This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa File: AS214639.roa (raw, json) Hash identifier: yQ7uAaRPoj4gzriFdg5adTUhXggoLWb3su5UImbXanY= Subject key identifier: 3D:A8:50:5C:9E:C4:B8:23:0A:90:31:55:A2:5C:84:D2:2C:FF:5C:19 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 6FF1A08499B3793D8C676A2573E167B6926703A8 Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa Signing time: Tue 30 Dec 2025 05:25:08 +0000 ROA not before: Tue 30 Dec 2025 05:20:08 +0000 ROA not after: Tue 29 Dec 2026 05:25:08 +0000 asID: 214639 IP address blocks: 2a14:7583:9000::/36 maxlen: 48 2a14:7583:fa00::/40 maxlen: 48 2a14:7584:d000::/36 maxlen: 48 2a14:7586:4000::/36 maxlen: 36 2a14:7586:8000::/36 maxlen: 36 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 01:36:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:f1:a0:84:99:b3:79:3d:8c:67:6a:25:73:e1:67:b6:92:67:03:a8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Dec 30 05:20:08 2025 GMT Not After : Dec 29 05:25:08 2026 GMT Subject: CN=3DA8505C9EC4B8230A903155A25C84D22CFF5C19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:76:3a:90:23:58:79:3a:d1:7e:09:b4:23:de: 3e:aa:53:9c:8e:b6:2e:6b:16:e7:7b:55:29:08:eb: bf:6b:d5:db:7d:83:99:1c:6a:dd:53:9f:3b:22:a1: 19:f1:0a:1d:04:9b:86:1f:6a:79:a1:2d:df:94:64: 74:cb:9b:d7:90:6c:fd:71:84:4b:1a:ed:0c:51:38: 42:c5:66:bc:8d:bb:88:8b:81:50:29:08:9e:64:1a: fe:d4:f1:ce:11:1c:06:99:72:de:99:d5:62:54:83: d4:61:02:3c:07:72:61:07:34:72:e9:aa:5e:ba:94: db:fa:2b:59:70:da:7e:fa:cf:b7:a1:e6:48:d4:99: c1:f5:e6:3a:82:fd:9c:12:e0:61:b8:3d:49:66:68: 7e:c0:9b:c3:83:a8:89:e5:8d:a5:12:57:2b:74:fa: 5f:d5:ab:ff:92:19:b8:5f:62:44:a7:14:2d:91:f8: 6d:5a:d7:9e:02:f7:a7:2d:cd:57:b8:aa:83:1a:37: b7:b6:03:8e:b8:10:49:46:f5:cd:a0:6c:ca:da:a9: 3d:1f:9a:1c:dc:3c:6a:2f:35:88:78:07:4a:8e:89: 29:ad:8d:f7:94:f3:3a:60:34:fe:67:3e:a9:3f:3d: 7a:55:69:5f:99:93:d5:ab:6c:df:82:01:44:64:36: e4:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:A8:50:5C:9E:C4:B8:23:0A:90:31:55:A2:5C:84:D2:2C:FF:5C:19 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214639.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7583:9000::/36 2a14:7583:fa00::/40 2a14:7584:d000::/36 2a14:7586:4000::/36 2a14:7586:8000::/36 Signature Algorithm: sha256WithRSAEncryption 49:5b:63:09:e3:bb:a3:eb:5e:a1:f2:15:ee:3b:50:82:4e:29: 1b:36:16:50:9c:fe:18:36:78:cd:6c:a6:a3:cd:31:02:2c:22: b5:e8:6c:bf:f7:14:ec:42:ca:72:69:ed:13:f8:b6:45:bf:52: c5:ec:a8:f3:4b:53:20:8e:9b:55:18:42:df:72:c0:f8:b5:ac: 7c:e0:d5:61:10:36:b7:83:e4:45:33:83:29:db:ab:6c:cd:bd: 0b:73:67:9f:22:b4:4a:0a:97:5d:66:0d:e1:1c:72:ab:0d:e5: ed:14:3c:7e:88:dc:d9:9b:42:aa:b4:93:67:0c:89:b6:2b:e1: 47:f4:00:8b:aa:bd:d4:d6:58:60:8f:60:f1:67:33:1b:71:70: 37:12:cc:39:c4:f1:e2:c0:05:b3:4e:cb:4d:e2:7f:59:a1:ec: 3a:f8:91:46:b1:c4:eb:d9:80:df:bf:93:2b:a4:1e:d8:fe:98: 9f:36:75:d4:49:be:e4:18:50:d1:f8:66:59:dc:23:14:49:c4: 41:df:8e:da:b4:a5:51:96:15:3b:3e:1b:2e:5d:2b:08:55:f3: 79:be:e4:de:8d:f0:2b:39:ec:3a:ad:aa:3c:85:b0:41:78:75: e5:bb:65:5f:58:63:b3:40:54:24:37:6c:cd:65:bf:21:9a:1a: e6:7c:c7:2c -----BEGIN CERTIFICATE----- MIIFIjCCBAqgAwIBAgIUb/GghJmzeT2MZ2olc+FntpJnA6gwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTEyMzAwNTIwMDhaFw0yNjEyMjkwNTI1MDhaMDMxMTAvBgNV BAMTKDNEQTg1MDVDOUVDNEI4MjMwQTkwMzE1NUEyNUM4NEQyMkNGRjVDMTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkdjqQI1h5OtF+CbQj3j6qU5yO ti5rFud7VSkI679r1dt9g5kcat1TnzsioRnxCh0Em4YfanmhLd+UZHTLm9eQbP1x hEsa7QxROELFZryNu4iLgVApCJ5kGv7U8c4RHAaZct6Z1WJUg9RhAjwHcmEHNHLp ql66lNv6K1lw2n76z7eh5kjUmcH15jqC/ZwS4GG4PUlmaH7Am8ODqInljaUSVyt0 +l/Vq/+SGbhfYkSnFC2R+G1a154C96ctzVe4qoMaN7e2A464EElG9c2gbMraqT0f mhzcPGovNYh4B0qOiSmtjfeU8zpgNP5nPqk/PXpVaV+Zk9WrbN+CAURkNuRBAgMB AAGjggIsMIICKDAdBgNVHQ4EFgQUPahQXJ7EuCMKkDFVolyE0iz/XBkwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0NjM5LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoAwYEKhR1 g5ADBgAqFHWD+gMGBCoUdYTQAwYEKhR1hkADBgQqFHWGgDANBgkqhkiG9w0BAQsF AAOCAQEASVtjCeO7o+teofIV7jtQgk4pGzYWUJz+GDZ4zWymo80xAiwitehsv/cU 7ELKcmntE/i2Rb9Sxeyo80tTII6bVRhC33LA+LWsfODVYRA2t4PkRTODKdurbM29 C3NnnyK0SgqXXWYN4Rxyqw3l7RQ8fojc2ZtCqrSTZwyJtivhR/QAi6q91NZYYI9g 8WczG3FwNxLMOcTx4sAFs07LTeJ/WaHsOviRRrHE69mA37+TK6Qe2P6YnzZ11Em+ 5BhQ0fhmWdwjFEnEQd+O2rSlUZYVOz4bLl0rCFXzeb7k3o3wKznsOq2qPIWwQXh1 5btlX1hjs0BUJDdszWW/IZoa5nzHLA== -----END CERTIFICATE-----Generated at Sun Jan 25 12:10:50 2026 by rpki-client