:af:d3:9b:35:ea:4b:a4:53:96: 76:52:00:1c:78:5c:53:87:aa:00:c4:51:f4:0d:e8:28:c6:59: 31:b2:34:62:d3:0d:3f:0e:21:ed:ec:e0:3d:28:8a:fd:45:4b: ba:ab:9b:aa:db:55:16:fe:b0:02:9c:c3:4e:e9:3a:18:a6:98: aa:b7:13:07:df:f1:30:20:db:93:2e:45:d2:c1:51:40:8a:b3: a6:c9:a9:19:b0:8d:5f:7d:8e:3f:48:bb:30:3c:27:29:a7:02: 82:87:6c:dc:2b:ba:68:0b:ef:b4:75:73:35:a4:60:5e:f1:f3: 44:44:83:79:56:34:31:6c:2f:91:d4:07:63:b3:0c:4c:70:8c: a5:9c:df:6f -----BEGIN CERTIFICATE----- MIIFTjCCBDagAwIBAgIUIn3qU7ZsGOq4sauVRLHFUQNMU0EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNTExMTIwMDA0MDhaFw0yNjExMTEwMDA5MDhaMDMxMTAvBgNV BAMTKENCRUZEQ0NDOEMxQkU3ODI0RUE2NzIyQ0RGQUZCRUExN0IxQzU0ODMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSSk53xQ5WOe4X0OMK2eMdTF6f GyxKOYRPzwSsxH+Qsn3j3fA8JVb94urRh5d+2cgx961uCcn7ZC3VTsGIbLkdnbU+ nBWT9Kswz7RxqL39XXE2Wn6j8NO2UmNbVz1o38uuyn1pfFH7uEghR26fHpy7hZmZ n+BXddCRh+0E5dDHLef1KeXy0qYgWYlCUpDome7FJhPbJMFJMrSEgvPxenFyc8Ex 0dnKFJhk04m9UiLBuLBI3nHz4FOERyuvltd6aXXCZaC7IPilsPpuixGpziY9cjMW ea8dkoxhpLeEgPiX1SmSjCJIMqLcVz+oiIyfFn/ftYMvdJyymjkTZZsWo9oDAgMB AAGjggJYMIICVDAdBgNVHQ4EFgQUy+/czIwb54JOpnIs36++oXscVIMwHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAtdZ3 AwQAtdbYAwQAv2BvAwQAv2UJAwQAv2UnAwQAv2U/AwQAv2VYAwQAv2V7AwQAv2WH AwQBv2WQAwQAv2WUAwQAv2XOAwQCv2XUAwQBv2XuMA0GCSqGSIb3DQEBCwUAA4IB AQBprY4sd/mFvHxVWsLBjrGmKxhVezqZDDg6ApyueaUp4kCRhamaartZ84sKn5CH i11MmCT4ApD6gVozGV/Bu6GA/SVEaunFGU3eUdzjMWg6CbrQ+cAU2BBzAyTWQ5i0 3V+WXrspEQUEwBxJlzmj4z3BCJNk1A2v05s16kukU5Z2UgAceFxTh6oAxFH0Dego xlkxsjRi0w0/DiHt7OA9KIr9RUu6q5uq21UW/rACnMNO6ToYppiqtxMH3/EwINuT LkXSwVFAirOmyakZsI1ffY4/SLswPCcppwKCh2zcK7poC++0dXM1pGBe8fNERIN5 VjQxbC+R1AdjswxMcIylnN9v -----END CERTIFICATE-----Generated at Sat Dec 6 15:44:09 2025 by rpki-client