This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e322e302f32342d3234203d3e20383334.roa File: 352e3139392e322e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: fJTauUb3C5ODwA3NEW/7tQUpv1UkXLGVmZVrDQotrds= Subject key identifier: D4:00:5B:16:0D:53:82:AA:DB:B3:09:F8:84:5C:6C:10:76:63:53:93 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 394AB347A85BA946C965F85FDCF52B785943F0EB Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e322e302f32342d3234203d3e20383334.roa Signing time: Thu 13 Nov 2025 07:14:21 +0000 ROA not before: Thu 13 Nov 2025 07:09:21 +0000 ROA not after: Thu 12 Nov 2026 07:14:21 +0000 asID: 834 IP address blocks: 5.199.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39:4a:b3:47:a8:5b:a9:46:c9:65:f8:5f:dc:f5:2b:78:59:43:f0:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 13 07:09:21 2025 GMT Not After : Nov 12 07:14:21 2026 GMT Subject: CN=D4005B160D5382AADBB309F8845C6C1076635393 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:da:d3:fa:54:cf:07:1c:e5:e0:2b:58:92:20: 8e:cd:1f:35:8b:68:e7:39:52:f8:e8:92:d5:d9:75: 06:1c:89:4d:d5:25:bb:9b:ce:15:9b:9c:08:41:b6: 7c:c6:32:e4:28:17:71:7a:3f:54:b1:9c:d5:b7:90: 83:c2:f0:ee:31:46:e0:4c:14:d2:eb:ba:3d:a2:d4: 51:ed:cf:1c:91:3f:fc:b2:88:d4:9a:42:e8:67:e3: 56:94:60:de:65:da:f7:d1:d8:c3:57:21:7c:fe:54: 92:f4:49:2a:5b:3e:0a:75:54:70:94:c9:b3:ae:df: 42:d8:d6:22:20:81:c4:5f:6d:34:b6:2f:f3:03:25: 21:fc:09:65:44:e9:a3:4a:f5:49:3f:df:95:85:e5: ae:48:53:ad:36:2e:03:79:a3:af:12:f1:bc:1c:d4: b2:01:bb:80:05:b6:66:aa:ab:99:f1:39:18:b3:7f: 01:a7:11:b6:35:4d:eb:84:ae:d6:b6:70:a4:d4:f7: 8c:25:65:20:31:21:c5:3a:fd:dd:69:a0:6d:ed:41: 1b:a1:a6:0c:68:47:e3:05:17:a8:5e:78:1a:1a:ed: 37:33:76:19:46:50:3a:57:f4:68:61:ef:8c:2a:3d: 59:9e:a6:3c:0b:c3:0f:a7:53:ef:60:bc:c1:c8:80: 75:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:00:5B:16:0D:53:82:AA:DB:B3:09:F8:84:5C:6C:10:76:63:53:93 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e322e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.2.0/24 Signature Algorithm: sha256WithRSAEncryption 83:17:a1:8c:66:86:f6:6d:e4:60:20:6a:31:a4:05:b0:ab:51: df:2a:a6:8f:71:0b:c0:8a:14:95:79:1a:37:d0:47:d1:dc:94: cb:62:bd:db:fb:38:f1:93:6f:d8:72:6d:a7:fb:e6:15:47:7b: 7a:20:91:0c:43:9e:dc:3d:9a:ea:d2:cf:48:e6:2e:60:a5:37: 23:6f:e3:40:a6:de:31:ad:7d:97:0c:8b:6e:46:94:6c:09:17: 5b:07:e7:f6:4c:4e:1e:8a:56:66:84:92:b1:ca:da:9b:1b:c5: 2b:05:33:0c:09:f4:79:84:58:9b:5b:1f:e6:09:98:36:68:28: 23:94:b3:1b:cb:11:5a:5f:a5:26:cb:8f:ef:d4:e8:da:e5:fd: fb:3d:c9:7a:80:4c:e8:c4:4a:a7:9b:02:0a:66:02:9a:5b:8e: d9:9e:72:a1:f3:2b:c3:31:21:68:6b:9e:e3:10:78:df:42:71: 4a:72:90:09:d8:1b:e5:9d:60:23:dd:f1:c7:e2:ed:8e:d7:60: 2b:d4:b2:a2:2b:21:94:ce:b6:ec:5c:9f:6a:d3:d0:17:be:27: 79:a4:54:5c:6d:be:56:be:e6:c5:f0:44:3e:6a:8b:ad:8a:e9: 06:61:e0:d5:7a:e5:8b:dc:29:d1:d6:0f:a5:e8:2c:3c:63:d4: 81:22:e7:c2 -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUOUqzR6hbqUbJZfhf3PUreFlD8OswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMTMwNzA5MjFaFw0yNjExMTIwNzE0MjFaMDMxMTAvBgNV BAMTKEQ0MDA1QjE2MEQ1MzgyQUFEQkIzMDlGODg0NUM2QzEwNzY2MzUzOTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD2tP6VM8HHOXgK1iSII7NHzWL aOc5UvjoktXZdQYciU3VJbubzhWbnAhBtnzGMuQoF3F6P1SxnNW3kIPC8O4xRuBM FNLruj2i1FHtzxyRP/yyiNSaQuhn41aUYN5l2vfR2MNXIXz+VJL0SSpbPgp1VHCU ybOu30LY1iIggcRfbTS2L/MDJSH8CWVE6aNK9Uk/35WF5a5IU602LgN5o68S8bwc 1LIBu4AFtmaqq5nxORizfwGnEbY1TeuErta2cKTU94wlZSAxIcU6/d1poG3tQRuh pgxoR+MFF6heeBoa7TczdhlGUDpX9Ghh74wqPVmepjwLww+nU+9gvMHIgHUfAgMB AAGjggIzMIICLzAdBgNVHQ4EFgQU1ABbFg1Tgqrbswn4hFxsEHZjU5MwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzIyZTMw MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFxwIwDQYJKoZI hvcNAQELBQADggEBAIMXoYxmhvZt5GAgajGkBbCrUd8qpo9xC8CKFJV5GjfQR9Hc lMtivdv7OPGTb9hybaf75hVHe3ogkQxDntw9murSz0jmLmClNyNv40Cm3jGtfZcM i25GlGwJF1sH5/ZMTh6KVmaEkrHK2psbxSsFMwwJ9HmEWJtbH+YJmDZoKCOUsxvL EVpfpSbLj+/U6Nrl/fs9yXqATOjESqebAgpmAppbjtmecqHzK8MxIWhrnuMQeN9C cUpykAnYG+WdYCPd8cfi7Y7XYCvUsqIrIZTOtuxcn2rT0Be+J3mkVFxtvla+5sXw RD5qi62K6QZh4NV65YvcKdHWD6XoLDxj1IEi58I= -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:45 2025 by rpki-client