This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa File: 326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa (raw, json) Hash identifier: zOwHDjdhedqSqEGyWds4coIp7+ut0lW+Oo9tUWToG3g= Subject key identifier: C7:BD:3E:68:91:0F:C5:2F:35:F4:BF:CA:B8:2B:09:45:B5:D1:0E:AF Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 55124749DCA7F33E24421BE677B0D8BF6F079BA4 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa Signing time: Sat 17 Jan 2026 21:24:00 +0000 ROA not before: Sat 17 Jan 2026 21:19:00 +0000 ROA not after: Sat 16 Jan 2027 21:24:00 +0000 asID: 213878 IP address blocks: 2a0f:1cc5:1400::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55:12:47:49:dc:a7:f3:3e:24:42:1b:e6:77:b0:d8:bf:6f:07:9b:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:19:00 2026 GMT Not After : Jan 16 21:24:00 2027 GMT Subject: CN=C7BD3E68910FC52F35F4BFCAB82B0945B5D10EAF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:07:4f:3a:fe:23:52:1f:fd:35:62:b4:7c:60: 95:ff:bf:09:c7:74:e9:18:0b:d2:56:b1:54:8b:9c: 72:e9:3b:d6:83:f7:a3:31:99:82:7c:db:47:37:06: d0:da:f5:14:5b:a2:99:41:65:05:de:a0:32:86:70: ba:c4:f9:0f:4b:19:dc:ce:df:ca:26:d4:5a:cb:80: 53:6e:c3:7f:a4:ce:a9:d6:8e:93:af:8a:48:05:cd: 74:11:11:42:2c:d9:73:75:3f:64:48:c1:54:30:ba: fd:71:6b:45:98:b9:30:34:00:33:07:65:41:e0:60: a0:ee:9e:40:27:40:c1:89:a0:e9:f5:29:9f:bb:53: ee:45:1a:44:fe:48:1c:e6:4d:0e:0f:7c:fd:84:cd: cb:44:c8:3d:3d:38:2c:af:6d:cf:e0:88:fd:ba:09: 4d:d7:da:8f:eb:f1:7a:0e:6a:cb:75:d5:aa:3d:e7: dd:3c:17:29:ef:03:74:6f:a6:30:c2:79:01:47:da: 53:a7:5a:9d:34:5d:61:ec:ed:c9:e0:24:d9:29:18: 9a:f7:57:2c:91:f8:6e:05:ce:c0:51:56:f0:bd:16: e7:4f:68:06:d2:49:c3:31:67:47:a3:0f:47:47:b1: d3:cf:57:82:33:f7:27:5d:55:86:36:ec:3d:35:23: ec:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:BD:3E:68:91:0F:C5:2F:35:F4:BF:CA:B8:2B:09:45:B5:D1:0E:AF X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313430303a3a2f34302d3438203d3e20323133383738.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:1400::/40 Signature Algorithm: sha256WithRSAEncryption 32:64:ef:24:9f:0c:50:12:ca:7e:de:53:2f:2d:f4:4d:55:aa: 99:12:b6:36:1a:8f:9d:fc:2d:91:3f:03:bb:de:46:b6:d5:59: 1b:f9:bc:f4:4e:8a:8e:91:98:10:21:64:09:66:57:6c:90:98: ed:27:46:5b:6c:84:c5:a1:d5:fc:c7:8d:c4:36:38:bd:b9:52: cd:aa:8e:26:38:d6:2e:0f:b3:8f:69:36:ad:25:1c:60:8e:91: 19:24:cc:44:48:c0:b5:ae:58:16:db:ab:29:55:90:0b:43:07: 2e:23:f1:a1:1b:ab:04:a1:91:58:88:5f:31:4d:9a:d9:3a:c8: c6:03:9a:37:82:da:ad:6e:1d:59:6e:16:3c:a1:46:72:da:f2: e9:4b:36:1d:2a:a0:71:b2:ec:5f:b7:9a:d1:ba:be:aa:27:3a: a5:ba:64:63:b4:29:2f:8a:42:56:92:41:9d:d2:cb:de:35:f3: ca:74:0b:42:81:ac:5f:5f:08:0e:e7:86:9c:98:d2:36:51:df: 9c:fd:5e:7f:9c:55:1a:80:c4:81:d9:88:cf:a9:2c:3c:84:55: a0:a1:9e:df:69:fc:dd:64:5d:e5:cd:5e:cd:55:34:aa:3e:8e: 21:da:75:68:f8:8b:a9:be:ae:3d:7d:7d:99:ce:46:f9:6c:6f: 53:3d:7e:cc -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIUVRJHSdyn8z4kQhvmd7DYv28Hm6QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTE5MDBaFw0yNzAxMTYyMTI0MDBaMDMxMTAvBgNV BAMTKEM3QkQzRTY4OTEwRkM1MkYzNUY0QkZDQUI4MkIwOTQ1QjVEMTBFQUYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrB086/iNSH/01YrR8YJX/vwnH dOkYC9JWsVSLnHLpO9aD96MxmYJ820c3BtDa9RRboplBZQXeoDKGcLrE+Q9LGdzO 38om1FrLgFNuw3+kzqnWjpOvikgFzXQREUIs2XN1P2RIwVQwuv1xa0WYuTA0ADMH ZUHgYKDunkAnQMGJoOn1KZ+7U+5FGkT+SBzmTQ4PfP2EzctEyD09OCyvbc/giP26 CU3X2o/r8XoOast11ao95908FynvA3RvpjDCeQFH2lOnWp00XWHs7cngJNkpGJr3 VyyR+G4FzsBRVvC9FudPaAbSScMxZ0ejD0dHsdPPV4Iz9yddVYY27D01I+wJAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUx70+aJEPxS819L/KuCsJRbXRDq8wHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTM0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMzM4MzczOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUUMA0GCSqGSIb3DQEBCwUAA4IBAQAyZO8knwxQEsp+3lMv LfRNVaqZErY2Go+d/C2RPwO73ka21Vkb+bz0ToqOkZgQIWQJZldskJjtJ0ZbbITF odX8x43ENji9uVLNqo4mONYuD7OPaTatJRxgjpEZJMxESMC1rlgW26spVZALQwcu I/GhG6sEoZFYiF8xTZrZOsjGA5o3gtqtbh1ZbhY8oUZy2vLpSzYdKqBxsuxft5rR ur6qJzqlumRjtCkvikJWkkGd0sveNfPKdAtCgaxfXwgO54acmNI2Ud+c/V5/nFUa gMSB2YjPqSw8hFWgoZ7fafzdZF3lzV7NVTSqPo4h2nVo+Iupvq49fX2Zzkb5bG9T PX7M -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:36 2026 by rpki-client