This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa File: 3231332e3133392e37342e302f32342d3234203d3e203239383032.roa (raw, json) Hash identifier: e2HbFyb9jJVCReOUGrS06701Hln0j7R9pUtzgWwuBh4= Subject key identifier: 25:F8:A7:25:51:19:6C:E3:06:28:B2:23:03:E3:91:EE:7A:60:41:BB Certificate issuer: /CN=b683f2eb50c5999a77456e8826831609d48c7d3e Certificate serial: 5C31622B4D16407C3BAD97E060D59E0F40DBD5B8 Authority key identifier: B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa Signing time: Wed 28 Jan 2026 00:55:36 +0000 ROA not before: Wed 28 Jan 2026 00:50:36 +0000 ROA not after: Wed 27 Jan 2027 00:55:36 +0000 asID: 29802 IP address blocks: 213.139.74.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.mft rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 30 Jan 2026 12:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5c:31:62:2b:4d:16:40:7c:3b:ad:97:e0:60:d5:9e:0f:40:db:d5:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b683f2eb50c5999a77456e8826831609d48c7d3e Validity Not Before: Jan 28 00:50:36 2026 GMT Not After : Jan 27 00:55:36 2027 GMT Subject: CN=25F8A72551196CE30628B22303E391EE7A6041BB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:65:5a:39:cd:c6:c2:05:c7:11:ad:8a:92:2e: c0:0d:f1:93:22:89:de:1a:c2:b2:90:3a:c0:ad:89: d7:1f:67:60:ba:59:77:f0:fd:40:d8:e6:cc:02:50: c7:99:73:27:4c:00:b7:49:2b:0c:20:df:4e:47:09: d1:f6:46:7a:c7:dc:64:98:31:20:3c:53:15:85:95: f4:82:d3:db:e6:b4:a2:bb:82:3a:11:21:29:8f:0a: fd:80:eb:ad:4e:ff:fb:0a:ed:fb:96:98:39:85:6c: cc:a8:73:98:64:40:12:d9:19:4e:bd:5f:61:62:65: d8:7d:df:70:ba:07:ab:4b:32:71:d3:16:e9:9e:9c: 94:f5:6d:45:e2:76:dd:62:49:01:06:0b:13:2d:6d: 5c:94:c8:33:ce:c6:2b:9e:a1:15:d9:d9:dc:ae:78: 8e:56:39:0e:3c:d7:17:25:92:81:0f:31:b6:e9:7b: c7:83:bd:46:95:44:46:74:23:3c:f6:2a:1a:29:cb: e3:56:e8:7a:3f:b0:f7:d9:05:26:3f:18:f1:a3:d1: 0d:aa:0e:77:a7:f6:99:a0:81:b5:2f:54:a1:c7:d0: b9:bf:e7:b0:b4:59:f8:bc:e0:a3:4c:24:05:87:ee: 00:63:c5:2e:88:63:42:73:e3:f1:6a:4f:1d:ed:ca: 71:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 25:F8:A7:25:51:19:6C:E3:06:28:B2:23:03:E3:91:EE:7A:60:41:BB X509v3 Authority Key Identifier: keyid:B6:83:F2:EB:50:C5:99:9A:77:45:6E:88:26:83:16:09:D4:8C:7D:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/B683F2EB50C5999A77456E8826831609D48C7D3E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/toPy61DFmZp3RW6IJoMWCdSMfT4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/a01c14fb-b660-489d-9e9f-9402e9e2c2e2/0/3231332e3133392e37342e302f32342d3234203d3e203239383032.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 213.139.74.0/24 Signature Algorithm: sha256WithRSAEncryption 61:a8:00:2c:33:3e:6f:31:e9:f0:2a:61:b2:0b:82:bd:28:8d: 96:21:23:e3:b2:db:56:81:30:9a:4c:21:ee:b1:d4:fa:7e:80: 33:9a:9a:cf:06:55:89:56:4d:c7:1d:10:a1:13:7a:3a:6b:c5: f5:c2:e6:93:3f:a6:1f:6b:1a:4a:e3:41:69:69:e9:55:71:f7: 9d:dc:b2:fc:66:ef:9d:a7:59:ce:a4:61:36:45:b4:79:a4:b4: 51:7b:3e:cf:d4:e2:c1:3d:a6:dd:47:e5:56:6b:bd:01:47:a5: df:c0:bc:d1:2f:4b:e7:3a:b8:7d:3d:ba:29:7c:02:8e:3b:0c: ff:a8:c0:47:e9:3f:66:8b:f0:ca:78:a0:b0:6e:ca:5e:45:58: 77:b7:62:08:b2:ae:1e:51:4b:72:cd:aa:d4:43:37:ea:18:8d: 92:a8:d7:b6:8d:f8:5a:c8:1c:d1:97:74:60:fd:19:26:f2:24: a9:fa:64:8b:2e:5c:8b:76:71:82:ae:5c:b2:78:5e:e6:73:23: 38:54:99:b2:78:01:67:5b:5d:f3:47:7d:9e:8c:4c:9e:3b:5b: 08:af:d9:ef:cd:19:ff:6d:bd:05:23:19:d6:da:4e:7a:ab:35: 59:a6:5f:bc:66:7f:d2:33:9f:89:b4:0d:fa:c5:9b:46:ad:06: 7d:6a:18:5a -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUXDFiK00WQHw7rZfgYNWeD0Db1bgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYjY4M2YyZWI1MGM1OTk5YTc3NDU2ZTg4MjY4MzE2MDlk NDhjN2QzZTAeFw0yNjAxMjgwMDUwMzZaFw0yNzAxMjcwMDU1MzZaMDMxMTAvBgNV BAMTKDI1RjhBNzI1NTExOTZDRTMwNjI4QjIyMzAzRTM5MUVFN0E2MDQxQkIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6ZVo5zcbCBccRrYqSLsAN8ZMi id4awrKQOsCtidcfZ2C6WXfw/UDY5swCUMeZcydMALdJKwwg305HCdH2RnrH3GSY MSA8UxWFlfSC09vmtKK7gjoRISmPCv2A661O//sK7fuWmDmFbMyoc5hkQBLZGU69 X2FiZdh933C6B6tLMnHTFumenJT1bUXidt1iSQEGCxMtbVyUyDPOxiueoRXZ2dyu eI5WOQ481xclkoEPMbbpe8eDvUaVREZ0Izz2Khopy+NW6Ho/sPfZBSY/GPGj0Q2q Dnen9pmggbUvVKHH0Lm/57C0Wfi84KNMJAWH7gBjxS6IY0Jz4/FqTx3tynEpAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUJfinJVEZbOMGKLIjA+OR7npgQbswHwYDVR0j BBgwFoAUtoPy61DFmZp3RW6IJoMWCdSMfT4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmItYjY2MC00ODlkLTllOWYtOTQwMmU5ZTJj MmUyLzAvQjY4M0YyRUI1MEM1OTk5QTc3NDU2RTg4MjY4MzE2MDlENDhDN0QzRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3RvUHk2MURGbVpwM1JXNklKb01XQ2RT TWZUNC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYTAxYzE0ZmIt YjY2MC00ODlkLTllOWYtOTQwMmU5ZTJjMmUyLzAvMzIzMTMzMmUzMTMzMzkyZTM3 MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM5MzgzMDMyLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA 1YtKMA0GCSqGSIb3DQEBCwUAA4IBAQBhqAAsMz5vMenwKmGyC4K9KI2WISPjsttW gTCaTCHusdT6foAzmprPBlWJVk3HHRChE3o6a8X1wuaTP6YfaxpK40FpaelVcfed 3LL8Zu+dp1nOpGE2RbR5pLRRez7P1OLBPabdR+VWa70BR6XfwLzRL0vnOrh9Pbop fAKOOwz/qMBH6T9mi/DKeKCwbspeRVh3t2IIsq4eUUtyzarUQzfqGI2SqNe2jfha yBzRl3Rg/Rkm8iSp+mSLLlyLdnGCrlyyeF7mcyM4VJmyeAFnW13zR32ejEyeO1sI r9nvzRn/bb0FIxnW2k56qzVZpl+8Zn/SM5+JtA36xZtGrQZ9ahha -----END CERTIFICATE-----Generated at Thu Jan 29 17:50:22 2026 by rpki-client