This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363323a3a2f33322d3430203d3e203535323031.roa File: 326130663a316363323a3a2f33322d3430203d3e203535323031.roa (raw, json) Hash identifier: GoVxMbuxvRYAhL8X1ylPrO2LPPd0V08hTTxPYE/XoV8= Subject key identifier: 53:DB:11:06:3C:45:A4:D2:68:5C:BA:79:A6:37:E5:4C:D0:D8:89:50 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 6F85D2E852E44854811E92A2EC604C19CD43F220 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363323a3a2f33322d3430203d3e203535323031.roa Signing time: Sat 17 Jan 2026 21:02:58 +0000 ROA not before: Sat 17 Jan 2026 20:57:58 +0000 ROA not after: Sat 16 Jan 2027 21:02:58 +0000 asID: 55201 IP address blocks: 2a0f:1cc2::/32 maxlen: 40 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6f:85:d2:e8:52:e4:48:54:81:1e:92:a2:ec:60:4c:19:cd:43:f2:20 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 20:57:58 2026 GMT Not After : Jan 16 21:02:58 2027 GMT Subject: CN=53DB11063C45A4D2685CBA79A637E54CD0D88950 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:78:ab:1f:36:5b:1c:d6:a6:fa:b7:fc:6b:5f: f2:ae:1e:02:65:f6:17:0a:84:7c:a5:e8:4d:07:6f: 46:5d:3a:1f:b6:d4:1f:b5:90:aa:e9:c4:bb:d7:ce: f2:bc:47:1b:1e:bb:8d:05:83:ad:23:f2:b6:cc:b3: b6:f6:ff:f6:d4:a4:35:e2:82:5d:71:64:72:0a:53: 99:a6:3b:46:4e:f2:c5:e2:51:92:80:b4:dd:e5:d7: a8:47:6d:9a:d4:55:2f:94:99:e4:7c:9c:6a:dd:3d: 18:f9:35:22:c4:f2:ad:00:7f:51:d6:66:a2:e3:a6: 85:a5:71:d8:df:3c:f8:a9:cb:06:0e:be:ba:c4:1e: af:f6:90:38:49:c3:71:69:5b:10:5b:35:8a:a2:43: 2f:00:13:1a:d9:7c:f1:0f:44:e4:6a:f4:32:81:a1: 1c:8f:fa:05:98:5d:58:a6:3b:0d:74:1d:46:15:a3: 52:46:4d:18:a7:d6:85:a1:81:64:ca:c8:f5:d5:47: 38:51:2b:76:82:55:86:1a:7f:fa:df:27:db:15:7b: 8b:03:ff:68:04:c1:83:db:22:74:32:c0:b8:6e:7a: 50:01:de:ad:5e:be:23:b7:81:6c:c9:91:42:b2:2f: 36:73:9c:74:2d:79:cc:9b:26:34:c6:0b:c4:73:d7: 14:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 53:DB:11:06:3C:45:A4:D2:68:5C:BA:79:A6:37:E5:4C:D0:D8:89:50 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363323a3a2f33322d3430203d3e203535323031.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc2::/32 Signature Algorithm: sha256WithRSAEncryption 84:47:d9:d3:fd:63:63:0f:7d:5d:98:e1:d7:28:14:16:5c:62: ca:e3:cc:76:04:6b:83:b9:1d:22:ef:de:e5:1a:42:03:b8:04: 77:a8:8b:a2:3a:6e:6a:a4:3e:3e:c6:c0:a9:8a:e1:ac:ad:bc: f3:9a:bd:d6:b9:b3:59:19:fe:2a:6f:72:e6:08:c9:ac:1c:33: 9c:c2:8e:cc:2e:b9:87:cc:6e:b9:8a:c8:42:d9:5f:e2:71:54: da:6b:a9:8a:d6:5f:42:59:6b:03:c7:b8:ca:e1:ab:5a:df:f1: ca:8c:56:f0:7e:a2:3d:8f:21:05:6a:ad:ad:5d:18:8b:97:21: e4:34:ed:78:d5:67:11:3b:35:1a:6d:51:ea:7d:3c:92:11:71: 41:9a:f9:ec:38:aa:87:1c:7e:77:65:e9:f6:9f:c5:f9:e7:43: f2:8a:b4:de:ba:ff:9e:e3:96:db:56:f6:6a:c3:46:b8:45:7c: a6:42:45:39:25:e6:d9:d6:a1:9a:8b:45:73:59:c5:d1:23:ce: d5:89:c4:2e:cc:c0:58:41:c7:2e:69:b7:bc:09:7b:6e:a0:21: ca:6e:bf:7e:fd:2f:02:f4:e2:3c:de:ab:92:6c:02:00:10:33: d9:17:8a:a7:03:02:2a:fb:e1:4f:db:35:7f:57:79:05:24:9e: 94:6a:e6:56 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUb4XS6FLkSFSBHpKi7GBMGc1D8iAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMDU3NThaFw0yNzAxMTYyMTAyNThaMDMxMTAvBgNV BAMTKDUzREIxMTA2M0M0NUE0RDI2ODVDQkE3OUE2MzdFNTRDRDBEODg5NTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEeKsfNlsc1qb6t/xrX/KuHgJl 9hcKhHyl6E0Hb0ZdOh+21B+1kKrpxLvXzvK8Rxseu40Fg60j8rbMs7b2//bUpDXi gl1xZHIKU5mmO0ZO8sXiUZKAtN3l16hHbZrUVS+UmeR8nGrdPRj5NSLE8q0Af1HW ZqLjpoWlcdjfPPipywYOvrrEHq/2kDhJw3FpWxBbNYqiQy8AExrZfPEPRORq9DKB oRyP+gWYXVimOw10HUYVo1JGTRin1oWhgWTKyPXVRzhRK3aCVYYaf/rfJ9sVe4sD /2gEwYPbInQywLhuelAB3q1eviO3gWzJkUKyLzZznHQtecybJjTGC8Rz1xQPAgMB AAGjggI8MIICODAdBgNVHQ4EFgQUU9sRBjxFpNJoXLp5pjflTNDYiVAwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzMy M2EzYTJmMzMzMjJkMzQzMDIwM2QzZTIwMzUzNTMyMzAzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoP HMIwDQYJKoZIhvcNAQELBQADggEBAIRH2dP9Y2MPfV2Y4dcoFBZcYsrjzHYEa4O5 HSLv3uUaQgO4BHeoi6I6bmqkPj7GwKmK4aytvPOavda5s1kZ/ipvcuYIyawcM5zC jswuuYfMbrmKyELZX+JxVNprqYrWX0JZawPHuMrhq1rf8cqMVvB+oj2PIQVqra1d GIuXIeQ07XjVZxE7NRptUep9PJIRcUGa+ew4qoccfndl6fafxfnnQ/KKtN66/57j lttW9mrDRrhFfKZCRTkl5tnWoZqLRXNZxdEjztWJxC7MwFhBxy5pt7wJe26gIcpu v379LwL04jzeq5JsAgAQM9kXiqcDAir74U/bNX9XeQUknpRq5lY= -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:33 2026 by rpki-client