This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa File: 326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa (raw, json) Hash identifier: 6Namxrf43YQyS33tbhmcxyljur2zp+JmJmQQBoRyqdg= Subject key identifier: 1E:5B:8F:3D:56:E4:2C:27:57:5E:7D:3D:3B:80:6E:30:E6:06:6E:85 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 477979914F2529607A375D0DE1E35177094186FE Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa Signing time: Sat 17 Jan 2026 21:06:32 +0000 ROA not before: Sat 17 Jan 2026 21:01:32 +0000 ROA not after: Sat 16 Jan 2027 21:06:32 +0000 asID: 153376 IP address blocks: 2a0f:1cc5:2500::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 47:79:79:91:4f:25:29:60:7a:37:5d:0d:e1:e3:51:77:09:41:86:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:01:32 2026 GMT Not After : Jan 16 21:06:32 2027 GMT Subject: CN=1E5B8F3D56E42C27575E7D3D3B806E30E6066E85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:02:ee:fe:0e:32:30:f5:93:75:48:6f:5e:0d: 3e:e2:82:17:19:a0:d0:25:04:cb:fe:e7:e2:6e:df: af:6b:6d:9e:b3:a2:45:bd:e2:a6:bb:c3:10:d5:9e: 72:ad:bd:17:45:60:bc:f7:18:bc:76:64:1f:0b:b7: 86:4d:5d:3d:8e:31:4c:4b:10:ea:5f:f4:37:4e:30: 97:ad:8e:0d:8c:06:4e:96:c5:3b:60:bb:8e:ee:11: 2d:e8:10:b6:96:64:53:37:10:78:9b:9c:47:f7:d8: 4b:de:d0:c4:35:d6:fc:75:30:20:dc:b7:cd:c0:aa: 8a:d4:8c:e8:be:41:2b:9b:7a:a1:e2:25:49:97:dc: 51:50:5f:77:94:7d:d9:f1:3d:b3:15:5b:9c:3f:33: 4c:4f:99:2e:76:be:1a:b6:4e:c3:82:fd:05:d0:77: d3:89:cf:57:81:f9:1d:86:56:cd:30:78:c1:f5:e4: 91:a8:04:d4:63:8e:87:2b:01:e4:57:73:44:fa:4a: 3a:a5:9a:75:55:01:e9:08:00:66:fd:1f:a8:61:f9: 7a:ed:82:b2:ff:14:b6:21:f4:9e:bd:21:0c:71:e0: d9:9b:ae:c1:bd:78:6e:e6:9d:cf:20:ab:ee:5a:b9: 82:f9:a8:a6:1f:23:49:b7:db:1f:b4:e4:28:c9:7d: 18:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:5B:8F:3D:56:E4:2C:27:57:5E:7D:3D:3B:80:6E:30:E6:06:6E:85 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a323530303a3a2f34302d3438203d3e20313533333736.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:2500::/40 Signature Algorithm: sha256WithRSAEncryption 61:7c:7a:fc:d2:aa:50:e2:79:8e:54:98:ce:82:33:c4:25:b7: e8:f6:0d:17:01:0d:72:41:d5:79:f2:b4:14:74:bd:60:ec:40: 89:53:d8:4f:82:d9:6e:42:e6:a4:36:70:c2:a4:1d:52:7b:ff: c5:97:17:19:1d:5c:59:60:01:29:47:f2:1b:1d:d9:3b:00:37: b0:f6:f2:ea:6f:4a:c7:a9:25:3e:00:31:4d:f6:49:1c:e7:81: ee:3d:dc:2a:6e:34:76:9d:45:ae:55:64:1b:a8:40:f9:08:80: b0:3e:40:23:e3:95:87:8b:c1:54:06:6f:af:fa:5c:2d:35:19: 6d:c6:87:12:b0:5a:34:c6:03:5c:e0:f4:46:bc:93:0b:b1:4d: ff:3f:80:31:3d:19:27:09:76:8d:90:88:59:5f:fe:1c:04:85: 30:cf:44:32:35:c3:93:dc:7b:08:f0:4f:bb:ee:6d:48:a4:e9: c9:5e:20:15:18:8c:31:e8:ed:d2:cc:a1:a1:2d:c1:ea:50:eb: d2:1c:24:12:c8:0f:b0:9b:a6:bc:63:42:15:ad:bc:ad:e0:5f: b7:fa:11:5c:a9:bf:bf:a5:e4:49:a0:76:4f:4b:c7:cf:b1:16: 17:3e:8f:b1:b7:f2:67:aa:7b:30:e0:ca:13:9a:e3:3e:02:df: 17:a7:86:8b -----BEGIN CERTIFICATE----- MIIFPzCCBCegAwIBAgIUR3l5kU8lKWB6N10N4eNRdwlBhv4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTAxMzJaFw0yNzAxMTYyMTA2MzJaMDMxMTAvBgNV BAMTKDFFNUI4RjNENTZFNDJDMjc1NzVFN0QzRDNCODA2RTMwRTYwNjZFODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMAu7+DjIw9ZN1SG9eDT7ighcZ oNAlBMv+5+Ju369rbZ6zokW94qa7wxDVnnKtvRdFYLz3GLx2ZB8Lt4ZNXT2OMUxL EOpf9DdOMJetjg2MBk6WxTtgu47uES3oELaWZFM3EHibnEf32Eve0MQ11vx1MCDc t83AqorUjOi+QSubeqHiJUmX3FFQX3eUfdnxPbMVW5w/M0xPmS52vhq2TsOC/QXQ d9OJz1eB+R2GVs0weMH15JGoBNRjjocrAeRXc0T6SjqlmnVVAekIAGb9H6hh+Xrt grL/FLYh9J69IQxx4NmbrsG9eG7mnc8gq+5auYL5qKYfI0m32x+05CjJfRhRAgMB AAGjggJJMIICRTAdBgNVHQ4EFgQUHluPPVbkLCdXXn09O4BuMOYGboUwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbcGCCsGAQUFBwELBIGqMIGnMIGkBggrBgEFBQcwC4aBl3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMjM1MzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzUzMzMzMzczNi5y b2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAw DgQCAAIwCAMGACoPHMUlMA0GCSqGSIb3DQEBCwUAA4IBAQBhfHr80qpQ4nmOVJjO gjPEJbfo9g0XAQ1yQdV58rQUdL1g7ECJU9hPgtluQuakNnDCpB1Se//FlxcZHVxZ YAEpR/IbHdk7ADew9vLqb0rHqSU+ADFN9kkc54HuPdwqbjR2nUWuVWQbqED5CICw PkAj45WHi8FUBm+v+lwtNRltxocSsFo0xgNc4PRGvJMLsU3/P4AxPRknCXaNkIhZ X/4cBIUwz0QyNcOT3HsI8E+77m1IpOnJXiAVGIwx6O3SzKGhLcHqUOvSHCQSyA+w m6a8Y0IVrbyt4F+3+hFcqb+/peRJoHZPS8fPsRYXPo+xt/Jnqnsw4MoTmuM+At8X p4aL -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:34 2026 by rpki-client