This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e33322e302f32322d3234203d3e20383334.roa File: 352e3139392e33322e302f32322d3234203d3e20383334.roa (raw, json) Hash identifier: wHi/K7jkDZlOgAcLQ2orzAvP6GWa0NTiJ30LAzYTgs0= Subject key identifier: 67:E6:8B:87:49:0E:FA:59:EE:4B:E8:9D:74:9E:35:08:CE:58:1C:E5 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 3450BE74193E5192ACB3FD88771B3FE19A2D5C37 Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e33322e302f32322d3234203d3e20383334.roa Signing time: Fri 14 Nov 2025 10:30:38 +0000 ROA not before: Fri 14 Nov 2025 10:25:38 +0000 ROA not after: Fri 13 Nov 2026 10:30:38 +0000 asID: 834 IP address blocks: 5.199.32.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:50:be:74:19:3e:51:92:ac:b3:fd:88:77:1b:3f:e1:9a:2d:5c:37 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 14 10:25:38 2025 GMT Not After : Nov 13 10:30:38 2026 GMT Subject: CN=67E68B87490EFA59EE4BE89D749E3508CE581CE5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:b8:3d:9a:9a:00:7d:73:a4:86:2a:77:c7:76: ae:52:e5:25:d7:08:c2:35:65:d7:2c:57:28:8f:1d: c8:dc:0b:4c:0a:3c:92:f3:97:51:60:3a:11:15:fe: 6c:94:86:83:80:d0:9c:f9:cc:f6:7c:75:ef:10:28: 1e:d6:66:cf:45:0c:3e:12:c4:ab:d9:04:51:42:41: ac:3e:24:00:6d:b1:8f:41:36:22:04:da:ba:e9:84: 19:6a:79:ae:8d:4f:2c:96:ad:05:7f:07:20:38:f1: a7:6f:0e:ca:e6:3d:c0:5f:5b:d1:aa:53:65:19:b1: 91:66:f1:84:6e:72:ee:3e:40:33:b0:43:69:f8:71: 60:5c:ec:30:00:da:64:08:6f:7f:f0:20:28:30:dc: 93:9b:09:3c:da:d8:f8:03:ca:bb:b8:6c:68:33:1f: 61:af:7e:84:56:c0:3f:f5:b8:cf:c4:6b:c9:af:27: 53:b2:4b:1b:9d:50:c9:f7:4d:74:92:c2:6b:88:40: be:cc:7f:80:8b:4f:bc:0e:e1:1a:21:37:1b:7c:ac: 66:4c:7e:77:15:3e:f8:80:9b:4f:fa:06:3d:31:41: 5e:4a:37:6f:cc:3d:a1:68:87:ea:db:bf:7c:e8:ec: f0:19:f5:9e:9a:18:66:70:26:0c:d1:c4:eb:99:75: 04:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:E6:8B:87:49:0E:FA:59:EE:4B:E8:9D:74:9E:35:08:CE:58:1C:E5 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e33322e302f32322d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.32.0/22 Signature Algorithm: sha256WithRSAEncryption 10:43:4c:d3:03:cb:95:38:55:d8:14:00:cd:b4:eb:a7:47:88: 43:1d:42:a8:e1:c2:67:5f:71:5a:cf:42:1c:dd:9d:cb:fe:23: 91:fd:85:5f:44:7e:e3:50:85:af:2b:98:5c:f1:de:8c:f9:57: 0d:fc:75:46:63:b3:63:de:de:23:7f:ad:54:44:d3:8c:48:1a: 8e:93:a4:bc:c6:61:3d:e5:fa:db:6f:5e:8e:c4:78:fe:11:f5: a7:7a:a0:d1:7b:62:55:b8:35:81:5c:8c:58:30:f8:7d:66:45: 9c:bd:ac:72:ce:db:40:10:34:4b:44:c2:4d:5c:45:29:c5:d2: a2:92:a2:45:08:f9:14:f4:82:32:43:0b:ad:4f:d1:87:ad:81: b1:34:db:7f:d5:66:5e:b4:e3:26:cb:0b:5f:a2:1a:d3:e7:5e: 02:55:17:52:52:2a:8d:4c:94:5c:49:72:e8:b1:32:99:94:9a: d5:d4:2e:91:2d:2a:3d:97:84:50:27:58:2b:6f:ac:56:27:02: cd:e3:f6:0c:55:36:22:c7:d3:48:74:3b:04:59:96:f7:ed:ad: 20:c4:c3:db:9b:5c:84:ea:b6:d4:6c:2f:b6:e4:10:87:bf:8e: d1:bf:d7:55:a8:51:7f:e0:35:b2:1f:42:26:1c:b8:60:40:8b: 51:af:43:72 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUNFC+dBk+UZKss/2Idxs/4ZotXDcwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMTQxMDI1MzhaFw0yNjExMTMxMDMwMzhaMDMxMTAvBgNV BAMTKDY3RTY4Qjg3NDkwRUZBNTlFRTRCRTg5RDc0OUUzNTA4Q0U1ODFDRTUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvuD2amgB9c6SGKnfHdq5S5SXX CMI1ZdcsVyiPHcjcC0wKPJLzl1FgOhEV/myUhoOA0Jz5zPZ8de8QKB7WZs9FDD4S xKvZBFFCQaw+JABtsY9BNiIE2rrphBlqea6NTyyWrQV/ByA48advDsrmPcBfW9Gq U2UZsZFm8YRucu4+QDOwQ2n4cWBc7DAA2mQIb3/wICgw3JObCTza2PgDyru4bGgz H2GvfoRWwD/1uM/Ea8mvJ1OySxudUMn3TXSSwmuIQL7Mf4CLT7wO4RohNxt8rGZM fncVPviAm0/6Bj0xQV5KN2/MPaFoh+rbv3zo7PAZ9Z6aGGZwJgzRxOuZdQQvAgMB AAGjggI1MIICMTAdBgNVHQ4EFgQUZ+aLh0kO+lnuS+iddJ41CM5YHOUwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzMzMjJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAgXHIDANBgkq hkiG9w0BAQsFAAOCAQEAEENM0wPLlThV2BQAzbTrp0eIQx1CqOHCZ19xWs9CHN2d y/4jkf2FX0R+41CFryuYXPHejPlXDfx1RmOzY97eI3+tVETTjEgajpOkvMZhPeX6 229ejsR4/hH1p3qg0XtiVbg1gVyMWDD4fWZFnL2scs7bQBA0S0TCTVxFKcXSopKi RQj5FPSCMkMLrU/Rh62BsTTbf9VmXrTjJssLX6Ia0+deAlUXUlIqjUyUXEly6LEy mZSa1dQukS0qPZeEUCdYK2+sVicCzeP2DFU2IsfTSHQ7BFmW9+2tIMTD25tchOq2 1GwvtuQQh7+O0b/XVahRf+A1sh9CJhy4YECLUa9Dcg== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:40 2025 by rpki-client