This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: 345OvpX36bY6eozEWSqX3emR6xh7GENP+skyiopPQ+k= Subject key identifier: B3:B6:4F:8E:90:BC:F4:2C:24:18:D2:87:6B:FE:1D:FF:56:98:25:D2 Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Certificate serial: 41A3420307791BFD7BA5F377EA47FCC9ECAE58EB Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa Signing time: Fri 28 Nov 2025 00:04:29 +0000 ROA not before: Thu 27 Nov 2025 23:59:29 +0000 ROA not after: Fri 27 Nov 2026 00:04:29 +0000 asID: 39521 IP address blocks: 82.21.58.0/24 maxlen: 24 82.21.72.0/24 maxlen: 24 82.21.84.0/24 maxlen: 24 82.21.112.0/24 maxlen: 24 82.21.116.0/24 maxlen: 24 82.21.126.0/24 maxlen: 24 82.21.165.0/24 maxlen: 24 82.22.143.0/24 maxlen: 24 82.22.157.0/24 maxlen: 24 82.22.160.0/24 maxlen: 24 82.22.162.0/24 maxlen: 24 82.22.167.0/24 maxlen: 24 82.22.186.0/24 maxlen: 24 82.23.188.0/24 maxlen: 24 82.23.191.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 41:a3:42:03:07:79:1b:fd:7b:a5:f3:77:ea:47:fc:c9:ec:ae:58:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01 Validity Not Before: Nov 27 23:59:29 2025 GMT Not After : Nov 27 00:04:29 2026 GMT Subject: CN=B3B64F8E90BCF42C2418D2876BFE1DFF569825D2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ef:fb:85:2b:ea:66:b5:76:fe:92:bf:41:74: 4c:5e:e2:81:67:ee:0a:ba:92:a0:71:2c:57:bd:86: 90:19:83:14:a0:e6:25:5b:fc:a9:32:3d:38:0f:b0: 1d:70:dd:17:3a:81:ee:37:9f:72:ce:a6:58:2b:e7: 11:78:0e:67:0c:b7:62:85:72:17:85:5d:8f:7c:3f: cf:9d:96:62:fd:ea:e6:a1:32:31:57:94:50:10:55: 08:49:22:41:11:04:f5:14:4c:0a:7a:29:4a:70:26: 22:d2:71:3e:b2:22:ca:bc:39:ca:f2:0a:a9:f2:0d: 7d:61:74:4b:fb:d9:32:48:3a:7f:97:d5:f8:a3:eb: f5:72:99:0a:6f:e6:d8:75:76:08:b7:26:b7:fa:31: b6:bd:66:45:67:23:9e:85:20:5a:ac:09:d4:a9:10: 92:a8:ec:37:9a:69:85:c2:91:60:d7:4b:33:75:db: b6:a3:9f:ff:23:ad:bc:be:1c:c1:c5:e1:76:55:c2: 02:a0:11:17:b3:57:43:bb:5c:5d:2c:d6:81:45:06: 6e:a3:55:5a:e6:58:46:48:f3:ae:9e:ac:54:5f:a7: f7:e3:4e:54:91:1b:ef:c6:92:c4:06:54:89:43:08: 69:99:27:72:a3:66:6f:0d:49:66:b6:e8:d6:bf:e6: 10:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:B6:4F:8E:90:BC:F4:2C:24:18:D2:87:6B:FE:1D:FF:56:98:25:D2 X509v3 Authority Key Identifier: keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.21.58.0/24 82.21.72.0/24 82.21.84.0/24 82.21.112.0/24 82.21.116.0/24 82.21.126.0/24 82.21.165.0/24 82.22.143.0/24 82.22.157.0/24 82.22.160.0/24 82.22.162.0/24 82.22.167.0/24 82.22.186.0/24 82.23.188.0/24 82.23.191.0/24 Signature Algorithm: sha256WithRSAEncryption 58:57:d8:b9:7f:68:b2:3b:0c:09:91:c4:58:72:3d:10:a9:7d: ce:dd:f2:aa:47:c9:ea:ed:db:b7:c2:a5:ef:89:aa:be:c5:50: 99:54:70:d6:e7:9c:61:29:8c:76:55:ec:6a:98:bb:54:33:3c: 9c:a7:5e:a7:12:bc:0f:08:23:0f:61:04:e4:23:7c:4e:46:ba: 14:0b:dc:02:ab:4d:6a:50:70:cf:70:8c:1c:a2:9d:8b:2b:37: 32:28:6e:03:44:5c:8d:55:ef:80:34:2c:4e:80:59:9f:9d:a0: 9c:50:b5:ed:e4:5f:c5:ff:8a:94:11:59:b3:b4:d0:0c:ff:a5: 3d:c8:4b:78:27:a7:c8:fe:fc:ba:64:6d:25:5d:74:ab:e8:82: 81:b2:cd:5b:33:79:f9:9c:1c:1c:94:8e:01:9f:c3:68:81:48: 98:3b:7b:c7:ef:68:aa:97:8f:37:cc:49:30:dc:5f:45:7c:66: 75:ab:24:f9:56:f1:ca:77:91:9e:69:3b:ff:ef:44:f9:ed:f0: 1b:16:4a:5e:96:24:69:60:1b:a8:35:60:e4:f0:63:b8:03:60: 1d:5b:72:6a:e3:e6:b6:71:3d:28:1b:75:bc:0d:e8:a4:30:03: e5:bd:7f:8c:1c:6b:fb:60:dc:62:16:28:a8:f5:43:c1:08:38: 2d:8c:81:8b -----BEGIN CERTIFICATE----- MIIFUzCCBDugAwIBAgIUQaNCAwd5G/17pfN36kf8yeyuWOswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni M2NmZGQwMTAeFw0yNTExMjcyMzU5MjlaFw0yNjExMjcwMDA0MjlaMDMxMTAvBgNV BAMTKEIzQjY0RjhFOTBCQ0Y0MkMyNDE4RDI4NzZCRkUxREZGNTY5ODI1RDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC67/uFK+pmtXb+kr9BdExe4oFn 7gq6kqBxLFe9hpAZgxSg5iVb/KkyPTgPsB1w3Rc6ge43n3LOplgr5xF4DmcMt2KF cheFXY98P8+dlmL96uahMjFXlFAQVQhJIkERBPUUTAp6KUpwJiLScT6yIsq8Ocry CqnyDX1hdEv72TJIOn+X1fij6/VymQpv5th1dgi3Jrf6Mba9ZkVnI56FIFqsCdSp EJKo7DeaaYXCkWDXSzN127ajn/8jrby+HMHF4XZVwgKgERezV0O7XF0s1oFFBm6j VVrmWEZI866erFRfp/fjTlSRG+/GksQGVIlDCGmZJ3KjZm8NSWa26Na/5hAJAgMB AAGjggJdMIICWTAdBgNVHQ4EFgQUs7ZPjpC89CwkGNKHa/4d/1aYJdIwHwYDVR0j BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwcwYIKwYBBQUHAQcBAf8EZDBiMGAEAgABMFoDBABSFToD BABSFUgDBABSFVQDBABSFXADBABSFXQDBABSFX4DBABSFaUDBABSFo8DBABSFp0D BABSFqADBABSFqIDBABSFqcDBABSFroDBABSF7wDBABSF78wDQYJKoZIhvcNAQEL BQADggEBAFhX2Ll/aLI7DAmRxFhyPRCpfc7d8qpHyert27fCpe+Jqr7FUJlUcNbn nGEpjHZV7GqYu1QzPJynXqcSvA8IIw9hBOQjfE5GuhQL3AKrTWpQcM9wjByinYsr NzIobgNEXI1V74A0LE6AWZ+doJxQte3kX8X/ipQRWbO00Az/pT3IS3gnp8j+/Lpk bSVddKvogoGyzVszefmcHByUjgGfw2iBSJg7e8fvaKqXjzfMSTDcX0V8ZnWrJPlW 8cp3kZ5pO//vRPnt8BsWSl6WJGlgG6g1YOTwY7gDYB1bcmrj5rZxPSgbdbwN6KQw A+W9f4wca/tg3GIWKKj1Q8EIOC2MgYs= -----END CERTIFICATE-----Generated at Sat Dec 6 11:47:38 2025 by rpki-client