This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa File: 3231332e3133392e36362e302f32342d3234203d3e203136353039.roa (raw, json) Hash identifier: FY200EeTGQqoD9S8sjuLjCwpFp/7NCHvuVTZp+n3GiM= Subject key identifier: 13:03:8B:BC:CB:DC:5C:31:76:B3:1D:01:A2:91:1E:08:9A:D2:08:84 Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e Certificate serial: 62074C540157624C391B2E037E553AF358731EF4 Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa Signing time: Wed 29 Oct 2025 06:55:10 +0000 ROA not before: Wed 29 Oct 2025 06:50:10 +0000 ROA not after: Wed 28 Oct 2026 06:55:10 +0000 asID: 16509 IP address blocks: 213.139.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 23:59:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:07:4c:54:01:57:62:4c:39:1b:2e:03:7e:55:3a:f3:58:73:1e:f4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e Validity Not Before: Oct 29 06:50:10 2025 GMT Not After : Oct 28 06:55:10 2026 GMT Subject: CN=13038BBCCBDC5C3176B31D01A2911E089AD20884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:53:b6:a0:17:7d:93:92:24:f3:4d:e4:b1:f7: 39:7a:33:78:9d:b5:3a:e6:0a:d4:5f:50:25:85:4f: 8e:a7:78:05:2e:88:36:6e:f8:b0:eb:e5:e2:27:cf: 99:1f:10:aa:a5:a0:37:1e:70:b7:18:47:0f:c3:26: f1:2e:e0:76:62:ab:b5:36:0e:6d:5c:11:91:b7:26: 49:7e:3a:57:15:e0:2a:3d:18:ae:42:54:7a:30:32: 02:23:a2:aa:e7:ea:79:a5:b9:a7:b2:21:0c:13:20: 30:61:d1:4e:7f:19:30:9d:24:c6:4a:67:bf:f2:94: 64:10:ff:95:44:f3:ff:c4:f7:e5:fd:9f:a1:10:5c: 2a:79:23:7d:c8:be:da:44:5d:86:c5:8b:7e:17:14: 47:3d:d8:4d:e7:ef:6b:b6:2d:55:b4:04:88:1d:7d: bd:38:8f:38:87:11:4d:c7:67:4c:6e:74:a1:10:83: f1:52:a3:03:6e:ec:5f:38:e8:d6:94:61:a7:52:37: 10:b1:0a:0d:75:b2:6e:0b:e2:01:94:d7:43:0b:f8: 51:26:e7:d1:db:f0:58:c5:ef:38:a8:2e:49:ed:f1: 61:c4:48:1c:49:c0:64:28:1b:90:5f:35:ce:86:d9: 27:d3:1a:09:30:10:d6:18:c6:11:74:38:a8:4c:e0: 42:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:03:8B:BC:CB:DC:5C:31:76:B3:1D:01:A2:91:1E:08:9A:D2:08:84 X509v3 Authority Key Identifier: keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36362e302f32342d3234203d3e203136353039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.139.66.0/24 Signature Algorithm: sha256WithRSAEncryption 0c:1e:aa:02:c8:b7:0e:1d:6b:c6:72:f8:18:e5:42:8d:aa:56: 63:1d:ac:a9:12:fb:9c:14:5c:f1:d7:18:b3:bb:6a:a7:bb:56: 1a:86:d1:87:2b:73:a7:3a:44:95:14:81:d5:8b:bc:1c:a0:55: 39:e7:c3:e5:8f:94:d0:3d:3e:a8:77:19:c2:85:e8:26:8b:1d: 4d:e6:26:36:83:d2:a7:e8:c8:3b:03:1f:c4:89:9e:cb:bf:90: 1c:05:7c:f4:71:a6:9a:3c:7a:81:a8:92:2b:90:c9:5e:17:71: d1:4b:15:d7:82:39:89:3a:55:16:ba:9e:eb:60:8c:f6:b2:81: 2c:ec:19:28:eb:98:9e:64:ad:3f:0e:7c:1f:29:f2:19:11:1b: ba:db:33:7c:1d:04:e9:86:ec:cd:30:c6:1c:81:99:0a:cb:ea: f1:f5:5e:81:a5:f1:8b:bd:2a:47:c9:76:0c:9e:9b:43:1b:f3: d5:95:92:2a:ff:66:f2:96:54:34:71:46:7e:27:71:bf:dd:65: b2:26:68:9e:18:ff:18:e2:c2:a6:0d:24:20:49:74:da:c6:1f: 01:8e:2f:cc:fe:e5:c2:58:8d:0e:35:69:22:16:b5:fd:a6:ab: 46:28:26:d6:f0:a5:e2:ec:52:7f:9d:d1:70:b3:84:bb:66:54: 82:6a:59:68 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUYgdMVAFXYkw5Gy4DflU681hzHvQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk NDhjN2QzZTAeFw0yNTEwMjkwNjUwMTBaFw0yNjEwMjgwNjU1MTBaMDMxMTAvBgNV BAMTKDEzMDM4QkJDQ0JEQzVDMzE3NkIzMUQwMUEyOTExRTA4OUFEMjA4ODQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEU7agF32TkiTzTeSx9zl6M3id tTrmCtRfUCWFT46neAUuiDZu+LDr5eInz5kfEKqloDcecLcYRw/DJvEu4HZiq7U2 Dm1cEZG3Jkl+OlcV4Co9GK5CVHowMgIjoqrn6nmluaeyIQwTIDBh0U5/GTCdJMZK Z7/ylGQQ/5VE8//E9+X9n6EQXCp5I33IvtpEXYbFi34XFEc92E3n72u2LVW0BIgd fb04jziHEU3HZ0xudKEQg/FSowNu7F846NaUYadSNxCxCg11sm4L4gGU10ML+FEm 59Hb8FjF7zioLknt8WHESBxJwGQoG5BfNc6G2SfTGgkwENYYxhF0OKhM4EKBAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUEwOLvMvcXDF2sx0BopEeCJrSCIQwHwYDVR0j BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2 MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM2MzUzMDM5LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA 1YtCMA0GCSqGSIb3DQEBCwUAA4IBAQAMHqoCyLcOHWvGcvgY5UKNqlZjHaypEvuc FFzx1xizu2qnu1YahtGHK3OnOkSVFIHVi7wcoFU558Plj5TQPT6odxnChegmix1N 5iY2g9Kn6Mg7Ax/EiZ7Lv5AcBXz0caaaPHqBqJIrkMleF3HRSxXXgjmJOlUWup7r YIz2soEs7Bko65ieZK0/DnwfKfIZERu62zN8HQTphuzNMMYcgZkKy+rx9V6BpfGL vSpHyXYMnptDG/PVlZIq/2byllQ0cUZ+J3G/3WWyJmieGP8Y4sKmDSQgSXTaxh8B ji/M/uXCWI0ONWkiFrX9pqtGKCbW8KXi7FJ/ndFws4S7ZlSCallo -----END CERTIFICATE-----Generated at Sat Dec 6 12:52:38 2025 by rpki-client