This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa File: AS21859.roa (raw, json) Hash identifier: 1II0xu6k+QWf1Hp9GUFT2FyMvWacPPYloGh8rzRnk5M= Subject key identifier: 4F:16:BE:B6:8A:85:85:8A:F1:0A:CE:A9:9C:09:AC:DE:DA:17:19:81 Certificate issuer: /CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Certificate serial: 0CA13190A2AF892EC1EA73D527562FDAB8D59D43 Authority key identifier: 03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa Signing time: Sun 11 Jan 2026 07:44:50 +0000 ROA not before: Sun 11 Jan 2026 07:39:50 +0000 ROA not after: Sun 10 Jan 2027 07:44:50 +0000 asID: 21859 IP address blocks: 91.199.166.0/24 maxlen: 24 193.29.98.0/24 maxlen: 24 193.151.181.0/24 maxlen: 24 195.206.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.mft rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0c:a1:31:90:a2:af:89:2e:c1:ea:73:d5:27:56:2f:da:b8:d5:9d:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=03b1ba3fdb91d8d9ea76c5776320eb7eb2d6ed9d Validity Not Before: Jan 11 07:39:50 2026 GMT Not After : Jan 10 07:44:50 2027 GMT Subject: CN=4F16BEB68A85858AF10ACEA99C09ACDEDA171981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:05:9e:f3:51:d3:34:67:68:f5:72:f1:a9:7c: 10:be:54:72:6f:a3:a5:0c:54:42:02:88:64:d1:27: 11:c0:df:f3:83:bc:b6:08:47:db:6e:ce:25:95:57: ae:1b:20:e3:e7:73:f4:09:32:dd:8a:b8:e3:7b:a5: b1:8c:cf:b7:bb:b0:ce:49:31:c1:b6:ab:f1:91:d8: 54:fb:3a:59:3b:5c:54:5e:38:06:56:ab:7b:33:3e: d4:0d:bd:06:1e:0a:b0:31:76:7d:ea:ff:c5:90:b1: 4f:90:92:1a:b3:9b:7d:03:9f:a7:7c:af:cd:12:e7: ef:7d:be:3a:50:6a:6d:5a:ca:6c:56:f7:2c:94:b6: 97:38:58:ff:97:da:7f:68:1a:57:10:ff:4c:d6:62: 64:88:44:10:ed:1a:ac:d6:6f:b1:a2:20:7b:23:09: 63:2d:b5:23:cd:2e:1d:60:e2:fd:68:cd:cf:b3:d3: 0c:86:5f:8b:bf:94:1a:cd:3e:6d:f9:3b:00:cf:23: 79:4a:76:d3:31:f9:06:e3:36:81:1c:2e:e3:7b:d7: b2:cf:32:38:72:98:eb:47:cf:1d:cc:e3:2c:07:75: bb:69:ab:bd:86:59:58:3f:94:da:f6:a2:81:3b:34: 21:61:5b:06:07:8e:e7:44:12:78:92:83:83:4f:1e: 8a:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:16:BE:B6:8A:85:85:8A:F1:0A:CE:A9:9C:09:AC:DE:DA:17:19:81 X509v3 Authority Key Identifier: keyid:03:B1:BA:3F:DB:91:D8:D9:EA:76:C5:77:63:20:EB:7E:B2:D6:ED:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/03B1BA3FDB91D8D9EA76C5776320EB7EB2D6ED9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A7G6P9uR2NnqdsV3YyDrfrLW7Z0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/7ff0f555-dba7-4192-a01d-f6916d5bb84e/0/AS21859.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.199.166.0/24 193.29.98.0/24 193.151.181.0/24 195.206.235.0/24 Signature Algorithm: sha256WithRSAEncryption a9:84:04:d7:62:e7:c1:cb:99:6d:c1:69:0f:5f:65:25:0c:c5: 03:a1:9e:e1:a4:0d:f4:3e:c3:06:09:dd:f2:dd:8d:d0:04:a3: 17:78:f3:73:97:43:fd:f4:26:bc:d3:57:60:bd:51:15:66:47: 94:f3:d0:b9:93:21:42:a8:40:ae:d9:3b:73:1c:f2:61:b7:b2: 75:d5:16:be:2f:48:33:77:4b:03:a2:6c:38:a3:4d:8f:41:86: e4:1d:2d:33:ce:7e:ef:89:88:9d:89:0b:8f:31:5e:7c:94:8d: d7:82:ba:51:fe:0d:3d:e9:26:75:22:d3:ab:e2:38:ae:69:7e: f8:2b:46:ca:b4:82:d9:60:e9:8b:01:f2:77:01:2e:5c:b8:bd: fb:b7:6b:92:ca:a9:f5:25:d2:05:46:e8:05:ee:88:56:37:c5: d9:1c:a5:80:d0:c9:f6:8c:25:a8:24:28:ab:f6:d6:93:11:06: d2:10:f5:7f:40:b6:7a:13:89:cd:90:42:4e:a9:69:a2:d3:c6: e1:a5:b1:06:e2:13:05:c0:06:8c:9a:79:01:72:8c:c1:c4:bd: 47:83:2a:d3:55:d8:fd:5a:52:2e:ab:ba:f3:27:0c:57:48:2c: c1:73:80:b1:2c:80:63:db:48:58:15:a7:be:a5:9e:d2:05:57: 3e:54:65:af -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgIUDKExkKKviS7B6nPVJ1Yv2rjVnUMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDNiMWJhM2ZkYjkxZDhkOWVhNzZjNTc3NjMyMGViN2Vi MmQ2ZWQ5ZDAeFw0yNjAxMTEwNzM5NTBaFw0yNzAxMTAwNzQ0NTBaMDMxMTAvBgNV BAMTKDRGMTZCRUI2OEE4NTg1OEFGMTBBQ0VBOTlDMDlBQ0RFREExNzE5ODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoBZ7zUdM0Z2j1cvGpfBC+VHJv o6UMVEICiGTRJxHA3/ODvLYIR9tuziWVV64bIOPnc/QJMt2KuON7pbGMz7e7sM5J McG2q/GR2FT7Olk7XFReOAZWq3szPtQNvQYeCrAxdn3q/8WQsU+Qkhqzm30Dn6d8 r80S5+99vjpQam1aymxW9yyUtpc4WP+X2n9oGlcQ/0zWYmSIRBDtGqzWb7GiIHsj CWMttSPNLh1g4v1ozc+z0wyGX4u/lBrNPm35OwDPI3lKdtMx+QbjNoEcLuN717LP MjhymOtHzx3M4ywHdbtpq72GWVg/lNr2ooE7NCFhWwYHjudEEniSg4NPHorLAgMB AAGjggIbMIICFzAdBgNVHQ4EFgQUTxa+toqFhYrxCs6pnAms3toXGYEwHwYDVR0j BBgwFoAUA7G6P9uR2NnqdsV3YyDrfrLW7Z0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvN2ZmMGY1NTUtZGJhNy00MTkyLWEwMWQtZjY5MTZkNWJi ODRlLzAvMDNCMUJBM0ZEQjkxRDhEOUVBNzZDNTc3NjMyMEVCN0VCMkQ2RUQ5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0E3RzZQOXVSMk5ucWRzVjNZeURyZnJM VzdaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzdmZjBmNTU1LWRiYTct NDE5Mi1hMDFkLWY2OTE2ZDViYjg0ZS8wL0FTMjE4NTkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBABbx6YD BADBHWIDBADBl7UDBADDzuswDQYJKoZIhvcNAQELBQADggEBAKmEBNdi58HLmW3B aQ9fZSUMxQOhnuGkDfQ+wwYJ3fLdjdAEoxd483OXQ/30JrzTV2C9URVmR5Tz0LmT IUKoQK7ZO3Mc8mG3snXVFr4vSDN3SwOibDijTY9BhuQdLTPOfu+JiJ2JC48xXnyU jdeCulH+DT3pJnUi06viOK5pfvgrRsq0gtlg6YsB8ncBLly4vfu3a5LKqfUl0gVG 6AXuiFY3xdkcpYDQyfaMJagkKKv21pMRBtIQ9X9AtnoTic2QQk6paaLTxuGlsQbi EwXABoyaeQFyjMHEvUeDKtNV2P1aUi6ruvMnDFdILMFzgLEsgGPbSFgVp76lntIF Vz5UZa8= -----END CERTIFICATE-----Generated at Sun Jan 25 09:20:09 2026 by rpki-client