This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa File: AS0.roa (raw, json) Hash identifier: wJAYGdBAljUjQoFnsGdTT9wRISpD0xADvyX4qIyeBoo= Subject key identifier: BB:D2:8F:AD:96:1D:72:D3:7F:31:0C:0B:97:33:C9:29:47:ED:36:9D Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 5FA00824F91C72A8A5AA8363559EE2C3AB4A2D2D Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa Signing time: Fri 05 Dec 2025 08:00:09 +0000 ROA not before: Fri 05 Dec 2025 07:55:09 +0000 ROA not after: Fri 04 Dec 2026 08:00:09 +0000 asID: 0 IP address blocks: 193.150.40.0/24 maxlen: 24 2a14:7580:50::/44 maxlen: 44 2a14:7580:5000::/36 maxlen: 48 2a14:7580:9000::/36 maxlen: 48 2a14:7580:c000::/36 maxlen: 48 2a14:7580:e100::/40 maxlen: 48 2a14:7580:f100::/40 maxlen: 48 2a14:7580:f400::/40 maxlen: 48 2a14:7580:f500::/40 maxlen: 48 2a14:7580:f600::/40 maxlen: 48 2a14:7580:f700::/40 maxlen: 48 2a14:7580:f800::/40 maxlen: 48 2a14:7580:f900::/40 maxlen: 48 2a14:7580:fa00::/40 maxlen: 48 2a14:7580:ff00::/44 maxlen: 48 2a14:7580:ff30::/44 maxlen: 48 2a14:7580:ffef::/48 maxlen: 48 2a14:7581:fa0::/44 maxlen: 48 2a14:7581:fb0::/44 maxlen: 48 2a14:7581:fc0::/44 maxlen: 48 2a14:7581:fd0::/44 maxlen: 48 2a14:7581:fe6::/48 maxlen: 48 2a14:7581:ff0::/48 maxlen: 48 2a14:7581:ff2::/48 maxlen: 48 2a14:7581:ff7::/48 maxlen: 48 2a14:7581:ffc::/48 maxlen: 48 2a14:7581:9f00::/44 maxlen: 48 2a14:7581:9f10::/44 maxlen: 48 2a14:7581:e000::/36 maxlen: 48 2a14:7582::/32 maxlen: 48 2a14:7583:4000::/36 maxlen: 48 2a14:7583:5000::/36 maxlen: 48 2a14:7584:1000::/36 maxlen: 48 2a14:7584:6000::/36 maxlen: 48 2a14:7584:a000::/36 maxlen: 48 2a14:7584:b000::/36 maxlen: 48 2a14:7584:c000::/36 maxlen: 48 2a14:7585::/32 maxlen: 48 2a14:7586::/32 maxlen: 48 2a14:7587::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:a0:08:24:f9:1c:72:a8:a5:aa:83:63:55:9e:e2:c3:ab:4a:2d:2d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 5 07:55:09 2025 GMT Not After : Dec 4 08:00:09 2026 GMT Subject: CN=BBD28FAD961D72D37F310C0B9733C92947ED369D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:29:00:cb:5b:cb:19:e0:72:c6:4f:9e:7d:c6: 79:cd:29:0f:51:c7:85:de:10:9c:f3:69:84:9d:bd: 55:d8:66:3b:fe:e7:92:11:58:58:c5:fc:a5:da:6a: c6:b7:5a:fc:90:72:a1:fe:50:7c:4e:05:64:57:b3: 95:99:92:07:35:d8:f2:23:69:ea:c7:83:00:21:df: 57:72:f4:22:ce:c2:59:1d:02:b2:40:a9:1d:a4:e9: 28:b5:57:b2:d4:7e:1c:c4:66:50:92:c7:a2:50:b9: 46:c3:e8:19:d0:3d:2d:22:54:12:68:1d:7a:f4:c9: 1c:33:3a:8f:4f:d1:a3:83:bf:fa:37:4e:b4:04:02: aa:56:fc:43:13:9a:0a:64:a4:5c:de:67:9f:86:fd: 11:12:b7:c6:61:c2:fb:4d:f2:8c:3b:fa:a8:d9:f9: 2f:d2:7f:9e:13:9f:89:6f:6d:c2:35:13:0b:4a:6f: 87:bd:11:1d:ab:79:df:99:d1:c0:18:0b:0c:5e:75: 49:93:69:b2:c0:df:b8:ff:70:95:77:16:1f:e0:35: ef:f9:ce:d2:0b:0d:50:10:44:7a:8d:3b:16:ba:37: 99:b8:2f:c3:9a:97:c7:6d:5e:02:b8:f4:49:c7:61: 87:58:a8:3f:f8:d7:aa:78:fe:23:30:38:71:14:8f: 1a:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:D2:8F:AD:96:1D:72:D3:7F:31:0C:0B:97:33:C9:29:47:ED:36:9D X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS0.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.150.40.0/24 IPv6: 2a14:7580:50::/44 2a14:7580:5000::/36 2a14:7580:9000::/36 2a14:7580:c000::/36 2a14:7580:e100::/40 2a14:7580:f100::/40 2a14:7580:f400::-2a14:7580:faff:ffff:ffff:ffff:ffff:ffff 2a14:7580:ff00::/44 2a14:7580:ff30::/44 2a14:7580:ffef::/48 2a14:7581:fa0::-2a14:7581:fdf:ffff:ffff:ffff:ffff:ffff 2a14:7581:fe6::/48 2a14:7581:ff0::/48 2a14:7581:ff2::/48 2a14:7581:ff7::/48 2a14:7581:ffc::/48 2a14:7581:9f00::/43 2a14:7581:e000::/36 2a14:7582::/32 2a14:7583:4000::/35 2a14:7584:1000::/36 2a14:7584:6000::/36 2a14:7584:a000::-2a14:7584:cfff:ffff:ffff:ffff:ffff:ffff 2a14:7585::-2a14:7587:ffff:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 58:8e:b7:a3:11:51:22:65:b9:ab:2d:3b:21:90:03:37:3f:77: 27:dd:90:52:da:7a:c0:d0:c9:5a:f8:f8:fd:d2:cb:d5:0a:2d: 20:02:cc:0a:f4:8d:49:ac:ab:d0:24:b5:76:fc:b4:78:dd:d6: 5c:59:58:9a:35:1e:7f:4c:56:63:f5:03:9d:50:27:2e:04:04: 22:fd:af:db:d1:7a:b7:fe:a3:45:be:d2:2d:99:23:09:38:49: b0:41:20:d9:20:8c:92:c4:15:28:7b:c3:e4:16:53:34:e2:57: 87:3c:30:77:45:c4:a8:2b:68:81:0c:ea:7e:c7:97:d2:56:67: 80:e0:15:4b:1f:83:2d:11:08:e3:2a:76:e9:c4:27:bd:70:79: d0:9a:4b:2d:dc:f9:f9:5e:ca:cb:7a:91:8d:e8:53:5f:66:c6: 7a:bb:60:7d:94:a1:59:5a:7a:3d:8c:77:39:f5:cb:30:03:90: 10:d7:6f:ff:dd:38:94:90:ff:e1:38:a1:d3:9f:00:57:3c:c8: 82:5b:74:86:f6:87:92:00:06:22:e1:2b:e7:9e:ea:3c:19:da: 28:b2:1a:01:87:9c:23:0a:d9:f2:12:2f:55:64:06:93:76:9f: 89:bf:b3:3c:c1:32:4c:d9:b5:85:81:ea:2c:09:07:d8:3a:94: a2:d4:ae:bb -----BEGIN CERTIFICATE----- MIIF/DCCBOSgAwIBAgIUX6AIJPkccqilqoNjVZ7iw6tKLS0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMDUwNzU1MDlaFw0yNjEyMDQwODAwMDlaMDMxMTAvBgNV BAMTKEJCRDI4RkFEOTYxRDcyRDM3RjMxMEMwQjk3MzNDOTI5NDdFRDM2OUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzKQDLW8sZ4HLGT559xnnNKQ9R x4XeEJzzaYSdvVXYZjv+55IRWFjF/KXaasa3WvyQcqH+UHxOBWRXs5WZkgc12PIj aerHgwAh31dy9CLOwlkdArJAqR2k6Si1V7LUfhzEZlCSx6JQuUbD6BnQPS0iVBJo HXr0yRwzOo9P0aODv/o3TrQEAqpW/EMTmgpkpFzeZ5+G/RESt8ZhwvtN8ow7+qjZ +S/Sf54Tn4lvbcI1EwtKb4e9ER2red+Z0cAYCwxedUmTabLA37j/cJV3Fh/gNe/5 ztILDVAQRHqNOxa6N5m4L8Oal8dtXgK49EnHYYdYqD/416p4/iMwOHEUjxr1AgMB AAGjggMGMIIDAjAdBgNVHQ4EFgQUu9KPrZYdctN/MQwLlzPJKUftNp0wHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwdgYIKwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjCCAR4GCCsGAQUFBwEHAQH/BIIBDTCCAQkwDAQCAAEwBgMEAMGW KDCB+AQCAAIwgfEDBwQqFHWAAFADBgQqFHWAUAMGBCoUdYCQAwYEKhR1gMADBgAq FHWA4QMGACoUdYDxMBADBgIqFHWA9AMGACoUdYD6AwcEKhR1gP8AAwcEKhR1gP8w AwcAKhR1gP/vMBIDBwUqFHWBD6ADBwUqFHWBD8ADBwAqFHWBD+YDBwAqFHWBD/AD BwAqFHWBD/IDBwAqFHWBD/cDBwAqFHWBD/wDBwUqFHWBnwADBgQqFHWB4AMFACoU dYIDBgUqFHWDQAMGBCoUdYQQAwYEKhR1hGAwEAMGBSoUdYSgAwYEKhR1hMAwDgMF ACoUdYUDBQMqFHWAMA0GCSqGSIb3DQEBCwUAA4IBAQBYjrejEVEiZbmrLTshkAM3 P3cn3ZBS2nrA0Mla+Pj90svVCi0gAswK9I1JrKvQJLV2/LR43dZcWViaNR5/TFZj 9QOdUCcuBAQi/a/b0Xq3/qNFvtItmSMJOEmwQSDZIIySxBUoe8PkFlM04leHPDB3 RcSoK2iBDOp+x5fSVmeA4BVLH4MtEQjjKnbpxCe9cHnQmkst3Pn5XsrLepGN6FNf ZsZ6u2B9lKFZWno9jHc59cswA5AQ12//3TiUkP/hOKHTnwBXPMiCW3SG9oeSAAYi 4Svnnuo8GdooshoBh5wjCtnyEi9VZAaTdp+Jv7M8wTJM2bWFgeosCQfYOpSi1K67 -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:43 2025 by rpki-client