This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31342e302f32342d3234203d3e20383334.roa File: 352e3139392e31342e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: Y/R322fr3rA/8G1jlm5vYU4HllA9nyOgFjszd7MIowI= Subject key identifier: E1:A9:47:67:CF:84:B6:22:ED:E9:27:18:4D:4C:9E:57:0C:91:46:19 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 1EFD2D349C573DCB37495EAFFEA5A013C336537F Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31342e302f32342d3234203d3e20383334.roa Signing time: Mon 24 Nov 2025 11:07:10 +0000 ROA not before: Mon 24 Nov 2025 11:02:10 +0000 ROA not after: Mon 23 Nov 2026 11:07:10 +0000 asID: 834 IP address blocks: 5.199.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:fd:2d:34:9c:57:3d:cb:37:49:5e:af:fe:a5:a0:13:c3:36:53:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 11:02:10 2025 GMT Not After : Nov 23 11:07:10 2026 GMT Subject: CN=E1A94767CF84B622EDE927184D4C9E570C914619 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:89:aa:76:a4:5b:9e:5b:37:f2:34:75:d5:16: c3:6d:4e:14:44:4a:99:e1:cb:15:9f:03:6c:3f:51: d0:8a:b4:51:32:86:d3:d2:f5:ed:a4:c9:39:ee:a5: 08:e1:9f:89:94:73:99:6e:82:73:25:36:46:47:83: 1b:b1:28:0c:34:30:5f:e4:5c:cf:a4:68:c1:57:06: ae:9e:18:b9:bc:05:ab:de:81:47:43:0d:79:cd:cd: a1:0b:f7:71:05:29:64:67:d8:4e:e9:45:a7:58:27: 61:63:f1:87:59:66:28:c1:fa:27:a9:7f:a2:95:95: b6:5e:ec:2d:8d:56:6d:94:62:74:2a:ed:7d:db:e7: 81:a8:88:3a:7c:dd:23:53:7c:a7:88:db:62:84:61: 11:20:fc:58:45:c0:55:c4:2e:65:4e:81:76:18:43: e5:7e:1a:8a:66:c5:51:a7:df:8a:e8:95:c0:c5:1c: 46:a8:73:e9:1c:69:4d:41:e3:34:6b:4e:a9:b0:77: e8:72:e2:ce:88:38:46:21:50:9b:0c:43:06:23:2f: 9b:56:bf:a0:6e:b9:2b:e2:f0:96:41:96:4c:51:c4: d4:90:d9:5c:a9:cb:34:22:73:0b:c1:16:c4:6c:6d: 5c:a0:22:b4:29:46:59:b9:38:1e:98:a1:9c:90:8d: 32:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:A9:47:67:CF:84:B6:22:ED:E9:27:18:4D:4C:9E:57:0C:91:46:19 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31342e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.14.0/24 Signature Algorithm: sha256WithRSAEncryption 55:c1:6c:b5:26:39:0c:13:60:5d:b0:df:64:3b:f0:4b:72:5c: 34:33:4f:0d:18:3b:1b:62:cb:c1:20:ac:6f:12:66:6b:95:47: 87:05:94:23:ce:19:99:78:e3:7d:e7:fa:e7:46:5d:52:31:79: dc:97:49:03:c8:6a:57:dc:85:54:85:e5:e3:72:dd:cf:56:c1: 32:38:d1:76:67:62:2d:65:f5:a3:61:bf:b9:49:2f:cd:5b:f1: e2:a1:3f:a9:25:bb:75:c6:b9:20:70:c3:d1:5a:17:da:f2:ed: d8:c9:6d:ae:58:8a:ff:8e:61:08:e8:a6:c8:44:70:a8:a5:e5: 6a:05:84:2b:c8:f4:bb:50:0a:9b:80:7f:dc:bd:1a:ca:36:cd: 11:a3:c1:4e:65:56:6c:cd:de:3d:8d:48:ad:36:77:6c:bb:f9: e1:ce:2d:2a:f5:30:9f:c1:b6:79:76:a5:2b:7b:83:45:c2:ac: fe:6f:9b:6d:d2:0f:26:a7:dc:eb:04:1d:3c:1e:ef:9a:5d:30: e9:7b:5d:f9:5d:4e:17:72:42:78:ea:00:24:79:49:60:8c:f6: a6:0c:78:ca:43:f2:a5:3b:61:57:71:d5:66:bb:3b:72:af:d1: e3:93:4a:b8:c8:9a:7a:66:18:98:56:6a:e1:36:bf:cb:a5:4c: 8f:67:73:0b -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUHv0tNJxXPcs3SV6v/qWgE8M2U38wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQxMTAyMTBaFw0yNjExMjMxMTA3MTBaMDMxMTAvBgNV BAMTKEUxQTk0NzY3Q0Y4NEI2MjJFREU5MjcxODRENEM5RTU3MEM5MTQ2MTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJiap2pFueWzfyNHXVFsNtThRE SpnhyxWfA2w/UdCKtFEyhtPS9e2kyTnupQjhn4mUc5lugnMlNkZHgxuxKAw0MF/k XM+kaMFXBq6eGLm8BavegUdDDXnNzaEL93EFKWRn2E7pRadYJ2Fj8YdZZijB+iep f6KVlbZe7C2NVm2UYnQq7X3b54GoiDp83SNTfKeI22KEYREg/FhFwFXELmVOgXYY Q+V+GopmxVGn34rolcDFHEaoc+kcaU1B4zRrTqmwd+hy4s6IOEYhUJsMQwYjL5tW v6BuuSvi8JZBlkxRxNSQ2VypyzQicwvBFsRsbVygIrQpRlm5OB6YoZyQjTKdAgMB AAGjggI1MIICMTAdBgNVHQ4EFgQU4alHZ8+EtiLt6ScYTUyeVwyRRhkwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzEzNDJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAXHDjANBgkq hkiG9w0BAQsFAAOCAQEAVcFstSY5DBNgXbDfZDvwS3JcNDNPDRg7G2LLwSCsbxJm a5VHhwWUI84ZmXjjfef650ZdUjF53JdJA8hqV9yFVIXl43Ldz1bBMjjRdmdiLWX1 o2G/uUkvzVvx4qE/qSW7dca5IHDD0VoX2vLt2MltrliK/45hCOimyERwqKXlagWE K8j0u1AKm4B/3L0ayjbNEaPBTmVWbM3ePY1IrTZ3bLv54c4tKvUwn8G2eXalK3uD RcKs/m+bbdIPJqfc6wQdPB7vml0w6Xtd+V1OF3JCeOoAJHlJYIz2pgx4ykPypTth V3HVZrs7cq/R45NKuMiaemYYmFZq4Ta/y6VMj2dzCw== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:42 2025 by rpki-client