This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35382e302f32342d3234203d3e20313335333931.roa File: 38352e3135382e35382e302f32342d3234203d3e20313335333931.roa (raw, json) Hash identifier: NNGIrIcjLYzq8LH515DYxT2tdUbp/7M/Abc0ItCJ63Q= Subject key identifier: 12:3D:34:BF:D3:D4:80:FC:03:77:26:E4:43:22:1D:84:87:FF:C7:02 Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 37C4D9E93786C0E3484C379FED14E576EDF22E1C Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35382e302f32342d3234203d3e20313335333931.roa Signing time: Sat 13 Dec 2025 09:11:29 +0000 ROA not before: Sat 13 Dec 2025 09:06:29 +0000 ROA not after: Sat 12 Dec 2026 09:11:29 +0000 asID: 135391 IP address blocks: 85.158.58.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:18:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:c4:d9:e9:37:86:c0:e3:48:4c:37:9f:ed:14:e5:76:ed:f2:2e:1c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 13 09:06:29 2025 GMT Not After : Dec 12 09:11:29 2026 GMT Subject: CN=123D34BFD3D480FC037726E443221D8487FFC702 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d9:98:34:07:bb:77:f5:c3:c6:68:a2:d2:e5: c8:6c:da:ac:5a:5e:18:96:18:43:2e:7a:f4:3a:40: db:b0:f4:7b:09:2e:90:a1:c5:8f:d9:8c:9e:70:96: 3b:bf:18:a5:c0:f9:e3:a0:55:52:f7:0c:83:fe:59: c3:66:5c:9b:bc:a0:5a:6b:0e:5f:17:a1:6c:8b:8f: 45:03:3b:dc:03:1a:78:74:8c:7e:07:e6:06:02:8e: 4a:c6:6e:f0:3c:d6:2f:97:55:a4:ad:aa:b6:17:0b: 0e:c0:db:cb:29:93:cf:01:4d:52:7c:9b:7d:b0:cf: d9:c5:57:9a:18:b4:07:64:e3:1e:ec:37:0f:ce:0c: bf:93:19:80:ba:f4:50:51:75:bc:f2:9f:3c:78:00: 44:e5:b7:c9:e5:60:f9:92:46:4b:22:97:2e:18:d3: ec:8b:61:f8:73:11:53:67:26:a6:8f:03:21:86:dd: 5c:21:68:37:fd:d9:3f:e4:18:0b:5c:49:ad:2e:e2: cc:6d:4b:92:e8:53:22:f7:ea:79:0d:ca:40:51:be: bd:2f:bc:00:45:13:cf:2e:38:d1:63:e7:1b:1b:4b: 60:77:20:d8:0b:a3:71:2d:74:63:f8:32:78:80:fb: c3:c3:a0:e9:b8:f2:8f:be:ff:a4:ea:02:53:95:75: f0:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:3D:34:BF:D3:D4:80:FC:03:77:26:E4:43:22:1D:84:87:FF:C7:02 X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35382e302f32342d3234203d3e20313335333931.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.58.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:42:af:c2:df:1e:c8:82:72:13:0c:e6:65:cf:46:eb:e1:ed: 6b:08:9e:d1:90:fc:c6:bd:5c:6a:e3:4c:16:a2:47:61:57:c5: 07:16:5c:2c:9a:80:66:ac:55:cb:41:72:0a:d2:2e:58:c8:54: 3d:3a:a0:7e:c4:ab:34:ea:c7:73:93:39:09:1f:0f:40:e5:3e: 98:9a:66:c0:8f:60:52:a9:0b:f2:13:73:63:8a:64:96:03:19: 59:08:1c:20:62:b6:44:60:f3:4b:b6:02:55:28:ae:f7:6e:0b: 41:f8:bc:23:82:1e:05:0b:57:0b:25:e8:bc:4d:43:c8:61:bb: 69:fd:15:a2:08:76:7b:bd:a1:88:71:63:98:7c:a8:43:85:60: 0f:95:3a:53:36:09:42:87:e3:ce:36:fd:e5:f5:ce:ef:62:57: 6a:be:d3:31:85:6e:cd:32:62:22:53:5b:08:e4:e8:70:fb:c3: 3b:5e:50:e7:a7:fd:cc:04:ab:52:41:dc:d0:54:de:93:b0:f5: 0e:77:23:0c:6c:af:35:b1:9b:d5:8c:6e:ad:65:65:c6:62:40: 0a:8f:a7:34:fc:d3:90:86:03:2b:86:58:b4:87:17:c1:ff:3c: 3d:04:34:ee:b7:7d:f4:8e:92:62:d5:8c:bc:ae:ea:82:c5:1d: 36:15:36:0d -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUN8TZ6TeGwONITDef7RTldu3yLhwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTMwOTA2MjlaFw0yNjEyMTIwOTExMjlaMDMxMTAvBgNV BAMTKDEyM0QzNEJGRDNENDgwRkMwMzc3MjZFNDQzMjIxRDg0ODdGRkM3MDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw2Zg0B7t39cPGaKLS5chs2qxa XhiWGEMuevQ6QNuw9HsJLpChxY/ZjJ5wlju/GKXA+eOgVVL3DIP+WcNmXJu8oFpr Dl8XoWyLj0UDO9wDGnh0jH4H5gYCjkrGbvA81i+XVaStqrYXCw7A28spk88BTVJ8 m32wz9nFV5oYtAdk4x7sNw/ODL+TGYC69FBRdbzynzx4AETlt8nlYPmSRksily4Y 0+yLYfhzEVNnJqaPAyGG3VwhaDf92T/kGAtcSa0u4sxtS5LoUyL36nkNykBRvr0v vABFE88uONFj5xsbS2B3INgLo3EtdGP4MniA+8PDoOm48o++/6TqAlOVdfDBAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUEj00v9PUgPwDdybkQyIdhIf/xwIwHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzEzNTM4MmUzNTM4 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM1MzMzOTMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA VZ46MA0GCSqGSIb3DQEBCwUAA4IBAQA7Qq/C3x7IgnITDOZlz0br4e1rCJ7RkPzG vVxq40wWokdhV8UHFlwsmoBmrFXLQXIK0i5YyFQ9OqB+xKs06sdzkzkJHw9A5T6Y mmbAj2BSqQvyE3NjimSWAxlZCBwgYrZEYPNLtgJVKK73bgtB+Lwjgh4FC1cLJei8 TUPIYbtp/RWiCHZ7vaGIcWOYfKhDhWAPlTpTNglCh+PONv3l9c7vYldqvtMxhW7N MmIiU1sI5Ohw+8M7XlDnp/3MBKtSQdzQVN6TsPUOdyMMbK81sZvVjG6tZWXGYkAK j6c0/NOQhgMrhli0hxfB/zw9BDTut330jpJi1Yy8ruqCxR02FTYN -----END CERTIFICATE-----Generated at Tue Dec 16 16:19:48 2025 by rpki-client