This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32322e302f32342d3234203d3e203230343733.roa File: 352e3139392e32322e302f32342d3234203d3e203230343733.roa (raw, json) Hash identifier: OZli0DwLI2EHYi071cA1eilY9ouwYPaD3LYrqpRrOGo= Subject key identifier: FD:FF:9C:F7:53:1F:E1:E0:10:BD:1F:80:93:2F:5E:B8:C2:95:DC:1D Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 27D415527D1B578BF2BADB6FDAE2961165459FE6 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32322e302f32342d3234203d3e203230343733.roa Signing time: Mon 24 Nov 2025 08:42:54 +0000 ROA not before: Mon 24 Nov 2025 08:37:54 +0000 ROA not after: Mon 23 Nov 2026 08:42:54 +0000 asID: 20473 IP address blocks: 5.199.22.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 27:d4:15:52:7d:1b:57:8b:f2:ba:db:6f:da:e2:96:11:65:45:9f:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 08:37:54 2025 GMT Not After : Nov 23 08:42:54 2026 GMT Subject: CN=FDFF9CF7531FE1E010BD1F80932F5EB8C295DC1D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:dc:2a:b2:6d:31:52:64:b8:ec:a4:f8:95:7c: d2:33:16:cc:9c:8a:f7:38:0f:79:5f:14:36:f1:d5: 42:30:b0:72:bb:d4:4e:b0:4b:6d:52:f0:80:af:ab: 33:49:97:eb:75:f1:b9:92:8f:35:7c:ce:37:e6:34: de:82:93:7c:7a:a1:55:5f:55:67:f6:37:cb:d9:33: 04:f6:80:d3:a9:f2:fc:4d:c2:26:dd:fd:db:79:4a: bc:b5:4a:c6:15:6f:68:07:1a:37:6c:68:d9:ea:0b: d1:42:33:9b:e5:58:cd:42:7d:54:ac:2e:41:60:d6: 50:ed:16:f9:b1:78:6f:a7:81:fc:c1:47:78:1b:2c: 1b:18:1d:a2:13:21:56:6a:3a:e8:15:87:55:e3:ac: 8a:28:09:b0:13:f1:a7:9d:b1:68:45:8b:46:ec:9b: f7:0a:04:ef:be:87:b2:73:1d:ed:5c:44:75:73:c8: 53:49:cc:3f:76:3a:3a:08:f9:b7:11:c2:c3:1b:c1: bc:4a:2b:af:d0:db:1e:f2:7a:c7:aa:aa:d0:63:bf: 84:9b:2b:61:da:5c:04:7e:79:fa:8e:3c:a9:99:14: a3:f5:94:04:b8:26:c7:52:9d:5d:58:88:d7:7c:40: 8e:53:1d:97:aa:f4:9d:e1:69:be:49:26:41:27:e7: 08:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:FF:9C:F7:53:1F:E1:E0:10:BD:1F:80:93:2F:5E:B8:C2:95:DC:1D X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32322e302f32342d3234203d3e203230343733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.22.0/24 Signature Algorithm: sha256WithRSAEncryption 12:fb:6f:d1:23:b0:19:9c:06:d3:20:83:72:6f:49:6d:19:27: e3:53:4c:8f:59:de:89:33:94:16:bd:95:d8:7d:62:3b:b9:b6: 69:16:d5:7a:43:4f:c6:97:79:b6:6b:30:4c:67:a2:c7:84:77: 06:76:b6:8d:4f:96:23:52:c7:ce:da:44:83:33:8c:97:9b:c3: 9c:35:ec:ea:f7:c6:87:0d:e6:03:32:b0:1f:87:20:53:36:25: 6f:c0:32:3f:b1:43:d2:56:5a:90:17:26:fe:22:fe:2c:54:b4: be:ea:4d:71:10:5c:2b:a2:a8:58:06:eb:25:43:43:5f:87:37: 57:ee:3c:07:67:e9:1b:96:dc:7a:38:26:b7:e4:02:5d:6b:be: 7c:10:ca:d4:0e:3d:b7:de:f0:a2:75:c4:ad:0c:77:95:4d:81: be:1c:96:d3:0d:c1:b4:4f:29:3a:c2:0d:4c:c6:e3:57:5a:a2: 75:e9:3c:7f:cf:f7:18:4e:b3:8d:43:ce:52:8a:17:76:6e:17: ca:17:35:21:58:c5:a7:94:a4:65:dd:7e:54:76:31:82:87:0b: 4d:96:03:36:db:26:73:c1:b8:0d:43:7f:99:96:9c:df:41:1e: ca:42:91:42:11:76:b3:06:85:24:4b:67:f7:4c:88:dc:db:79: 91:0a:00:6b -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUJ9QVUn0bV4vyuttv2uKWEWVFn+YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQwODM3NTRaFw0yNjExMjMwODQyNTRaMDMxMTAvBgNV BAMTKEZERkY5Q0Y3NTMxRkUxRTAxMEJEMUY4MDkzMkY1RUI4QzI5NURDMUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI3CqybTFSZLjspPiVfNIzFsyc ivc4D3lfFDbx1UIwsHK71E6wS21S8ICvqzNJl+t18bmSjzV8zjfmNN6Ck3x6oVVf VWf2N8vZMwT2gNOp8vxNwibd/dt5Sry1SsYVb2gHGjdsaNnqC9FCM5vlWM1CfVSs LkFg1lDtFvmxeG+ngfzBR3gbLBsYHaITIVZqOugVh1XjrIooCbAT8aedsWhFi0bs m/cKBO++h7JzHe1cRHVzyFNJzD92OjoI+bcRwsMbwbxKK6/Q2x7yeseqqtBjv4Sb K2HaXAR+efqOPKmZFKP1lAS4JsdSnV1YiNd8QI5THZeq9J3hab5JJkEn5wiPAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU/f+c91Mf4eAQvR+Aky9euMKV3B0wHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzIzMjJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzNDM3MzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFxxYw DQYJKoZIhvcNAQELBQADggEBABL7b9EjsBmcBtMgg3JvSW0ZJ+NTTI9Z3okzlBa9 ldh9Yju5tmkW1XpDT8aXebZrMExnoseEdwZ2to1PliNSx87aRIMzjJebw5w17Or3 xocN5gMysB+HIFM2JW/AMj+xQ9JWWpAXJv4i/ixUtL7qTXEQXCuiqFgG6yVDQ1+H N1fuPAdn6RuW3Ho4JrfkAl1rvnwQytQOPbfe8KJ1xK0Md5VNgb4cltMNwbRPKTrC DUzG41daonXpPH/P9xhOs41DzlKKF3ZuF8oXNSFYxaeUpGXdflR2MYKHC02WAzbb JnPBuA1Df5mWnN9BHspCkUIRdrMGhSRLZ/dMiNzbeZEKAGs= -----END CERTIFICATE-----Generated at Fri Nov 28 05:00:23 2025 by rpki-client