This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa File: 326130663a316363313a3a2f33322d3438203d3e20323134303236.roa (raw, json) Hash identifier: 0Mmksrtruh7fbUKALb2tK8xrOixD39y8EOgMrAELKKs= Subject key identifier: EA:3D:2A:55:AD:A3:CA:88:EC:59:CA:E5:0D:AC:8C:6F:F5:C8:E0:4D Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 4CE4C7A6BD9CA9419EA0C1C55E90F6CC1DD0FCBD Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa Signing time: Sat 17 Jan 2026 21:24:22 +0000 ROA not before: Sat 17 Jan 2026 21:19:22 +0000 ROA not after: Sat 16 Jan 2027 21:24:22 +0000 asID: 214026 IP address blocks: 2a0f:1cc1::/32 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:e4:c7:a6:bd:9c:a9:41:9e:a0:c1:c5:5e:90:f6:cc:1d:d0:fc:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:19:22 2026 GMT Not After : Jan 16 21:24:22 2027 GMT Subject: CN=EA3D2A55ADA3CA88EC59CAE50DAC8C6FF5C8E04D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:98:ec:69:90:ca:96:27:1a:a2:84:62:69:78: d4:0d:93:03:81:6e:06:d9:3c:37:04:d4:a1:8f:1b: be:f4:30:5a:9d:fe:2f:46:ea:08:8a:66:93:87:a9: 69:0b:0e:5a:e3:1d:4b:3e:c5:eb:43:39:09:8d:68: 4d:00:cd:3c:d7:4b:5a:5c:2b:60:64:d5:f8:a9:4c: 93:7d:a4:72:94:70:36:11:8a:f1:fb:e5:af:99:b3: 87:14:b5:1c:45:b7:27:35:d1:ab:0f:3c:b8:76:a3: a6:b5:f8:41:e6:13:3a:cb:64:ef:df:f8:ea:ea:d7: 31:e3:56:0b:57:e1:b7:60:2d:30:c1:09:66:60:ae: e3:51:1f:86:5d:5c:09:c0:39:62:c0:26:38:7e:8a: fe:e7:ed:33:dd:46:13:c7:b9:25:29:6d:af:e0:2c: c8:b3:44:6d:b3:7b:20:03:16:2d:5d:82:75:86:08: b6:f4:87:09:b2:2b:d4:58:f7:eb:86:96:38:19:ec: ee:50:32:0f:d1:66:33:7e:81:ef:7a:64:d3:c3:ba: 28:1e:a0:b1:c4:6c:6e:24:1f:f2:2f:6d:ad:af:91: de:b8:e3:e6:af:20:51:5b:c5:de:38:a1:31:3b:6a: ff:cc:91:f0:23:53:c4:e9:0e:a5:53:ea:cd:2a:08: 30:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:3D:2A:55:AD:A3:CA:88:EC:59:CA:E5:0D:AC:8C:6F:F5:C8:E0:4D X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363313a3a2f33322d3438203d3e20323134303236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc1::/32 Signature Algorithm: sha256WithRSAEncryption 62:5b:ea:a2:26:22:02:ca:2d:f0:10:2a:51:8b:e4:5e:78:31: 9c:dc:43:03:14:d6:b4:96:df:cd:b6:22:ce:14:c8:f4:bf:4c: 9b:8e:6f:a2:31:ff:be:34:6a:6f:6e:b9:c2:1e:02:ef:c7:22: 79:db:77:96:c5:46:f2:f2:45:6b:cd:3b:9c:fb:80:35:19:f8: de:26:4f:5a:34:22:26:13:37:4e:88:5b:52:34:75:d9:cc:8b: 35:d0:92:89:c9:44:aa:80:1d:e6:2c:7c:54:cc:8c:10:da:94: 11:77:ab:f4:b0:ad:f6:d4:27:01:c8:62:89:b8:7f:a1:cd:2c: df:4c:ed:ad:aa:00:4b:17:de:17:8d:26:1d:eb:94:a7:20:74: 7c:85:c9:fd:d4:e8:09:0a:24:a9:f9:48:a8:b5:ef:57:ff:72: 0a:b0:9d:91:9a:ef:1a:87:3d:c1:f3:68:87:f2:4d:8f:c2:02: 22:4b:99:e0:01:aa:14:6c:41:9d:96:1f:db:59:79:9b:9a:1c: 39:21:1f:2f:59:ac:0e:42:7e:69:6d:f4:e8:a6:8e:17:8b:3f: 3f:df:f2:42:95:c1:b0:ba:1d:a8:7b:3a:63:9a:65:25:ab:aa: c8:66:5e:d9:13:aa:b2:8c:d5:fc:6b:eb:ab:c9:b9:5a:0e:35: 31:15:32:f5 -----BEGIN CERTIFICATE----- MIIFNDCCBBygAwIBAgIUTOTHpr2cqUGeoMHFXpD2zB3Q/L0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTE5MjJaFw0yNzAxMTYyMTI0MjJaMDMxMTAvBgNV BAMTKEVBM0QyQTU1QURBM0NBODhFQzU5Q0FFNTBEQUM4QzZGRjVDOEUwNEQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgmOxpkMqWJxqihGJpeNQNkwOB bgbZPDcE1KGPG770MFqd/i9G6giKZpOHqWkLDlrjHUs+xetDOQmNaE0AzTzXS1pc K2Bk1fipTJN9pHKUcDYRivH75a+Zs4cUtRxFtyc10asPPLh2o6a1+EHmEzrLZO/f +Orq1zHjVgtX4bdgLTDBCWZgruNRH4ZdXAnAOWLAJjh+iv7n7TPdRhPHuSUpba/g LMizRG2zeyADFi1dgnWGCLb0hwmyK9RY9+uGljgZ7O5QMg/RZjN+ge96ZNPDuige oLHEbG4kH/Ivba2vkd644+avIFFbxd44oTE7av/MkfAjU8TpDqVT6s0qCDAzAgMB AAGjggI+MIICOjAdBgNVHQ4EFgQU6j0qVa2jyojsWcrlDayMb/XI4E0wHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzMx M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzMTM0MzAzMjM2LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUA Kg8cwTANBgkqhkiG9w0BAQsFAAOCAQEAYlvqoiYiAsot8BAqUYvkXngxnNxDAxTW tJbfzbYizhTI9L9Mm45vojH/vjRqb265wh4C78ciedt3lsVG8vJFa807nPuANRn4 3iZPWjQiJhM3TohbUjR12cyLNdCSiclEqoAd5ix8VMyMENqUEXer9LCt9tQnAchi ibh/oc0s30ztraoASxfeF40mHeuUpyB0fIXJ/dToCQokqflIqLXvV/9yCrCdkZrv Goc9wfNoh/JNj8ICIkuZ4AGqFGxBnZYf21l5m5ocOSEfL1msDkJ+aW306KaOF4s/ P9/yQpXBsLodqHs6Y5plJauqyGZe2ROqsozV/Gvrq8m5Wg41MRUy9Q== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:30 2026 by rpki-client