This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa File: 3231332e3133392e36372e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: alzVNwPEtGnVr1pp5TRYozIiGcS2PslMBec2B8rJQrA= Subject key identifier: F7:AD:F1:70:84:37:FD:CB:24:BD:1E:87:CD:4F:9C:06:31:A4:08:E8 Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e Certificate serial: 1FE5635EA51D492066C7E5C4F53C639E7C598584 Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa Signing time: Mon 19 Jan 2026 11:17:20 +0000 ROA not before: Mon 19 Jan 2026 11:12:20 +0000 ROA not after: Mon 18 Jan 2027 11:17:20 +0000 asID: 834 IP address blocks: 213.139.67.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 06:31:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:e5:63:5e:a5:1d:49:20:66:c7:e5:c4:f5:3c:63:9e:7c:59:85:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e Validity Not Before: Jan 19 11:12:20 2026 GMT Not After : Jan 18 11:17:20 2027 GMT Subject: CN=F7ADF1708437FDCB24BD1E87CD4F9C0631A408E8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:71:ba:b7:d3:8b:32:53:91:f0:f9:24:d7:59: 81:a8:86:3a:f4:6f:ac:32:79:fa:4c:c2:5b:4e:ad: 4e:18:7d:34:f6:8d:bc:cf:04:0a:b9:23:08:f5:7b: 0d:86:d6:20:f0:79:0e:8d:4a:75:9b:e5:1b:ba:3d: 80:f9:5f:7d:07:7d:27:48:bf:fd:ee:1c:b7:1e:2c: 98:0e:03:58:79:e6:c9:0f:a8:0d:92:38:2c:a0:ca: 08:00:29:bb:f9:78:cc:44:be:8f:55:30:21:1b:f4: f0:6d:2d:5e:70:7b:2a:f3:38:3c:ff:2c:69:01:6e: 4d:02:84:6c:6d:c7:5e:40:e4:3d:a3:5e:9e:7d:52: 7d:04:c6:12:2d:8f:63:2e:55:46:fc:91:8c:5a:2b: fe:83:f2:08:2b:28:bb:94:6e:5e:a8:a9:ca:96:bd: 74:5a:47:22:90:34:7b:2c:cc:e9:c9:88:35:33:ec: 2b:09:f3:b7:17:86:c1:d5:8f:b7:6a:54:db:86:17: 08:2f:9a:5b:34:57:82:5e:e7:9c:92:6f:ab:d0:b1: 2e:9c:3c:c0:62:db:91:c1:a7:dd:8e:98:e8:68:cd: 0c:d7:51:03:86:c1:82:20:5a:3d:f7:57:47:a6:13: 91:4d:4d:d9:37:9b:2c:c3:47:80:07:16:f8:ff:17: 90:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:AD:F1:70:84:37:FD:CB:24:BD:1E:87:CD:4F:9C:06:31:A4:08:E8 X509v3 Authority Key Identifier: keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e36372e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.139.67.0/24 Signature Algorithm: sha256WithRSAEncryption 11:3f:22:f9:7b:84:28:0e:6f:ad:12:65:98:ae:f9:a5:48:18: 4d:84:a1:96:b6:2f:d9:5b:1f:26:9a:12:7f:80:c3:87:3e:3d: cf:88:27:fe:8a:08:2b:36:7a:9c:dc:36:52:f5:b9:74:0d:34: de:7d:c3:d1:40:2a:a6:b1:c7:fc:d8:9a:8b:3c:6e:9e:6a:3e: 2d:ee:34:54:4c:05:fb:61:15:07:46:bc:35:c4:9a:43:69:29: f4:00:8e:39:72:84:50:3b:ef:c2:8f:1e:1d:03:26:a6:ab:d5: bd:33:ae:70:a3:65:d1:ea:18:f5:d0:5b:42:26:8d:be:28:6d: dc:3d:7e:94:96:17:04:83:cf:99:fc:80:f6:89:ee:3b:bb:4a: 6f:de:7f:9d:90:d7:76:b6:93:1a:52:7b:47:1d:be:19:e2:0a: f5:67:ae:ec:a6:51:a0:a9:e1:23:55:01:e7:e1:34:34:03:2d: 32:11:48:77:10:f4:19:6b:5d:50:19:d0:d3:71:61:b2:82:d2: 16:c7:ad:1e:ab:86:5d:cd:cd:da:45:47:1e:5f:b5:79:df:f2: 5f:fc:3e:86:c1:04:dd:4b:b8:cc:35:a9:86:fd:64:94:10:1e: f7:97:e1:7c:1b:73:09:31:8b:af:52:e4:d9:00:a7:b2:bc:3d: bc:21:d2:d2 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUH+VjXqUdSSBmx+XE9TxjnnxZhYQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk NDhjN2QzZTAeFw0yNjAxMTkxMTEyMjBaFw0yNzAxMTgxMTE3MjBaMDMxMTAvBgNV BAMTKEY3QURGMTcwODQzN0ZEQ0IyNEJEMUU4N0NENEY5QzA2MzFBNDA4RTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzcbq304syU5Hw+STXWYGohjr0 b6wyefpMwltOrU4YfTT2jbzPBAq5Iwj1ew2G1iDweQ6NSnWb5Ru6PYD5X30HfSdI v/3uHLceLJgOA1h55skPqA2SOCygyggAKbv5eMxEvo9VMCEb9PBtLV5weyrzODz/ LGkBbk0ChGxtx15A5D2jXp59Un0ExhItj2MuVUb8kYxaK/6D8ggrKLuUbl6oqcqW vXRaRyKQNHsszOnJiDUz7CsJ87cXhsHVj7dqVNuGFwgvmls0V4Je55ySb6vQsS6c PMBi25HBp92OmOhozQzXUQOGwYIgWj33V0emE5FNTdk3myzDR4AHFvj/F5DjAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU963xcIQ3/cskvR6HzU+cBjGkCOgwHwYDVR0j BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT TWZUNC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM2 MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBADVi0Mw DQYJKoZIhvcNAQELBQADggEBABE/Ivl7hCgOb60SZZiu+aVIGE2EoZa2L9lbHyaa En+Aw4c+Pc+IJ/6KCCs2epzcNlL1uXQNNN59w9FAKqaxx/zYmos8bp5qPi3uNFRM BfthFQdGvDXEmkNpKfQAjjlyhFA778KPHh0DJqar1b0zrnCjZdHqGPXQW0Imjb4o bdw9fpSWFwSDz5n8gPaJ7ju7Sm/ef52Q13a2kxpSe0cdvhniCvVnruymUaCp4SNV AefhNDQDLTIRSHcQ9BlrXVAZ0NNxYbKC0hbHrR6rhl3NzdpFRx5ftXnf8l/8PobB BN1LuMw1qYb9ZJQQHveX4Xwbcwkxi69S5NkAp7K8Pbwh0tI= -----END CERTIFICATE-----Generated at Tue Jan 20 15:21:19 2026 by rpki-client