This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa File: AS214821.roa (raw, json) Hash identifier: vOvR2NhOu4ry4AychfopfsanQVogOfGaXYBR9/wBJJI= Subject key identifier: F2:1B:47:AB:B4:C8:3F:59:3F:6A:2A:95:40:0D:9E:00:99:4E:2D:97 Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 46969C6402B34EFBAB04B73256E0E907C4A52BBE Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa Signing time: Thu 20 Nov 2025 11:43:03 +0000 ROA not before: Thu 20 Nov 2025 11:38:03 +0000 ROA not after: Thu 19 Nov 2026 11:43:03 +0000 asID: 214821 IP address blocks: 2a14:7581:800::/40 maxlen: 48 2a14:7581:ff8::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:96:9c:64:02:b3:4e:fb:ab:04:b7:32:56:e0:e9:07:c4:a5:2b:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Nov 20 11:38:03 2025 GMT Not After : Nov 19 11:43:03 2026 GMT Subject: CN=F21B47ABB4C83F593F6A2A95400D9E00994E2D97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:32:11:0d:18:b2:f4:c2:a5:9c:c7:b4:7b:02: 54:5c:f1:50:9e:3d:9a:ed:79:a8:47:b1:8c:94:8d: cf:4d:74:01:f3:7f:80:63:86:85:65:73:9b:48:8d: 55:8c:d0:24:f6:0a:c0:5e:b3:d0:b2:da:df:6e:a0: cc:8a:da:19:9d:bb:81:75:80:57:05:a5:c8:6b:b4: 37:33:9c:09:4f:86:da:2f:91:8a:87:66:fa:a7:29: 12:4a:a7:29:a3:d3:aa:81:ce:11:4f:c0:d5:ac:3f: bb:78:c6:27:e6:68:71:d8:6e:5b:00:44:9f:a4:03: 7a:20:36:0b:16:b1:19:d8:95:3b:cf:f8:a3:c4:cf: 91:ce:52:57:41:42:f3:f9:59:50:40:95:fd:e7:06: f6:36:3a:2f:9b:80:ac:1e:24:df:d4:92:ea:e6:09: 25:62:ee:43:37:cb:66:fc:6e:57:60:83:b4:fc:94: 78:a5:bc:04:01:63:a0:af:a9:fa:b0:d7:cc:70:32: 65:7d:d5:92:2f:bf:83:3b:be:8c:c0:ad:e7:2b:5f: 62:69:3f:ee:8b:b1:50:75:5b:f6:26:57:03:a6:01: 55:c2:a0:9d:c2:14:c9:67:72:f6:b2:a4:45:af:85: f1:ce:b5:a6:db:67:5c:ff:13:45:ee:2a:cd:6a:86: b9:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:1B:47:AB:B4:C8:3F:59:3F:6A:2A:95:40:0D:9E:00:99:4E:2D:97 X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS214821.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:800::/40 2a14:7581:ff8::/48 Signature Algorithm: sha256WithRSAEncryption 9a:d5:36:bf:51:bc:8a:19:d5:09:c9:54:1b:f3:44:0d:ff:f5: 87:fb:dc:34:41:e5:a1:ae:72:f0:d7:62:0e:cd:de:b6:4e:a2: 04:9c:77:1c:e3:41:28:f6:cd:05:53:83:71:36:04:b6:a6:de: 2e:81:ff:25:08:e0:9e:de:c2:0f:0a:06:a7:88:11:b5:46:77: ce:fc:70:2d:f6:8b:ff:0b:4d:ea:29:0c:61:68:6e:0f:0c:26: 84:79:0c:9d:a9:4b:d3:90:a6:be:f6:8c:a8:0b:cf:fa:cd:41: 50:90:00:27:bb:a5:f4:af:9f:3f:70:5b:2f:00:f8:67:62:90: 9d:a5:8a:6e:e5:85:cb:de:9d:2d:17:a3:7e:9e:61:c2:41:5e: 23:82:d8:ea:36:dd:f5:b6:d3:8a:65:18:7b:21:4b:bb:74:79: cd:fa:df:51:0c:4d:12:21:cd:d1:13:96:7a:ce:e0:10:f1:6e: 22:ed:d1:33:7a:6c:bf:5c:71:e6:1b:4c:51:cb:fa:58:14:2f: e8:e0:7b:f5:59:8c:f7:b7:90:14:d0:0e:db:9b:8d:0c:df:9b: 9f:87:24:04:91:b3:cb:36:11:b9:29:4f:0a:cf:d2:83:e2:73: 6b:39:5e:26:b6:7d:90:9a:bd:ab:10:7d:2e:f9:7b:29:d5:cc: 86:66:b9:3e -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgIURpacZAKzTvurBLcyVuDpB8SlK74wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTExMjAxMTM4MDNaFw0yNjExMTkxMTQzMDNaMDMxMTAvBgNV BAMTKEYyMUI0N0FCQjRDODNGNTkzRjZBMkE5NTQwMEQ5RTAwOTk0RTJEOTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCMhENGLL0wqWcx7R7AlRc8VCe PZrteahHsYyUjc9NdAHzf4BjhoVlc5tIjVWM0CT2CsBes9Cy2t9uoMyK2hmdu4F1 gFcFpchrtDcznAlPhtovkYqHZvqnKRJKpymj06qBzhFPwNWsP7t4xifmaHHYblsA RJ+kA3ogNgsWsRnYlTvP+KPEz5HOUldBQvP5WVBAlf3nBvY2Oi+bgKweJN/Ukurm CSVi7kM3y2b8bldgg7T8lHilvAQBY6Cvqfqw18xwMmV91ZIvv4M7vozArecrX2Jp P+6LsVB1W/YmVwOmAVXCoJ3CFMlncvaypEWvhfHOtabbZ1z/E0XuKs1qhrkFAgMB AAGjggIVMIICETAdBgNVHQ4EFgQU8htHq7TIP1k/aiqVQA2eAJlOLZcwHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMjE0ODIxLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYAKhR1 gQgDBwAqFHWBD/gwDQYJKoZIhvcNAQELBQADggEBAJrVNr9RvIoZ1QnJVBvzRA3/ 9Yf73DRB5aGucvDXYg7N3rZOogScdxzjQSj2zQVTg3E2BLam3i6B/yUI4J7ewg8K BqeIEbVGd878cC32i/8LTeopDGFobg8MJoR5DJ2pS9OQpr72jKgLz/rNQVCQACe7 pfSvnz9wWy8A+GdikJ2lim7lhcvenS0Xo36eYcJBXiOC2Oo23fW204plGHshS7t0 ec3631EMTRIhzdETlnrO4BDxbiLt0TN6bL9cceYbTFHL+lgUL+jge/VZjPe3kBTQ DtubjQzfm5+HJASRs8s2EbkpTwrP0oPic2s5Xia2fZCavasQfS75eynVzIZmuT4= -----END CERTIFICATE-----Generated at Sat Dec 6 10:01:14 2025 by rpki-client