This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31352e302f32342d3234203d3e203230343733.roa File: 352e3139392e31352e302f32342d3234203d3e203230343733.roa (raw, json) Hash identifier: oVkiCPiNJRJM/W+z3ndD4pSoOtGs4Qbrd83E+p9HcJU= Subject key identifier: 79:63:CD:9D:0A:82:0B:D9:EC:A1:82:4B:00:57:CF:41:6B:35:AF:59 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 22AE07FCB0122BA36EC162C3E3ADB738D6C3D532 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31352e302f32342d3234203d3e203230343733.roa Signing time: Mon 24 Nov 2025 11:04:26 +0000 ROA not before: Mon 24 Nov 2025 10:59:26 +0000 ROA not after: Mon 23 Nov 2026 11:04:26 +0000 asID: 20473 IP address blocks: 5.199.15.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:ae:07:fc:b0:12:2b:a3:6e:c1:62:c3:e3:ad:b7:38:d6:c3:d5:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 10:59:26 2025 GMT Not After : Nov 23 11:04:26 2026 GMT Subject: CN=7963CD9D0A820BD9ECA1824B0057CF416B35AF59 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:2e:e9:eb:8b:52:8f:cd:95:a7:e9:9f:30:37: 23:23:fc:57:93:7a:66:8a:0e:40:01:47:6c:68:2b: 91:4e:48:75:25:73:37:22:1a:64:fb:3a:4c:11:50: 37:be:0b:0b:fd:9e:2b:85:c0:dd:9b:50:2c:fd:ad: b1:81:e7:c3:60:a5:7a:1f:c4:85:f5:94:8b:55:7a: ea:46:c2:62:43:a7:38:27:ed:67:a3:53:e2:66:f9: 1b:91:b4:00:3a:24:e3:27:97:28:b0:e9:d9:e3:e7: c7:65:34:55:17:aa:a5:10:d1:d3:f3:35:a0:3e:20: 77:ac:7b:c5:26:80:d0:a8:9a:6c:9d:95:89:51:76: 12:d5:61:28:ce:48:c2:69:5d:03:87:16:7a:16:2f: 0d:e8:0d:ce:9f:86:7b:6a:c5:73:e5:20:ce:0a:89: d0:ab:cb:d1:60:05:f6:b1:64:cc:f4:25:86:da:34: e9:f8:d8:d5:59:b2:e1:ad:7d:0e:96:5a:03:a5:f1: ff:e3:21:b1:1c:8d:24:82:b5:93:04:6a:02:02:44: 71:6a:d0:16:fc:6e:ad:39:3b:23:8e:3f:af:df:23: 18:b8:eb:03:15:99:9b:54:6e:1d:fd:ee:c9:55:e7: a2:c3:e2:88:1e:6e:53:8a:b4:18:a6:7e:2c:9e:fc: d8:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:63:CD:9D:0A:82:0B:D9:EC:A1:82:4B:00:57:CF:41:6B:35:AF:59 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31352e302f32342d3234203d3e203230343733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.15.0/24 Signature Algorithm: sha256WithRSAEncryption 2f:76:de:d0:cd:10:97:e6:ab:71:ce:90:b9:89:e6:13:c3:d7: d1:23:0b:e5:7c:40:24:27:de:e0:68:2a:45:89:38:2b:d1:81: 4d:c1:49:6e:94:68:7a:62:cb:7b:cc:8a:4e:b3:47:fe:c0:e5: 0c:1e:b5:f7:f4:79:aa:47:be:27:a5:2d:e2:c1:04:75:8b:7a: 52:c0:ee:cf:86:29:18:7b:54:b7:dc:fb:f1:cc:7b:c6:c4:63: 52:1f:3b:ae:f8:c2:d2:18:ab:4f:44:0d:21:e3:cb:c9:72:7f: 9c:4a:5f:93:dd:53:34:6f:99:0b:a7:f5:85:41:18:50:5a:57: 85:2a:90:84:ed:6e:66:ea:c5:7f:7e:40:f2:d3:77:13:b1:fd: 64:35:13:b8:6c:39:9d:ba:e2:53:82:b8:2e:2c:1d:e1:ab:43: d6:dd:33:79:c1:87:0c:16:19:8e:8f:fc:d0:eb:cf:c4:f5:ce: ec:8f:48:d7:c8:10:47:2a:f9:e4:98:9a:97:be:7e:ca:d0:bf: f6:52:71:41:64:32:52:66:d1:23:a9:7d:1d:d1:ce:b1:02:b4: e5:d8:89:ce:37:1b:ea:04:f0:ab:8f:c8:ed:01:54:92:92:10: e3:09:c2:33:45:9b:38:f9:5d:1d:bf:d2:a2:54:8e:b6:6f:d5: cf:13:e2:10 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUIq4H/LASK6NuwWLD4623ONbD1TIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQxMDU5MjZaFw0yNjExMjMxMTA0MjZaMDMxMTAvBgNV BAMTKDc5NjNDRDlEMEE4MjBCRDlFQ0ExODI0QjAwNTdDRjQxNkIzNUFGNTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZLunri1KPzZWn6Z8wNyMj/FeT emaKDkABR2xoK5FOSHUlczciGmT7OkwRUDe+Cwv9niuFwN2bUCz9rbGB58NgpXof xIX1lItVeupGwmJDpzgn7WejU+Jm+RuRtAA6JOMnlyiw6dnj58dlNFUXqqUQ0dPz NaA+IHese8UmgNCommydlYlRdhLVYSjOSMJpXQOHFnoWLw3oDc6fhntqxXPlIM4K idCry9FgBfaxZMz0JYbaNOn42NVZsuGtfQ6WWgOl8f/jIbEcjSSCtZMEagICRHFq 0Bb8bq05OyOOP6/fIxi46wMVmZtUbh397slV56LD4ogeblOKtBimfiye/NhFAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUeWPNnQqCC9nsoYJLAFfPQWs1r1kwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzEzNTJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFxw8w DQYJKoZIhvcNAQELBQADggEBAC923tDNEJfmq3HOkLmJ5hPD19EjC+V8QCQn3uBo KkWJOCvRgU3BSW6UaHpiy3vMik6zR/7A5Qwetff0eapHvielLeLBBHWLelLA7s+G KRh7VLfc+/HMe8bEY1IfO674wtIYq09EDSHjy8lyf5xKX5PdUzRvmQun9YVBGFBa V4UqkITtbmbqxX9+QPLTdxOx/WQ1E7hsOZ264lOCuC4sHeGrQ9bdM3nBhwwWGY6P /NDrz8T1zuyPSNfIEEcq+eSYmpe+fsrQv/ZScUFkMlJm0SOpfR3RzrECtOXYic43 G+oE8KuPyO0BVJKSEOMJwjNFmzj5XR2/0qJUjrZv1c8T4hA= -----END CERTIFICATE-----Generated at Fri Nov 28 05:00:23 2025 by rpki-client