This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa File: 326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa (raw, json) Hash identifier: RUR4g5rbDAp6ciVfkAyWU6prG9LPyX+46qC6E1BXuuI= Subject key identifier: 3A:85:20:65:1C:BA:7B:02:A2:16:26:E2:D3:B4:6C:14:BA:4B:3D:7E Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 7E0AE5062A7A272E08321A413EFEB3FAE9281749 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa Signing time: Sat 17 Jan 2026 21:08:36 +0000 ROA not before: Sat 17 Jan 2026 21:03:36 +0000 ROA not after: Sat 16 Jan 2027 21:08:36 +0000 asID: 199018 IP address blocks: 2a0f:1cc5:300::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7e:0a:e5:06:2a:7a:27:2e:08:32:1a:41:3e:fe:b3:fa:e9:28:17:49 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:03:36 2026 GMT Not After : Jan 16 21:08:36 2027 GMT Subject: CN=3A8520651CBA7B02A21626E2D3B46C14BA4B3D7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:88:b5:49:c8:9c:00:30:af:45:67:a6:93:27: 4f:24:f9:71:c2:3b:71:d0:ee:c1:04:22:b9:13:16: e2:58:28:2c:64:6e:e9:2f:66:e6:d3:f1:16:a6:fd: d9:7c:7c:81:34:52:61:36:c1:ec:c8:e1:50:17:b7: f4:19:95:a1:66:22:aa:ae:7d:d2:f4:19:41:de:08: 24:35:56:9c:cc:5e:b9:c7:99:59:fc:a9:2f:5d:9f: 09:e9:b0:cc:f9:84:a7:0a:13:3f:ad:99:0f:ef:e9: 49:6f:ea:bb:ea:f9:1c:3d:82:f3:2c:bd:9c:12:c0: 00:bc:2d:fb:de:a0:e8:46:21:f9:0b:20:35:9b:54: 46:00:4d:11:c7:f3:9e:2e:98:41:74:95:86:f2:0b: f3:2b:3d:33:ef:70:ea:08:5b:d6:1f:9a:ab:34:ad: 20:dd:a2:6f:eb:47:ce:a5:4f:60:e0:14:8a:94:4f: 14:72:30:bc:50:26:f9:93:0b:66:1e:4a:93:a5:0d: 94:73:4c:ee:22:7f:63:bb:0e:45:17:91:ef:f2:f9: b8:a9:c7:be:68:71:5d:25:63:ff:c3:1f:ea:b5:12: 75:40:1c:ea:84:17:50:03:9e:37:47:d7:25:c0:f4: f4:dc:69:97:de:fd:ac:c6:39:a3:61:75:dd:48:3b: 40:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:85:20:65:1C:BA:7B:02:A2:16:26:E2:D3:B4:6C:14:BA:4B:3D:7E X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3330303a3a2f34302d3438203d3e20313939303138.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:300::/40 Signature Algorithm: sha256WithRSAEncryption 92:c8:10:5c:a1:1d:44:96:87:91:d7:79:c1:8b:88:c3:3b:57: d2:d7:da:c8:7b:c0:d4:c4:b5:fb:d1:ac:b2:b3:a2:81:d4:93: 12:00:92:c4:26:66:b2:12:60:24:b1:cb:65:cc:82:be:c4:52: 29:cc:9e:81:4c:da:69:f0:ad:12:68:34:2b:79:f7:66:75:ff: 09:55:7b:88:d4:a3:62:ae:0c:73:d4:7f:5f:9f:07:c9:81:04: 69:16:dd:a1:0c:70:c5:4f:de:08:1e:6d:7c:4c:26:46:89:88: 27:6d:03:f0:73:79:e0:77:61:c1:8f:23:55:5a:22:86:9b:cf: d6:e1:90:dd:18:0c:bd:9b:8e:f5:52:95:78:b5:18:32:5d:45: e5:5b:94:ed:74:19:80:32:a3:e7:ca:ae:cd:aa:3e:96:2e:75: 46:52:3e:77:bd:fa:7d:10:ef:b0:86:ad:68:b1:1a:fb:be:1f: 17:11:1e:79:8f:4b:87:f2:37:a8:5d:44:6f:4e:6d:3c:59:c2: 5d:2b:07:b3:b0:dd:b2:d4:1c:39:8e:bf:45:e2:91:bc:7c:1c: a7:00:01:eb:fa:8d:45:07:e2:25:a7:af:93:77:1f:04:9d:db: d7:6c:0e:97:3b:97:03:c8:3f:f4:66:58:32:3c:f2:39:10:e1: 97:2a:ad:ec -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUfgrlBip6Jy4IMhpBPv6z+ukoF0kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTAzMzZaFw0yNzAxMTYyMTA4MzZaMDMxMTAvBgNV BAMTKDNBODUyMDY1MUNCQTdCMDJBMjE2MjZFMkQzQjQ2QzE0QkE0QjNEN0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3iLVJyJwAMK9FZ6aTJ08k+XHC O3HQ7sEEIrkTFuJYKCxkbukvZubT8Ram/dl8fIE0UmE2wezI4VAXt/QZlaFmIqqu fdL0GUHeCCQ1VpzMXrnHmVn8qS9dnwnpsMz5hKcKEz+tmQ/v6Ulv6rvq+Rw9gvMs vZwSwAC8LfveoOhGIfkLIDWbVEYATRHH854umEF0lYbyC/MrPTPvcOoIW9Yfmqs0 rSDdom/rR86lT2DgFIqUTxRyMLxQJvmTC2YeSpOlDZRzTO4if2O7DkUXke/y+bip x75ocV0lY//DH+q1EnVAHOqEF1ADnjdH1yXA9PTcaZfe/azGOaNhdd1IO0AxAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUOoUgZRy6ewKiFibi07RsFLpLPX4wHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzMzMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMTM5MzkzMDMxMzgucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqDxzFAzANBgkqhkiG9w0BAQsFAAOCAQEAksgQXKEdRJaHkdd5wYuI wztX0tfayHvA1MS1+9GssrOigdSTEgCSxCZmshJgJLHLZcyCvsRSKcyegUzaafCt Emg0K3n3ZnX/CVV7iNSjYq4Mc9R/X58HyYEEaRbdoQxwxU/eCB5tfEwmRomIJ20D 8HN54HdhwY8jVVoihpvP1uGQ3RgMvZuO9VKVeLUYMl1F5VuU7XQZgDKj58quzao+ li51RlI+d736fRDvsIataLEa+74fFxEeeY9Lh/I3qF1Eb05tPFnCXSsHs7DdstQc OY6/ReKRvHwcpwAB6/qNRQfiJaevk3cfBJ3b12wOlzuXA8g/9GZYMjzyORDhlyqt 7A== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:35 2026 by rpki-client