This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa File: 326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa (raw, json) Hash identifier: uTnixv9hxV4t+/MNYIl3JI/v2d7u+7nTSEPq/Xubyao= Subject key identifier: CD:82:6A:C7:71:A9:98:CD:B4:B6:7E:82:93:8F:45:8A:2C:13:A4:40 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 2D1050C43016C9751D1645F9DAFDCC5D4E0F59EF Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa Signing time: Sat 17 Jan 2026 21:16:31 +0000 ROA not before: Sat 17 Jan 2026 21:11:31 +0000 ROA not after: Sat 16 Jan 2027 21:16:31 +0000 asID: 204518 IP address blocks: 2a0f:1cc5:20::/44 maxlen: 44 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:10:50:c4:30:16:c9:75:1d:16:45:f9:da:fd:cc:5d:4e:0f:59:ef Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:11:31 2026 GMT Not After : Jan 16 21:16:31 2027 GMT Subject: CN=CD826AC771A998CDB4B67E82938F458A2C13A440 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:00:e4:f4:f0:c9:2c:ca:8e:d0:cd:50:e8:ef: 09:7c:0a:ce:09:58:97:83:fd:9f:d5:33:67:d1:b3: 9c:b3:92:b0:f7:4d:b9:8d:f9:89:00:e9:f0:e9:89: 7a:ad:45:54:a8:f1:a1:70:7e:ba:f1:10:75:61:b0: ba:17:ea:79:7f:5a:c4:e0:25:c1:78:62:3f:f7:7d: 03:be:eb:35:d7:50:e5:97:51:71:b7:70:ed:a0:ad: c3:43:83:4a:49:ab:11:41:05:cb:e4:28:fd:dc:db: b7:d5:8f:b4:9a:d2:03:62:84:d5:46:a7:b7:cb:a8: 41:97:d3:db:52:56:6c:76:78:86:40:14:50:e5:24: 4e:49:7f:59:fd:7b:67:7b:c9:cb:ac:77:68:74:3e: 0a:8b:65:69:93:d3:49:43:ec:05:2a:8b:8b:0c:eb: 81:a2:5e:a7:d8:cf:45:b0:4a:94:60:8d:6b:d8:a9: 93:5e:d7:9b:4d:31:7d:6a:1b:30:d7:37:ff:ec:95: 4f:96:27:ed:06:c4:86:c4:67:43:e3:3a:38:00:da: 2d:e0:b0:b6:7b:4b:b4:3b:23:43:9f:43:c9:7c:3a: fe:25:77:1c:17:58:18:45:bd:58:10:95:2a:34:6d: c6:c0:7b:0a:47:4d:d0:8b:c3:22:24:0a:7d:70:ce: 2d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:82:6A:C7:71:A9:98:CD:B4:B6:7E:82:93:8F:45:8A:2C:13:A4:40 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a32303a3a2f34342d3434203d3e20323034353138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:20::/44 Signature Algorithm: sha256WithRSAEncryption 76:3c:1f:68:87:34:cf:56:4e:1b:3c:9d:cb:57:1d:89:0c:c5: b4:e8:54:98:af:c8:ee:3b:6d:ef:fc:c6:14:ec:6c:f2:c4:b3: 26:e0:ed:f1:19:3d:05:df:34:40:e1:3b:9b:ea:af:c3:a8:b9: 42:1e:cc:1f:50:b0:50:1b:6a:ca:65:62:ff:2b:0f:15:21:0d: 4d:2f:e5:97:c6:7d:34:21:9f:75:c9:99:19:f2:30:57:c0:5e: d3:24:fb:08:5e:f4:e7:7e:24:42:a9:02:5b:94:d2:9e:20:b5: ed:c7:ec:70:bb:95:33:54:bc:7a:2d:ab:3e:97:71:73:06:41: ee:cd:b1:02:8a:74:41:13:a0:37:88:62:51:47:56:0a:1d:4b: f8:f0:41:42:9f:53:88:60:98:b2:82:1f:89:7a:29:e5:cc:0a: 0b:b5:d4:04:98:b9:46:3a:b5:c7:2f:3c:99:84:71:43:ff:08: 91:86:b2:7a:12:b4:b2:7d:0a:34:4a:a6:ab:19:c0:73:b6:01: 95:28:6f:3a:db:6d:17:86:9d:a3:23:f8:64:8b:69:9e:08:40: a2:52:02:c7:37:0a:84:a8:75:c6:f2:8d:83:78:ca:17:5b:de: bd:60:86:ed:5b:46:42:86:be:32:68:87:99:13:f2:17:bb:46: 33:18:6f:20 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIULRBQxDAWyXUdFkX52v3MXU4PWe8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTExMzFaFw0yNzAxMTYyMTE2MzFaMDMxMTAvBgNV BAMTKENEODI2QUM3NzFBOTk4Q0RCNEI2N0U4MjkzOEY0NThBMkMxM0E0NDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyAOT08Mksyo7QzVDo7wl8Cs4J WJeD/Z/VM2fRs5yzkrD3TbmN+YkA6fDpiXqtRVSo8aFwfrrxEHVhsLoX6nl/WsTg JcF4Yj/3fQO+6zXXUOWXUXG3cO2grcNDg0pJqxFBBcvkKP3c27fVj7Sa0gNihNVG p7fLqEGX09tSVmx2eIZAFFDlJE5Jf1n9e2d7ycusd2h0PgqLZWmT00lD7AUqi4sM 64GiXqfYz0WwSpRgjWvYqZNe15tNMX1qGzDXN//slU+WJ+0GxIbEZ0PjOjgA2i3g sLZ7S7Q7I0OfQ8l8Ov4ldxwXWBhFvVgQlSo0bcbAewpHTdCLwyIkCn1wzi0HAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUzYJqx3GpmM20tn6Ck49FiiwTpEAwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMjMwM2EzYTJmMzQzNDJkMzQzNDIwM2QzZTIwMzIzMDM0MzUzMTM4LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcEKg8cxQAgMA0GCSqGSIb3DQEBCwUAA4IBAQB2PB9ohzTPVk4bPJ3LVx2J DMW06FSYr8juO23v/MYU7GzyxLMm4O3xGT0F3zRA4Tub6q/DqLlCHswfULBQG2rK ZWL/Kw8VIQ1NL+WXxn00IZ91yZkZ8jBXwF7TJPsIXvTnfiRCqQJblNKeILXtx+xw u5UzVLx6Las+l3FzBkHuzbECinRBE6A3iGJRR1YKHUv48EFCn1OIYJiygh+Jeinl zAoLtdQEmLlGOrXHLzyZhHFD/wiRhrJ6ErSyfQo0SqarGcBztgGVKG86220Xhp2j I/hki2meCECiUgLHNwqEqHXG8o2DeMoXW969YIbtW0ZChr4yaIeZE/IXu0YzGG8g -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:29 2026 by rpki-client