This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20383333.roa File: 3138352e35382e3135372e302f32342d3234203d3e20383333.roa (raw, json) Hash identifier: tzOQO8vLFzcY60oR2+1zeQgoBpJx0WPId4HsH1i4ZPg= Subject key identifier: 33:03:2F:CE:E5:43:2E:E7:89:E1:09:4B:5B:5F:F9:F2:55:CF:16:30 Certificate issuer: /CN=38a93c81ecd308e6a7632717045b3d35150120f8 Certificate serial: 6C9CDBE09A3D7F538152E52DEA4BFC9836B7BDF1 Authority key identifier: 38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20383333.roa Signing time: Mon 17 Nov 2025 15:23:55 +0000 ROA not before: Mon 17 Nov 2025 15:18:55 +0000 ROA not after: Mon 16 Nov 2026 15:23:55 +0000 asID: 833 IP address blocks: 185.58.157.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.mft rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 09:39:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6c:9c:db:e0:9a:3d:7f:53:81:52:e5:2d:ea:4b:fc:98:36:b7:bd:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=38a93c81ecd308e6a7632717045b3d35150120f8 Validity Not Before: Nov 17 15:18:55 2025 GMT Not After : Nov 16 15:23:55 2026 GMT Subject: CN=33032FCEE5432EE789E1094B5B5FF9F255CF1630 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:f2:06:02:c3:a6:b9:b7:6c:54:e6:f8:ca:37: 1f:b7:ec:54:03:a4:76:74:ac:8a:41:41:f1:0c:b3: 41:3d:b0:fb:cc:39:05:3e:56:6c:bd:e1:ef:6f:18: ca:a2:5a:5a:81:0e:37:2f:40:03:c7:52:87:9c:20: 59:b5:38:92:69:d1:d6:94:35:51:a7:20:3a:c5:8c: 62:c5:87:09:f3:8a:c3:04:c4:3a:4a:47:b0:5f:47: f9:45:85:bf:c6:06:5d:97:e1:9d:9a:0a:c1:83:50: e6:8d:b1:bc:63:e9:ca:0d:31:1b:bd:de:cb:f7:cc: b2:27:3e:78:bf:46:71:e0:90:f3:a7:3c:0e:1f:9d: 82:db:67:12:a3:0c:6a:79:1d:18:59:20:78:15:85: 45:c3:ee:4f:86:09:17:0d:2e:c0:b9:96:fb:33:8d: e0:9d:b6:58:2e:de:c8:03:c1:2d:ff:37:2b:f0:53: 59:99:9b:ba:b7:2a:66:75:24:0f:cc:4d:f6:f0:4a: ff:00:66:f6:31:a0:7f:5f:2e:9e:7c:6d:ae:c2:c7: 26:86:d6:aa:3d:30:da:52:af:57:11:90:57:04:51: 23:8e:bb:14:32:2d:5d:75:45:19:10:52:90:29:6d: df:df:f7:83:60:14:a5:6a:53:10:f1:9e:43:9e:c7: ff:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:03:2F:CE:E5:43:2E:E7:89:E1:09:4B:5B:5F:F9:F2:55:CF:16:30 X509v3 Authority Key Identifier: keyid:38:A9:3C:81:EC:D3:08:E6:A7:63:27:17:04:5B:3D:35:15:01:20:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/38A93C81ECD308E6A7632717045B3D35150120F8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKk8gezTCOanYycXBFs9NRUBIPg.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/982c65b9-725d-4bb0-a216-8e77191ff9b8/0/3138352e35382e3135372e302f32342d3234203d3e20383333.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.58.157.0/24 Signature Algorithm: sha256WithRSAEncryption 2e:bd:c9:75:5b:74:fc:1a:b0:b1:28:45:e8:a6:53:00:f3:31: 67:0e:bd:70:f3:8a:62:28:da:94:9e:38:13:6b:df:6c:3b:43: 29:2e:de:87:2f:c4:97:2d:78:26:8a:8e:f0:b2:78:1f:32:5b: 49:20:02:b8:e7:48:ee:41:62:92:53:03:2b:db:2b:05:22:c4: 65:02:46:05:08:ce:a9:f3:74:82:8c:41:c4:d3:0d:98:ea:e6: 75:91:65:d8:ce:d6:29:6b:89:4a:31:a0:52:26:73:d5:f8:14: 73:7a:66:7e:33:a7:5b:cd:27:3a:32:aa:26:ca:9d:e4:c9:54: a2:39:ca:13:1e:2a:a4:49:d0:b6:bf:ae:36:91:34:50:31:85: 21:d4:53:c2:f0:0e:12:21:a3:d2:7f:0b:2d:60:cc:df:fb:ee: 2b:7d:e5:17:d3:a9:00:00:32:d4:4d:33:e0:1c:d8:77:c4:2a: b3:48:85:c3:15:d0:6e:3a:92:01:15:3e:c4:45:a6:08:16:eb: 28:29:45:5e:e4:33:f8:69:b3:69:c6:9f:bc:da:ab:a2:36:f4: e0:e5:cb:d9:a9:5c:bd:84:59:ce:11:ad:20:25:5a:3e:cb:f3: ef:e8:e2:8f:0e:87:ef:1c:cb:fc:14:12:49:56:56:75:42:d0: ba:38:e2:a4 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUbJzb4Jo9f1OBUuUt6kv8mDa3vfEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMzhhOTNjODFlY2QzMDhlNmE3NjMyNzE3MDQ1YjNkMzUx NTAxMjBmODAeFw0yNTExMTcxNTE4NTVaFw0yNjExMTYxNTIzNTVaMDMxMTAvBgNV BAMTKDMzMDMyRkNFRTU0MzJFRTc4OUUxMDk0QjVCNUZGOUYyNTVDRjE2MzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV8gYCw6a5t2xU5vjKNx+37FQD pHZ0rIpBQfEMs0E9sPvMOQU+Vmy94e9vGMqiWlqBDjcvQAPHUoecIFm1OJJp0daU NVGnIDrFjGLFhwnzisMExDpKR7BfR/lFhb/GBl2X4Z2aCsGDUOaNsbxj6coNMRu9 3sv3zLInPni/RnHgkPOnPA4fnYLbZxKjDGp5HRhZIHgVhUXD7k+GCRcNLsC5lvsz jeCdtlgu3sgDwS3/NyvwU1mZm7q3KmZ1JA/MTfbwSv8AZvYxoH9fLp58ba7CxyaG 1qo9MNpSr1cRkFcEUSOOuxQyLV11RRkQUpApbd/f94NgFKVqUxDxnkOex/+VAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUMwMvzuVDLueJ4QlLW1/58lXPFjAwHwYDVR0j BBgwFoAUOKk8gezTCOanYycXBFs9NRUBIPgwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOTgyYzY1YjktNzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZm OWI4LzAvMzhBOTNDODFFQ0QzMDhFNkE3NjMyNzE3MDQ1QjNEMzUxNTAxMjBGOC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL09LazhnZXpUQ09hbll5Y1hCRnM5TlJV QklQZy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOTgyYzY1Yjkt NzI1ZC00YmIwLWEyMTYtOGU3NzE5MWZmOWI4LzAvMzEzODM1MmUzNTM4MmUzMTM1 MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC5Op0w DQYJKoZIhvcNAQELBQADggEBAC69yXVbdPwasLEoReimUwDzMWcOvXDzimIo2pSe OBNr32w7Qyku3ocvxJcteCaKjvCyeB8yW0kgArjnSO5BYpJTAyvbKwUixGUCRgUI zqnzdIKMQcTTDZjq5nWRZdjO1ilriUoxoFImc9X4FHN6Zn4zp1vNJzoyqibKneTJ VKI5yhMeKqRJ0La/rjaRNFAxhSHUU8LwDhIho9J/Cy1gzN/77it95RfTqQAAMtRN M+Ac2HfEKrNIhcMV0G46kgEVPsRFpggW6ygpRV7kM/hps2nGn7zaq6I29ODly9mp XL2EWc4RrSAlWj7L8+/o4o8Oh+8cy/wUEklWVnVC0Lo44qQ= -----END CERTIFICATE-----Generated at Wed Dec 3 20:17:30 2025 by rpki-client