This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa File: AS213542.roa (raw, json) Hash identifier: Yd3gy+0g+C7xCj6MoP49/ylya0a11HPxB/7z3CVexrY= Subject key identifier: 33:5B:76:A8:18:87:BB:28:EF:E6:BF:82:FF:10:96:F9:8D:69:B4:56 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 3B42EEA3AA059F240E36812C13D4EDF35FE33135 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa Signing time: Fri 05 Dec 2025 08:00:09 +0000 ROA not before: Fri 05 Dec 2025 07:55:09 +0000 ROA not after: Fri 04 Dec 2026 08:00:09 +0000 asID: 213542 IP address blocks: 2a14:7580:e700::/40 maxlen: 48 2a14:7580:e800::/40 maxlen: 48 2a14:7580:e900::/40 maxlen: 48 2a14:7580:ea00::/40 maxlen: 48 2a14:7580:eb00::/40 maxlen: 48 2a14:7580:ec00::/40 maxlen: 48 2a14:7581:ffa::/48 maxlen: 48 2a14:7581:9f60::/44 maxlen: 48 2a14:7581:9f70::/44 maxlen: 48 2a14:7581:9f80::/44 maxlen: 48 2a14:7581:9f90::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:42:ee:a3:aa:05:9f:24:0e:36:81:2c:13:d4:ed:f3:5f:e3:31:35 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 5 07:55:09 2025 GMT Not After : Dec 4 08:00:09 2026 GMT Subject: CN=335B76A81887BB28EFE6BF82FF1096F98D69B456 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:ee:3f:ac:aa:d0:6f:47:e9:d9:37:be:4d:46: 5a:be:d0:87:c3:bf:f9:91:32:0b:4d:bc:76:05:7e: 2f:88:85:d6:a3:94:22:59:03:58:46:61:1f:c2:df: 6c:2f:e2:eb:7b:60:b7:6e:f4:f5:5b:67:f8:b9:29: 22:4c:fb:0d:20:32:6c:07:de:0c:b5:52:b2:1c:a3: b1:70:b2:33:b0:e9:73:c2:4d:de:13:93:3c:b8:44: fa:24:bc:36:d8:62:bc:d2:fc:f1:a4:12:e6:66:63: 6b:ac:59:d2:6b:89:bf:bf:c5:d8:c9:33:54:66:e0: 98:46:14:10:01:30:14:c3:03:ab:b5:28:ef:4b:c4: 65:e6:94:03:55:68:2e:85:ee:50:46:3c:63:02:32: 61:13:94:97:dd:76:df:c0:68:ec:8c:35:a9:0d:83: 86:fa:19:7e:cd:cf:66:96:be:15:d8:97:a8:47:d8: 0f:eb:29:d2:ba:53:23:55:18:5f:e6:39:c9:41:90: 37:c1:16:ad:9e:67:7a:1c:bf:69:0b:86:69:bf:ad: 7d:3c:b5:ef:ec:60:19:61:2c:33:5f:61:b0:6b:54: 61:83:2a:c3:d7:43:75:53:5c:d6:4a:ff:54:cd:72: fc:52:e6:f2:b2:67:d0:76:3e:6e:21:81:86:ee:3d: e3:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:5B:76:A8:18:87:BB:28:EF:E6:BF:82:FF:10:96:F9:8D:69:B4:56 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS213542.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7580:e700::-2a14:7580:ecff:ffff:ffff:ffff:ffff:ffff 2a14:7581:ffa::/48 2a14:7581:9f60::-2a14:7581:9f9f:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 1f:86:57:0a:23:ba:01:45:36:93:1b:96:f2:e4:2a:1d:77:3a: 53:b6:a6:a8:ae:f6:83:62:66:16:37:9a:cb:d5:8e:cf:6a:6e: 53:b8:04:20:a7:4f:c6:4f:43:07:c9:2b:76:50:41:63:5f:86: a0:c5:90:a4:26:c8:a5:ba:f9:e8:c4:07:df:2d:05:ca:36:7a: 6a:cc:5e:a3:6e:69:39:3c:da:8a:09:ca:76:f2:e5:17:e9:a8: de:da:63:cd:0f:78:90:a2:10:fd:ef:83:51:34:eb:99:c6:f4: 6c:04:d5:eb:08:51:78:73:86:4d:c2:41:ff:17:e1:27:58:3a: 82:d8:87:15:35:c8:fe:f5:9d:8c:c9:1f:72:c5:6a:e1:05:2c: 07:32:5f:5f:94:8f:1a:f5:e2:6c:9b:02:81:8e:9b:f5:c3:37: b0:fc:69:5b:37:a7:d8:7f:fa:b3:0f:99:38:2e:90:7e:cc:46: 8e:24:26:f0:64:55:6d:8b:89:73:dd:4d:c8:16:93:3f:b5:a0: 22:6b:3b:d5:01:34:54:8d:6f:92:c2:2e:f3:99:64:34:fc:61: c3:1e:ba:ed:94:41:d1:c6:88:a6:89:d5:92:27:fa:ec:13:c3: 8b:8f:db:15:e0:27:ba:a3:f0:ca:b4:3d:a3:56:3a:29:e1:67: ef:17:3c:39 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUO0Luo6oFnyQONoEsE9Tt81/jMTUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMDUwNzU1MDlaFw0yNjEyMDQwODAwMDlaMDMxMTAvBgNV BAMTKDMzNUI3NkE4MTg4N0JCMjhFRkU2QkY4MkZGMTA5NkY5OEQ2OUI0NTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDs7j+sqtBvR+nZN75NRlq+0IfD v/mRMgtNvHYFfi+IhdajlCJZA1hGYR/C32wv4ut7YLdu9PVbZ/i5KSJM+w0gMmwH 3gy1UrIco7FwsjOw6XPCTd4Tkzy4RPokvDbYYrzS/PGkEuZmY2usWdJrib+/xdjJ M1Rm4JhGFBABMBTDA6u1KO9LxGXmlANVaC6F7lBGPGMCMmETlJfddt/AaOyMNakN g4b6GX7Nz2aWvhXYl6hH2A/rKdK6UyNVGF/mOclBkDfBFq2eZ3ocv2kLhmm/rX08 te/sYBlhLDNfYbBrVGGDKsPXQ3VTXNZK/1TNcvxS5vKyZ9B2Pm4hgYbuPePxAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUM1t2qBiHuyjv5r+C/xCW+Y1ptFYwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjEzNTQyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAAjAvMBADBgAq FHWA5wMGACoUdYDsAwcAKhR1gQ/6MBIDBwUqFHWBn2ADBwUqFHWBn4AwDQYJKoZI hvcNAQELBQADggEBAB+GVwojugFFNpMblvLkKh13OlO2pqiu9oNiZhY3msvVjs9q blO4BCCnT8ZPQwfJK3ZQQWNfhqDFkKQmyKW6+ejEB98tBco2emrMXqNuaTk82ooJ ynby5RfpqN7aY80PeJCiEP3vg1E065nG9GwE1esIUXhzhk3CQf8X4SdYOoLYhxU1 yP71nYzJH3LFauEFLAcyX1+Ujxr14mybAoGOm/XDN7D8aVs3p9h/+rMPmTgukH7M Ro4kJvBkVW2LiXPdTcgWkz+1oCJrO9UBNFSNb5LCLvOZZDT8YcMeuu2UQdHGiKaJ 1ZIn+uwTw4uP2xXgJ7qj8Mq0PaNWOinhZ+8XPDk= -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:32 2025 by rpki-client