This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa File: 326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa (raw, json) Hash identifier: LD1kZoESri8SSiT70G4BwNPurj1h2Z8rsheZy9D25wQ= Subject key identifier: CA:A9:5A:DD:BA:FF:41:FB:F0:80:23:EC:B0:9C:42:49:35:91:0B:58 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 4737C7BF34F25E5E05FDDFD02DAE4271F02F0A75 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa Signing time: Sat 17 Jan 2026 21:23:00 +0000 ROA not before: Sat 17 Jan 2026 21:18:00 +0000 ROA not after: Sat 16 Jan 2027 21:23:00 +0000 asID: 212483 IP address blocks: 2a0f:1cc5:1800::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:37:c7:bf:34:f2:5e:5e:05:fd:df:d0:2d:ae:42:71:f0:2f:0a:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:18:00 2026 GMT Not After : Jan 16 21:23:00 2027 GMT Subject: CN=CAA95ADDBAFF41FBF08023ECB09C424935910B58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:5a:3c:c1:3a:7f:ad:19:86:0b:f7:93:d4:3f: 46:7b:46:bf:73:ba:1d:7e:a8:c1:9f:91:70:f6:91: db:72:d7:ae:ac:c2:de:53:07:f5:67:c0:06:8c:30: b6:ff:80:ad:b9:64:6a:f0:c4:a3:1a:22:66:fa:9f: 4c:0f:a6:a5:ca:ab:de:59:de:96:aa:0b:2e:1e:59: 14:c2:af:d2:79:a8:ba:fb:50:c5:ff:e5:7f:ef:bd: c1:2f:6f:ad:bc:55:f9:48:7e:5b:ba:29:ea:a4:d6: 90:de:cb:72:37:7d:c2:bc:23:9e:01:cc:9b:da:19: 54:37:8f:94:d3:03:9f:1d:e9:8f:16:1e:65:76:0a: 68:2e:33:4e:5e:7f:60:40:eb:8f:64:8c:93:ad:65: 87:b4:41:33:dc:52:c9:d8:a6:78:ba:bd:22:36:41: db:ab:f4:cc:74:75:33:87:27:c3:90:ff:31:bf:d2: 31:64:e7:de:f2:d5:e2:64:70:c3:ec:bf:e1:fc:01: 82:19:c1:b5:8e:f0:c8:a7:54:a9:b2:e1:39:29:8b: cf:74:3c:80:b6:f5:d6:9f:e1:c1:89:54:d0:c9:37: 7f:91:6a:03:1e:c8:9f:de:75:a7:d9:00:be:28:fe: 45:96:18:70:9c:17:5c:9f:3a:23:0e:43:25:91:04: 50:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CA:A9:5A:DD:BA:FF:41:FB:F0:80:23:EC:B0:9C:42:49:35:91:0B:58 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a313830303a3a2f34302d3438203d3e20323132343833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:1800::/40 Signature Algorithm: sha256WithRSAEncryption 98:bd:ac:ff:da:8d:66:d4:da:70:46:8b:d0:04:4c:4c:01:10: 44:61:01:22:82:b1:9a:2f:da:f7:27:77:37:0d:82:8b:73:6c: 12:90:d2:d0:2f:e9:0f:9e:e6:de:2d:90:7e:59:c3:a7:82:3e: e5:41:4b:de:d1:c3:6a:a0:b0:e3:b3:7a:43:0a:e9:1a:88:f5: 97:bf:0c:e4:1b:64:8d:68:e0:28:f3:bc:c6:7b:e2:da:ae:15: 9d:de:f0:1e:31:e3:0a:e4:f9:d6:13:ce:eb:d6:d8:30:d6:36: 80:42:1a:f6:43:df:2f:4e:d4:fe:b4:ec:38:e4:67:58:7a:69: 65:9a:7d:f3:60:02:8e:7b:b7:ff:e3:44:16:af:c0:49:50:46: c9:e5:d6:16:5a:1e:b3:e1:df:6d:19:a5:e2:14:30:61:78:bb: be:f2:4a:71:e5:bc:8b:9a:ac:8f:0a:90:f6:9e:75:0f:dd:25: 6a:05:82:77:5f:4c:9c:c4:e4:e2:08:60:25:de:4e:94:58:0a: a9:a2:c3:a9:9b:d4:59:dc:ec:60:3f:50:84:72:95:45:04:06: 86:19:62:fc:bb:e4:3c:aa:10:39:24:eb:cb:cd:6a:d6:3e:4f: e5:b5:eb:ef:86:b0:7e:44:91:0d:1a:74:9a:2c:a3:fc:58:63: a3:3e:32:9d -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIURzfHvzTyXl4F/d/QLa5CcfAvCnUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTE4MDBaFw0yNzAxMTYyMTIzMDBaMDMxMTAvBgNV BAMTKENBQTk1QUREQkFGRjQxRkJGMDgwMjNFQ0IwOUM0MjQ5MzU5MTBCNTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClWjzBOn+tGYYL95PUP0Z7Rr9z uh1+qMGfkXD2kdty166swt5TB/VnwAaMMLb/gK25ZGrwxKMaImb6n0wPpqXKq95Z 3paqCy4eWRTCr9J5qLr7UMX/5X/vvcEvb628VflIflu6Keqk1pDey3I3fcK8I54B zJvaGVQ3j5TTA58d6Y8WHmV2CmguM05ef2BA649kjJOtZYe0QTPcUsnYpni6vSI2 Qdur9Mx0dTOHJ8OQ/zG/0jFk597y1eJkcMPsv+H8AYIZwbWO8MinVKmy4Tkpi890 PIC29daf4cGJVNDJN3+RagMeyJ/edafZAL4o/kWWGHCcF1yfOiMOQyWRBFBNAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUyqla3br/QfvwgCPssJxCSTWRC1gwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTM4MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzMjM0MzgzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUYMA0GCSqGSIb3DQEBCwUAA4IBAQCYvaz/2o1m1NpwRovQ BExMARBEYQEigrGaL9r3J3c3DYKLc2wSkNLQL+kPnubeLZB+WcOngj7lQUve0cNq oLDjs3pDCukaiPWXvwzkG2SNaOAo87zGe+LarhWd3vAeMeMK5PnWE87r1tgw1jaA Qhr2Q98vTtT+tOw45GdYemllmn3zYAKOe7f/40QWr8BJUEbJ5dYWWh6z4d9tGaXi FDBheLu+8kpx5byLmqyPCpD2nnUP3SVqBYJ3X0ycxOTiCGAl3k6UWAqposOpm9RZ 3OxgP1CEcpVFBAaGGWL8u+Q8qhA5JOvLzWrWPk/ltevvhrB+RJENGnSaLKP8WGOj PjKd -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:35 2026 by rpki-client