This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa File: AS214432.roa (raw, json) Hash identifier: 8rum68ISUqwGTvlvO1hl7vOJtIia6Mb4L4FJXHhFDa4= Subject key identifier: 65:FC:A7:D9:B3:D7:BD:33:07:7F:8A:B7:19:5C:D7:11:82:5B:D6:1A Certificate issuer: /CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Certificate serial: 598A1A0B87E2DAA5D978F029F78E91B337F96AA1 Authority key identifier: 9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa Signing time: Tue 13 Jan 2026 13:12:10 +0000 ROA not before: Tue 13 Jan 2026 13:07:10 +0000 ROA not after: Tue 12 Jan 2027 13:12:10 +0000 asID: 214432 IP address blocks: 178.94.130.0/24 maxlen: 24 178.94.131.0/24 maxlen: 24 178.94.136.0/24 maxlen: 24 178.94.138.0/24 maxlen: 24 178.95.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.mft rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:8a:1a:0b:87:e2:da:a5:d9:78:f0:29:f7:8e:91:b3:37:f9:6a:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9bd813391e4af2ae3103c1891b2272d4d5c13b5f Validity Not Before: Jan 13 13:07:10 2026 GMT Not After : Jan 12 13:12:10 2027 GMT Subject: CN=65FCA7D9B3D7BD33077F8AB7195CD711825BD61A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:04:c6:ea:e8:ef:96:7e:8b:ab:c2:ee:34:a5: 7d:aa:6f:bd:75:c4:04:99:e3:c6:5f:af:1a:7a:b9: 77:e9:10:15:ae:fe:ce:97:b0:d2:91:ca:52:02:3f: ba:14:e4:21:91:aa:08:1b:9f:a3:a0:f3:87:a8:0e: a3:21:0a:55:0c:fd:8c:af:dc:92:4d:ce:3d:80:40: 5f:54:f9:39:20:c7:f8:cc:04:eb:84:76:79:0f:f3: c7:d6:43:af:50:40:3f:58:bb:39:4c:b8:97:98:48: 98:d6:6f:af:f7:8b:f4:f0:62:65:27:04:68:37:fb: 4a:89:bf:79:2d:96:d3:a0:d0:41:4a:f8:95:83:b8: 37:5d:03:fd:a8:ea:e6:70:0e:f5:a1:f8:a9:75:9d: 13:f5:8f:f5:38:29:34:52:e9:1b:09:25:88:46:84: 4e:00:3c:8e:54:0e:13:93:16:4b:02:c3:37:ef:6a: 88:a6:41:34:fe:2f:74:18:32:f2:74:8a:4e:d0:68: 0b:2e:85:7f:d6:31:7d:93:9f:a8:48:e9:72:4a:60: e8:3b:9f:ea:94:10:84:d8:e7:99:b4:2e:33:c9:48: 12:6e:f6:d5:50:2b:1e:d7:fd:f9:72:33:cd:cd:c8: ac:6b:5a:4d:d3:27:d5:41:1c:1b:44:9c:69:f6:cb: 62:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:FC:A7:D9:B3:D7:BD:33:07:7F:8A:B7:19:5C:D7:11:82:5B:D6:1A X509v3 Authority Key Identifier: keyid:9B:D8:13:39:1E:4A:F2:AE:31:03:C1:89:1B:22:72:D4:D5:C1:3B:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/9BD813391E4AF2AE3103C1891B2272D4D5C13B5F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m9gTOR5K8q4xA8GJGyJy1NXBO18.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/c478f6f5-449a-4827-99d5-bf6b93a8f6b4/0/AS214432.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 178.94.130.0/23 178.94.136.0/24 178.94.138.0/24 178.95.151.0/24 Signature Algorithm: sha256WithRSAEncryption 98:0c:b5:b7:19:b7:d9:33:d5:51:85:cf:d2:1c:6e:52:3b:ba: c5:9e:d6:41:a4:0d:f6:e4:99:fc:10:08:49:12:28:d9:2e:c4: 90:4b:79:4d:28:1a:af:4f:4a:47:5a:cb:b5:31:69:b5:af:44: 0a:f8:7e:89:1d:6e:4c:20:00:bf:db:ef:9d:9c:41:f7:c5:eb: ed:db:2c:5b:cb:df:67:f2:1b:4b:4e:c9:19:e5:7b:9b:51:fe: f5:73:5b:f2:71:54:96:6d:1c:4d:f3:af:d0:74:b7:b0:1b:2c: 13:32:57:dc:86:d2:ad:92:5a:cd:6c:c0:76:fe:47:e0:c7:5d: 6c:6e:1d:0a:71:50:73:d7:8c:76:a7:8f:78:d3:9f:85:e1:29: 3a:52:93:3d:87:20:7c:86:9d:c1:43:d0:7b:98:a5:d3:0a:23: d2:19:44:48:4f:33:b9:29:63:9b:2f:c9:a0:bd:ed:d5:fb:90: 7c:16:cd:7a:37:b3:3c:7b:2f:43:1e:c8:72:3a:4e:aa:cb:2a: 3b:5f:71:5e:05:85:d3:65:35:1b:62:78:fa:8b:df:a6:e9:d7: c7:07:97:c8:9a:bb:f2:93:77:60:11:1d:6d:96:20:57:bc:31: 5c:a6:bb:34:b2:da:8b:60:c5:5f:ad:23:9b:e7:da:8c:87:e8: 78:b7:6f:97 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgIUWYoaC4fi2qXZePAp946Rszf5aqEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoOWJkODEzMzkxZTRhZjJhZTMxMDNjMTg5MWIyMjcyZDRk NWMxM2I1ZjAeFw0yNjAxMTMxMzA3MTBaFw0yNzAxMTIxMzEyMTBaMDMxMTAvBgNV BAMTKDY1RkNBN0Q5QjNEN0JEMzMwNzdGOEFCNzE5NUNENzExODI1QkQ2MUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkBMbq6O+Wfourwu40pX2qb711 xASZ48Zfrxp6uXfpEBWu/s6XsNKRylICP7oU5CGRqggbn6Og84eoDqMhClUM/Yyv 3JJNzj2AQF9U+Tkgx/jMBOuEdnkP88fWQ69QQD9YuzlMuJeYSJjWb6/3i/TwYmUn BGg3+0qJv3ktltOg0EFK+JWDuDddA/2o6uZwDvWh+Kl1nRP1j/U4KTRS6RsJJYhG hE4API5UDhOTFksCwzfvaoimQTT+L3QYMvJ0ik7QaAsuhX/WMX2Tn6hI6XJKYOg7 n+qUEITY55m0LjPJSBJu9tVQKx7X/flyM83NyKxrWk3TJ9VBHBtEnGn2y2K9AgMB AAGjggIcMIICGDAdBgNVHQ4EFgQUZfyn2bPXvTMHf4q3GVzXEYJb1howHwYDVR0j BBgwFoAUm9gTOR5K8q4xA8GJGyJy1NXBO18wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYzQ3OGY2ZjUtNDQ5YS00ODI3LTk5ZDUtYmY2YjkzYThm NmI0LzAvOUJEODEzMzkxRTRBRjJBRTMxMDNDMTg5MUIyMjcyRDRENUMxM0I1Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL205Z1RPUjVLOHE0eEE4R0pHeUp5MU5Y Qk8xOC5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L2M0NzhmNmY1LTQ0OWEt NDgyNy05OWQ1LWJmNmI5M2E4ZjZiNC8wL0FTMjE0NDMyLnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBsl6C AwQAsl6IAwQAsl6KAwQAsl+XMA0GCSqGSIb3DQEBCwUAA4IBAQCYDLW3GbfZM9VR hc/SHG5SO7rFntZBpA325Jn8EAhJEijZLsSQS3lNKBqvT0pHWsu1MWm1r0QK+H6J HW5MIAC/2++dnEH3xevt2yxby99n8htLTskZ5XubUf71c1vycVSWbRxN86/QdLew GywTMlfchtKtklrNbMB2/kfgx11sbh0KcVBz14x2p49405+F4Sk6UpM9hyB8hp3B Q9B7mKXTCiPSGURITzO5KWObL8mgve3V+5B8Fs16N7M8ey9DHshyOk6qyyo7X3Fe BYXTZTUbYnj6i9+m6dfHB5fImrvyk3dgER1tliBXvDFcprs0stqLYMVfrSOb59qM h+h4t2+X -----END CERTIFICATE-----Generated at Sun Jan 25 08:52:34 2026 by rpki-client