This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: d8LeK+cgu8yXPzo2mmaEpIhvuSoB5cE/t1vWmtvR/IY= Subject key identifier: B7:BE:F2:7E:A3:4D:F5:77:DF:C3:EC:59:BF:EB:83:9D:F7:81:12:02 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 3398DD0322E9990A16F2EB8FA2F48A423B45ADEA Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa Signing time: Thu 25 Dec 2025 22:20:01 +0000 ROA not before: Thu 25 Dec 2025 22:15:01 +0000 ROA not after: Thu 24 Dec 2026 22:20:01 +0000 asID: 20473 IP address blocks: 2a14:7580:100::/40 maxlen: 48 2a14:7581:f30::/44 maxlen: 48 2a14:7581:fa0::/44 maxlen: 48 2a14:7581:3600::/40 maxlen: 48 2a14:7581:3e00::/40 maxlen: 48 2a14:7581:3f00::/40 maxlen: 48 2a14:7583:f000::/40 maxlen: 48 2a14:7583:f100::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:98:dd:03:22:e9:99:0a:16:f2:eb:8f:a2:f4:8a:42:3b:45:ad:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 25 22:15:01 2025 GMT Not After : Dec 24 22:20:01 2026 GMT Subject: CN=B7BEF27EA34DF577DFC3EC59BFEB839DF7811202 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d4:89:b6:eb:e0:87:d3:bd:d6:45:62:f0:4c: bc:a7:50:0f:8c:b5:53:af:e1:f2:54:38:96:21:4d: 1f:58:2e:d2:d9:43:a7:45:04:37:11:e5:56:36:52: 24:9e:df:bc:c1:be:60:d2:e9:39:28:26:53:c4:2b: 9e:d5:2d:27:22:11:39:58:b3:97:be:fe:21:eb:00: 58:95:61:7c:d7:e7:64:b1:2d:d7:38:5d:d1:9d:a4: 24:05:b5:d9:e5:0a:e0:3e:33:f0:be:3c:ee:96:0d: d7:d3:97:ec:d4:c6:00:d4:21:d0:fd:45:eb:09:73: c4:89:d3:45:b7:b1:d7:25:9b:d3:52:1a:4d:54:01: ad:2d:81:5a:29:07:05:68:4a:cb:23:15:48:d1:a8: cc:91:e9:46:2e:9b:e1:51:f6:22:e8:f6:7f:e9:40: 84:9d:dc:57:f6:1b:b0:02:05:90:f6:3b:c2:02:63: 5d:5b:eb:c8:55:8f:55:99:44:58:f6:66:14:4d:9b: 8e:27:91:ed:8d:73:6c:d9:a8:d8:1c:58:82:12:93: c3:08:d1:4a:d9:d1:21:76:b1:b0:29:9b:c9:39:86: 15:c4:b9:70:bf:ff:40:13:8b:b8:46:c5:6c:a3:dc: 95:4f:fc:24:da:d8:c3:d0:1c:c9:f8:81:ae:d8:91: 49:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:BE:F2:7E:A3:4D:F5:77:DF:C3:EC:59:BF:EB:83:9D:F7:81:12:02 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:100::/40 2a14:7581:f30::/44 2a14:7581:fa0::/44 2a14:7581:3600::/40 2a14:7581:3e00::/39 2a14:7583:f000::/39 Signature Algorithm: sha256WithRSAEncryption 1d:5d:86:b8:fc:38:89:9b:73:4f:1d:45:ae:08:a0:20:5e:bf: 59:7e:65:b6:bd:0a:85:12:42:09:fb:33:27:43:3f:01:c6:86: 01:5d:af:b2:c5:a9:9d:eb:08:fe:4e:06:bb:16:4f:16:78:c0: af:b7:88:ec:a7:62:91:f8:b1:b1:f8:19:7d:09:6c:c6:53:bc: d8:7b:a9:ea:83:69:23:e8:6c:d9:69:93:a9:3f:37:5e:7a:8d: 92:a5:1e:48:f7:7a:56:a7:af:ea:bf:12:e6:a2:be:0a:72:99: 4f:d9:0b:53:cb:59:c8:98:ec:02:46:01:1a:13:22:71:71:3a: 55:d1:ee:12:b9:d2:ad:93:86:06:67:7c:58:2d:a3:58:53:91: 45:92:c2:b6:3d:11:31:6f:0e:d4:f5:a9:54:cf:16:44:5e:78: e3:e9:96:41:47:a8:06:2d:6a:4e:9d:7e:0a:da:a2:a0:8f:80: f2:73:76:23:9b:be:f8:56:46:4f:6f:c0:d8:84:54:f6:f9:2a: 0a:53:8e:a6:1c:56:11:69:3a:ed:c3:41:68:3e:a8:80:e2:d4: 47:e6:9e:a1:e8:9a:73:fe:0b:89:08:70:63:ff:65:71:3e:16: c7:f6:35:ed:5d:cf:af:eb:1a:c4:68:23:0a:49:a8:d5:0c:3e: ff:c1:a4:ae -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUM5jdAyLpmQoW8uuPovSKQjtFreowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMjUyMjE1MDFaFw0yNjEyMjQyMjIwMDFaMDMxMTAvBgNV BAMTKEI3QkVGMjdFQTM0REY1NzdERkMzRUM1OUJGRUI4MzlERjc4MTEyMDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC61Im26+CH073WRWLwTLynUA+M tVOv4fJUOJYhTR9YLtLZQ6dFBDcR5VY2UiSe37zBvmDS6TkoJlPEK57VLSciETlY s5e+/iHrAFiVYXzX52SxLdc4XdGdpCQFtdnlCuA+M/C+PO6WDdfTl+zUxgDUIdD9 ResJc8SJ00W3sdclm9NSGk1UAa0tgVopBwVoSssjFUjRqMyR6UYum+FR9iLo9n/p QISd3Ff2G7ACBZD2O8ICY11b68hVj1WZRFj2ZhRNm44nke2Nc2zZqNgcWIISk8MI 0UrZ0SF2sbApm8k5hhXEuXC//0ATi7hGxWyj3JVP/CTa2MPQHMn4ga7YkUl7AgMB AAGjggI1MIICMTAdBgNVHQ4EFgQUt77yfqNN9Xffw+xZv+uDnfeBEgIwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwSwYIKwYBBQUHAQcBAf8EPDA6MDgEAgACMDIDBgAqFHWA AQMHBCoUdYEPMAMHBCoUdYEPoAMGACoUdYE2AwYBKhR1gT4DBgEqFHWD8DANBgkq hkiG9w0BAQsFAAOCAQEAHV2GuPw4iZtzTx1FrgigIF6/WX5ltr0KhRJCCfszJ0M/ AcaGAV2vssWpnesI/k4GuxZPFnjAr7eI7KdikfixsfgZfQlsxlO82Hup6oNpI+hs 2WmTqT83XnqNkqUeSPd6Vqev6r8S5qK+CnKZT9kLU8tZyJjsAkYBGhMicXE6VdHu ErnSrZOGBmd8WC2jWFORRZLCtj0RMW8O1PWpVM8WRF544+mWQUeoBi1qTp1+Ctqi oI+A8nN2I5u++FZGT2/A2IRU9vkqClOOphxWEWk67cNBaD6ogOLUR+aeoeiac/4L iQhwY/9lcT4Wx/Y17V3Pr+saxGgjCkmo1Qw+/8Gkrg== -----END CERTIFICATE-----Generated at Sun Jan 25 12:10:53 2026 by rpki-client