This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32382e302f32322d3234203d3e20383334.roa File: 352e3139392e32382e302f32322d3234203d3e20383334.roa (raw, json) Hash identifier: blzkIaXs4LsOOA2O5xYIWbW5hviQNa505WTGCpw8pB0= Subject key identifier: DB:54:D5:1A:82:51:42:6B:E0:6F:AB:44:D1:9F:00:75:53:55:BF:B8 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 444C1BC20D12FAC741652141146A8CE4748A3ED9 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32382e302f32322d3234203d3e20383334.roa Signing time: Mon 24 Nov 2025 08:43:57 +0000 ROA not before: Mon 24 Nov 2025 08:38:57 +0000 ROA not after: Mon 23 Nov 2026 08:43:57 +0000 asID: 834 IP address blocks: 5.199.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:4c:1b:c2:0d:12:fa:c7:41:65:21:41:14:6a:8c:e4:74:8a:3e:d9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 24 08:38:57 2025 GMT Not After : Nov 23 08:43:57 2026 GMT Subject: CN=DB54D51A8251426BE06FAB44D19F00755355BFB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:a2:67:14:62:d5:69:0c:33:1b:04:2e:19:b8: 46:e6:fc:ba:28:f0:0e:b6:15:d2:33:e2:8f:60:2a: eb:d0:cb:49:4c:09:84:dc:18:b7:af:5e:41:21:62: be:9f:8c:ef:e4:3f:3b:f9:90:df:1f:ec:4a:42:cb: 6f:31:73:e2:4a:9e:45:3c:88:2f:54:51:c8:93:73: 92:f4:c4:39:7c:54:59:93:5b:c7:a6:d2:d3:5b:7e: 0c:4e:7c:90:c6:38:03:1c:33:c0:b5:62:dd:dc:57: 94:6a:2d:2c:7e:bc:ec:ad:f2:6b:d1:7e:a2:31:47: 33:81:b1:d4:a1:9c:af:0d:f5:db:62:94:2e:2a:0f: 53:76:3a:00:c0:20:41:d9:4c:e8:72:1a:06:05:cd: 4e:ad:06:53:a1:87:76:22:ea:99:27:b3:ae:ad:13: 8f:47:5d:2e:17:17:50:66:70:b4:fd:20:ca:b4:91: c1:38:94:7b:ef:7a:46:b5:af:0f:b6:3b:ab:2e:99: 32:dd:20:cf:47:dd:13:2c:90:90:31:35:98:5f:8a: 3e:86:50:fa:20:23:e0:e0:61:73:60:15:01:92:15: 56:a5:56:68:88:67:6c:5a:c3:85:16:27:22:1f:9b: 53:37:0b:13:e8:5e:a5:84:f0:f6:c8:8b:75:38:c0: 20:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:54:D5:1A:82:51:42:6B:E0:6F:AB:44:D1:9F:00:75:53:55:BF:B8 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32382e302f32322d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.28.0/22 Signature Algorithm: sha256WithRSAEncryption 9f:33:92:5f:a4:75:aa:61:af:6d:3b:fe:0b:3e:28:b8:6d:7c: 61:36:f9:64:b3:49:59:67:79:e3:73:2b:b4:85:e4:83:7e:46: 59:80:57:e4:84:24:7a:42:ac:51:db:98:23:ef:4c:c6:af:73: 08:54:35:9b:5b:a6:b7:ec:60:1a:c2:11:ac:13:72:d1:54:bb: c2:22:cf:21:e8:18:e6:85:d7:b4:12:34:5b:f0:57:a5:09:65: 0f:d4:4f:c1:f6:b0:cb:3c:dc:8c:2c:24:75:57:ea:b8:fb:2e: 36:da:44:48:69:62:7b:d2:ed:f6:64:11:05:ad:c6:78:0e:a6: cf:f2:99:3b:51:cc:04:f3:a6:9c:37:22:bf:3b:cf:ea:b3:5a: b1:c1:bd:a6:9a:7f:15:23:d3:3f:9b:ca:c5:d4:1e:97:04:d1: b7:79:18:b1:4b:6c:2b:8f:2e:8f:d7:a8:11:44:47:3d:73:6a: 51:75:8b:4c:91:db:7c:d8:2d:ca:4b:60:08:fd:9a:7f:ce:f5: 65:c1:a4:e6:b6:e9:cd:5f:5d:a0:6c:c4:ba:af:70:2a:7a:24: 90:5e:c2:8d:3c:34:d2:79:49:ec:9c:c1:70:74:f7:ae:b8:00: 7f:dc:44:d1:ec:03:fa:d0:4f:ed:bd:49:0f:60:f4:c7:ac:1a: 1e:09:b0:4b -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUREwbwg0S+sdBZSFBFGqM5HSKPtkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMjQwODM4NTdaFw0yNjExMjMwODQzNTdaMDMxMTAvBgNV BAMTKERCNTRENTFBODI1MTQyNkJFMDZGQUI0NEQxOUYwMDc1NTM1NUJGQjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDromcUYtVpDDMbBC4ZuEbm/Loo 8A62FdIz4o9gKuvQy0lMCYTcGLevXkEhYr6fjO/kPzv5kN8f7EpCy28xc+JKnkU8 iC9UUciTc5L0xDl8VFmTW8em0tNbfgxOfJDGOAMcM8C1Yt3cV5RqLSx+vOyt8mvR fqIxRzOBsdShnK8N9dtilC4qD1N2OgDAIEHZTOhyGgYFzU6tBlOhh3Yi6pkns66t E49HXS4XF1BmcLT9IMq0kcE4lHvveka1rw+2O6sumTLdIM9H3RMskJAxNZhfij6G UPogI+DgYXNgFQGSFValVmiIZ2xaw4UWJyIfm1M3CxPoXqWE8PbIi3U4wCAXAgMB AAGjggI1MIICMTAdBgNVHQ4EFgQU21TVGoJRQmvgb6tE0Z8AdVNVv7gwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzIzODJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgXHHDANBgkq hkiG9w0BAQsFAAOCAQEAnzOSX6R1qmGvbTv+Cz4ouG18YTb5ZLNJWWd543MrtIXk g35GWYBX5IQkekKsUduYI+9Mxq9zCFQ1m1umt+xgGsIRrBNy0VS7wiLPIegY5oXX tBI0W/BXpQllD9RPwfawyzzcjCwkdVfquPsuNtpESGlie9Lt9mQRBa3GeA6mz/KZ O1HMBPOmnDcivzvP6rNascG9ppp/FSPTP5vKxdQelwTRt3kYsUtsK48uj9eoEURH PXNqUXWLTJHbfNgtyktgCP2af871ZcGk5rbpzV9doGzEuq9wKnokkF7CjTw00nlJ 7JzBcHT3rrgAf9xE0ewD+tBP7b1JD2D0x6waHgmwSw== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:40 2025 by rpki-client