This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: 53HuBkAKDrKVvhliqZMNOAzEBdnAwvZBAxN+T5Dqs/M= Subject key identifier: 0C:54:E1:B4:77:24:82:1D:31:E7:EE:59:3B:E4:7F:35:27:3D:F5:E7 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 52E52F91D5E61D194D653EFE50DB6BB79FE01983 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa Signing time: Sat 27 Dec 2025 15:24:06 +0000 ROA not before: Sat 27 Dec 2025 15:19:06 +0000 ROA not after: Sat 26 Dec 2026 15:24:06 +0000 asID: 20473 IP address blocks: 91.124.126.0/24 maxlen: 24 92.112.147.0/24 maxlen: 24 178.92.48.0/24 maxlen: 24 178.92.73.0/24 maxlen: 24 178.92.81.0/24 maxlen: 24 178.92.83.0/24 maxlen: 24 178.92.84.0/24 maxlen: 24 178.92.87.0/24 maxlen: 24 178.92.90.0/24 maxlen: 24 178.92.94.0/24 maxlen: 24 178.92.95.0/24 maxlen: 24 178.92.119.0/24 maxlen: 24 178.92.125.0/24 maxlen: 24 178.95.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 03:44:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:e5:2f:91:d5:e6:1d:19:4d:65:3e:fe:50:db:6b:b7:9f:e0:19:83 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Dec 27 15:19:06 2025 GMT Not After : Dec 26 15:24:06 2026 GMT Subject: CN=0C54E1B47724821D31E7EE593BE47F35273DF5E7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:98:35:8b:91:b1:2c:97:5d:dd:63:77:d8:b9: 0d:c3:16:6b:19:30:d9:4f:e4:35:de:2a:50:cf:81: dd:c6:93:09:7f:4e:a1:09:1d:b0:d5:78:f7:45:3e: 08:17:d8:ff:49:bc:11:16:81:62:04:50:0a:26:5d: 99:1b:32:89:36:c7:9d:24:5b:32:b0:fd:0c:55:10: c5:fa:09:c5:5f:0a:54:55:25:fc:54:78:f3:64:eb: e2:d6:69:66:28:50:3e:0e:a2:4c:c1:72:d8:6a:e3: ce:db:f4:5d:6e:59:4c:8c:56:0c:fa:03:bf:22:8e: 59:b6:46:f3:6e:72:db:13:68:63:38:02:49:1f:dc: 19:e1:39:a6:8b:74:54:5f:33:18:bf:91:67:e4:c1: c1:67:d9:7b:f4:b5:07:b2:1e:33:ce:da:47:4b:ad: 94:2e:13:01:2d:9b:96:d1:6c:1d:65:42:fb:60:bc: fa:67:4d:f4:d3:a4:37:fe:8e:2b:96:b6:df:4a:b3: 14:23:84:de:f2:d3:d4:7c:53:cb:fb:1c:44:e5:73: 29:1f:1e:49:0c:8a:bf:dc:3e:73:29:a1:de:83:98: 9c:d8:df:c4:e2:fd:c3:c3:19:be:bb:c5:8d:d9:89: ed:f2:f4:c0:32:9e:73:65:c4:f0:7f:43:92:7b:9a: c2:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:54:E1:B4:77:24:82:1D:31:E7:EE:59:3B:E4:7F:35:27:3D:F5:E7 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.124.126.0/24 92.112.147.0/24 178.92.48.0/24 178.92.73.0/24 178.92.81.0/24 178.92.83.0-178.92.84.255 178.92.87.0/24 178.92.90.0/24 178.92.94.0/23 178.92.119.0/24 178.92.125.0/24 178.95.197.0/24 Signature Algorithm: sha256WithRSAEncryption 57:a8:11:c2:0c:ec:e8:b0:4a:0c:f2:45:40:16:41:ff:08:be: a4:e2:92:25:e6:c5:48:07:2d:dc:9a:b8:51:1b:95:f8:92:57: 9c:3f:69:ae:8a:58:d0:7d:12:20:ba:68:7b:5c:79:3b:93:79: 3e:85:eb:3f:54:09:88:e3:7a:99:41:c8:3f:6c:27:da:d0:3c: 75:a4:40:22:c8:b7:b6:6f:6c:94:b1:ac:fc:eb:c7:21:a3:99: a4:50:d5:ab:6a:e1:50:29:b0:d4:f5:06:08:a3:b0:02:a2:14: 30:b6:3a:65:6a:86:c4:80:d1:66:10:46:a3:20:93:f9:5c:ee: b1:d1:50:ff:08:59:93:c3:27:08:06:b0:c1:26:8a:82:d9:ca: cd:76:70:3e:f9:65:49:aa:24:13:23:f0:3b:e1:f9:ef:af:c6: b2:ff:60:7d:89:a4:eb:f5:65:7e:63:d9:ee:93:c5:ac:73:49: 29:41:ab:65:c7:79:c4:29:d4:36:46:3e:5c:6b:76:a4:1b:cf: fc:5f:e8:1e:d1:57:01:bf:02:75:3b:1d:a5:e9:7f:4b:97:6e: ab:06:1b:3f:37:64:11:d1:a5:c6:99:43:a9:ad:1c:71:8d:5b: 46:b2:71:0b:51:d2:dc:83:e2:87:7e:a7:6a:84:7d:a9:ec:1e: b8:c6:fb:d7 -----BEGIN CERTIFICATE----- MIIFSTCCBDGgAwIBAgIUUuUvkdXmHRlNZT7+UNtrt5/gGYMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTEyMjcxNTE5MDZaFw0yNjEyMjYxNTI0MDZaMDMxMTAvBgNV BAMTKDBDNTRFMUI0NzcyNDgyMUQzMUU3RUU1OTNCRTQ3RjM1MjczREY1RTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClmDWLkbEsl13dY3fYuQ3DFmsZ MNlP5DXeKlDPgd3Gkwl/TqEJHbDVePdFPggX2P9JvBEWgWIEUAomXZkbMok2x50k WzKw/QxVEMX6CcVfClRVJfxUePNk6+LWaWYoUD4OokzBcthq487b9F1uWUyMVgz6 A78ijlm2RvNuctsTaGM4Akkf3BnhOaaLdFRfMxi/kWfkwcFn2Xv0tQeyHjPO2kdL rZQuEwEtm5bRbB1lQvtgvPpnTfTTpDf+jiuWtt9KsxQjhN7y09R8U8v7HETlcykf HkkMir/cPnMpod6DmJzY38Ti/cPDGb67xY3Zie3y9MAynnNlxPB/Q5J7msK3AgMB AAGjggJTMIICTzAdBgNVHQ4EFgQUDFThtHckgh0x5+5ZO+R/NSc99ecwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwaQYIKwYBBQUHAQcBAf8EWjBYMFYEAgABMFADBABbfH4D BABccJMDBACyXDADBACyXEkDBACyXFEwDAMEALJcUwMEALJcVAMEALJcVwMEALJc WgMEAbJcXgMEALJcdwMEALJcfQMEALJfxTANBgkqhkiG9w0BAQsFAAOCAQEAV6gR wgzs6LBKDPJFQBZB/wi+pOKSJebFSAct3Jq4URuV+JJXnD9propY0H0SILpoe1x5 O5N5PoXrP1QJiON6mUHIP2wn2tA8daRAIsi3tm9slLGs/OvHIaOZpFDVq2rhUCmw 1PUGCKOwAqIUMLY6ZWqGxIDRZhBGoyCT+VzusdFQ/whZk8MnCAawwSaKgtnKzXZw PvllSaokEyPwO+H576/Gsv9gfYmk6/VlfmPZ7pPFrHNJKUGrZcd5xCnUNkY+XGt2 pBvP/F/oHtFXAb8CdTsdpel/S5duqwYbPzdkEdGlxplDqa0ccY1bRrJxC1HS3IPi h36naoR9qeweuMb71w== -----END CERTIFICATE-----Generated at Sun Jan 25 14:43:41 2026 by rpki-client