This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa File: 326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa (raw, json) Hash identifier: 6w5bQISM5/f3Xx7fnLIHrjymZJmICgp/4YLl/tppTc4= Subject key identifier: C8:F4:BE:8A:90:CC:EB:E9:92:BF:51:99:5E:C0:31:D7:0E:A2:9D:5B Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 2BB531B0754F392B6FFA5259DE21E172CA90A078 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa Signing time: Sat 17 Jan 2026 21:21:36 +0000 ROA not before: Sat 17 Jan 2026 21:16:36 +0000 ROA not after: Sat 16 Jan 2027 21:21:36 +0000 asID: 211575 IP address blocks: 2a0f:1cc5:40::/44 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:b5:31:b0:75:4f:39:2b:6f:fa:52:59:de:21:e1:72:ca:90:a0:78 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:16:36 2026 GMT Not After : Jan 16 21:21:36 2027 GMT Subject: CN=C8F4BE8A90CCEBE992BF51995EC031D70EA29D5B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:1b:9c:e6:9c:1c:d4:45:30:d6:c8:3f:70:05: e7:ee:09:64:e9:a9:3c:a1:c6:2f:9c:12:fe:30:1d: b7:e1:2f:50:8c:c2:54:75:c2:07:63:98:d2:11:59: ae:7e:0a:4c:95:47:11:24:fa:ca:79:b5:0c:0f:b7: f7:97:a9:08:77:44:85:45:f3:a2:1b:c0:e7:48:8a: 3a:67:c8:9c:83:3a:28:02:7d:80:4d:88:82:e3:ff: cc:c9:61:dd:39:da:bf:65:dd:26:fb:fb:cc:71:99: 1d:60:4e:97:28:d1:b4:97:30:ff:2b:84:d4:af:4b: ac:e4:b2:28:05:d2:3e:91:81:2e:79:bc:ce:b3:c6: 16:d7:4a:13:bb:6b:ec:74:f8:42:e8:bd:64:c7:66: 7c:9f:29:04:24:e6:59:30:c6:78:44:2b:37:d4:a6: 3c:45:dd:4e:0a:80:3e:b7:74:26:7e:68:21:b4:7c: 13:dd:83:9e:15:22:1e:2f:97:21:3d:8a:b1:07:66: 5d:4c:12:98:62:48:22:bc:4e:c2:a2:db:92:13:63: 77:66:8f:f8:ff:d5:58:f6:48:0c:62:06:8d:e7:6d: 9c:12:15:a3:87:b2:72:69:87:a2:b8:b8:6c:10:5b: e4:9c:d9:88:6f:d3:25:5c:75:96:f5:a7:f1:48:81: 82:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:F4:BE:8A:90:CC:EB:E9:92:BF:51:99:5E:C0:31:D7:0E:A2:9D:5B X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a34303a3a2f34342d3438203d3e20323131353735.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:40::/44 Signature Algorithm: sha256WithRSAEncryption 5e:a3:1a:16:59:4f:39:81:5e:a1:85:fc:07:21:49:4e:4e:8e: b1:61:90:d2:35:e5:ab:b2:9c:63:3d:e5:b5:bf:9c:e5:88:f4: fc:fe:7c:5e:89:27:60:a5:87:5d:fc:3e:49:16:47:b3:0f:dd: 37:c1:3a:c3:06:38:c1:00:27:55:38:c5:01:bd:1e:5f:f9:cb: a6:97:d1:69:9f:3b:88:9c:b2:5f:4e:cc:0b:7d:52:0f:c9:8d: f1:d1:b9:a2:aa:c1:82:09:90:1b:0d:f1:8a:5e:5c:60:a5:09: e1:b3:f3:53:49:fc:0f:e1:05:ea:71:90:01:ff:1f:3f:ad:ba: f8:6d:11:26:6e:cf:39:17:67:b2:1d:4c:05:40:7f:ff:82:9c: 5f:a8:95:22:67:73:d3:3f:f6:ae:2e:6e:d0:1c:eb:19:54:60: 3c:db:61:4b:0d:80:0a:9f:d2:4e:4e:d3:26:18:bf:ea:ce:2a: d0:47:e7:ec:be:f9:3c:9e:01:a5:12:91:06:c6:d5:10:c3:cb: a5:ad:27:e2:7a:2a:e6:fa:83:84:80:7c:36:23:9d:91:83:4c: 9f:9d:e0:cf:50:d6:6b:f8:ab:f2:9d:cd:9a:05:3f:17:ae:74: b2:d7:d4:81:bd:49:74:9b:de:33:e9:87:a6:4b:3c:1f:ae:f7: fa:3b:97:d8 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUK7UxsHVPOStv+lJZ3iHhcsqQoHgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTE2MzZaFw0yNzAxMTYyMTIxMzZaMDMxMTAvBgNV BAMTKEM4RjRCRThBOTBDQ0VCRTk5MkJGNTE5OTVFQzAzMUQ3MEVBMjlENUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiG5zmnBzURTDWyD9wBefuCWTp qTyhxi+cEv4wHbfhL1CMwlR1wgdjmNIRWa5+CkyVRxEk+sp5tQwPt/eXqQh3RIVF 86IbwOdIijpnyJyDOigCfYBNiILj/8zJYd052r9l3Sb7+8xxmR1gTpco0bSXMP8r hNSvS6zksigF0j6RgS55vM6zxhbXShO7a+x0+ELovWTHZnyfKQQk5lkwxnhEKzfU pjxF3U4KgD63dCZ+aCG0fBPdg54VIh4vlyE9irEHZl1MEphiSCK8TsKi25ITY3dm j/j/1Vj2SAxiBo3nbZwSFaOHsnJph6K4uGwQW+Sc2Yhv0yVcdZb1p/FIgYJvAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUyPS+ipDM6+mSv1GZXsAx1w6inVswHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzNDMwM2EzYTJmMzQzNDJkMzQzODIwM2QzZTIwMzIzMTMxMzUzNzM1LnJvYTAY BgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIA AjAJAwcEKg8cxQBAMA0GCSqGSIb3DQEBCwUAA4IBAQBeoxoWWU85gV6hhfwHIUlO To6xYZDSNeWrspxjPeW1v5zliPT8/nxeiSdgpYdd/D5JFkezD903wTrDBjjBACdV OMUBvR5f+cuml9FpnzuInLJfTswLfVIPyY3x0bmiqsGCCZAbDfGKXlxgpQnhs/NT SfwP4QXqcZAB/x8/rbr4bREmbs85F2eyHUwFQH//gpxfqJUiZ3PTP/auLm7QHOsZ VGA822FLDYAKn9JOTtMmGL/qzirQR+fsvvk8ngGlEpEGxtUQw8ulrSfieirm+oOE gHw2I52Rg0yfneDPUNZr+Kvync2aBT8XrnSy19SBvUl0m94z6YemSzwfrvf6O5fY -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:26 2026 by rpki-client