This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa File: 326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa (raw, json) Hash identifier: ALGIA29NNbeFSJiSIRW+cPqzoSQbByDZ7Tc3zl5bUzE= Subject key identifier: 05:30:1D:02:7B:F7:4E:42:61:A9:A3:F7:A9:E4:DB:E7:C2:A9:88:49 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 33A1E9685702F4961EFAFFC9949AB87B926ED3E6 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa Signing time: Sat 17 Jan 2026 21:17:54 +0000 ROA not before: Sat 17 Jan 2026 21:12:54 +0000 ROA not after: Sat 16 Jan 2027 21:17:54 +0000 asID: 207303 IP address blocks: 2a0f:1cc5:1c00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33:a1:e9:68:57:02:f4:96:1e:fa:ff:c9:94:9a:b8:7b:92:6e:d3:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:12:54 2026 GMT Not After : Jan 16 21:17:54 2027 GMT Subject: CN=05301D027BF74E4261A9A3F7A9E4DBE7C2A98849 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8d:15:35:74:9c:e6:63:24:37:ce:8d:0e:28:38: ab:dd:86:a9:9e:48:8d:58:ea:eb:9d:4f:bb:8d:c0: 1d:f2:f7:5d:46:e7:2e:4a:16:02:1e:9a:7f:2f:01: ca:5d:e2:da:2f:01:68:7c:77:ca:6d:a1:48:a5:d5: a6:7a:50:39:d8:26:18:72:8b:d4:c8:9e:3d:26:3b: 77:00:16:7f:8b:cb:d6:1f:22:a1:c5:26:83:d2:af: f1:c9:25:a5:ba:28:2b:fc:79:fc:3d:5c:a1:9a:c3: f6:7e:fa:81:d4:3a:6c:d4:2c:27:7d:89:01:b8:39: 12:a0:07:92:22:3c:f3:ad:98:ec:ad:8e:5f:c6:af: aa:81:1b:be:f2:19:31:96:80:91:2b:13:5d:48:8a: b3:8b:e5:c1:54:bf:21:b1:4a:fd:8e:a3:b0:bb:eb: 0c:04:22:1f:35:8b:12:ab:90:ff:e5:d3:86:d7:f2: 1f:13:2f:84:7b:09:03:c0:6f:32:10:9e:d3:5f:9d: 16:15:cf:2a:b1:30:f4:f4:68:9d:2b:f8:ef:90:37: fa:91:1a:7a:30:c9:9b:95:41:79:7a:c7:4c:67:3e: 4a:46:f0:8b:85:22:d4:a7:66:54:12:e0:ff:75:57: 2b:dc:e0:fc:dc:b8:97:49:8c:f4:69:4c:0c:55:05: d1:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:30:1D:02:7B:F7:4E:42:61:A9:A3:F7:A9:E4:DB:E7:C2:A9:88:49 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316330303a3a2f34302d3438203d3e20323037333033.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:1c00::/40 Signature Algorithm: sha256WithRSAEncryption 29:d3:3e:76:b1:ef:67:75:8c:60:8e:6c:90:46:91:fa:94:6b: 3c:90:5c:ab:e3:ce:a2:ae:57:b1:d1:cc:ac:7a:3a:8f:80:67: 1a:e7:b4:38:1a:ce:c0:7f:4d:d7:b8:e1:9c:19:c4:1a:8f:33: 1c:48:ab:be:fa:7b:d1:05:1c:9c:77:a1:f5:16:6b:38:0d:39: 51:f5:05:92:75:ba:fc:41:5d:f1:35:7d:4c:41:22:86:46:9c: 16:76:0e:84:09:4e:7d:03:6b:27:15:0b:b6:7f:f2:3b:96:7e: ef:4f:93:13:9b:be:0a:25:3f:70:78:c8:d4:ec:ce:a7:b7:ae: 03:c4:2e:04:dd:05:fe:b3:14:e5:f6:14:12:93:6d:31:cb:3b: a3:65:80:62:9e:ff:a7:20:a4:d2:fb:bd:b2:b1:51:f7:b9:e2: be:dd:cc:d8:00:a2:f4:73:b7:7b:f4:5b:f1:ec:58:72:2e:d1: 3a:8b:8c:a4:10:e9:a7:43:b7:d4:78:28:74:f4:d9:20:82:39: 04:61:92:1d:ca:47:6e:20:3d:4c:d5:86:b6:5f:f8:ff:fd:88: 00:10:4c:e5:17:81:4d:6c:36:f3:3a:bb:65:cf:7c:86:a5:0e: 17:b6:33:6c:53:18:73:91:24:b1:74:2a:92:fa:09:41:f0:61: 4f:9c:11:39 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIUM6HpaFcC9JYe+v/JlJq4e5Ju0+YwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTEyNTRaFw0yNzAxMTYyMTE3NTRaMDMxMTAvBgNV BAMTKDA1MzAxRDAyN0JGNzRFNDI2MUE5QTNGN0E5RTREQkU3QzJBOTg4NDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNFTV0nOZjJDfOjQ4oOKvdhqme SI1Y6uudT7uNwB3y911G5y5KFgIemn8vAcpd4tovAWh8d8ptoUil1aZ6UDnYJhhy i9TInj0mO3cAFn+Ly9YfIqHFJoPSr/HJJaW6KCv8efw9XKGaw/Z++oHUOmzULCd9 iQG4ORKgB5IiPPOtmOytjl/Gr6qBG77yGTGWgJErE11IirOL5cFUvyGxSv2Oo7C7 6wwEIh81ixKrkP/l04bX8h8TL4R7CQPAbzIQntNfnRYVzyqxMPT0aJ0r+O+QN/qR GnowyZuVQXl6x0xnPkpG8IuFItSnZlQS4P91Vyvc4PzcuJdJjPRpTAxVBdGPAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUBTAdAnv3TkJhqaP3qeTb58KpiEkwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTYzMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzAzNzMzMzAzMy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUcMA0GCSqGSIb3DQEBCwUAA4IBAQAp0z52se9ndYxgjmyQ RpH6lGs8kFyr486irlex0cysejqPgGca57Q4Gs7Af03XuOGcGcQajzMcSKu++nvR BRycd6H1Fms4DTlR9QWSdbr8QV3xNX1MQSKGRpwWdg6ECU59A2snFQu2f/I7ln7v T5MTm74KJT9weMjU7M6nt64DxC4E3QX+sxTl9hQSk20xyzujZYBinv+nIKTS+72y sVH3ueK+3czYAKL0c7d79Fvx7FhyLtE6i4ykEOmnQ7fUeCh09NkggjkEYZIdykdu ID1M1Ya2X/j//YgAEEzlF4FNbDbzOrtlz3yGpQ4XtjNsUxhzkSSxdCqS+glB8GFP nBE5 -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:26 2026 by rpki-client