This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa File: 38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa (raw, json) Hash identifier: XpNS52dnDDO9a5tPNPB9/BYGpD5XVREm04MqlOqqp38= Subject key identifier: 02:2A:92:8F:52:AF:94:AF:AB:0D:97:44:65:7B:7B:94:FB:73:49:A1 Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 436287E04E5A0B08B568BDD353F21AAEEE5CFF0A Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa Signing time: Sat 13 Dec 2025 09:11:31 +0000 ROA not before: Sat 13 Dec 2025 09:06:31 +0000 ROA not after: Sat 12 Dec 2026 09:11:31 +0000 asID: 211373 IP address blocks: 85.237.200.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:18:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:62:87:e0:4e:5a:0b:08:b5:68:bd:d3:53:f2:1a:ae:ee:5c:ff:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 13 09:06:31 2025 GMT Not After : Dec 12 09:11:31 2026 GMT Subject: CN=022A928F52AF94AFAB0D9744657B7B94FB7349A1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d0:aa:9d:c8:6f:f2:41:bc:4a:cc:3c:0f:c1: 02:2a:e8:81:ef:da:6f:a0:ed:59:22:a7:37:60:6e: 7f:6d:8d:a5:d2:d3:e4:cc:21:1d:3f:89:a7:0f:22: a8:19:2a:16:f5:10:93:1d:f8:9f:9a:07:df:14:29: 40:8f:d5:e3:dc:cc:26:cc:55:47:5f:0c:1b:03:1c: 25:74:92:a7:5e:42:64:d7:d8:1f:43:2c:59:6b:0a: db:f7:84:d5:aa:35:ba:ad:19:cb:38:b8:96:73:aa: 96:e2:c2:a5:f2:b6:8e:83:54:79:93:04:a7:17:a5: 91:39:46:b9:a6:9a:cb:40:6d:d9:c8:eb:59:f8:c9: 04:a3:9f:99:87:96:a9:c0:04:6d:10:e3:26:05:f0: 2e:05:9b:2a:a6:79:28:ac:1b:99:99:6a:32:4c:f4: 0b:90:89:d3:b2:56:fa:29:83:7c:86:9f:cf:0d:ae: f5:1b:7e:32:bd:38:6d:0c:25:de:63:38:0d:b2:6d: ec:06:7c:8a:39:24:e5:ae:c5:df:c6:ae:f0:07:fa: 95:af:77:04:80:a9:b8:18:e2:d0:81:2f:91:65:b1: 05:7f:5f:3e:e7:96:b1:38:aa:87:10:8d:d7:d7:42: 8a:ad:24:e4:6c:89:1e:13:ef:d7:5f:0d:3f:03:59: eb:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:2A:92:8F:52:AF:94:AF:AB:0D:97:44:65:7B:7B:94:FB:73:49:A1 X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3230302e302f32342d3234203d3e20323131333733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.237.200.0/24 Signature Algorithm: sha256WithRSAEncryption 01:b1:68:4a:46:53:1f:74:f8:44:a2:93:b8:74:c7:ff:23:fc: b3:d6:97:de:1a:78:9b:9a:5b:c3:af:4e:41:20:ed:ae:8c:aa: 58:79:17:7a:03:ca:0a:39:0d:48:34:e0:a3:c9:96:1a:f3:8b: 3a:94:02:a8:ca:1e:6b:cd:e1:1b:2a:68:68:be:9b:db:62:9b: 40:5a:80:ef:69:c9:6d:be:6f:35:ab:ac:32:14:56:e5:6c:6d: 26:71:73:95:c6:ec:99:ba:f6:7a:c5:06:0f:e4:19:de:ec:c4: 12:b6:1d:01:d9:a7:3f:b4:c2:87:32:f0:0a:d1:ee:8c:09:f7: 75:fa:0a:81:a3:f1:c9:9b:0b:f9:52:05:29:ec:17:0f:4c:35: b7:4e:89:e4:e1:c0:06:e0:08:93:8d:6a:4b:e8:31:7f:54:bf: 8c:4e:6d:87:34:74:99:a3:10:42:8e:47:45:a5:e4:1a:84:04: 90:63:72:88:83:c8:91:06:08:c0:49:87:fe:9c:c3:5d:c1:d0: 63:d7:f4:46:43:d2:95:21:d3:cf:80:c7:1e:5b:ef:f2:af:1a: 7b:c8:d0:32:8c:98:1d:92:1c:09:e6:74:98:d2:c7:a3:42:79: ee:56:06:3d:89:07:d3:11:ee:f1:8f:b9:c6:52:a5:e9:5a:53: b3:f4:b5:14 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUQ2KH4E5aCwi1aL3TU/Iaru5c/wowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTMwOTA2MzFaFw0yNjEyMTIwOTExMzFaMDMxMTAvBgNV BAMTKDAyMkE5MjhGNTJBRjk0QUZBQjBEOTc0NDY1N0I3Qjk0RkI3MzQ5QTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC60KqdyG/yQbxKzDwPwQIq6IHv 2m+g7Vkipzdgbn9tjaXS0+TMIR0/iacPIqgZKhb1EJMd+J+aB98UKUCP1ePczCbM VUdfDBsDHCV0kqdeQmTX2B9DLFlrCtv3hNWqNbqtGcs4uJZzqpbiwqXyto6DVHmT BKcXpZE5RrmmmstAbdnI61n4yQSjn5mHlqnABG0Q4yYF8C4FmyqmeSisG5mZajJM 9AuQidOyVvopg3yGn88NrvUbfjK9OG0MJd5jOA2ybewGfIo5JOWuxd/GrvAH+pWv dwSAqbgY4tCBL5FlsQV/Xz7nlrE4qocQjdfXQoqtJORsiR4T79dfDT8DWevJAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUAiqSj1KvlK+rDZdEZXt7lPtzSaEwHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzIzMzM3MmUzMjMw MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzEzMzM3MzMucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABV7cgwDQYJKoZIhvcNAQELBQADggEBAAGxaEpGUx90+ESik7h0x/8j/LPWl94a eJuaW8OvTkEg7a6Mqlh5F3oDygo5DUg04KPJlhrzizqUAqjKHmvN4RsqaGi+m9ti m0BagO9pyW2+bzWrrDIUVuVsbSZxc5XG7Jm69nrFBg/kGd7sxBK2HQHZpz+0wocy 8ArR7owJ93X6CoGj8cmbC/lSBSnsFw9MNbdOieThwAbgCJONakvoMX9Uv4xObYc0 dJmjEEKOR0Wl5BqEBJBjcoiDyJEGCMBJh/6cw13B0GPX9EZD0pUh08+Axx5b7/Kv GnvI0DKMmB2SHAnmdJjSx6NCee5WBj2JB9MR7vGPucZSpelaU7P0tRQ= -----END CERTIFICATE-----Generated at Tue Dec 16 16:19:46 2025 by rpki-client