This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3130303a3a2f34302d3438203d3e20323033333039.roa File: 326130663a316363353a3130303a3a2f34302d3438203d3e20323033333039.roa (raw, json) Hash identifier: KPdxYweyaoN6aJ1WDQcAbIzYbTq2UWw3eNhM2zo446w= Subject key identifier: 47:32:1D:E5:14:81:03:86:52:BA:F4:57:0E:CA:37:97:E3:AC:9A:80 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 538A810AE723556407B26C31666A9049CCB7D86C Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3130303a3a2f34302d3438203d3e20323033333039.roa Signing time: Sat 17 Jan 2026 21:12:31 +0000 ROA not before: Sat 17 Jan 2026 21:07:31 +0000 ROA not after: Sat 16 Jan 2027 21:12:31 +0000 asID: 203309 IP address blocks: 2a0f:1cc5:100::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:8a:81:0a:e7:23:55:64:07:b2:6c:31:66:6a:90:49:cc:b7:d8:6c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:07:31 2026 GMT Not After : Jan 16 21:12:31 2027 GMT Subject: CN=47321DE51481038652BAF4570ECA3797E3AC9A80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:85:78:e0:5b:a8:f8:1d:0b:ca:c8:2b:ab:e8: d4:73:f0:bf:de:7f:b3:6f:25:89:75:dc:38:22:72: 76:04:e4:34:8b:1e:72:10:e7:b5:c9:c8:7c:32:06: 96:ea:60:20:ff:95:f5:55:86:92:e5:1c:8b:a6:c6: 7a:45:08:c2:37:a3:df:07:e6:cd:e5:77:a4:d2:ff: f4:56:f3:2d:53:f1:05:87:e1:0f:5a:7c:6e:6c:2b: 66:fd:2b:00:a0:b7:38:d2:78:72:62:3e:db:5a:22: 48:8d:11:8f:36:1f:f9:83:be:08:6d:93:48:fd:fa: e6:ed:22:e2:76:8c:20:b7:bf:b1:06:53:0c:80:53: d4:82:91:2a:e1:72:c4:5d:a7:35:7a:cf:b5:3f:89: 02:7e:79:ba:ab:d0:3d:2a:55:2e:74:e6:50:e4:de: 0c:17:ba:76:b4:d4:59:96:c7:a9:d1:1e:5f:23:a6: 47:b1:3d:5b:1f:10:b0:58:11:db:12:9b:e5:b1:e0: 77:d7:c3:a5:ef:ac:5e:e5:bd:bb:a5:4b:a0:9d:88: 33:24:6f:21:98:11:14:28:8c:c4:7e:80:be:2d:8b: c7:38:73:f7:ad:5f:46:56:d3:37:72:59:a9:c3:5b: 5a:6d:a0:0e:4d:54:50:8b:4b:5d:c1:26:08:cd:c8: 7c:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:32:1D:E5:14:81:03:86:52:BA:F4:57:0E:CA:37:97:E3:AC:9A:80 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3130303a3a2f34302d3438203d3e20323033333039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:100::/40 Signature Algorithm: sha256WithRSAEncryption 02:8d:8f:4e:97:41:bf:a5:93:cf:60:06:d4:83:03:75:13:cb: 3b:5e:49:8e:15:08:8d:6e:a1:8a:a0:d5:44:d8:a2:3a:4b:39: f4:b4:e0:c0:07:84:11:73:20:b6:0f:73:71:af:48:74:0d:38: f1:11:5b:42:bb:54:df:45:16:21:c6:7e:b3:2c:0a:2c:6b:8d: d4:f0:5e:d7:b0:8f:ae:13:ea:c8:e0:8d:31:8c:81:a4:a4:c1: 6a:bf:e9:a6:96:1d:36:ab:46:dc:30:9b:a5:0b:52:03:16:eb: 0b:49:9d:b7:2f:63:6f:74:53:8d:a6:1c:ac:c1:fa:6c:3d:ee: d6:57:1c:ed:72:a8:7d:47:90:9b:45:2e:42:5b:70:69:98:db: cc:5d:ef:b8:64:ee:f8:c2:cd:f8:7a:c1:06:cb:a0:c7:d5:96: bc:0e:0e:4f:b8:26:03:0c:c0:e0:1d:09:7a:d1:c3:41:10:48: 4b:90:53:7a:a9:81:bb:10:80:67:37:14:17:a0:50:5a:dd:63: 51:17:a6:1a:9f:ee:e3:f7:6d:e1:3c:c6:b1:85:70:da:24:a3: ab:38:1f:c3:13:d4:00:e8:11:fa:8d:8f:ee:dd:04:fc:11:34: 36:c1:ee:94:94:9f:af:84:e6:06:66:14:14:98:46:e2:43:cb: 19:26:48:d9 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUU4qBCucjVWQHsmwxZmqQScy32GwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTA3MzFaFw0yNzAxMTYyMTEyMzFaMDMxMTAvBgNV BAMTKDQ3MzIxREU1MTQ4MTAzODY1MkJBRjQ1NzBFQ0EzNzk3RTNBQzlBODAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIhXjgW6j4HQvKyCur6NRz8L/e f7NvJYl13DgicnYE5DSLHnIQ57XJyHwyBpbqYCD/lfVVhpLlHIumxnpFCMI3o98H 5s3ld6TS//RW8y1T8QWH4Q9afG5sK2b9KwCgtzjSeHJiPttaIkiNEY82H/mDvght k0j9+ubtIuJ2jCC3v7EGUwyAU9SCkSrhcsRdpzV6z7U/iQJ+ebqr0D0qVS505lDk 3gwXuna01FmWx6nRHl8jpkexPVsfELBYEdsSm+Wx4HfXw6XvrF7lvbulS6CdiDMk byGYERQojMR+gL4ti8c4c/etX0ZW0zdyWanDW1ptoA5NVFCLS13BJgjNyHwrAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQURzId5RSBA4ZSuvRXDso3l+OsmoAwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzMzMzMwMzkucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqDxzFATANBgkqhkiG9w0BAQsFAAOCAQEAAo2PTpdBv6WTz2AG1IMD dRPLO15JjhUIjW6hiqDVRNiiOks59LTgwAeEEXMgtg9zca9IdA048RFbQrtU30UW IcZ+sywKLGuN1PBe17CPrhPqyOCNMYyBpKTBar/pppYdNqtG3DCbpQtSAxbrC0md ty9jb3RTjaYcrMH6bD3u1lcc7XKofUeQm0UuQltwaZjbzF3vuGTu+MLN+HrBBsug x9WWvA4OT7gmAwzA4B0JetHDQRBIS5BTeqmBuxCAZzcUF6BQWt1jURemGp/u4/dt 4TzGsYVw2iSjqzgfwxPUAOgR+o2P7t0E/BE0NsHulJSfr4TmBmYUFJhG4kPLGSZI 2Q== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:26 2026 by rpki-client