This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32302e302f32332d3234203d3e20383334.roa File: 352e3139392e32302e302f32332d3234203d3e20383334.roa (raw, json) Hash identifier: QvTaZHbJDvGa5lY65f690MXZNG767G5Bd2a5bo5+3Bo= Subject key identifier: D9:E6:46:CB:14:4D:20:FD:77:E9:57:F8:83:9D:4F:D8:0C:7F:20:02 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 779A9D30640863FE878F06993B8FACEC7DA2C8E2 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32302e302f32332d3234203d3e20383334.roa Signing time: Mon 24 Nov 2025 08:43:57 +0000 ROA not before: Mon 24 Nov 2025 08:38:57 +0000 ROA not after: Mon 23 Nov 2026 08:43:57 +0000 asID: 834 IP address blocks: 5.199.20.0/23 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77:9a:9d:30:64:08:63:fe:87:8f:06:99:3b:8f:ac:ec:7d:a2:c8:e2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 08:38:57 2025 GMT Not After : Nov 23 08:43:57 2026 GMT Subject: CN=D9E646CB144D20FD77E957F8839D4FD80C7F2002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ea:1c:a9:13:6e:f0:ed:62:30:3c:a3:d6:e5: f0:fa:01:9d:94:f6:13:b9:68:30:1d:cc:57:be:66: 3a:d3:1e:84:00:e1:4b:43:a7:93:25:87:3d:ad:e2: bf:13:95:5e:ae:86:a0:52:29:d1:ce:db:57:b1:da: 88:15:41:b3:fe:50:48:af:95:60:fe:39:35:39:23: 0c:5c:7e:f9:cc:29:f7:b0:8f:7d:e2:2d:e2:f1:5b: d5:20:7e:e9:68:dd:16:dd:0f:15:72:0c:a1:c7:95: 90:b9:66:af:a8:d6:22:b4:2f:75:8e:cd:76:60:11: 6c:12:b1:be:24:86:96:56:d8:21:4c:85:43:32:58: d2:69:81:a1:6e:8f:a8:7f:2d:0f:51:cb:a8:26:9f: 43:e3:ac:d7:d4:dc:ee:75:01:60:19:f9:38:40:47: c7:8f:08:3f:7a:40:0c:21:ef:68:12:0d:a6:89:fc: ef:87:ca:70:2d:cf:c2:ea:e9:d2:e5:87:2f:23:6a: a3:ad:6c:f2:d7:1a:7c:7a:88:ff:c1:ba:f5:b0:89: c7:c8:ef:e9:37:cd:26:93:aa:b6:a9:a4:87:19:77: 1d:8d:9a:8c:48:b3:02:a4:1a:55:24:7d:5b:5d:fa: c8:2d:26:ec:23:0b:d8:2c:fa:b7:c2:dd:af:63:bc: da:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:E6:46:CB:14:4D:20:FD:77:E9:57:F8:83:9D:4F:D8:0C:7F:20:02 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32302e302f32332d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.20.0/23 Signature Algorithm: sha256WithRSAEncryption 61:2b:8f:4c:67:00:14:16:54:92:eb:d5:68:4e:20:bd:0f:63: a1:7c:69:72:70:b8:bd:56:09:73:fa:91:49:9f:51:e3:e9:ca: fc:6c:b3:cf:97:ca:74:d1:f5:5d:91:8b:ac:8d:2d:cf:ac:22: 35:5f:8e:1c:a1:65:0c:4b:7f:c2:fc:6d:65:d3:8d:50:bb:d7: 61:fe:cd:f7:8b:38:51:04:74:7b:f6:58:a0:eb:87:3b:fd:4c: c7:0f:fd:27:4d:44:16:7c:3f:90:9f:fc:e8:a0:02:b3:a4:9c: 93:55:44:3e:f6:51:62:ff:bd:11:4d:70:f5:13:f1:c8:9e:03: 5a:d6:40:9e:aa:1e:c3:4c:45:fd:85:0c:a8:5b:68:af:de:5e: 8e:cd:a4:94:37:f4:71:70:61:f4:ed:8d:24:05:de:f3:26:ae: 9a:3e:bd:52:73:41:0b:51:90:a4:be:a9:a7:cb:ba:54:74:a7: 44:9b:94:b2:80:41:89:fd:c7:b5:83:f1:ba:90:92:97:9d:1c: 50:e1:5a:32:5e:70:21:17:3f:30:77:d7:e7:ef:d8:6f:ac:29: 4b:45:ea:3c:49:63:bf:47:50:60:6f:ea:de:43:24:75:92:cb: c1:a9:e2:2b:e2:9a:ad:c9:07:10:e5:42:bb:f8:44:e4:87:f9: 47:b5:ec:1b -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUd5qdMGQIY/6HjwaZO4+s7H2iyOIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQwODM4NTdaFw0yNjExMjMwODQzNTdaMDMxMTAvBgNV BAMTKEQ5RTY0NkNCMTQ0RDIwRkQ3N0U5NTdGODgzOUQ0RkQ4MEM3RjIwMDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm6hypE27w7WIwPKPW5fD6AZ2U 9hO5aDAdzFe+ZjrTHoQA4UtDp5Mlhz2t4r8TlV6uhqBSKdHO21ex2ogVQbP+UEiv lWD+OTU5IwxcfvnMKfewj33iLeLxW9Ugfulo3RbdDxVyDKHHlZC5Zq+o1iK0L3WO zXZgEWwSsb4khpZW2CFMhUMyWNJpgaFuj6h/LQ9Ry6gmn0PjrNfU3O51AWAZ+ThA R8ePCD96QAwh72gSDaaJ/O+HynAtz8Lq6dLlhy8jaqOtbPLXGnx6iP/BuvWwicfI 7+k3zSaTqrappIcZdx2NmoxIswKkGlUkfVtd+sgtJuwjC9gs+rfC3a9jvNrHAgMB AAGjggI1MIICMTAdBgNVHQ4EFgQU2eZGyxRNIP136Vf4g51P2Ax/IAIwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzIzMDJl MzAyZjMyMzMyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAQXHFDANBgkq hkiG9w0BAQsFAAOCAQEAYSuPTGcAFBZUkuvVaE4gvQ9joXxpcnC4vVYJc/qRSZ9R 4+nK/Gyzz5fKdNH1XZGLrI0tz6wiNV+OHKFlDEt/wvxtZdONULvXYf7N94s4UQR0 e/ZYoOuHO/1Mxw/9J01EFnw/kJ/86KACs6Sck1VEPvZRYv+9EU1w9RPxyJ4DWtZA nqoew0xF/YUMqFtor95ejs2klDf0cXBh9O2NJAXe8yaumj69UnNBC1GQpL6pp8u6 VHSnRJuUsoBBif3HtYPxupCSl50cUOFaMl5wIRc/MHfX5+/Yb6wpS0XqPEljv0dQ YG/q3kMkdZLLwaniK+KarckHEOVCu/hE5If5R7XsGw== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:37 2025 by rpki-client