This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa File: AS21859.roa (raw, json) Hash identifier: l/lLch9N130lgK7T7ze7u44Xrh11EQ+ZM4LZYENSaQ4= Subject key identifier: BF:56:A5:38:8B:27:28:31:E5:D9:07:C2:71:A5:56:66:E5:A8:76:72 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 4A5019A3E79DBD537FBF3C21931DBCA2F30D1E61 Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa Signing time: Thu 11 Dec 2025 07:48:17 +0000 ROA not before: Thu 11 Dec 2025 07:43:17 +0000 ROA not after: Thu 10 Dec 2026 07:48:17 +0000 asID: 21859 IP address blocks: 82.21.188.0/24 maxlen: 24 82.22.45.0/24 maxlen: 24 82.22.187.0/24 maxlen: 24 82.22.193.0/24 maxlen: 24 82.23.172.0/24 maxlen: 24 82.25.35.0/24 maxlen: 24 82.27.197.0/24 maxlen: 24 82.38.42.0/24 maxlen: 24 82.38.43.0/24 maxlen: 24 82.38.200.0/24 maxlen: 24 82.39.148.0/24 maxlen: 24 82.39.155.0/24 maxlen: 24 82.40.59.0/24 maxlen: 24 2a13:9500:aa::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 08:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:50:19:a3:e7:9d:bd:53:7f:bf:3c:21:93:1d:bc:a2:f3:0d:1e:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Dec 11 07:43:17 2025 GMT Not After : Dec 10 07:48:17 2026 GMT Subject: CN=BF56A5388B272831E5D907C271A55666E5A87672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:0c:f7:50:f5:96:86:95:1f:60:96:9a:3d:f0: c8:e1:ac:0b:ce:90:e1:85:5e:5c:81:a8:67:c5:cb: 68:02:7c:f4:ee:6f:77:e9:bf:31:89:bd:0f:e9:2e: 92:7c:bb:66:b0:fa:26:28:22:32:eb:83:f8:1a:79: 0f:15:f6:f6:f7:a7:27:7d:03:2a:06:b1:4d:a1:a0: 8a:6c:e5:af:9c:fb:88:d4:73:27:04:5a:59:82:f5: e9:24:a0:36:4a:4b:82:14:ed:b1:ba:82:8d:1d:2d: 15:c9:e5:32:57:05:89:d9:26:b3:12:c8:d9:04:2c: f7:57:19:23:4a:bd:8a:7b:77:8e:58:53:6d:91:04: 9b:61:33:1f:2e:5b:56:de:68:52:75:05:7b:b3:c3: 73:cc:8f:e1:9a:98:6d:e4:52:b3:77:43:ac:c5:1d: 4e:e7:e3:c1:37:a5:b5:3d:42:9c:f9:ea:88:b6:7c: 12:35:3c:0c:78:67:3e:4e:66:33:d0:66:ec:be:48: 34:31:f5:fe:31:2d:a4:e4:ff:a5:60:42:89:c8:9c: e7:18:12:e8:14:93:a1:96:09:2f:59:96:a8:27:4f: 72:2a:e4:a5:92:65:17:d7:cb:d9:c6:9e:34:7d:19: a6:d2:17:3b:fb:2b:97:91:93:ff:eb:18:d7:bc:90: bd:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:56:A5:38:8B:27:28:31:E5:D9:07:C2:71:A5:56:66:E5:A8:76:72 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS21859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.188.0/24 82.22.45.0/24 82.22.187.0/24 82.22.193.0/24 82.23.172.0/24 82.25.35.0/24 82.27.197.0/24 82.38.42.0/23 82.38.200.0/24 82.39.148.0/24 82.39.155.0/24 82.40.59.0/24 IPv6: 2a13:9500:aa::/48 Signature Algorithm: sha256WithRSAEncryption 1f:90:1f:f2:18:bc:bf:96:1f:a5:50:a6:71:37:37:2b:37:d4: 96:66:78:2e:64:57:19:68:b7:96:64:d9:5e:66:cc:0a:30:4d: e4:3c:27:3b:e7:56:b0:b6:7b:3c:aa:25:83:5b:1e:30:94:3d: 82:a5:8f:90:25:75:51:15:38:21:c6:23:03:86:06:8f:0d:e1: 56:ad:c9:75:b3:8e:9e:e2:a5:b0:1e:6a:32:38:30:d1:a9:df: 04:f2:55:21:32:fa:41:1a:7e:df:62:ec:7a:4d:0d:53:a1:36: 23:59:3c:cf:db:9e:6b:90:f0:cf:46:93:24:09:c5:1d:2b:64: d3:5c:56:e3:3e:c4:d1:25:8a:f9:12:6f:7a:e6:96:f5:14:94: 55:c6:7d:e7:11:64:08:50:a7:76:08:b3:d5:4b:b0:2f:3d:47: d9:53:88:4e:f7:10:c2:92:ef:0f:bb:d5:a6:cc:12:ea:a5:18: d8:38:97:df:21:58:8c:0d:6f:a2:a3:96:22:66:35:c3:65:b4: fd:b6:f0:29:7e:a1:01:e3:db:34:3a:fd:7b:b1:08:36:26:4c: f1:82:2e:fd:34:61:cd:85:53:f4:1e:60:6b:4a:73:13:0a:5e: e8:c3:fc:d5:b7:d0:03:ca:40:1b:86:7c:98:32:90:b8:60:9a: 8d:e6:67:80 -----BEGIN CERTIFICATE----- MIIFUjCCBDqgAwIBAgIUSlAZo+edvVN/vzwhkx28ovMNHmEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTEyMTEwNzQzMTdaFw0yNjEyMTAwNzQ4MTdaMDMxMTAvBgNV BAMTKEJGNTZBNTM4OEIyNzI4MzFFNUQ5MDdDMjcxQTU1NjY2RTVBODc2NzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSDPdQ9ZaGlR9glpo98MjhrAvO kOGFXlyBqGfFy2gCfPTub3fpvzGJvQ/pLpJ8u2aw+iYoIjLrg/gaeQ8V9vb3pyd9 AyoGsU2hoIps5a+c+4jUcycEWlmC9ekkoDZKS4IU7bG6go0dLRXJ5TJXBYnZJrMS yNkELPdXGSNKvYp7d45YU22RBJthMx8uW1beaFJ1BXuzw3PMj+GamG3kUrN3Q6zF HU7n48E3pbU9Qpz56oi2fBI1PAx4Zz5OZjPQZuy+SDQx9f4xLaTk/6VgQonInOcY EugUk6GWCS9ZlqgnT3Iq5KWSZRfXy9nGnjR9GabSFzv7K5eRk//rGNe8kL1lAgMB AAGjggJcMIICWDAdBgNVHQ4EFgQUv1alOIsnKDHl2QfCcaVWZuWodnIwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwcgYIKwYBBQUHAQcBAf8EYzBhME4EAgABMEgDBABSFbwD BABSFi0DBABSFrsDBABSFsEDBABSF6wDBABSGSMDBABSG8UDBAFSJioDBABSJsgD BABSJ5QDBABSJ5sDBABSKDswDwQCAAIwCQMHACoTlQAAqjANBgkqhkiG9w0BAQsF AAOCAQEAH5Af8hi8v5YfpVCmcTc3KzfUlmZ4LmRXGWi3lmTZXmbMCjBN5DwnO+dW sLZ7PKolg1seMJQ9gqWPkCV1URU4IcYjA4YGjw3hVq3JdbOOnuKlsB5qMjgw0anf BPJVITL6QRp+32Lsek0NU6E2I1k8z9uea5Dwz0aTJAnFHStk01xW4z7E0SWK+RJv euaW9RSUVcZ95xFkCFCndgiz1UuwLz1H2VOITvcQwpLvD7vVpswS6qUY2DiX3yFY jA1voqOWImY1w2W0/bbwKX6hAePbNDr9e7EINiZM8YIu/TRhzYVT9B5ga0pzEwpe 6MP81bfQA8pAG4Z8mDKQuGCajeZngA== -----END CERTIFICATE-----Generated at Mon Dec 15 15:29:52 2025 by rpki-client