This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa File: AS20473.roa (raw, json) Hash identifier: q8RJDJEmIiwvuo7T77CPPN+U3YJdzy3xIoGIF3J6GXY= Subject key identifier: D5:CE:74:6A:32:73:00:3C:81:D9:74:B7:9A:D0:B3:5F:E2:CD:BB:25 Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 343C726BC5E5D5BADBCD2890EF9A5339040007B9 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa Signing time: Tue 18 Nov 2025 19:27:16 +0000 ROA not before: Tue 18 Nov 2025 19:22:16 +0000 ROA not after: Tue 17 Nov 2026 19:27:16 +0000 asID: 20473 IP address blocks: 91.124.126.0/24 maxlen: 24 92.112.147.0/24 maxlen: 24 178.92.48.0/24 maxlen: 24 178.92.73.0/24 maxlen: 24 178.92.81.0/24 maxlen: 24 178.92.83.0/24 maxlen: 24 178.92.84.0/24 maxlen: 24 178.92.87.0/24 maxlen: 24 178.92.90.0/24 maxlen: 24 178.92.94.0/24 maxlen: 24 178.92.95.0/24 maxlen: 24 178.92.119.0/24 maxlen: 24 178.92.125.0/24 maxlen: 24 178.95.166.0/24 maxlen: 24 178.95.197.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:3c:72:6b:c5:e5:d5:ba:db:cd:28:90:ef:9a:53:39:04:00:07:b9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Nov 18 19:22:16 2025 GMT Not After : Nov 17 19:27:16 2026 GMT Subject: CN=D5CE746A3273003C81D974B79AD0B35FE2CDBB25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:27:9a:91:cf:20:5d:6c:f5:72:84:10:8c:eb: 8c:16:0d:78:5b:3d:77:05:55:89:78:ab:2d:8b:32: 2d:b1:bb:c8:d4:26:2f:76:5a:bc:4f:44:4d:ab:6e: 9f:d4:07:30:23:5e:a8:f1:8f:5d:60:64:fa:f5:82: a2:10:6a:58:39:b9:8c:fb:9d:3c:61:8d:52:67:78: c4:00:fd:a7:3a:d7:52:53:d0:a9:86:b3:a4:a3:56: e5:66:f2:68:0e:24:f2:18:54:79:7d:67:ff:cc:c0: d6:fa:32:ad:1b:cc:98:f0:e5:b5:11:2c:b9:9b:0d: 4e:4c:81:61:48:32:e6:f6:2f:3a:74:06:53:84:e4: 95:d9:db:ba:3d:c7:ca:b6:7b:46:6d:55:49:fb:9a: dd:0b:a6:c0:87:b0:90:d3:4c:48:e8:1a:97:00:38: 70:9f:9b:2c:be:ed:af:fc:00:df:37:c0:76:d9:2f: 46:f8:9e:4e:7b:de:ae:4c:0d:52:b4:4c:32:61:a9: 6e:5c:08:a8:f2:ba:17:13:23:a6:3a:e1:9d:01:ba: 34:e4:42:67:33:31:7a:e3:45:f3:b9:e9:38:d4:4e: a8:e0:fe:a0:f7:d3:3f:61:0f:44:0d:4b:4c:e7:82: b7:39:b5:5e:36:6a:90:ef:9e:21:f5:00:2d:c8:5f: d9:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:CE:74:6A:32:73:00:3C:81:D9:74:B7:9A:D0:B3:5F:E2:CD:BB:25 X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS20473.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.124.126.0/24 92.112.147.0/24 178.92.48.0/24 178.92.73.0/24 178.92.81.0/24 178.92.83.0-178.92.84.255 178.92.87.0/24 178.92.90.0/24 178.92.94.0/23 178.92.119.0/24 178.92.125.0/24 178.95.166.0/24 178.95.197.0/24 Signature Algorithm: sha256WithRSAEncryption 29:7c:d2:9f:bf:4a:b8:02:8c:64:09:fc:60:ba:5a:f7:77:0a: 87:73:99:35:1a:1f:5f:2d:f0:f6:0e:fb:3d:cc:39:a9:7c:23: b3:3c:db:59:2a:fa:03:cd:1e:33:d5:77:3f:19:50:23:5d:13: ae:de:78:01:1b:60:81:5d:dd:87:8a:c6:c0:e6:69:e2:73:1d: 13:a9:b5:81:10:b6:ce:10:5c:72:40:0c:51:1f:b4:8a:bd:70: ae:72:1a:70:b9:7c:d3:3e:7e:00:3b:ad:7f:b5:ad:04:8b:e5: 7e:99:07:01:c6:e3:aa:31:eb:4a:62:51:54:b9:01:35:85:aa: 2e:fd:5c:d0:33:8d:c1:f1:c8:86:c2:fb:27:f6:63:0f:2c:49: 45:20:88:91:2f:e2:fc:90:8b:98:5d:94:f0:2e:8c:cd:d0:48: 93:bb:5a:2f:14:74:cb:5a:25:3b:ed:52:3b:8e:42:36:11:b7: 3a:35:b9:f0:20:45:4b:06:77:c5:27:a7:f1:09:40:a6:de:85: 03:32:86:1c:36:94:49:6e:85:fc:60:37:7f:51:da:bb:55:74: 84:4f:9c:dc:69:d4:0f:e8:2f:9c:4b:f9:88:92:5e:fe:74:1c: 86:f7:d9:2f:4d:8d:4e:00:52:d1:67:f3:f5:bd:06:11:0e:44: e3:f1:a8:a1 -----BEGIN CERTIFICATE----- MIIFTzCCBDegAwIBAgIUNDxya8Xl1brbzSiQ75pTOQQAB7kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNTExMTgxOTIyMTZaFw0yNjExMTcxOTI3MTZaMDMxMTAvBgNV BAMTKEQ1Q0U3NDZBMzI3MzAwM0M4MUQ5NzRCNzlBRDBCMzVGRTJDREJCMjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5J5qRzyBdbPVyhBCM64wWDXhb PXcFVYl4qy2LMi2xu8jUJi92WrxPRE2rbp/UBzAjXqjxj11gZPr1gqIQalg5uYz7 nTxhjVJneMQA/ac611JT0KmGs6SjVuVm8mgOJPIYVHl9Z//MwNb6Mq0bzJjw5bUR LLmbDU5MgWFIMub2Lzp0BlOE5JXZ27o9x8q2e0ZtVUn7mt0LpsCHsJDTTEjoGpcA OHCfmyy+7a/8AN83wHbZL0b4nk573q5MDVK0TDJhqW5cCKjyuhcTI6Y64Z0BujTk QmczMXrjRfO56TjUTqjg/qD30z9hD0QNS0zngrc5tV42apDvniH1AC3IX9lTAgMB AAGjggJZMIICVTAdBgNVHQ4EFgQU1c50ajJzADyB2XS3mtCzX+LNuyUwHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjA0NzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMFwEAgABMFYDBABbfH4D BABccJMDBACyXDADBACyXEkDBACyXFEwDAMEALJcUwMEALJcVAMEALJcVwMEALJc WgMEAbJcXgMEALJcdwMEALJcfQMEALJfpgMEALJfxTANBgkqhkiG9w0BAQsFAAOC AQEAKXzSn79KuAKMZAn8YLpa93cKh3OZNRofXy3w9g77Pcw5qXwjszzbWSr6A80e M9V3PxlQI10Trt54ARtggV3dh4rGwOZp4nMdE6m1gRC2zhBcckAMUR+0ir1wrnIa cLl80z5+ADutf7WtBIvlfpkHAcbjqjHrSmJRVLkBNYWqLv1c0DONwfHIhsL7J/Zj DyxJRSCIkS/i/JCLmF2U8C6MzdBIk7taLxR0y1olO+1SO45CNhG3OjW58CBFSwZ3 xSen8QlApt6FAzKGHDaUSW6F/GA3f1Hau1V0hE+c3GnUD+gvnEv5iJJe/nQchvfZ L02NTgBS0Wfz9b0GEQ5E4/GooQ== -----END CERTIFICATE-----Generated at Sat Dec 6 12:41:57 2025 by rpki-client