This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e34302e302f32312d3234203d3e20383334.roa File: 352e3139392e34302e302f32312d3234203d3e20383334.roa (raw, json) Hash identifier: RhmwnUF0evkCBGvNW9Pxo1FbNx1Hwmt7OynFlIb8KEI= Subject key identifier: 48:44:85:37:87:C8:A8:04:2E:D0:E9:ED:12:58:D1:FF:8F:62:9F:33 Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 6233981689F262A2676AC17A03C369018E9CB66B Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e34302e302f32312d3234203d3e20383334.roa Signing time: Fri 14 Nov 2025 10:30:38 +0000 ROA not before: Fri 14 Nov 2025 10:25:38 +0000 ROA not after: Fri 13 Nov 2026 10:30:38 +0000 asID: 834 IP address blocks: 5.199.40.0/21 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 28 Nov 2025 18:47:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:33:98:16:89:f2:62:a2:67:6a:c1:7a:03:c3:69:01:8e:9c:b6:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Nov 14 10:25:38 2025 GMT Not After : Nov 13 10:30:38 2026 GMT Subject: CN=4844853787C8A8042ED0E9ED1258D1FF8F629F33 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:66:fc:5e:11:86:bc:9d:99:91:27:43:e3:4c: 6c:48:bf:38:cf:e1:e1:74:3d:fd:7c:55:7f:b7:84: 71:ac:ac:ae:af:90:7f:9d:74:21:33:2c:54:fc:84: a9:7a:55:de:e3:a5:aa:55:06:b8:05:43:12:c0:4c: ee:4c:d2:d5:fe:98:de:b2:8b:27:83:80:9d:79:b7: 87:b2:69:2d:1e:65:34:17:c4:98:13:30:a2:56:51: c4:66:11:58:90:b7:b6:c0:cc:d0:77:47:f9:2e:2f: de:0b:49:c4:57:4e:01:3f:ff:fc:65:4f:0d:ee:92: 96:8e:94:f1:07:e6:a5:8b:6a:d1:6f:60:4e:e0:d5: ce:22:84:7d:f3:15:85:41:c2:6a:82:93:fe:e9:a4: 4f:58:05:52:c7:fb:80:59:0d:93:a2:27:55:05:40: 4a:99:5f:62:9a:30:13:e1:2d:53:d7:61:36:d8:58: cc:5f:52:a2:a4:c4:83:bb:c3:e9:f8:e2:89:c3:05: 43:4c:eb:64:84:6d:3d:39:59:52:0b:7c:c4:8f:5f: d8:bc:8d:11:43:b7:66:1d:95:86:d4:ca:9c:b0:b2: b7:7f:16:ca:e4:44:7b:ad:b9:cf:a0:b2:e7:61:28: a4:a1:8f:7a:86:8d:50:9f:f4:3d:ff:5b:a8:b5:5a: 29:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:44:85:37:87:C8:A8:04:2E:D0:E9:ED:12:58:D1:FF:8F:62:9F:33 X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e34302e302f32312d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.40.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:7f:a6:4b:60:8d:e7:fb:0b:1f:9a:66:0a:5b:2f:73:df:cf: 0c:51:50:ee:f9:02:05:e8:d2:ef:f5:e1:3e:3b:26:03:58:b0: 00:7d:8b:18:4f:f3:d3:a1:e6:aa:e1:9f:f3:f9:76:b4:c4:ba: aa:9b:b0:8a:12:d7:37:62:f0:4a:10:c8:77:74:56:36:a5:68: fe:8e:40:e0:31:11:e6:91:18:73:c3:fc:67:c9:72:93:54:58: 28:87:ef:9f:78:17:77:5b:a3:cc:ae:81:c7:83:eb:a2:65:2e: 00:0a:89:00:37:41:e5:cf:31:34:79:29:ee:b8:a2:22:1f:1d: 04:ab:e3:c5:72:27:d0:4e:39:3d:15:9c:68:3b:2e:99:f0:07: 41:ae:dd:e5:c6:6a:50:6a:5d:60:2b:18:ba:dd:5d:71:a8:e5: 64:e1:38:23:33:34:1e:70:21:db:52:47:17:5d:b5:9f:f1:55: 68:85:7d:ac:0f:14:45:83:49:85:cf:d8:ec:6d:d0:5c:c7:b5: 38:d9:9c:20:b2:b6:81:8b:64:e4:8b:e5:e6:47:73:b0:68:23: 64:b9:3b:bc:b0:09:9f:a3:31:51:b9:de:1c:54:43:71:e9:a0: 02:79:fe:7d:cf:ab:af:54:91:49:d0:d5:fc:6c:c6:05:5d:1b: d4:50:fb:96 -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgIUYjOYFonyYqJnasF6A8NpAY6ctmswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTExMTQxMDI1MzhaFw0yNjExMTMxMDMwMzhaMDMxMTAvBgNV BAMTKDQ4NDQ4NTM3ODdDOEE4MDQyRUQwRTlFRDEyNThEMUZGOEY2MjlGMzMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1ZvxeEYa8nZmRJ0PjTGxIvzjP 4eF0Pf18VX+3hHGsrK6vkH+ddCEzLFT8hKl6Vd7jpapVBrgFQxLATO5M0tX+mN6y iyeDgJ15t4eyaS0eZTQXxJgTMKJWUcRmEViQt7bAzNB3R/kuL94LScRXTgE///xl Tw3ukpaOlPEH5qWLatFvYE7g1c4ihH3zFYVBwmqCk/7ppE9YBVLH+4BZDZOiJ1UF QEqZX2KaMBPhLVPXYTbYWMxfUqKkxIO7w+n44onDBUNM62SEbT05WVILfMSPX9i8 jRFDt2YdlYbUypywsrd/FsrkRHutuc+gsudhKKShj3qGjVCf9D3/W6i1WikTAgMB AAGjggI1MIICMTAdBgNVHQ4EFgQUSESFN4fIqAQu0OntEljR/49inzMwHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgaUGCCsGAQUFBwELBIGYMIGVMIGSBggrBgEFBQcwC4aBhXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzQzMDJl MzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAK BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwXHKDANBgkq hkiG9w0BAQsFAAOCAQEAD3+mS2CN5/sLH5pmClsvc9/PDFFQ7vkCBejS7/XhPjsm A1iwAH2LGE/z06HmquGf8/l2tMS6qpuwihLXN2LwShDId3RWNqVo/o5A4DER5pEY c8P8Z8lyk1RYKIfvn3gXd1ujzK6Bx4PromUuAAqJADdB5c8xNHkp7riiIh8dBKvj xXIn0E45PRWcaDsumfAHQa7d5cZqUGpdYCsYut1dcajlZOE4IzM0HnAh21JHF121 n/FVaIV9rA8URYNJhc/Y7G3QXMe1ONmcILK2gYtk5Ivl5kdzsGgjZLk7vLAJn6Mx UbneHFRDcemgAnn+fc+rr1SRSdDV/GzGBV0b1FD7lg== -----END CERTIFICATE-----Generated at Fri Nov 28 06:10:44 2025 by rpki-client