This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa File: 326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa (raw, json) Hash identifier: URwclaYoVILE99k3dHkDkNvZg1XOMo4nTmtLuMv/9so= Subject key identifier: 43:D3:BB:2B:3C:BE:E8:0E:55:B6:EC:BA:19:7D:FF:6A:EF:3D:71:B0 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 1372E5B30C79F1ED00870EAA92A1FFBBFACDFD50 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa Signing time: Sat 17 Jan 2026 21:28:11 +0000 ROA not before: Sat 17 Jan 2026 21:23:11 +0000 ROA not after: Sat 16 Jan 2027 21:28:11 +0000 asID: 214968 IP address blocks: 2a0f:1cc5:1e00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:72:e5:b3:0c:79:f1:ed:00:87:0e:aa:92:a1:ff:bb:fa:cd:fd:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:23:11 2026 GMT Not After : Jan 16 21:28:11 2027 GMT Subject: CN=43D3BB2B3CBEE80E55B6ECBA197DFF6AEF3D71B0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:91:db:0a:dd:6b:c6:35:7c:9d:d3:03:45:61: 4c:4b:96:33:c8:a4:92:4f:ed:a3:7c:da:07:16:84: 75:91:b1:7b:fe:07:a0:4b:99:0e:1c:cc:b6:76:c8: f1:d0:4f:70:0f:a0:4a:2e:35:26:d0:11:01:e1:3e: cf:ff:97:29:33:85:a1:04:54:d3:27:35:3c:8c:5d: 51:12:50:ad:8c:6d:6b:ab:d6:25:c7:9e:85:92:20: 73:ad:d3:34:e2:08:82:f7:ca:4b:7a:19:1a:5d:a1: 8c:a5:60:e6:dc:ff:20:c9:ff:f1:73:cb:4c:5a:ca: 2f:a5:90:ee:ac:68:57:a2:37:4d:65:e5:97:c9:2b: 37:96:88:5d:8f:79:8d:47:33:e5:4f:ec:c3:71:b2: dd:17:8f:35:eb:c8:72:13:6b:13:d2:b7:b0:17:e4: ec:ac:03:8d:65:dc:e7:9f:0f:3f:59:ad:05:32:64: d1:b0:5b:a6:50:2b:fa:6f:cd:99:b9:ca:cb:8d:12: 62:e3:30:4e:33:61:fd:1d:4c:93:1c:74:4a:94:53: 9e:e4:48:d3:b6:39:89:6a:4c:c7:19:cd:4f:6c:23: 41:09:d7:a2:8a:07:e6:64:1b:80:86:79:72:fe:54: e8:72:7c:c5:58:c2:48:ac:10:c1:d4:49:00:0f:87: 00:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:D3:BB:2B:3C:BE:E8:0E:55:B6:EC:BA:19:7D:FF:6A:EF:3D:71:B0 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a316530303a3a2f34302d3438203d3e20323134393638.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:1e00::/40 Signature Algorithm: sha256WithRSAEncryption 5f:f4:a3:6d:14:5b:7f:40:31:9c:ee:0e:61:ad:ac:8f:b6:d6: af:f4:bb:be:40:5d:38:53:50:be:45:5d:81:a1:a7:d8:e4:01: fd:2c:c4:0a:5c:f6:44:f5:da:e6:a8:d5:91:5c:db:7f:b3:0d: 13:0a:74:4b:0d:ad:4d:95:a6:bd:cc:a1:80:52:ce:b2:c4:88: da:d7:8d:30:c7:1d:bf:6e:fb:38:ac:c7:6f:c5:51:13:62:9f: b7:11:3e:99:db:9b:95:94:f4:69:23:2b:2e:79:77:9a:e9:8f: e7:62:11:d6:de:63:14:69:e2:cf:10:37:0a:f2:23:75:21:68: 5c:7d:f8:64:02:ef:85:02:26:e0:05:d1:50:f2:ce:4d:d3:2a: 31:39:0d:b4:42:c5:8c:36:be:63:5a:b5:89:53:fb:88:33:46: 95:f8:ec:a8:35:73:a1:54:9a:c4:07:41:c7:c5:a6:c7:78:4c: 7e:3d:61:7a:5b:3c:38:79:37:31:4c:5d:41:26:2a:ab:76:56: a1:30:b7:e1:21:39:60:0d:24:cf:14:49:fd:c6:b2:14:79:ea: 66:94:53:e1:c9:55:6e:7b:45:f9:6f:ca:ed:12:72:a9:9f:49: 5d:2a:f3:ce:2c:c3:79:81:39:c2:dc:05:a5:0c:7d:ea:9c:b7: 59:36:c0:f9 -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIUE3Llswx58e0Ahw6qkqH/u/rN/VAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTIzMTFaFw0yNzAxMTYyMTI4MTFaMDMxMTAvBgNV BAMTKDQzRDNCQjJCM0NCRUU4MEU1NUI2RUNCQTE5N0RGRjZBRUYzRDcxQjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXkdsK3WvGNXyd0wNFYUxLljPI pJJP7aN82gcWhHWRsXv+B6BLmQ4czLZ2yPHQT3APoEouNSbQEQHhPs//lykzhaEE VNMnNTyMXVESUK2MbWur1iXHnoWSIHOt0zTiCIL3ykt6GRpdoYylYObc/yDJ//Fz y0xayi+lkO6saFeiN01l5ZfJKzeWiF2PeY1HM+VP7MNxst0XjzXryHITaxPSt7AX 5OysA41l3OefDz9ZrQUyZNGwW6ZQK/pvzZm5ysuNEmLjME4zYf0dTJMcdEqUU57k SNO2OYlqTMcZzU9sI0EJ16KKB+ZkG4CGeXL+VOhyfMVYwkisEMHUSQAPhwDfAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUQ9O7Kzy+6A5Vtuy6GX3/au89cbAwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMTY1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMyMzEzNDM5MzYzOC5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUeMA0GCSqGSIb3DQEBCwUAA4IBAQBf9KNtFFt/QDGc7g5h rayPttav9Lu+QF04U1C+RV2BoafY5AH9LMQKXPZE9drmqNWRXNt/sw0TCnRLDa1N laa9zKGAUs6yxIja140wxx2/bvs4rMdvxVETYp+3ET6Z25uVlPRpIysueXea6Y/n YhHW3mMUaeLPEDcK8iN1IWhcffhkAu+FAibgBdFQ8s5N0yoxOQ20QsWMNr5jWrWJ U/uIM0aV+OyoNXOhVJrEB0HHxabHeEx+PWF6Wzw4eTcxTF1BJiqrdlahMLfhITlg DSTPFEn9xrIUeepmlFPhyVVue0X5b8rtEnKpn0ldKvPOLMN5gTnC3AWlDH3qnLdZ NsD5 -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:36 2026 by rpki-client