This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa File: 326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa (raw, json) Hash identifier: 8U6uSk7tsPccVTskG2OLsMSqghKHOmq5AIh1lYBYbH4= Subject key identifier: E7:BD:05:33:CC:C2:C0:71:0D:ED:9B:7E:2F:46:7D:0C:AB:7B:ED:3A Certificate issuer: /CN=411e2d411d687bcb4449c3df45beedc041007d94 Certificate serial: 5174855D068653DAA478D9BF219A44330B404F75 Authority key identifier: 41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa Signing time: Sat 17 Jan 2026 21:15:06 +0000 ROA not before: Sat 17 Jan 2026 21:10:06 +0000 ROA not after: Sat 16 Jan 2027 21:15:06 +0000 asID: 204244 IP address blocks: 2a0f:1cc5:d00::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.mft rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:74:85:5d:06:86:53:da:a4:78:d9:bf:21:9a:44:33:0b:40:4f:75 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=411e2d411d687bcb4449c3df45beedc041007d94 Validity Not Before: Jan 17 21:10:06 2026 GMT Not After : Jan 16 21:15:06 2027 GMT Subject: CN=E7BD0533CCC2C0710DED9B7E2F467D0CAB7BED3A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:13:9f:1a:0b:80:88:0e:03:70:57:1a:06:77: 8d:98:79:66:05:e9:1c:19:73:f1:a9:26:b4:81:f2: 99:77:3e:73:ac:5e:0f:bc:19:5b:d9:e8:f9:fb:12: 01:0b:cf:de:92:f3:38:e7:ae:bc:03:5a:a3:c4:a2: 4f:fc:46:5d:fa:a5:97:46:8c:af:41:39:47:95:ce: 44:7f:bb:44:67:0b:38:82:ef:4f:ab:18:d0:5c:af: ea:1f:9f:3b:fc:f1:fd:ad:64:b4:95:fa:cc:b8:7f: 45:49:07:72:c0:cc:45:bc:45:d8:9e:91:33:74:85: 23:97:12:4c:91:c7:82:1d:0b:67:b2:a2:2e:41:5f: 45:8e:7e:45:0a:ca:fb:11:be:59:83:a1:1a:8e:be: 21:b3:93:d5:fb:03:a2:3b:03:c9:80:5b:a2:43:51: a8:00:57:92:c1:a5:78:c7:a1:5d:a9:0d:80:87:5b: 5c:8d:6e:b8:e5:2b:bf:a4:13:5b:fc:90:87:7d:23: fe:33:c7:28:cb:02:43:cc:4b:5f:70:7a:87:7d:3d: ee:1d:58:05:83:c5:5a:09:4f:c9:7a:d0:a0:5b:0e: e6:f6:4e:d5:ff:22:2a:d3:c4:af:1a:cf:ab:27:8b: 26:98:25:65:1f:b0:7b:0b:cb:f2:7f:15:44:52:3f: ae:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:BD:05:33:CC:C2:C0:71:0D:ED:9B:7E:2F:46:7D:0C:AB:7B:ED:3A X509v3 Authority Key Identifier: keyid:41:1E:2D:41:1D:68:7B:CB:44:49:C3:DF:45:BE:ED:C0:41:00:7D:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/411E2D411D687BCB4449C3DF45BEEDC041007D94.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR4tQR1oe8tEScPfRb7twEEAfZQ.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8afb5fe2-3c2a-4939-95e9-0077b80b4f0e/0/326130663a316363353a6430303a3a2f34302d3438203d3e20323034323434.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:1cc5:d00::/40 Signature Algorithm: sha256WithRSAEncryption 74:a7:22:d2:09:28:36:a1:13:18:39:f2:6e:0b:45:bb:e1:8c: 06:de:f2:5b:4d:fa:07:5d:a6:7d:af:d8:ee:e6:67:47:38:cc: 0a:85:82:74:f2:b6:0f:1f:d5:0a:df:24:19:94:75:15:f3:f3: 4a:eb:4c:7f:33:da:03:23:09:a4:b7:8d:69:ed:82:f1:c1:f6: ac:bd:88:1b:1b:ad:60:6d:15:36:29:a5:ac:66:2e:a8:09:6c: c1:b4:2a:93:cf:e2:bd:46:5c:7a:94:c8:49:94:5a:39:b0:9e: b6:2f:1d:68:b2:bb:60:1a:49:43:c0:b7:0e:c7:2a:32:45:42: 74:13:1b:f0:42:39:b7:ff:63:98:f9:27:a3:dc:e0:69:cb:3d: b7:e7:15:0b:02:15:53:01:ab:fd:e1:51:89:87:28:61:e5:4e: a1:b9:16:11:11:ec:9e:9c:b7:c3:3d:b9:0f:8d:f1:62:d0:83: e2:dc:9d:a7:e8:c4:c6:56:88:c1:0f:58:66:d3:2e:37:c0:8c: 46:17:84:de:8d:33:a6:da:99:46:98:82:84:f6:0b:a6:16:e2: 34:a1:05:12:ab:65:54:f0:5b:fc:0e:2a:72:e8:a7:57:cc:e9: 1a:80:34:76:dc:d9:5f:a5:ac:b9:38:bf:f7:05:28:0e:74:d0: 62:76:2f:c2 -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUUXSFXQaGU9qkeNm/IZpEMwtAT3UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNDExZTJkNDExZDY4N2JjYjQ0NDljM2RmNDViZWVkYzA0 MTAwN2Q5NDAeFw0yNjAxMTcyMTEwMDZaFw0yNzAxMTYyMTE1MDZaMDMxMTAvBgNV BAMTKEU3QkQwNTMzQ0NDMkMwNzEwREVEOUI3RTJGNDY3RDBDQUI3QkVEM0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHE58aC4CIDgNwVxoGd42YeWYF 6RwZc/GpJrSB8pl3PnOsXg+8GVvZ6Pn7EgELz96S8zjnrrwDWqPEok/8Rl36pZdG jK9BOUeVzkR/u0RnCziC70+rGNBcr+ofnzv88f2tZLSV+sy4f0VJB3LAzEW8Rdie kTN0hSOXEkyRx4IdC2eyoi5BX0WOfkUKyvsRvlmDoRqOviGzk9X7A6I7A8mAW6JD UagAV5LBpXjHoV2pDYCHW1yNbrjlK7+kE1v8kId9I/4zxyjLAkPMS19weod9Pe4d WAWDxVoJT8l60KBbDub2TtX/IirTxK8az6sniyaYJWUfsHsLy/J/FURSP66hAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQU570FM8zCwHEN7Zt+L0Z9DKt77TowHwYDVR0j BBgwFoAUQR4tQR1oe8tEScPfRb7twEEAfZQwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGFmYjVmZTItM2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0 ZjBlLzAvNDExRTJENDExRDY4N0JDQjQ0NDlDM0RGNDVCRUVEQzA0MTAwN0Q5NC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1FSNHRRUjFvZTh0RVNjUGZSYjd0d0VF QWZaUS5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGFmYjVmZTIt M2MyYS00OTM5LTk1ZTktMDA3N2I4MGI0ZjBlLzAvMzI2MTMwNjYzYTMxNjM2MzM1 M2E2NDMwMzAzYTNhMmYzNDMwMmQzNDM4MjAzZDNlMjAzMjMwMzQzMjM0MzQucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqDxzFDTANBgkqhkiG9w0BAQsFAAOCAQEAdKci0gkoNqETGDnybgtF u+GMBt7yW036B12mfa/Y7uZnRzjMCoWCdPK2Dx/VCt8kGZR1FfPzSutMfzPaAyMJ pLeNae2C8cH2rL2IGxutYG0VNimlrGYuqAlswbQqk8/ivUZcepTISZRaObCeti8d aLK7YBpJQ8C3DscqMkVCdBMb8EI5t/9jmPkno9zgacs9t+cVCwIVUwGr/eFRiYco YeVOobkWERHsnpy3wz25D43xYtCD4tydp+jExlaIwQ9YZtMuN8CMRheE3o0zptqZ RpiChPYLphbiNKEFEqtlVPBb/A4qcuinV8zpGoA0dtzZX6WsuTi/9wUoDnTQYnYv wg== -----END CERTIFICATE-----Generated at Sun Jan 18 13:13:27 2026 by rpki-client