This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa File: 38352e3135382e35362e302f32342d3234203d3e20323131333733.roa (raw, json) Hash identifier: IuHs35/nsV7f3S63iIQDvUgDh7ePzENqLS3cqR0qIaI= Subject key identifier: 37:1C:26:D2:4E:1C:A4:98:3A:34:33:12:03:EF:26:FC:40:18:1A:D7 Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 454993140DDCD51AAFA914124904C61005405094 Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa Signing time: Sat 13 Dec 2025 09:11:32 +0000 ROA not before: Sat 13 Dec 2025 09:06:32 +0000 ROA not after: Sat 12 Dec 2026 09:11:32 +0000 asID: 211373 IP address blocks: 85.158.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:18:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:49:93:14:0d:dc:d5:1a:af:a9:14:12:49:04:c6:10:05:40:50:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 13 09:06:32 2025 GMT Not After : Dec 12 09:11:32 2026 GMT Subject: CN=371C26D24E1CA4983A34331203EF26FC40181AD7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:1b:b6:16:2f:05:b1:5d:fe:73:1b:c2:9f:97: 18:08:6e:ae:80:90:cb:28:91:76:a8:5a:2b:43:37: e7:bf:4e:c8:37:f8:6c:29:5d:45:29:2f:b6:8a:d4: 8f:a2:e4:e3:0a:e2:36:18:4b:61:34:95:b3:f7:30: 19:4f:44:e5:05:16:48:e7:1c:74:d5:16:33:bb:6c: e4:40:c7:7a:30:3b:a0:fb:82:74:23:6d:87:53:78: 32:f9:f1:89:ac:d9:25:29:72:f9:e9:d0:80:56:bb: db:64:c9:96:14:83:81:99:f5:86:6a:f4:8b:f8:a8: 3c:5f:c5:07:bb:d1:1a:ff:89:69:d9:83:c1:e1:a0: 65:f1:b1:1c:73:ea:e7:9d:e8:da:09:a2:64:82:a7: 6a:ed:ec:69:4d:3e:0f:5e:a9:47:11:c6:8a:90:e6: 8c:ab:ad:e7:da:ad:41:6c:8f:02:e8:2d:13:d6:4c: a2:10:dd:a3:14:1b:a8:77:95:f4:24:33:56:15:80: 5d:cf:72:e4:42:0a:17:be:b3:da:f8:3e:c5:f7:e3: ba:93:79:4d:69:70:d0:84:1e:ff:e7:9a:a8:eb:a1: 99:d8:4d:fa:43:7a:78:c0:93:e4:fe:7b:dd:ff:95: 48:79:17:b7:45:5e:e7:37:85:e9:a5:41:70:c8:cf: 80:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:1C:26:D2:4E:1C:A4:98:3A:34:33:12:03:EF:26:FC:40:18:1A:D7 X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35362e302f32342d3234203d3e20323131333733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.56.0/24 Signature Algorithm: sha256WithRSAEncryption 1d:fd:71:1a:69:7a:31:9e:af:75:a8:e2:d9:b5:ae:89:c7:5c: 9a:9a:a2:54:cd:10:09:61:1c:a6:b6:f9:29:c4:66:27:c6:08: 65:00:64:89:a6:ca:2f:71:ce:ec:f2:bc:94:7f:65:8a:87:7c: 05:13:fc:47:18:fb:ee:42:b4:b0:f4:f1:f1:6e:d2:d7:95:f7: 9c:72:7d:2b:ed:92:09:a9:cc:ff:8b:29:92:99:40:17:8b:aa: 1c:70:90:6a:79:56:82:b1:c7:ec:6f:0c:ef:bd:c1:08:4c:60: 0c:d1:ba:7c:bd:c2:4c:72:18:eb:fd:d2:75:2a:8f:a5:fc:ac: 09:ef:84:0d:da:ec:20:e7:c9:1b:92:05:26:05:32:92:9d:9b: eb:8f:5b:14:a7:fd:9c:66:21:29:ca:c9:a9:ea:28:f8:16:18: e8:a3:26:5a:c7:0b:87:f0:b1:c9:d0:4a:08:d8:9a:64:f2:d0: 0f:4d:4c:25:c2:a6:4f:32:85:7a:74:ec:98:07:76:4a:4d:2c: 23:09:2c:b2:34:27:20:66:28:eb:1c:d5:28:d0:46:3b:ef:d8: dd:5a:f2:6b:65:08:df:73:92:b8:ee:c0:8e:29:dc:f6:85:78: fc:e7:4f:69:2f:ef:ee:d4:40:81:bc:14:76:fb:10:4b:ca:98: 1e:50:04:71 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIURUmTFA3c1RqvqRQSSQTGEAVAUJQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTMwOTA2MzJaFw0yNjEyMTIwOTExMzJaMDMxMTAvBgNV BAMTKDM3MUMyNkQyNEUxQ0E0OTgzQTM0MzMxMjAzRUYyNkZDNDAxODFBRDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeG7YWLwWxXf5zG8KflxgIbq6A kMsokXaoWitDN+e/Tsg3+GwpXUUpL7aK1I+i5OMK4jYYS2E0lbP3MBlPROUFFkjn HHTVFjO7bORAx3owO6D7gnQjbYdTeDL58Yms2SUpcvnp0IBWu9tkyZYUg4GZ9YZq 9Iv4qDxfxQe70Rr/iWnZg8HhoGXxsRxz6ued6NoJomSCp2rt7GlNPg9eqUcRxoqQ 5oyrrefarUFsjwLoLRPWTKIQ3aMUG6h3lfQkM1YVgF3PcuRCChe+s9r4PsX347qT eU1pcNCEHv/nmqjroZnYTfpDenjAk+T+e93/lUh5F7dFXuc3hemlQXDIz4DHAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUNxwm0k4cpJg6NDMSA+8m/EAYGtcwHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzEzNTM4MmUzNTM2 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTMxMzMzNzMzLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA VZ44MA0GCSqGSIb3DQEBCwUAA4IBAQAd/XEaaXoxnq91qOLZta6Jx1yamqJUzRAJ YRymtvkpxGYnxghlAGSJpsovcc7s8ryUf2WKh3wFE/xHGPvuQrSw9PHxbtLXlfec cn0r7ZIJqcz/iymSmUAXi6occJBqeVaCscfsbwzvvcEITGAM0bp8vcJMchjr/dJ1 Ko+l/KwJ74QN2uwg58kbkgUmBTKSnZvrj1sUp/2cZiEpysmp6ij4FhjooyZaxwuH 8LHJ0EoI2Jpk8tAPTUwlwqZPMoV6dOyYB3ZKTSwjCSyyNCcgZijrHNUo0EY779jd WvJrZQjfc5K47sCOKdz2hXj8509pL+/u1ECBvBR2+xBLypgeUARx -----END CERTIFICATE-----Generated at Tue Dec 16 16:19:40 2025 by rpki-client