This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: mRjYEwH1ONnXpVfJWOta/cBagUf/oupKBajlG6dO+w0= Subject key identifier: ED:A2:C2:7F:71:7B:0C:2C:BA:06:D2:49:32:EC:25:B7:16:33:54:48 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 6B685415460DCBA31519BCBCE1A3A4CF9C26A9E0 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa Signing time: Sat 22 Nov 2025 08:42:31 +0000 ROA not before: Sat 22 Nov 2025 08:37:31 +0000 ROA not after: Sat 21 Nov 2026 08:42:31 +0000 asID: 20473 IP address blocks: 2a14:7580:100::/40 maxlen: 48 2a14:7581:f30::/44 maxlen: 48 2a14:7581:f70::/48 maxlen: 48 2a14:7581:f71::/48 maxlen: 48 2a14:7581:3600::/40 maxlen: 48 2a14:7581:3e00::/40 maxlen: 48 2a14:7581:3f00::/40 maxlen: 48 2a14:7583:f000::/40 maxlen: 48 2a14:7583:f100::/40 maxlen: 48 2a14:7584:8000::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6b:68:54:15:46:0d:cb:a3:15:19:bc:bc:e1:a3:a4:cf:9c:26:a9:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Nov 22 08:37:31 2025 GMT Not After : Nov 21 08:42:31 2026 GMT Subject: CN=EDA2C27F717B0C2CBA06D24932EC25B716335448 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:fd:cd:ed:e9:89:a5:8f:b8:b7:84:d6:31:98: 4b:39:36:f6:44:eb:3a:7c:e9:98:48:c3:e4:37:14: 36:48:5b:68:f7:8a:ea:0f:88:2e:57:3d:c7:63:09: 4e:48:24:16:99:2a:5a:d6:64:e4:7f:a4:1b:55:d7: d6:12:82:2e:d1:b9:d4:1d:82:b8:54:7a:fa:a6:af: 09:98:55:a5:0d:57:0e:d5:3d:e4:32:33:5b:52:93: 60:18:ef:20:53:a7:7f:9c:ba:c3:02:08:3a:11:78: 90:6d:7f:23:f7:63:b2:81:05:f4:b1:96:bc:f9:e7: 2b:6e:17:f4:79:a0:18:d9:fd:80:bc:19:26:6e:a8: d5:f7:d6:17:7d:6b:f2:3c:f2:4b:ca:73:c8:3e:c4: f2:62:bf:b5:88:0b:b5:9b:f0:b1:14:67:6f:b4:94: 74:93:9a:84:d4:b4:01:43:c2:7d:64:f8:4a:fa:6b: 96:5b:3b:61:af:56:0b:d5:c8:2b:8f:02:fc:1f:9d: bc:f6:2f:bd:65:ed:47:85:2b:d7:e7:28:e6:7e:24: cd:49:48:4b:3a:97:97:2a:2f:cc:d8:56:0d:57:cc: fd:dc:0b:bc:14:2c:1a:c1:9b:b6:11:7a:f6:07:03: 36:40:cf:34:9e:a4:1c:49:e3:db:0a:60:75:6b:f4: 79:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:A2:C2:7F:71:7B:0C:2C:BA:06:D2:49:32:EC:25:B7:16:33:54:48 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:100::/40 2a14:7581:f30::/44 2a14:7581:f70::/47 2a14:7581:3600::/40 2a14:7581:3e00::/39 2a14:7583:f000::/39 2a14:7584:8000::/36 Signature Algorithm: sha256WithRSAEncryption 8e:fd:d2:b7:f1:2d:84:16:c9:ba:07:46:37:54:94:b1:c4:08: d3:8c:3b:1d:7a:73:b5:10:0b:ce:84:e0:8c:f5:05:ab:b2:68: 0c:f8:5f:d6:a7:6e:9a:e4:de:a1:e3:ec:86:fc:98:3a:32:64: 84:80:45:97:85:be:94:d6:02:7f:c0:73:e8:70:65:85:e3:22: 6f:9b:1f:72:93:4a:bb:02:a2:cc:e8:3e:f5:81:57:63:99:04: 92:95:ae:2d:95:ea:b0:ed:16:33:32:97:af:ec:ad:44:88:9e: 6e:2e:65:ea:8d:7f:7a:e0:08:10:31:f0:b0:1c:75:0b:8d:7d: e2:85:f7:d7:b3:8b:ed:df:d3:68:72:0b:f6:e0:d8:0b:f8:25: 1e:2d:b6:7a:68:1b:95:e9:82:78:6d:4e:c0:ae:86:96:ef:9f: e2:0c:92:62:bc:d4:57:5e:c0:f0:0f:06:bf:fc:43:60:13:e0: 54:71:ea:a7:c4:95:2a:39:bd:9b:8f:79:5f:83:21:35:28:8e: b1:84:fd:ed:9a:37:3c:d3:55:a9:e7:59:5b:c0:ef:9d:77:64: c8:92:8d:be:11:39:a1:5a:b7:78:64:d6:58:ea:a6:f2:46:02: 09:19:b7:dd:76:bb:82:f7:8b:b4:51:5d:d3:d8:a7:1d:89:8b: 4a:69:32:09 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUa2hUFUYNy6MVGby84aOkz5wmqeAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTExMjIwODM3MzFaFw0yNjExMjEwODQyMzFaMDMxMTAvBgNV BAMTKEVEQTJDMjdGNzE3QjBDMkNCQTA2RDI0OTMyRUMyNUI3MTYzMzU0NDgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg/c3t6Ymlj7i3hNYxmEs5NvZE 6zp86ZhIw+Q3FDZIW2j3iuoPiC5XPcdjCU5IJBaZKlrWZOR/pBtV19YSgi7RudQd grhUevqmrwmYVaUNVw7VPeQyM1tSk2AY7yBTp3+cusMCCDoReJBtfyP3Y7KBBfSx lrz55ytuF/R5oBjZ/YC8GSZuqNX31hd9a/I88kvKc8g+xPJiv7WIC7Wb8LEUZ2+0 lHSTmoTUtAFDwn1k+Er6a5ZbO2GvVgvVyCuPAvwfnbz2L71l7UeFK9fnKOZ+JM1J SEs6l5cqL8zYVg1XzP3cC7wULBrBm7YRevYHAzZAzzSepBxJ49sKYHVr9HkPAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU7aLCf3F7DCy6BtJJMuwltxYzVEgwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwUwYIKwYBBQUHAQcBAf8ERDBCMEAEAgACMDoDBgAqFHWA AQMHBCoUdYEPMAMHASoUdYEPcAMGACoUdYE2AwYBKhR1gT4DBgEqFHWD8AMGBCoU dYSAMA0GCSqGSIb3DQEBCwUAA4IBAQCO/dK38S2EFsm6B0Y3VJSxxAjTjDsdenO1 EAvOhOCM9QWrsmgM+F/Wp26a5N6h4+yG/Jg6MmSEgEWXhb6U1gJ/wHPocGWF4yJv mx9yk0q7AqLM6D71gVdjmQSSla4tleqw7RYzMpev7K1EiJ5uLmXqjX964AgQMfCw HHULjX3ihffXs4vt39Nocgv24NgL+CUeLbZ6aBuV6YJ4bU7AroaW75/iDJJivNRX XsDwDwa//ENgE+BUceqnxJUqOb2bj3lfgyE1KI6xhP3tmjc801Wp51lbwO+dd2TI ko2+ETmhWrd4ZNZY6qbyRgIJGbfddruC94u0UV3T2KcdiYtKaTIJ -----END CERTIFICATE-----Generated at Sat Dec 6 10:00:12 2025 by rpki-client