This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa File: 326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa (raw, json) Hash identifier: NiIvuZazmDP3kGdz61QEI+q94NtgxG3Gr/oHjOzpBtE= Subject key identifier: 42:3C:93:A1:53:9E:E0:A6:A7:3F:17:15:04:BB:28:F7:B3:7A:A6:B9 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 13E5FB55A1DD36052D5184328B0FF15210217D7F Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa Signing time: Sat 17 Jan 2026 21:24:35 +0000 ROA not before: Sat 17 Jan 2026 21:19:35 +0000 ROA not after: Sat 16 Jan 2027 21:24:35 +0000 asID: 214207 IP address blocks: 2a0f:1cc5:1d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:e5:fb:55:a1:dd:36:05:2d:51:84:32:8b:0f:f1:52:10:21:7d:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:19:35 2026 GMT Not After : Jan 16 21:24:35 2027 GMT Subject: CN=423C93A1539EE0A6A73F171504BB28F7B37AA6B9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:93:06:0b:78:6d:3d:0f:8c:25:fe:2c:00:57:e1: 2e:9a:23:0d:1a:83:63:bc:3c:fd:a7:eb:54:02:ef: b9:b0:c4:13:d9:48:42:ac:1b:51:ef:1e:3b:f3:f7: 07:c6:99:59:d3:8a:d6:14:5e:a1:54:90:f2:7e:d2: 01:9a:bc:d9:cd:69:0f:cb:9e:78:ae:2d:7a:b4:6a: 83:c0:de:a2:6e:48:91:14:e4:2f:8a:4e:93:36:57: 5a:29:ca:03:45:43:76:8a:67:33:b8:f8:97:11:ae: d4:12:9b:91:ff:67:8e:8b:c7:dd:c7:98:1a:8b:1e: 90:84:67:d2:fd:3a:2e:32:a7:72:66:71:ef:a6:dd: 54:96:91:8f:f5:4b:1d:40:f6:05:4e:f8:85:48:64: a4:05:a3:70:84:bb:8e:3d:07:69:70:14:89:56:33: 34:be:1a:33:40:8c:0a:e2:a7:da:18:51:c6:be:c7: 2c:bc:2d:ef:4b:0e:1d:06:03:3f:b4:f8:20:6d:14: ce:44:98:cd:80:57:86:e8:64:c8:17:78:c8:18:0d: 39:65:5f:0d:26:b6:2c:ff:8d:6f:66:c3:86:dc:d5: b5:61:b7:fa:58:a8:67:64:e9:e4:60:22:5f:67:1b: 83:23:14:b6:8d:f8:09:68:f3:42:82:98:7d:d7:6f: 6b:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:3C:93:A1:53:9E:E0:A6:A7:3F:17:15:04:BB:28:F7:B3:7A:A6:B9 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316430303a3a2f34302d3438203d3e20323134323037.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:1d00::/40 Signature Algorithm: sha256WithRSAEncryption 60:e8:44:6e:eb:a5:8c:5d:14:ee:f5:6e:c5:d6:b3:19:91:29: e0:13:e3:32:34:b6:c4:87:7f:d6:b5:c1:93:2c:b0:ea:a1:34: 18:44:2a:bf:2f:1d:79:16:f5:a2:e5:76:ab:ac:72:f1:49:74: 5d:01:2a:aa:3b:50:61:0a:5a:6a:53:12:b9:56:6b:d3:ca:d3: fd:e6:7a:9a:90:df:04:5c:b6:9f:6f:df:7e:bf:aa:3e:83:e7: 3f:62:9e:9e:56:2f:c6:a7:d4:60:5c:03:bb:eb:d7:f3:5c:1a: 36:6c:da:e9:06:5e:1a:ca:dd:9e:a1:69:9b:c6:d1:2c:05:76: 05:6f:c3:84:d8:59:07:33:b3:ae:da:b7:61:ea:4b:f5:9b:a7: 48:7d:3f:0b:87:28:38:b8:91:f6:5d:94:af:35:57:d7:ab:4d: eb:88:d8:ae:36:18:33:5d:07:df:4c:ac:ed:9d:85:7a:fe:90: c7:83:e1:00:52:53:8f:4f:4d:9a:2f:2d:a7:cc:d8:f4:6d:be: fe:a9:8d:7d:92:13:4b:71:3e:97:ba:2f:84:36:5d:ff:1d:e3: bb:1a:15:51:d6:42:ee:96:b4:fc:ae:cc:56:82:d5:ad:de:8a: b6:e7:95:3a:de:ee:47:64:50:13:18:f4:ab:f3:9c:54:96:b4: 10:25:93:60 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIUE+X7VaHdNgUtUYQyiw/xUhAhfX8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTE5MzVaFw0yNzAxMTYyMTI0MzVaMDMxMTAvBgNV BAMTKDQyM0M5M0ExNTM5RUUwQTZBNzNGMTcxNTA0QkIyOEY3QjM3QUE2QjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTBgt4bT0PjCX+LABX4S6aIw0a g2O8PP2n61QC77mwxBPZSEKsG1HvHjvz9wfGmVnTitYUXqFUkPJ+0gGavNnNaQ/L nniuLXq0aoPA3qJuSJEU5C+KTpM2V1opygNFQ3aKZzO4+JcRrtQSm5H/Z46Lx93H mBqLHpCEZ9L9Oi4yp3Jmce+m3VSWkY/1Sx1A9gVO+IVIZKQFo3CEu449B2lwFIlW MzS+GjNAjArip9oYUca+xyy8Le9LDh0GAz+0+CBtFM5EmM2AV4boZMgXeMgYDTll Xw0mtiz/jW9mw4bc1bVht/pYqGdk6eRgIl9nG4MjFLaN+Alo80KCmH3Xb2ufAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUQjyToVOe4KanPxcVBLso97N6prkwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTY0MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDMyMzAzNy5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUdMA0GCSqGSIb3DQEBCwUAA4IBAQBg6ERu66WMXRTu9W7F 1rMZkSngE+MyNLbEh3/WtcGTLLDqoTQYRCq/Lx15FvWi5XarrHLxSXRdASqqO1Bh ClpqUxK5VmvTytP95nqakN8EXLafb99+v6o+g+c/Yp6eVi/Gp9RgXAO769fzXBo2 bNrpBl4ayt2eoWmbxtEsBXYFb8OE2FkHM7Ou2rdh6kv1m6dIfT8Lhyg4uJH2XZSv NVfXq03riNiuNhgzXQffTKztnYV6/pDHg+EAUlOPT02aLy2nzNj0bb7+qY19khNL cT6Xui+ENl3/HeO7GhVR1kLulrT8rsxWgtWt3oq255U63u5HZFATGPSr85xUlrQQ JZNg -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:36 2026 by rpki-client