This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20383334.roa File: 322e35392e36332e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: 8DqvUUgTHwg4fnhfYD2q3DFHCSCucv2RToLFRdMK/4s= Subject key identifier: 32:4F:7E:76:D1:28:96:51:F9:B8:92:D0:79:E5:E1:3E:34:AD:18:9B Certificate issuer: /CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6 Certificate serial: 6E7482EA5364223EA2623F770FAA155A8B948324 Authority key identifier: A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20383334.roa Signing time: Sat 10 Jan 2026 04:37:45 +0000 ROA not before: Sat 10 Jan 2026 04:32:45 +0000 ROA not after: Sat 09 Jan 2027 04:37:45 +0000 asID: 834 IP address blocks: 2.59.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.mft rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 20:58:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:74:82:ea:53:64:22:3e:a2:62:3f:77:0f:aa:15:5a:8b:94:83:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a9420e6c6f24b0e422da7fe7e420ef50354f45c6 Validity Not Before: Jan 10 04:32:45 2026 GMT Not After : Jan 9 04:37:45 2027 GMT Subject: CN=324F7E76D1289651F9B892D079E5E13E34AD189B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:bc:af:03:27:7a:4b:bc:f1:84:e9:67:af:8c: ec:16:b5:4c:ab:04:a3:66:b2:7e:48:72:9e:25:3c: f1:d3:11:82:62:d7:f1:d3:4c:de:dd:16:3e:56:09: 72:0d:f0:3a:75:57:37:f9:be:76:9f:91:81:a2:99: 7c:18:2a:37:64:48:65:9a:b7:f0:07:36:98:00:5b: a3:b5:40:48:48:51:f9:db:59:96:f1:55:d8:2f:4e: ec:87:90:ad:11:89:cc:c9:2b:b2:f1:31:60:b9:ce: 8f:2c:67:18:f0:1b:41:78:c4:f8:d5:e7:53:b5:e1: 70:15:ff:83:2e:43:cc:f1:3a:7e:d3:59:77:cc:03: 61:80:e3:73:58:ce:ea:2e:cd:9e:2a:f2:f0:e8:e6: 00:80:d6:03:c5:c9:d8:28:e3:df:6a:2b:2b:01:45: 37:5b:16:50:05:61:06:3a:e9:16:e4:1a:99:6d:cc: de:b2:d3:ad:3e:17:f8:dd:d8:2f:a9:2d:18:54:8e: 73:8c:91:85:ba:8e:b0:d3:cb:5b:d5:01:cf:9d:9b: 74:b9:18:26:03:a2:d5:48:a3:12:8e:d5:1c:9d:15: 15:3a:cd:d4:78:38:6a:d4:ca:46:fa:33:ac:71:e9: 1d:8f:4f:9a:53:5d:a2:17:f2:a5:d3:6a:1d:a0:2f: d0:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:4F:7E:76:D1:28:96:51:F9:B8:92:D0:79:E5:E1:3E:34:AD:18:9B X509v3 Authority Key Identifier: keyid:A9:42:0E:6C:6F:24:B0:E4:22:DA:7F:E7:E4:20:EF:50:35:4F:45:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/A9420E6C6F24B0E422DA7FE7E420EF50354F45C6.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qUIObG8ksOQi2n_n5CDvUDVPRcY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/1f9823d0-0855-41f2-ac46-59a2e98da736/1/322e35392e36332e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.63.0/24 Signature Algorithm: sha256WithRSAEncryption 8f:57:50:65:53:30:05:c0:de:78:05:46:ff:62:57:b6:a7:6d: 38:2e:64:e3:46:cc:c6:44:cd:8d:21:51:47:d0:6a:9e:68:a5: 3e:ff:40:5c:54:f7:57:b6:3b:ce:e3:fe:50:46:97:42:18:86: 8a:ec:e0:91:e7:ba:eb:7f:20:a9:eb:76:43:51:37:47:d4:ea: 44:1e:92:f8:2f:a8:fa:65:e0:a1:06:64:42:bd:51:35:01:8b: 7d:4e:00:34:a2:74:ec:cd:01:b5:f8:cf:d0:79:f6:c4:ff:b1: f7:d8:d5:14:8a:f2:3f:76:93:aa:69:27:b8:95:a5:16:a7:1f: a2:58:f4:11:55:b3:b7:49:70:44:ce:92:aa:84:3e:f4:85:ab: 22:c6:31:56:bf:54:8e:93:42:c1:32:c5:67:a7:1f:79:54:e7: b9:91:d4:68:1e:96:b1:58:31:34:6b:4c:0f:f4:55:62:06:35: 52:a2:73:f9:e0:0d:3d:a7:48:d7:fa:41:dc:db:e5:4c:da:f9: 38:77:72:9a:2b:03:30:a2:65:9b:4d:2c:45:af:c9:ed:9f:c9: 1c:a8:81:e3:ed:52:5c:59:9e:82:2b:74:de:e6:b9:2c:76:f8: 27:3e:fa:8d:12:42:61:2f:ab:25:d7:c7:ab:c7:fc:ed:25:c6: 19:e6:0a:4b -----BEGIN CERTIFICATE----- MIIFKTCCBBGgAwIBAgIUbnSC6lNkIj6iYj93D6oVWouUgyQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYTk0MjBlNmM2ZjI0YjBlNDIyZGE3ZmU3ZTQyMGVmNTAz NTRmNDVjNjAeFw0yNjAxMTAwNDMyNDVaFw0yNzAxMDkwNDM3NDVaMDMxMTAvBgNV BAMTKDMyNEY3RTc2RDEyODk2NTFGOUI4OTJEMDc5RTVFMTNFMzRBRDE4OUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgvK8DJ3pLvPGE6WevjOwWtUyr BKNmsn5Icp4lPPHTEYJi1/HTTN7dFj5WCXIN8Dp1Vzf5vnafkYGimXwYKjdkSGWa t/AHNpgAW6O1QEhIUfnbWZbxVdgvTuyHkK0RiczJK7LxMWC5zo8sZxjwG0F4xPjV 51O14XAV/4MuQ8zxOn7TWXfMA2GA43NYzuouzZ4q8vDo5gCA1gPFydgo499qKysB RTdbFlAFYQY66RbkGpltzN6y060+F/jd2C+pLRhUjnOMkYW6jrDTy1vVAc+dm3S5 GCYDotVIoxKO1RydFRU6zdR4OGrUykb6M6xx6R2PT5pTXaIX8qXTah2gL9D7AgMB AAGjggIzMIICLzAdBgNVHQ4EFgQUMk9+dtEollH5uJLQeeXhPjStGJswHwYDVR0j BBgwFoAUqUIObG8ksOQi2n/n5CDvUDVPRcYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAtMDg1NS00MWYyLWFjNDYtNTlhMmU5OGRh NzM2LzEvQTk0MjBFNkM2RjI0QjBFNDIyREE3RkU3RTQyMEVGNTAzNTRGNDVDNi5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3FVSU9iRzhrc09RaTJuX241Q0R2VURW UFJjWS5jZXIwgaMGCCsGAQUFBwELBIGWMIGTMIGQBggrBgEFBQcwC4aBg3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMWY5ODIzZDAt MDg1NS00MWYyLWFjNDYtNTlhMmU5OGRhNzM2LzEvMzIyZTM1MzkyZTM2MzMyZTMw MmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOz8wDQYJKoZI hvcNAQELBQADggEBAI9XUGVTMAXA3ngFRv9iV7anbTguZONGzMZEzY0hUUfQap5o pT7/QFxU91e2O87j/lBGl0IYhors4JHnuut/IKnrdkNRN0fU6kQekvgvqPpl4KEG ZEK9UTUBi31OADSidOzNAbX4z9B59sT/sffY1RSK8j92k6ppJ7iVpRanH6JY9BFV s7dJcETOkqqEPvSFqyLGMVa/VI6TQsEyxWenH3lU57mR1GgelrFYMTRrTA/0VWIG NVKic/ngDT2nSNf6Qdzb5Uza+Th3cporAzCiZZtNLEWvye2fyRyogePtUlxZnoIr dN7muSx2+Cc++o0SQmEvqyXXx6vH/O0lxhnmCks= -----END CERTIFICATE-----Generated at Sun Jan 11 07:17:23 2026 by rpki-client