This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa File: AS213542.roa (raw, json) Hash identifier: yhWcY/EXFCKnARZa3UK4nBymn4VWDbrKJhhUc+Bk2iM= Subject key identifier: 8C:9C:35:FA:8A:1F:DB:79:FD:9B:73:90:D8:02:DD:0B:A0:76:39:2F Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 2B0B2A50A989D39615D230B914008C49DF1C9776 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa Signing time: Thu 25 Dec 2025 08:00:05 +0000 ROA not before: Thu 25 Dec 2025 07:55:05 +0000 ROA not after: Thu 24 Dec 2026 08:00:05 +0000 asID: 213542 IP address blocks: 2a14:7580:e700::/40 maxlen: 48 2a14:7580:e800::/40 maxlen: 48 2a14:7580:e900::/40 maxlen: 48 2a14:7580:ea00::/40 maxlen: 48 2a14:7580:eb00::/40 maxlen: 48 2a14:7580:ec00::/40 maxlen: 48 2a14:7581:9f60::/44 maxlen: 48 2a14:7581:9f70::/44 maxlen: 48 2a14:7581:9f80::/44 maxlen: 48 2a14:7581:9f90::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:0b:2a:50:a9:89:d3:96:15:d2:30:b9:14:00:8c:49:df:1c:97:76 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 25 07:55:05 2025 GMT Not After : Dec 24 08:00:05 2026 GMT Subject: CN=8C9C35FA8A1FDB79FD9B7390D802DD0BA076392F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:5c:9d:2b:df:88:8e:57:7b:6f:54:67:25:76: 2d:2b:04:aa:c4:70:a6:0a:a5:4f:51:3e:f8:8d:03: cf:df:87:a7:4f:24:20:1d:ec:d2:81:34:4c:e4:5b: 72:1e:01:79:a6:3b:85:26:57:49:69:5e:a7:70:85: 30:0b:e3:a6:b0:02:7f:69:c8:a0:93:30:69:11:b3: 22:d8:78:6f:b3:12:37:f1:e5:4f:8e:29:77:47:19: 66:97:05:6b:31:ad:5f:e4:6e:7f:7d:b5:c6:a8:88: 96:39:a7:df:fd:98:8f:d7:44:9b:de:60:36:a7:1c: fc:eb:5d:1d:1b:a0:72:ce:1e:d7:65:ed:5a:7f:3f: e7:d2:0d:62:2f:9a:ab:2f:6a:aa:3c:c2:e1:e7:62: 38:c0:33:20:7e:fb:a4:d4:4d:24:52:82:f1:cf:1b: c0:a8:c5:12:6a:0f:f4:9d:25:0f:9e:14:3e:23:68: f7:b3:b1:5f:8b:2f:7f:ff:85:6d:eb:e8:b7:ad:e9: 61:6c:56:59:96:18:1a:89:1e:26:bb:71:13:96:ad: b7:91:01:03:db:14:47:be:97:77:0e:8f:ec:c1:97: 63:a5:d4:39:2a:b3:32:f2:61:34:12:63:f8:be:8b: 28:29:e6:93:69:63:90:f5:47:1e:95:fb:d0:81:cc: ab:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:9C:35:FA:8A:1F:DB:79:FD:9B:73:90:D8:02:DD:0B:A0:76:39:2F X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff 2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 72:b8:da:17:55:20:53:00:7f:ef:b7:2b:9a:e9:1c:1a:61:41: 0b:af:da:f6:6d:96:5d:e9:16:62:70:74:b2:cb:63:a9:c3:6c: 9d:96:d8:53:46:ff:ef:50:67:16:f2:11:d3:07:c8:fe:fe:8a: 15:da:f3:ec:e2:38:e5:57:a6:ee:be:a0:7d:55:e5:f1:85:a3: 76:d2:8c:69:d1:39:e3:17:6f:cd:56:46:19:f8:14:96:fa:32: 9b:60:0f:1b:7c:da:8f:00:49:95:32:e5:de:3c:80:77:8a:20: 61:98:87:9f:3f:2b:30:37:11:26:f5:8a:aa:dd:b3:8a:22:d1: cc:99:76:80:96:cd:f6:e3:4e:36:2b:bb:dd:dc:ae:2d:19:06: 9d:9e:fe:f0:fb:ed:85:b8:c7:6c:7f:31:ec:80:f8:26:1f:e0: 97:01:b4:79:09:c6:4d:59:54:56:17:97:3e:b0:15:66:11:b7: 20:0e:20:f2:77:3a:db:08:ba:6e:2f:e8:4a:c9:e0:09:e4:2e: 66:90:5f:b0:24:4e:f9:97:55:f1:98:d8:a5:f8:21:14:07:f1: 42:34:cf:a8:3e:66:3a:ef:25:6b:86:17:64:ed:ce:5e:1c:0b: 73:7a:39:37:ab:e3:10:fa:c7:a7:a7:f0:08:5b:40:22:9d:a7: b2:c0:bb:ad -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgIUKwsqUKmJ05YV0jC5FACMSd8cl3YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMjUwNzU1MDVaFw0yNjEyMjQwODAwMDVaMDMxMTAvBgNV BAMTKDhDOUMzNUZBOEExRkRCNzlGRDlCNzM5MEQ4MDJERDBCQTA3NjM5MkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAXJ0r34iOV3tvVGcldi0rBKrE cKYKpU9RPviNA8/fh6dPJCAd7NKBNEzkW3IeAXmmO4UmV0lpXqdwhTAL46awAn9p yKCTMGkRsyLYeG+zEjfx5U+OKXdHGWaXBWsxrV/kbn99tcaoiJY5p9/9mI/XRJve YDanHPzrXR0boHLOHtdl7Vp/P+fSDWIvmqsvaqo8wuHnYjjAMyB++6TUTSRSgvHP G8CoxRJqD/SdJQ+eFD4jaPezsV+LL3//hW3r6Let6WFsVlmWGBqJHia7cROWrbeR AQPbFEe+l3cOj+zBl2Ol1DkqszLyYTQSY/i+iygp5pNpY5D1Rx6V+9CBzKvxAgMB AAGjggIqMIICJjAdBgNVHQ4EFgQUjJw1+oof23n9m3OQ2ALdC6B2OS8wHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEzNTQyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAAjAmMBADBgAq FHWA5wMGACoUdYDsMBIDBwUqFHWBn2ADBwUqFHWBn4AwDQYJKoZIhvcNAQELBQAD ggEBAHK42hdVIFMAf++3K5rpHBphQQuv2vZtll3pFmJwdLLLY6nDbJ2W2FNG/+9Q ZxbyEdMHyP7+ihXa8+ziOOVXpu6+oH1V5fGFo3bSjGnROeMXb81WRhn4FJb6Mptg Dxt82o8ASZUy5d48gHeKIGGYh58/KzA3ESb1iqrds4oi0cyZdoCWzfbjTjYru93c ri0ZBp2e/vD77YW4x2x/MeyA+CYf4JcBtHkJxk1ZVFYXlz6wFWYRtyAOIPJ3OtsI um4v6ErJ4AnkLmaQX7AkTvmXVfGY2KX4IRQH8UI0z6g+ZjrvJWuGF2Ttzl4cC3N6 OTer4xD6x6en8AhbQCKdp7LAu60= -----END CERTIFICATE-----Generated at Sun Jan 25 12:10:57 2026 by rpki-client