This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa File: AS39521.roa (raw, json) Hash identifier: 0g91YJzleq7KoCjsjm64BoS9VuH4uLIEQmc0eM+Mddo= Subject key identifier: F4:9C:90:EA:21:51:F9:3A:AD:EF:6B:97:B8:AF:94:2D:9D:A7:EC:D4 Certificate issuer: /CN=88c14ec02adbf083138eddd47871176ddeb93d9d Certificate serial: 02B856A7F47CFE29C7050E60DD0F2F7769601A37 Authority key identifier: 88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa Signing time: Thu 27 Nov 2025 00:02:19 +0000 ROA not before: Wed 26 Nov 2025 23:57:19 +0000 ROA not after: Thu 26 Nov 2026 00:02:19 +0000 asID: 39521 IP address blocks: 143.20.6.0/24 maxlen: 24 143.20.7.0/24 maxlen: 24 143.20.32.0/24 maxlen: 24 143.20.54.0/24 maxlen: 24 143.20.61.0/24 maxlen: 24 143.20.62.0/24 maxlen: 24 143.20.104.0/24 maxlen: 24 143.20.124.0/24 maxlen: 24 143.20.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.mft rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 02:b8:56:a7:f4:7c:fe:29:c7:05:0e:60:dd:0f:2f:77:69:60:1a:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=88c14ec02adbf083138eddd47871176ddeb93d9d Validity Not Before: Nov 26 23:57:19 2025 GMT Not After : Nov 26 00:02:19 2026 GMT Subject: CN=F49C90EA2151F93AADEF6B97B8AF942D9DA7ECD4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:59:0b:07:ba:1a:2d:9c:67:de:24:35:93:f9: cd:3d:2c:42:a0:41:0f:62:4f:08:77:4b:8f:87:ea: 53:24:fe:d3:c0:59:ec:83:d9:0c:8b:3b:5b:4f:27: 15:1b:e3:3f:e4:1f:54:c0:c9:c4:80:3f:0e:c5:ce: 38:a3:c7:46:aa:b3:60:2d:99:8a:b4:e7:bb:62:ae: b5:e0:7a:65:3c:6f:ae:31:7f:5e:92:8f:03:a9:b7: 47:6c:22:66:f2:ea:5e:6e:4d:64:26:eb:bc:14:45: 72:70:bf:8b:33:19:0d:7a:ea:04:ae:94:f3:09:77: 5e:6a:45:b2:4b:2c:83:d5:0b:c8:f7:b9:93:d5:cc: 64:ff:74:0d:2d:9c:6d:8d:79:f2:b2:f9:a6:59:cf: e4:f5:56:19:e1:d8:39:40:e8:4d:45:10:82:69:b0: 0d:ea:3d:23:75:5f:7a:02:9e:ae:71:29:df:91:d6: 49:a1:e0:0e:13:e3:5f:a7:a7:8e:5d:ea:c5:94:ea: 2e:8c:cf:ff:bb:ac:d5:e7:43:1c:2d:40:53:06:e5: 7c:d7:df:64:29:50:64:c5:17:63:a6:eb:e3:31:26: d5:c2:44:26:f4:6e:c0:e0:c6:83:bc:60:d4:d4:b1: cc:26:3a:e2:68:07:5e:3f:34:18:10:44:31:5c:f5: 29:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:9C:90:EA:21:51:F9:3A:AD:EF:6B:97:B8:AF:94:2D:9D:A7:EC:D4 X509v3 Authority Key Identifier: keyid:88:C1:4E:C0:2A:DB:F0:83:13:8E:DD:D4:78:71:17:6D:DE:B9:3D:9D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/88C14EC02ADBF083138EDDD47871176DDEB93D9D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iMFOwCrb8IMTjt3UeHEXbd65PZ0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c409d7b2-ee64-49f1-ad81-8e4a107d62e0/0/AS39521.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 143.20.6.0/23 143.20.32.0/24 143.20.54.0/24 143.20.61.0-143.20.62.255 143.20.104.0/24 143.20.124.0/23 Signature Algorithm: sha256WithRSAEncryption 4c:f9:5d:e1:b5:26:65:51:29:85:b3:b6:51:05:75:2d:fc:db: 23:9b:e0:81:89:c9:8d:68:23:64:9f:1b:6c:5f:ef:a3:fe:94: eb:03:8d:cf:65:c9:17:5f:48:fa:67:d0:af:eb:80:37:67:7e: d6:fc:3a:f7:c2:c7:ca:60:94:ea:4e:0b:d2:4b:7c:bf:b5:b8: 99:e1:35:23:9e:9b:10:72:20:1b:ce:29:4e:50:d1:ee:ea:eb: 0e:3a:b7:db:49:9d:6f:cd:7d:87:bb:b0:4d:ee:51:e1:22:63: 63:62:d3:9a:57:f4:26:f8:aa:23:4b:a2:a8:e0:3c:08:33:55: b6:b2:7b:9a:72:54:d1:19:68:37:6e:d2:d2:92:90:fe:56:f8: 54:0a:f3:49:52:4a:9f:1e:66:44:23:03:46:0f:c8:1a:6c:80: fa:63:97:29:ce:b2:f6:57:9e:b1:6b:55:9c:b4:7e:8c:43:a1: 35:46:47:3a:03:f1:28:5e:50:96:12:1f:c4:62:53:1c:6c:f8: db:05:6f:e8:56:45:53:14:83:68:7d:58:f5:5e:a3:ec:88:99: 5b:50:31:c0:5a:52:51:14:d5:53:8b:02:07:4c:12:e8:01:3a: c4:53:d2:e0:22:30:4a:92:41:50:5d:72:be:aa:32:43:cd:8b: b8:7f:7d:b2 -----BEGIN CERTIFICATE----- MIIFJTCCBA2gAwIBAgIUArhWp/R8/inHBQ5g3Q8vd2lgGjcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODhjMTRlYzAyYWRiZjA4MzEzOGVkZGQ0Nzg3MTE3NmRk ZWI5M2Q5ZDAeFw0yNTExMjYyMzU3MTlaFw0yNjExMjYwMDAyMTlaMDMxMTAvBgNV BAMTKEY0OUM5MEVBMjE1MUY5M0FBREVGNkI5N0I4QUY5NDJEOURBN0VDRDQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdWQsHuhotnGfeJDWT+c09LEKg QQ9iTwh3S4+H6lMk/tPAWeyD2QyLO1tPJxUb4z/kH1TAycSAPw7Fzjijx0aqs2At mYq057tirrXgemU8b64xf16SjwOpt0dsImby6l5uTWQm67wURXJwv4szGQ166gSu lPMJd15qRbJLLIPVC8j3uZPVzGT/dA0tnG2NefKy+aZZz+T1Vhnh2DlA6E1FEIJp sA3qPSN1X3oCnq5xKd+R1kmh4A4T41+np45d6sWU6i6Mz/+7rNXnQxwtQFMG5XzX 32QpUGTFF2Om6+MxJtXCRCb0bsDgxoO8YNTUscwmOuJoB14/NBgQRDFc9SmDAgMB AAGjggIvMIICKzAdBgNVHQ4EFgQU9JyQ6iFR+Tqt72uXuK+ULZ2n7NQwHwYDVR0j BBgwFoAUiMFOwCrb8IMTjt3UeHEXbd65PZ0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQwOWQ3YjItZWU2NC00OWYxLWFkODEtOGU0YTEwN2Q2 MmUwLzAvODhDMTRFQzAyQURCRjA4MzEzOEVEREQ0Nzg3MTE3NkRERUI5M0Q5RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2lNRk93Q3JiOElNVGp0M1VlSEVYYmQ2 NVBaMC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0MDlkN2IyLWVlNjQt NDlmMS1hZDgxLThlNGExMDdkNjJlMC8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwRQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBAGPFAYD BACPFCADBACPFDYwDAMEAI8UPQMEAI8UPgMEAI8UaAMEAY8UfDANBgkqhkiG9w0B AQsFAAOCAQEATPld4bUmZVEphbO2UQV1LfzbI5vggYnJjWgjZJ8bbF/vo/6U6wON z2XJF19I+mfQr+uAN2d+1vw698LHymCU6k4L0kt8v7W4meE1I56bEHIgG84pTlDR 7urrDjq320mdb819h7uwTe5R4SJjY2LTmlf0JviqI0uiqOA8CDNVtrJ7mnJU0Rlo N27S0pKQ/lb4VArzSVJKnx5mRCMDRg/IGmyA+mOXKc6y9leesWtVnLR+jEOhNUZH OgPxKF5QlhIfxGJTHGz42wVv6FZFUxSDaH1Y9V6j7IiZW1AxwFpSURTVU4sCB0wS 6AE6xFPS4CIwSpJBUF1yvqoyQ82LuH99sg== -----END CERTIFICATE-----Generated at Sat Dec 6 13:37:45 2025 by rpki-client