This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa File: AS213733.roa (raw, json) Hash identifier: +S9ofcmxUIK1IHUdnmFMZm/olTrEn7yK/Pey5tGewIw= Subject key identifier: C0:45:7D:2A:DE:EF:34:1B:E6:4B:33:29:24:B0:D1:0F:C2:58:9D:D6 Certificate issuer: /CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Certificate serial: 2A82C81CE8EEF65AA633376B0C8B05132C5123E7 Authority key identifier: C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa Signing time: Tue 13 Jan 2026 04:08:16 +0000 ROA not before: Tue 13 Jan 2026 04:03:16 +0000 ROA not after: Tue 12 Jan 2027 04:08:16 +0000 asID: 213733 IP address blocks: 2a0f:85c1:b43::/48 maxlen: 48 2a0f:85c1:b50::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.mft rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:82:c8:1c:e8:ee:f6:5a:a6:33:37:6b:0c:8b:05:13:2c:51:23:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c4ce7d8902405ba4598f84b6a41c27d722834b1c Validity Not Before: Jan 13 04:03:16 2026 GMT Not After : Jan 12 04:08:16 2027 GMT Subject: CN=C0457D2ADEEF341BE64B332924B0D10FC2589DD6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:24:e4:f6:c0:b4:d2:96:1d:da:e5:4e:b0:df: 56:e8:01:5b:1b:76:6e:04:4b:ae:31:b0:17:1b:4d: 26:39:51:0d:b4:99:06:87:7f:a1:ee:84:02:90:b2: 81:75:5b:4a:92:29:84:84:88:a9:f6:a3:43:e5:49: 4b:4a:02:c0:22:58:71:82:f4:d6:95:d6:86:91:12: 26:25:1a:13:94:21:77:2a:47:ef:4c:56:d2:3e:0e: a2:35:a0:ca:ec:30:66:5f:85:c3:9b:17:1c:66:4d: 77:8f:ac:1a:f2:14:50:c6:13:70:dd:21:05:07:0e: 71:98:2d:fa:c2:d1:3b:3c:0e:bf:56:c8:bd:e4:73: c1:1d:85:07:2e:10:93:ea:f9:5b:35:19:2b:e6:61: b0:a1:c0:54:00:63:b4:cc:5f:57:87:9a:f4:04:ce: ca:df:6d:c3:fc:e3:40:e2:7e:e7:2d:32:53:e3:87: f3:60:fc:9e:9a:ad:85:b1:99:ae:50:8b:6c:54:18: 20:a3:21:af:7c:6e:d2:4f:a4:a0:b1:42:a8:80:f0: 8a:ee:6b:34:8e:3e:dc:c8:89:f7:13:c8:21:80:fb: 85:b1:47:1d:5d:00:ae:2f:c2:a1:53:bb:ca:95:40: 52:92:ff:4a:1e:7e:d7:5a:ce:a2:57:f4:eb:ca:2d: 5a:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:45:7D:2A:DE:EF:34:1B:E6:4B:33:29:24:B0:D1:0F:C2:58:9D:D6 X509v3 Authority Key Identifier: keyid:C4:CE:7D:89:02:40:5B:A4:59:8F:84:B6:A4:1C:27:D7:22:83:4B:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/C4CE7D8902405BA4598F84B6A41C27D722834B1C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xM59iQJAW6RZj4S2pBwn1yKDSxw.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/84d51810-1987-4701-8f1f-8425111964f4/0/AS213733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:85c1:b43::/48 2a0f:85c1:b50::/44 Signature Algorithm: sha256WithRSAEncryption ee:bd:32:c8:09:0d:82:29:b6:ab:7d:03:c4:fe:28:30:0f:16: 87:45:88:db:eb:f6:62:33:d0:7d:a2:d2:06:78:72:05:5f:83: 95:da:91:3d:07:74:58:3f:dc:81:12:03:ce:cc:9a:3f:60:f4: a4:88:44:08:3a:a3:16:62:82:a9:eb:d4:ec:17:50:f8:f6:99: 16:23:86:b6:f0:3a:20:e7:bd:92:ff:13:05:7a:9c:dc:7d:b3: 2c:88:18:75:fe:0d:7e:39:4e:21:59:35:c9:9a:bc:b1:20:dd: 00:97:42:e9:d3:98:89:98:8a:1b:ce:1a:f3:37:92:e2:63:02: 41:45:ee:1c:7b:73:65:77:dd:df:b2:f5:1d:d5:b1:e9:24:a0: 6f:77:1c:7a:19:34:bd:ed:13:fd:dd:a3:f1:89:4e:29:3f:8a: 79:5f:68:f5:84:29:f6:c4:1d:0d:d2:ed:e1:b3:4a:b5:c0:4d: d2:e9:2b:31:64:13:23:b0:e9:84:88:91:8f:51:08:eb:b3:5f: d9:dc:5c:1b:d7:fe:16:2a:d1:d2:db:3d:6d:4a:17:3d:d4:07: ae:5a:aa:81:f7:e6:c2:18:01:93:a1:79:e7:f7:32:28:6d:74: e3:32:60:fd:6c:2e:31:9e:b5:3a:da:f8:4f:fa:e7:91:c7:b3: 87:9c:e0:14 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgIUKoLIHOju9lqmMzdrDIsFEyxRI+cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYzRjZTdkODkwMjQwNWJhNDU5OGY4NGI2YTQxYzI3ZDcy MjgzNGIxYzAeFw0yNjAxMTMwNDAzMTZaFw0yNzAxMTIwNDA4MTZaMDMxMTAvBgNV BAMTKEMwNDU3RDJBREVFRjM0MUJFNjRCMzMyOTI0QjBEMTBGQzI1ODlERDYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpJOT2wLTSlh3a5U6w31boAVsb dm4ES64xsBcbTSY5UQ20mQaHf6HuhAKQsoF1W0qSKYSEiKn2o0PlSUtKAsAiWHGC 9NaV1oaREiYlGhOUIXcqR+9MVtI+DqI1oMrsMGZfhcObFxxmTXePrBryFFDGE3Dd IQUHDnGYLfrC0Ts8Dr9WyL3kc8EdhQcuEJPq+Vs1GSvmYbChwFQAY7TMX1eHmvQE zsrfbcP840DifuctMlPjh/Ng/J6arYWxma5Qi2xUGCCjIa98btJPpKCxQqiA8Iru azSOPtzIifcTyCGA+4WxRx1dAK4vwqFTu8qVQFKS/0oeftdazqJX9OvKLVoHAgMB AAGjggIWMIICEjAdBgNVHQ4EFgQUwEV9Kt7vNBvmSzMpJLDRD8JYndYwHwYDVR0j BBgwFoAUxM59iQJAW6RZj4S2pBwn1yKDSxwwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODRkNTE4MTAtMTk4Ny00NzAxLThmMWYtODQyNTExMTk2 NGY0LzAvQzRDRTdEODkwMjQwNUJBNDU5OEY4NEI2QTQxQzI3RDcyMjgzNEIxQy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3hNNTlpUUpBVzZSWmo0UzJwQnduMXlL RFN4dy5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg0ZDUxODEwLTE5ODct NDcwMS04ZjFmLTg0MjUxMTE5NjRmNC8wL0FTMjEzNzMzLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKg+F wQtDAwcEKg+FwQtQMA0GCSqGSIb3DQEBCwUAA4IBAQDuvTLICQ2CKbarfQPE/igw DxaHRYjb6/ZiM9B9otIGeHIFX4OV2pE9B3RYP9yBEgPOzJo/YPSkiEQIOqMWYoKp 69TsF1D49pkWI4a28Dog572S/xMFepzcfbMsiBh1/g1+OU4hWTXJmryxIN0Al0Lp 05iJmIobzhrzN5LiYwJBRe4ce3Nld93fsvUd1bHpJKBvdxx6GTS97RP93aPxiU4p P4p5X2j1hCn2xB0N0u3hs0q1wE3S6SsxZBMjsOmEiJGPUQjrs1/Z3Fwb1/4WKtHS 2z1tShc91AeuWqqB9+bCGAGToXnn9zIobXTjMmD9bC4xnrU62vhP+ueRx7OHnOAU -----END CERTIFICATE-----Generated at Sun Jan 25 11:07:01 2026 by rpki-client