This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa File: 326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa (raw, json) Hash identifier: /phJ7IvkIJjQqedc+6zIS2gYoqHi+Ocf/hRYSoER9/g= Subject key identifier: BB:26:E7:D8:7F:58:72:14:E4:54:B1:6C:66:B3:23:1A:48:FA:64:09 Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 7D176EA99AF5EE904814EB3148AEB866EE1385E8 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa Signing time: Sat 17 Jan 2026 21:25:52 +0000 ROA not before: Sat 17 Jan 2026 21:20:52 +0000 ROA not after: Sat 16 Jan 2027 21:25:52 +0000 asID: 214899 IP address blocks: 2a0f:1cc5:900::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7d:17:6e:a9:9a:f5:ee:90:48:14:eb:31:48:ae:b8:66:ee:13:85:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:20:52 2026 GMT Not After : Jan 16 21:25:52 2027 GMT Subject: CN=BB26E7D87F587214E454B16C66B3231A48FA6409 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1f:5b:7e:70:89:01:bf:52:33:8a:75:ef:c9: 93:a0:79:fe:74:17:d0:48:cd:cf:ce:18:81:3e:08: 45:af:6a:3d:fa:60:d5:7d:30:ac:66:0b:83:5c:b8: 17:56:f2:f1:39:63:10:e7:12:b2:11:29:1b:f8:4f: 8e:3f:9a:4d:bb:ef:a3:89:04:e4:b9:3e:ea:08:dc: 89:bd:89:d4:6e:5d:3f:94:b9:ed:04:05:43:ba:3b: 71:9a:04:8b:9c:35:0f:43:56:58:a6:51:39:f6:47: a1:cb:46:b3:07:2b:92:de:38:5c:53:8e:98:72:ee: 30:98:9e:9b:ee:e7:23:bf:b2:2b:19:94:be:89:73: 74:c2:75:91:d9:ce:3f:80:23:3e:30:ca:94:e5:d2: d9:65:de:05:99:c3:88:df:88:8d:ce:ae:aa:1a:5f: 69:39:be:8d:db:d1:16:2b:89:df:04:f4:2e:7a:27: d7:23:0d:42:8f:9d:63:aa:b6:b0:19:d0:2e:bd:50: e0:5b:18:10:1b:9d:72:57:e3:c9:07:ea:68:51:fa: f1:00:0a:6f:a5:84:16:88:02:15:da:ec:be:ef:f6: 0b:2f:85:95:30:ec:be:b7:66:42:6d:ed:b6:ab:ee: df:d5:5e:2a:21:3e:d3:ca:ca:59:e0:bc:9d:a5:ab: d2:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:26:E7:D8:7F:58:72:14:E4:54:B1:6C:66:B3:23:1A:48:FA:64:09 X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a3930303a3a2f34302d3438203d3e20323134383939.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:900::/40 Signature Algorithm: sha256WithRSAEncryption 9d:ed:70:a9:91:69:28:dc:9b:bc:08:00:82:bc:61:49:ad:5b: c9:74:3c:ba:78:21:14:c0:65:7a:54:80:c8:7f:bf:d8:af:49: 68:2d:5a:5c:71:02:f5:57:22:6d:df:20:c6:47:3d:ab:3f:ba: 36:32:a1:be:d5:e8:02:7d:94:a0:c7:e3:d1:d3:98:e7:2f:32: 06:01:c3:21:f8:46:1f:21:67:ab:2f:08:5a:71:06:58:a8:4c: d9:1d:2b:4e:ef:29:3b:bd:72:dc:6e:46:01:8a:45:8b:16:20: 15:d4:07:9d:eb:8b:17:39:46:75:e0:8e:58:7c:df:f6:a2:ad: 06:a5:bc:13:67:30:5e:1a:37:2b:33:d5:de:8d:46:aa:cb:fc: 8d:e8:64:29:70:95:c2:82:19:36:59:72:9b:d0:0d:f1:d9:dd: 98:4b:63:8d:65:f2:8c:82:24:b3:1e:1f:e6:1f:b5:e0:4d:8c: 8a:6a:1e:2e:bb:76:ab:30:74:bd:45:a7:72:e6:5e:51:4f:32: f0:df:df:69:35:4b:9c:15:06:45:85:1d:59:75:eb:e9:62:52: 5a:d5:d5:4c:d6:25:80:3e:ce:ee:c7:04:7e:3d:74:8c:d4:0a: 4d:9b:5e:72:38:95:73:b2:e7:cf:32:7d:30:51:54:de:62:c1: 06:1b:72:e6 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUfRduqZr17pBIFOsxSK64Zu4ThegwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTIwNTJaFw0yNzAxMTYyMTI1NTJaMDMxMTAvBgNV BAMTKEJCMjZFN0Q4N0Y1ODcyMTRFNDU0QjE2QzY2QjMyMzFBNDhGQTY0MDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3H1t+cIkBv1IzinXvyZOgef50 F9BIzc/OGIE+CEWvaj36YNV9MKxmC4NcuBdW8vE5YxDnErIRKRv4T44/mk2776OJ BOS5PuoI3Im9idRuXT+Uue0EBUO6O3GaBIucNQ9DVlimUTn2R6HLRrMHK5LeOFxT jphy7jCYnpvu5yO/sisZlL6Jc3TCdZHZzj+AIz4wypTl0tll3gWZw4jfiI3Orqoa X2k5vo3b0RYrid8E9C56J9cjDUKPnWOqtrAZ0C69UOBbGBAbnXJX48kH6mhR+vEA Cm+lhBaIAhXa7L7v9gsvhZUw7L63ZkJt7bar7t/VXiohPtPKylngvJ2lq9L/AgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUuybn2H9YchTkVLFsZrMjGkj6ZAkwHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2EzOTMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMxMzQzODM5Mzkucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqDxzFCTANBgkqhkiG9w0BAQsFAAOCAQEAne1wqZFpKNybvAgAgrxh Sa1byXQ8unghFMBlelSAyH+/2K9JaC1aXHEC9Vcibd8gxkc9qz+6NjKhvtXoAn2U oMfj0dOY5y8yBgHDIfhGHyFnqy8IWnEGWKhM2R0rTu8pO71y3G5GAYpFixYgFdQH neuLFzlGdeCOWHzf9qKtBqW8E2cwXho3KzPV3o1Gqsv8jehkKXCVwoIZNllym9AN 8dndmEtjjWXyjIIksx4f5h+14E2MimoeLrt2qzB0vUWncuZeUU8y8N/faTVLnBUG RYUdWXXr6WJSWtXVTNYlgD7O7scEfj10jNQKTZtecjiVc7LnzzJ9MFFU3mLBBhty 5g== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:35 2026 by rpki-client