This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa File: AS206540.roa (raw, json) Hash identifier: uTmKRsYeDwbsZi4V//cBhTNltKOc4B5uECfb4QQjyhI= Subject key identifier: DC:BF:14:78:9B:BF:57:76:F1:36:34:08:13:DD:C3:50:62:1E:4F:89 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 7C4CB1C4DF679D64C62299A8195F7FB82EEBC6D4 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa Signing time: Mon 10 Nov 2025 14:07:28 +0000 ROA not before: Mon 10 Nov 2025 14:02:28 +0000 ROA not after: Mon 09 Nov 2026 14:07:28 +0000 asID: 206540 IP address blocks: 2a14:7580:ffb0::/44 maxlen: 48 2a14:7580:ffc0::/44 maxlen: 48 2a14:7583:ff70::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7c:4c:b1:c4:df:67:9d:64:c6:22:99:a8:19:5f:7f:b8:2e:eb:c6:d4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Nov 10 14:02:28 2025 GMT Not After : Nov 9 14:07:28 2026 GMT Subject: CN=DCBF14789BBF5776F136340813DDC350621E4F89 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:3d:50:7f:70:6f:54:25:56:a1:25:20:97:77: 68:9b:de:5a:ca:21:e8:c5:ae:12:4d:a2:b9:b0:50: 82:25:81:a8:0f:cf:27:76:9b:8d:d5:e8:e1:7c:ea: a8:46:d0:6a:3f:6e:99:08:1d:f0:ff:26:ca:c0:2d: 58:d4:b5:d1:19:cd:b4:db:0e:e9:fd:34:5d:48:41: 90:2f:af:7e:4c:01:c5:b7:10:b3:45:c0:17:39:a6: cc:33:be:ee:ad:ee:ff:52:6a:78:2f:e4:a1:50:b7: e3:67:0c:3d:5a:9d:c8:ff:d9:35:f8:db:c6:75:1d: dc:e7:c1:74:1b:f8:0f:2b:c3:0c:ea:f6:b3:1a:67: 5b:da:82:2e:c1:91:7e:10:e1:c3:68:15:4d:c5:55: 56:a4:83:a6:52:07:73:04:dd:8d:ee:f3:83:d8:f6: cd:27:89:be:04:15:78:66:74:2d:de:26:7a:5f:8c: f0:27:41:28:f2:84:0c:d4:9b:df:87:30:a4:b1:36: 6e:4e:32:7f:3b:2f:f7:85:7e:2c:dd:62:ae:64:0d: f1:ea:b4:5c:60:cf:00:98:9d:d2:73:23:d4:ff:65: 20:80:2e:97:39:e9:54:d5:c2:09:dd:3f:89:91:d5: 87:ce:39:38:22:c4:bc:5c:2d:a1:a5:50:d3:ba:c7: 22:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:BF:14:78:9B:BF:57:76:F1:36:34:08:13:DD:C3:50:62:1E:4F:89 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS206540.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:ffb0::-2a14:7580:ffcf:ffff:ffff:ffff:ffff:ffff 2a14:7583:ff70::/44 Signature Algorithm: sha256WithRSAEncryption 0d:f4:cf:fb:50:c0:79:1a:64:ca:5a:63:8b:5d:61:c3:03:c3: 1b:10:02:ff:63:67:4a:20:22:a3:45:cb:1e:06:64:32:9d:62: 37:2e:b7:62:0f:89:cf:8c:5d:8b:7a:73:e4:ac:c2:95:06:da: 06:0b:9d:22:16:d3:3f:42:c8:ab:da:04:e6:24:71:7f:d5:a3: e7:85:4a:eb:37:d7:48:0d:ee:82:50:fc:98:9c:50:64:78:37: ad:f9:2f:fa:09:a0:c3:5a:04:1d:52:f2:b7:bc:b9:90:3b:b6: 07:4b:b5:b2:41:bf:34:a8:c4:a0:59:a5:29:57:e2:98:db:b7: 5b:f9:b6:16:cb:7c:bb:d6:99:1e:0f:68:51:d4:f1:eb:f3:a7: b1:4b:0c:c5:e7:ac:d2:3b:a2:be:ce:ca:d3:f3:c0:48:5d:b8: 19:e7:70:09:9e:57:40:bf:d9:a7:97:99:12:70:30:9e:26:43: 01:e0:db:69:6b:59:96:ee:ba:ed:fa:15:c7:2f:46:3f:b7:61: 67:5a:4e:6e:d4:52:f4:ad:8d:cc:15:4e:b6:99:48:3f:fd:4b: 9f:a3:35:d4:57:15:25:9d:30:8b:f8:be:f4:91:cf:57:e5:aa: 78:12:2a:0a:af:b4:99:20:42:f8:7a:e3:c1:04:42:7b:03:3c: 12:7f:c9:8d -----BEGIN CERTIFICATE----- MIIFFzCCA/+gAwIBAgIUfEyxxN9nnWTGIpmoGV9/uC7rxtQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTExMTAxNDAyMjhaFw0yNjExMDkxNDA3MjhaMDMxMTAvBgNV BAMTKERDQkYxNDc4OUJCRjU3NzZGMTM2MzQwODEzRERDMzUwNjIxRTRGODkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0PVB/cG9UJVahJSCXd2ib3lrK IejFrhJNormwUIIlgagPzyd2m43V6OF86qhG0Go/bpkIHfD/JsrALVjUtdEZzbTb Dun9NF1IQZAvr35MAcW3ELNFwBc5pswzvu6t7v9Sangv5KFQt+NnDD1ancj/2TX4 28Z1HdznwXQb+A8rwwzq9rMaZ1vagi7BkX4Q4cNoFU3FVVakg6ZSB3ME3Y3u84PY 9s0nib4EFXhmdC3eJnpfjPAnQSjyhAzUm9+HMKSxNm5OMn87L/eFfizdYq5kDfHq tFxgzwCYndJzI9T/ZSCALpc56VTVwgndP4mR1YfOOTgixLxcLaGlUNO6xyLfAgMB AAGjggIhMIICHTAdBgNVHQ4EFgQU3L8UeJu/V3bxNjQIE93DUGIeT4kwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjA2NTQwLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwQq FHWA/7ADBwQqFHWA/8ADBwQqFHWD/3AwDQYJKoZIhvcNAQELBQADggEBAA30z/tQ wHkaZMpaY4tdYcMDwxsQAv9jZ0ogIqNFyx4GZDKdYjcut2IPic+MXYt6c+SswpUG 2gYLnSIW0z9CyKvaBOYkcX/Vo+eFSus310gN7oJQ/JicUGR4N635L/oJoMNaBB1S 8re8uZA7tgdLtbJBvzSoxKBZpSlX4pjbt1v5thbLfLvWmR4PaFHU8evzp7FLDMXn rNI7or7OytPzwEhduBnncAmeV0C/2aeXmRJwMJ4mQwHg22lrWZbuuu36FccvRj+3 YWdaTm7UUvStjcwVTraZSD/9S5+jNdRXFSWdMIv4vvSRz1flqngSKgqvtJkgQvh6 48EEQnsDPBJ/yY0= -----END CERTIFICATE-----Generated at Sat Dec 6 10:56:15 2025 by rpki-client