This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa File: AS31898.roa (raw, json) Hash identifier: UjrClGSycvvPFbIxljo7dk3NDJne6Zyrfhtg/f9VOEQ= Subject key identifier: A9:6E:00:30:FA:CD:22:A6:8B:08:B1:6E:26:1C:3E:D0:4A:8F:C0:DD Certificate issuer: /CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Certificate serial: 3FAD93CC2DDB1AE60A3F27FA732F8984D012F34D Authority key identifier: A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa Signing time: Sat 29 Nov 2025 13:38:22 +0000 ROA not before: Sat 29 Nov 2025 13:33:22 +0000 ROA not after: Sat 28 Nov 2026 13:38:22 +0000 asID: 31898 IP address blocks: 2a14:7581:f00::/44 maxlen: 48 2a14:7581:9811::/48 maxlen: 48 2a14:7583:b000::/36 maxlen: 48 2a14:7586::/36 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.mft rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:45:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3f:ad:93:cc:2d:db:1a:e6:0a:3f:27:fa:73:2f:89:84:d0:12:f3:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a83d48652f3b2df74f6bf9baa8a9c174ccfd3772 Validity Not Before: Nov 29 13:33:22 2025 GMT Not After : Nov 28 13:38:22 2026 GMT Subject: CN=A96E0030FACD22A68B08B16E261C3ED04A8FC0DD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:fb:9b:cf:9d:7b:8d:6e:27:5d:48:46:fd:f0: 72:6a:2a:37:20:90:e7:0c:bb:32:1b:0c:ee:ad:5f: f5:9a:51:fb:e0:97:13:6f:bd:19:c1:f3:f4:ae:b1: a3:62:0b:17:a9:d3:d7:5b:ad:c5:71:22:89:30:6a: 37:90:08:8e:33:af:d2:2b:85:a4:7c:27:28:b8:36: d8:6f:b3:7f:75:ff:10:9f:5d:2f:a9:a1:3c:06:50: f9:a8:7a:b6:60:1c:f0:02:0c:2e:57:43:db:0b:f2: ee:76:f6:0a:18:34:d8:ed:3c:d4:8f:0d:e8:36:a9: 2f:9e:89:1a:4b:56:fd:ca:ff:9a:55:8e:09:51:21: f4:f3:03:65:e7:f5:5b:68:ee:2e:04:79:3d:87:91: c9:a5:08:47:b8:c5:09:43:84:dd:be:34:1b:23:59: a0:8b:d6:7e:dc:e9:1b:54:92:5d:85:14:28:b0:87: 93:07:b7:6b:9a:1f:3d:8e:ab:6f:9c:2a:8c:42:e0: 5c:19:60:62:6e:1f:67:22:81:a1:04:22:1a:1d:4f: 33:05:a7:12:28:cc:03:08:a8:e1:2b:50:aa:c9:dd: 0b:ed:f5:ed:1a:ce:28:f0:4f:8a:50:be:7f:55:d7: 58:4d:39:76:c4:95:3f:72:35:95:2e:a8:da:2e:78: 64:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:6E:00:30:FA:CD:22:A6:8B:08:B1:6E:26:1C:3E:D0:4A:8F:C0:DD X509v3 Authority Key Identifier: keyid:A8:3D:48:65:2F:3B:2D:F7:4F:6B:F9:BA:A8:A9:C1:74:CC:FD:37:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/A83D48652F3B2DF74F6BF9BAA8A9C174CCFD3772.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qD1IZS87LfdPa_m6qKnBdMz9N3I.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/89270f6c-a3fe-4299-b079-309ed97f3824/0/AS31898.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:7581:f00::/44 2a14:7581:9811::/48 2a14:7583:b000::/36 2a14:7586::/36 Signature Algorithm: sha256WithRSAEncryption 8e:82:16:dd:15:9c:0d:51:66:f6:37:74:dc:b2:00:dd:7d:10: 13:e7:e1:9a:b5:3f:9b:64:ba:aa:df:03:83:d2:d8:ef:70:f5: bd:cd:54:cf:ee:6f:48:a2:75:df:5b:eb:3f:69:19:44:ba:74: 13:61:72:6e:9b:2e:2a:29:9a:2f:07:2d:26:fe:5d:04:ee:3b: b3:f4:7c:9a:28:66:79:8b:0f:6e:ef:ea:ad:3f:32:54:e1:1c: d9:9a:82:c4:a7:24:38:f5:42:4b:d9:e1:81:5d:99:0e:17:e6: d8:1a:5f:be:11:49:aa:92:05:1e:c8:ce:5b:8e:80:0a:81:a8: b2:23:a9:5d:19:15:43:c2:48:4c:61:92:8f:4c:6e:0d:1f:e4: d5:af:da:bd:3d:48:59:82:cf:3e:6e:a4:70:a8:17:25:26:6b: 1e:21:23:ad:e2:00:09:81:2e:94:cc:0a:48:ae:5d:36:66:70: c0:da:cd:67:b0:41:39:59:a3:d2:29:1d:6e:10:e7:74:64:37: 36:83:b8:08:e8:50:ee:15:d7:bb:50:0c:23:8a:ee:7e:c9:98: 7b:09:45:7f:5c:6b:5f:7a:78:ac:74:71:40:c6:69:c6:e1:db: c6:1d:12:5c:d5:f2:73:78:7a:8b:ed:e6:5f:fd:ca:f6:b7:34: 57:25:85:20 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgIUP62TzC3bGuYKPyf6cy+JhNAS800wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTgzZDQ4NjUyZjNiMmRmNzRmNmJmOWJhYThhOWMxNzRj Y2ZkMzc3MjAeFw0yNTExMjkxMzMzMjJaFw0yNjExMjgxMzM4MjJaMDMxMTAvBgNV BAMTKEE5NkUwMDMwRkFDRDIyQTY4QjA4QjE2RTI2MUMzRUQwNEE4RkMwREQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC++5vPnXuNbiddSEb98HJqKjcg kOcMuzIbDO6tX/WaUfvglxNvvRnB8/SusaNiCxep09dbrcVxIokwajeQCI4zr9Ir haR8Jyi4Nthvs391/xCfXS+poTwGUPmoerZgHPACDC5XQ9sL8u529goYNNjtPNSP Deg2qS+eiRpLVv3K/5pVjglRIfTzA2Xn9Vto7i4EeT2HkcmlCEe4xQlDhN2+NBsj WaCL1n7c6RtUkl2FFCiwh5MHt2uaHz2Oq2+cKoxC4FwZYGJuH2cigaEEIhodTzMF pxIozAMIqOErUKrJ3Qvt9e0azijwT4pQvn9V11hNOXbElT9yNZUuqNoueGQdAgMB AAGjggIlMIICITAdBgNVHQ4EFgQUqW4AMPrNIqaLCLFuJhw+0EqPwN0wHwYDVR0j BBgwFoAUqD1IZS87LfdPa/m6qKnBdMz9N3IwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvODkyNzBmNmMtYTNmZS00Mjk5LWIwNzktMzA5ZWQ5N2Yz ODI0LzAvQTgzRDQ4NjUyRjNCMkRGNzRGNkJGOUJBQThBOUMxNzRDQ0ZEMzc3Mi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FEMUlaUzg3TGZkUGFfbTZxS25CZE16 OU4zSS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5Lzg5MjcwZjZjLWEzZmUt NDI5OS1iMDc5LTMwOWVkOTdmMzgyNC8wL0FTMzE4OTgucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwOwYIKwYBBQUHAQcBAf8ELDAqMCgEAgACMCIDBwQqFHWB DwADBwAqFHWBmBEDBgQqFHWDsAMGBCoUdYYAMA0GCSqGSIb3DQEBCwUAA4IBAQCO ghbdFZwNUWb2N3TcsgDdfRAT5+GatT+bZLqq3wOD0tjvcPW9zVTP7m9IonXfW+s/ aRlEunQTYXJumy4qKZovBy0m/l0E7juz9HyaKGZ5iw9u7+qtPzJU4RzZmoLEpyQ4 9UJL2eGBXZkOF+bYGl++EUmqkgUeyM5bjoAKgaiyI6ldGRVDwkhMYZKPTG4NH+TV r9q9PUhZgs8+bqRwqBclJmseISOt4gAJgS6UzApIrl02ZnDA2s1nsEE5WaPSKR1u EOd0ZDc2g7gI6FDuFde7UAwjiu5+yZh7CUV/XGtfenisdHFAxmnG4dvGHRJc1fJz eHqL7eZf/cr2tzRXJYUg -----END CERTIFICATE-----Generated at Sat Dec 6 09:59:42 2025 by rpki-client