This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31362e302f32322d3234203d3e20383334.roa File: 352e3139392e31362e302f32322d3234203d3e20383334.roa (raw, json) Hash identifier: gtGuCR7WqssHrln/Y4e465GTa/RHfpMeR/odre8pN2Y= Subject key identifier: 32:D6:8C:64:6F:8E:71:D3:B4:82:AF:AF:09:18:25:0A:DA:53:93:7D Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 3370AB7DF333B855DA727CB3D8782BF3F0C52AB1 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31362e302f32322d3234203d3e20383334.roa Signing time: Mon 24 Nov 2025 08:43:57 +0000 ROA not before: Mon 24 Nov 2025 08:38:57 +0000 ROA not after: Mon 23 Nov 2026 08:43:57 +0000 asID: 834 IP address blocks: 5.199.16.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:70:ab:7d:f3:33:b8:55:da:72:7c:b3:d8:78:2b:f3:f0:c5:2a:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 08:38:57 2025 GMT Not After : Nov 23 08:43:57 2026 GMT Subject: CN=32D68C646F8E71D3B482AFAF0918250ADA53937D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:82:04:b6:1b:d5:e8:75:dc:cd:39:db:fb:65: ce:a1:8b:c5:86:16:0d:92:f6:f6:60:6d:95:96:65: 58:35:e1:25:03:fd:9c:fb:14:a7:c7:3f:54:4b:ab: 8e:5b:3e:9f:87:cd:d5:c8:8b:31:ed:7f:61:46:83: 99:56:cd:fa:c3:f1:b9:02:36:b6:a0:94:c4:01:7e: ba:dc:6b:09:e2:70:19:1c:57:dc:cc:82:2f:ad:83: 2c:c3:8b:54:c8:a3:1e:36:c6:b7:34:d6:33:07:fc: c3:de:71:44:dc:03:e4:ea:f0:81:4b:68:63:bd:5c: 20:c3:be:9e:8c:27:24:0e:41:c5:b6:0a:64:73:c1: 3b:50:6d:bf:53:d7:ad:ca:23:bb:19:65:df:af:28: 70:46:b7:66:25:db:d6:4a:3f:25:70:77:f3:f2:48: f7:2e:ae:6d:f6:e1:31:71:5b:44:6e:94:4b:a8:f4: 39:27:2d:0b:63:ce:3f:d4:73:cc:a7:eb:69:a7:14: 0a:a4:64:95:c5:9c:31:bf:b5:62:4a:1a:60:72:af: 85:c0:d2:f2:61:d4:bc:da:56:92:81:3d:35:b8:80: 9b:5c:13:e2:c8:01:4a:2a:1b:8a:a6:0e:ee:b4:15: 97:db:aa:59:c2:cb:e0:00:ba:df:1e:9a:5a:ec:61: bc:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:D6:8C:64:6F:8E:71:D3:B4:82:AF:AF:09:18:25:0A:DA:53:93:7D X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e31362e302f32322d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.16.0/22 Signature Algorithm: sha256WithRSAEncryption bf:46:47:9a:6b:c1:91:84:ef:cc:27:48:16:9f:d5:8c:81:16: 7b:33:8c:cb:59:52:20:18:48:ab:cf:d9:df:c8:7d:ae:a1:71: 96:b1:a1:e8:3f:d4:14:a8:40:7a:0e:ce:0d:af:9d:31:5a:ff: 20:7f:2b:30:d9:e2:80:27:62:34:07:9c:f3:e9:ef:f0:39:c3: 07:82:cd:0f:e0:d8:ab:44:3d:5c:a8:5d:e9:6a:2b:f3:fc:80: 94:a9:f5:5b:7f:ac:fc:97:55:bf:ab:a1:38:05:84:e5:95:b5: 6d:5f:16:87:26:75:b5:e2:ab:7b:2b:aa:a2:84:31:61:a2:38: f4:fa:a6:d4:5c:d3:15:f3:c2:5f:5b:23:0e:3c:06:65:53:95: 39:97:de:29:cc:af:6f:66:c3:0a:ed:08:05:8a:0b:44:98:54: 5a:c2:cf:8a:75:c3:65:76:34:df:07:01:92:4a:da:3d:1c:2c: 6f:84:a2:ca:46:ed:7a:b0:bc:63:99:3b:18:46:2d:49:4b:fa: 12:1a:1f:57:d2:bd:df:25:68:52:f8:d1:d2:d1:4e:cb:2a:a0: d3:8c:30:b5:07:2d:9e:0f:6a:75:0e:fe:85:71:0c:40:16:4a: 35:ec:9d:bc:f9:b7:84:4c:40:4d:76:43:e7:b7:ac:e9:63:1b: 94:65:b2:e0 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUM3CrffMzuFXacnyz2Hgr8/DFKrEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQwODM4NTdaFw0yNjExMjMwODQzNTdaMDMxMTAvBgNV BAMTKDMyRDY4QzY0NkY4RTcxRDNCNDgyQUZBRjA5MTgyNTBBREE1MzkzN0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCLggS2G9XoddzNOdv7Zc6hi8WG Fg2S9vZgbZWWZVg14SUD/Zz7FKfHP1RLq45bPp+HzdXIizHtf2FGg5lWzfrD8bkC NraglMQBfrrcawnicBkcV9zMgi+tgyzDi1TIox42xrc01jMH/MPecUTcA+Tq8IFL aGO9XCDDvp6MJyQOQcW2CmRzwTtQbb9T163KI7sZZd+vKHBGt2Yl29ZKPyVwd/Py SPcurm324TFxW0RulEuo9DknLQtjzj/Uc8yn62mnFAqkZJXFnDG/tWJKGmByr4XA 0vJh1LzaVpKBPTW4gJtcE+LIAUoqG4qmDu60FZfbqlnCy+AAut8emlrsYbw7AgMB AAGjggI1MIICMTAdBgNVHQ4EFgQUMtaMZG+OcdO0gq+vCRglCtpTk30wHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzEzNjJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgXHEDANBgkq hkiG9w0BAQsFAAOCAQEAv0ZHmmvBkYTvzCdIFp/VjIEWezOMy1lSIBhIq8/Z38h9 rqFxlrGh6D/UFKhAeg7ODa+dMVr/IH8rMNnigCdiNAec8+nv8DnDB4LND+DYq0Q9 XKhd6Wor8/yAlKn1W3+s/JdVv6uhOAWE5ZW1bV8WhyZ1teKreyuqooQxYaI49Pqm 1FzTFfPCX1sjDjwGZVOVOZfeKcyvb2bDCu0IBYoLRJhUWsLPinXDZXY03wcBkkra PRwsb4SiykbterC8Y5k7GEYtSUv6EhofV9K93yVoUvjR0tFOyyqg04wwtQctng9q dQ7+hXEMQBZKNeydvPm3hExATXZD57es6WMblGWy4A== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:42 2025 by rpki-client