This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133332e3135332e302f32342d3234203d3e203431323730.roa File: 34352e3133332e3135332e302f32342d3234203d3e203431323730.roa (raw, json) Hash identifier: uUbE73oqGpXQ8vJobrCrU1EydOIVnWvsTOMJTWYMF9Q= Subject key identifier: D2:3F:26:CF:82:37:DB:EC:8D:7E:73:60:4D:FA:8A:84:4C:9D:F0:F4 Certificate issuer: /CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8 Certificate serial: 64BDABE435A2F918C0CA3423D2FB0CF8CCF586D9 Authority key identifier: 7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133332e3135332e302f32342d3234203d3e203431323730.roa Signing time: Wed 28 Jan 2026 13:00:51 +0000 ROA not before: Wed 28 Jan 2026 12:55:51 +0000 ROA not after: Wed 27 Jan 2027 13:00:51 +0000 asID: 41270 IP address blocks: 45.133.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.mft rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 07:28:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 64:bd:ab:e4:35:a2:f9:18:c0:ca:34:23:d2:fb:0c:f8:cc:f5:86:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7fea37fdfe29b34173e97f1b637a44ec41acebb8 Validity Not Before: Jan 28 12:55:51 2026 GMT Not After : Jan 27 13:00:51 2027 GMT Subject: CN=D23F26CF8237DBEC8D7E73604DFA8A844C9DF0F4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a8:37:aa:27:a3:f7:32:fe:57:f4:15:5c:d4: 8a:24:69:3e:5b:81:10:d6:cb:9c:41:75:62:05:8c: fd:cb:cd:48:0f:08:f4:d8:73:72:30:38:b6:d7:37: 51:20:12:2e:87:d0:af:e7:cb:ab:3f:04:f3:12:09: 7a:0d:d8:0c:d7:76:39:81:ff:2b:35:44:1b:17:7c: 7f:88:56:d6:a6:43:fc:b9:e3:45:2b:9b:f3:46:b0: 55:41:8c:cb:f0:9c:be:07:da:9d:ab:4f:65:d5:c2: 4a:eb:73:33:06:40:f7:9b:42:c5:52:5c:a6:29:b1: 2d:32:c8:b4:2f:31:86:e4:b6:96:00:9e:a4:36:a5: 9f:2e:b9:be:25:cd:47:c6:70:82:7c:af:dc:32:4d: 0e:3a:7f:c1:48:14:ae:ce:1f:20:47:94:1d:c8:2f: 9c:3c:80:43:07:42:80:07:dc:d1:46:90:32:ed:d6: 98:77:14:58:40:3e:f1:b2:d5:1d:6e:b0:61:15:c1: 36:c4:ca:19:20:e2:c0:fd:01:83:77:68:06:d2:a3: 32:34:9a:91:9e:d7:83:a1:a3:08:9d:95:bd:ec:24: b2:30:02:64:b6:64:19:b3:68:5c:43:e3:4c:f5:a2: c9:59:cc:b2:7c:7c:90:3c:0d:55:28:df:f8:0c:a2: be:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D2:3F:26:CF:82:37:DB:EC:8D:7E:73:60:4D:FA:8A:84:4C:9D:F0:F4 X509v3 Authority Key Identifier: keyid:7F:EA:37:FD:FE:29:B3:41:73:E9:7F:1B:63:7A:44:EC:41:AC:EB:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/7FEA37FDFE29B34173E97F1B637A44EC41ACEBB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f-o3_f4ps0Fz6X8bY3pE7EGs67g.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/03dd48eb-d136-4f0e-af8a-57a6bdd93a9d/0/34352e3133332e3135332e302f32342d3234203d3e203431323730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.133.153.0/24 Signature Algorithm: sha256WithRSAEncryption 7e:c1:bc:e5:2b:10:30:a9:2d:7e:54:6f:eb:81:5f:ad:b6:88: 0a:43:9e:ad:b9:5d:4e:1b:d3:69:67:fe:73:3f:c8:12:8d:68: 6d:85:8b:9e:f0:1b:17:3c:7b:12:15:40:86:36:82:b2:da:0f: c1:60:d3:b2:31:10:13:b7:43:c8:5c:64:84:2f:43:ba:bd:0a: 92:8f:5a:61:df:a1:9c:f5:5e:8d:06:c1:a6:55:69:f8:3c:29: a9:e9:82:a5:eb:8d:7f:8a:c3:04:7f:04:d4:55:fb:fd:38:fa: bb:70:89:c7:0c:19:5e:e2:41:37:eb:43:56:42:94:03:4e:21: 8f:3a:45:f7:79:87:3f:3a:be:64:07:ba:bb:7e:cc:6e:a6:b8: bd:57:63:73:fb:05:3f:95:07:c2:7c:a8:76:c8:21:07:47:0d: 2a:bc:4d:69:12:dc:c1:44:17:a3:c6:18:18:72:33:72:dc:0c: 70:1f:75:58:c6:b0:2f:0c:c0:28:3b:73:fd:e1:c4:db:86:20: b6:31:a4:53:cb:75:cc:e8:88:53:c6:4e:ff:97:21:c1:7b:86: 2a:63:ea:76:6a:e3:50:51:db:91:39:74:17:24:1e:13:98:b2: d9:9f:bf:f6:77:89:6f:33:37:d9:1c:2e:38:ea:40:ee:18:b8: 2e:98:d6:ab -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUZL2r5DWi+RjAyjQj0vsM+Mz1htkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoN2ZlYTM3ZmRmZTI5YjM0MTczZTk3ZjFiNjM3YTQ0ZWM0 MWFjZWJiODAeFw0yNjAxMjgxMjU1NTFaFw0yNzAxMjcxMzAwNTFaMDMxMTAvBgNV BAMTKEQyM0YyNkNGODIzN0RCRUM4RDdFNzM2MDRERkE4QTg0NEM5REYwRjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChqDeqJ6P3Mv5X9BVc1IokaT5b gRDWy5xBdWIFjP3LzUgPCPTYc3IwOLbXN1EgEi6H0K/ny6s/BPMSCXoN2AzXdjmB /ys1RBsXfH+IVtamQ/y540Urm/NGsFVBjMvwnL4H2p2rT2XVwkrrczMGQPebQsVS XKYpsS0yyLQvMYbktpYAnqQ2pZ8uub4lzUfGcIJ8r9wyTQ46f8FIFK7OHyBHlB3I L5w8gEMHQoAH3NFGkDLt1ph3FFhAPvGy1R1usGEVwTbEyhkg4sD9AYN3aAbSozI0 mpGe14Ohowidlb3sJLIwAmS2ZBmzaFxD40z1oslZzLJ8fJA8DVUo3/gMor5ZAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU0j8mz4I32+yNfnNgTfqKhEyd8PQwHwYDVR0j BBgwFoAUf+o3/f4ps0Fz6X8bY3pE7EGs67gwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWItZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkz YTlkLzAvN0ZFQTM3RkRGRTI5QjM0MTczRTk3RjFCNjM3QTQ0RUM0MUFDRUJCOC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2YtbzNfZjRwczBGejZYOGJZM3BFN0VH czY3Zy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMDNkZDQ4ZWIt ZDEzNi00ZjBlLWFmOGEtNTdhNmJkZDkzYTlkLzAvMzQzNTJlMzEzMzMzMmUzMTM1 MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMxMzIzNzMwLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA LYWZMA0GCSqGSIb3DQEBCwUAA4IBAQB+wbzlKxAwqS1+VG/rgV+ttogKQ56tuV1O G9NpZ/5zP8gSjWhthYue8BsXPHsSFUCGNoKy2g/BYNOyMRATt0PIXGSEL0O6vQqS j1ph36Gc9V6NBsGmVWn4PCmp6YKl641/isMEfwTUVfv9OPq7cInHDBle4kE360NW QpQDTiGPOkX3eYc/Or5kB7q7fsxupri9V2Nz+wU/lQfCfKh2yCEHRw0qvE1pEtzB RBejxhgYcjNy3AxwH3VYxrAvDMAoO3P94cTbhiC2MaRTy3XM6IhTxk7/lyHBe4Yq Y+p2auNQUduROXQXJB4TmLLZn7/2d4lvMzfZHC446kDuGLgumNar -----END CERTIFICATE-----Generated at Mon Feb 9 21:00:13 2026 by rpki-client