This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa File: 326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa (raw, json) Hash identifier: QAVw3nto63ezajf647rQJV/gJ9ugJ4OboWETYueKwa0= Subject key identifier: 2C:EF:E3:EC:B3:C5:A8:19:02:85:46:5E:E4:69:B9:BA:21:CE:90:A2 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 266F2DA096CA0FE922EA1B08BE43D01439E5DDBC Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa Signing time: Sat 17 Jan 2026 21:27:30 +0000 ROA not before: Sat 17 Jan 2026 21:22:30 +0000 ROA not after: Sat 16 Jan 2027 21:27:30 +0000 asID: 214933 IP address blocks: 2a0f:1cc5:600::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:6f:2d:a0:96:ca:0f:e9:22:ea:1b:08:be:43:d0:14:39:e5:dd:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:22:30 2026 GMT Not After : Jan 16 21:27:30 2027 GMT Subject: CN=2CEFE3ECB3C5A8190285465EE469B9BA21CE90A2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:3f:a4:69:a4:92:69:cc:4f:68:35:5c:71:34: a9:32:65:40:79:11:6c:71:19:03:77:34:8f:a1:e1: 5e:c4:80:10:88:4c:af:78:10:5e:59:e5:6e:07:ce: e7:c4:90:a9:fc:7b:c1:27:31:21:3a:28:11:60:a6: b6:83:50:07:8c:15:31:b4:8f:a3:8c:b9:98:f9:0f: 97:8b:83:c8:26:3d:01:90:39:0b:83:67:90:e1:ee: 78:4a:15:72:e7:c4:b8:54:14:0c:00:b9:d6:2b:49: 65:c3:b1:c7:3f:3a:cc:a2:e1:bd:18:00:93:6c:27: 63:7a:1f:39:0b:24:68:31:57:c1:13:13:0e:66:92: 4e:5b:5b:c9:f0:f3:84:b4:87:7c:ec:99:e4:3a:2e: fb:c9:9e:3e:34:bc:b6:b7:35:e9:18:1f:19:65:da: 57:68:e1:2a:af:ba:3f:11:5f:ce:15:e9:d7:76:e4: 2e:b7:51:a5:3e:d8:9a:85:6c:34:b8:13:0f:fa:fc: 97:47:45:83:09:a4:1c:11:06:c6:03:aa:f2:3d:91: b8:80:83:52:f1:e9:c6:47:a1:ce:5c:1b:f9:56:09: 7d:61:06:2a:db:d3:6a:05:b5:15:5e:3b:7f:23:4d: 4c:7f:9b:4c:d7:78:e7:68:47:bb:e8:6e:57:45:24: 2d:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:EF:E3:EC:B3:C5:A8:19:02:85:46:5E:E4:69:B9:BA:21:CE:90:A2 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3630303a3a2f34302d3438203d3e20323134393333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:600::/40 Signature Algorithm: sha256WithRSAEncryption 8a:a5:b4:41:dc:c0:54:aa:95:c9:23:e9:37:ce:97:2e:74:e8: 50:e9:33:1a:72:68:bd:96:fc:4c:74:b0:d4:33:c0:69:f5:60: 20:22:41:d0:f7:a7:bb:59:ed:58:fe:81:5c:65:7f:f3:0a:64: f6:56:41:3c:56:a1:69:fb:c9:15:e0:b1:b1:78:10:9b:aa:33: e8:c1:d5:16:23:35:fc:8b:e0:50:f2:ec:46:6d:c9:68:02:05: ab:a6:75:f0:7f:0f:f0:47:37:17:32:8f:fd:19:1c:6f:1a:56: c8:48:b0:b0:dd:a9:c3:e3:96:62:c1:dc:14:d5:0f:bc:68:f0: 1b:9e:bf:fa:cf:42:e7:7a:4a:e1:62:84:58:fa:4c:61:71:44: 56:5c:4e:c7:7f:7c:52:7a:9b:65:66:9f:4f:6c:5d:60:27:ec: 82:2f:6c:58:03:ec:ba:ff:60:ef:f0:16:67:80:2a:fd:0b:ff: a9:6f:cf:f3:f2:bd:47:1c:1d:55:6a:3e:2b:12:3a:0a:e6:7b: 7b:ae:92:6b:0d:0f:33:78:dc:7f:e0:24:3f:12:94:10:e4:e7: d3:13:28:dc:c6:ca:30:ce:c3:e0:61:e0:c2:84:1c:c1:8b:7e: 76:10:f7:17:ae:c1:6f:5d:dc:d3:ee:7b:14:5f:e6:12:d1:53: b1:7e:d6:46 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUJm8toJbKD+ki6hsIvkPQFDnl3bwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTIyMzBaFw0yNzAxMTYyMTI3MzBaMDMxMTAvBgNV BAMTKDJDRUZFM0VDQjNDNUE4MTkwMjg1NDY1RUU0NjlCOUJBMjFDRTkwQTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOP6RppJJpzE9oNVxxNKkyZUB5 EWxxGQN3NI+h4V7EgBCITK94EF5Z5W4HzufEkKn8e8EnMSE6KBFgpraDUAeMFTG0 j6OMuZj5D5eLg8gmPQGQOQuDZ5Dh7nhKFXLnxLhUFAwAudYrSWXDscc/Osyi4b0Y AJNsJ2N6HzkLJGgxV8ETEw5mkk5bW8nw84S0h3zsmeQ6LvvJnj40vLa3NekYHxll 2ldo4Sqvuj8RX84V6dd25C63UaU+2JqFbDS4Ew/6/JdHRYMJpBwRBsYDqvI9kbiA g1Lx6cZHoc5cG/lWCX1hBirb02oFtRVeO38jTUx/m0zXeOdoR7vobldFJC2XAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQULO/j7LPFqBkChUZe5Gm5uiHOkKIwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzNjMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzOTMzMzMucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqDxzFBjANBgkqhkiG9w0BAQsFAAOCAQEAiqW0QdzAVKqVySPpN86X LnToUOkzGnJovZb8THSw1DPAafVgICJB0Penu1ntWP6BXGV/8wpk9lZBPFahafvJ FeCxsXgQm6oz6MHVFiM1/IvgUPLsRm3JaAIFq6Z18H8P8Ec3FzKP/RkcbxpWyEiw sN2pw+OWYsHcFNUPvGjwG56/+s9C53pK4WKEWPpMYXFEVlxOx398UnqbZWafT2xd YCfsgi9sWAPsuv9g7/AWZ4Aq/Qv/qW/P8/K9RxwdVWo+KxI6CuZ7e66Saw0PM3jc f+AkPxKUEOTn0xMo3MbKMM7D4GHgwoQcwYt+dhD3F67Bb13c0+57FF/mEtFTsX7W Rg== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:37 2026 by rpki-client