This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232332e302f32342d3234203d3e20323132323338.roa File: 38352e3233372e3232332e302f32342d3234203d3e20323132323338.roa (raw, json) Hash identifier: FrLkMh9E0eYXZ3N62IKeEpplY6Aq8u4sjJXTt6XhAto= Subject key identifier: D3:FA:67:FE:F9:46:C0:17:CF:C3:7C:0D:06:1E:77:A4:66:C7:58:4B Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 6D21EC4765708569B5C233C7C51509B5BA917E3C Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232332e302f32342d3234203d3e20323132323338.roa Signing time: Sat 13 Dec 2025 09:11:31 +0000 ROA not before: Sat 13 Dec 2025 09:06:31 +0000 ROA not after: Sat 12 Dec 2026 09:11:31 +0000 asID: 212238 IP address blocks: 85.237.223.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 17 Dec 2025 10:18:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6d:21:ec:47:65:70:85:69:b5:c2:33:c7:c5:15:09:b5:ba:91:7e:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 13 09:06:31 2025 GMT Not After : Dec 12 09:11:31 2026 GMT Subject: CN=D3FA67FEF946C017CFC37C0D061E77A466C7584B Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:a9:45:ff:ba:49:d3:ff:b5:a7:38:a3:03:f5: 10:40:62:d5:02:5d:0c:ea:96:02:e3:90:ba:43:4c: 9a:03:c9:e2:55:0d:34:8b:89:7d:9a:43:32:2a:1e: 63:19:6a:c2:98:7b:75:4f:d0:67:c6:d3:c3:5f:7d: bd:46:91:c5:f4:20:7f:18:38:60:75:03:13:fd:22: 33:0b:c3:d7:1a:07:69:c9:c8:9f:f6:00:d9:7d:2f: cc:e9:1d:8e:33:29:7b:0d:ff:78:02:3e:d0:e9:4f: 15:4c:07:ef:55:50:cf:c2:e8:c4:f3:03:e6:47:58: 5d:94:07:05:0e:78:e0:13:71:98:94:20:ac:e4:89: c9:65:9d:2a:b8:91:4e:27:3e:e9:a8:bf:95:2e:c5: 4d:2f:82:56:1d:08:25:99:ce:6f:f2:ca:ea:9f:42: 58:da:5d:8e:2e:d2:ff:50:82:b9:61:cc:01:c8:71: 6d:f3:8c:ca:26:40:34:14:55:b8:2a:8d:22:63:e6: fb:fe:62:db:90:61:30:0d:a2:54:48:e7:01:76:94: a2:b6:37:ce:18:6d:16:60:2d:ef:5d:3b:13:68:2f: 77:63:f4:e8:3a:a0:99:ad:67:5b:d2:1f:e1:ee:ec: 59:80:78:85:f5:4d:67:ee:60:16:89:fe:a5:56:ac: 19:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:FA:67:FE:F9:46:C0:17:CF:C3:7C:0D:06:1E:77:A4:66:C7:58:4B X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232332e302f32342d3234203d3e20323132323338.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.237.223.0/24 Signature Algorithm: sha256WithRSAEncryption 41:d4:1e:88:74:1d:95:51:7c:d6:7e:16:6b:95:93:d1:56:33: 4f:58:ee:4e:43:75:b9:6a:e3:4f:42:43:78:e6:4a:10:8c:cc: 6d:9a:98:d1:e9:0f:6a:b8:af:ea:d7:0b:36:19:9e:cb:56:2e: 89:96:70:14:bc:b8:d9:42:0b:97:04:12:c6:98:a0:3b:2f:5b: e1:9d:e2:1b:82:e5:3f:6f:83:b6:a6:5a:36:8f:ab:8e:00:01: 4c:9c:18:cb:0c:94:30:a8:33:df:3d:f1:24:4d:53:ba:91:49: 6f:49:c8:43:09:58:ea:0a:09:44:b9:90:3b:d0:85:f6:de:60: 72:bf:b4:a0:7b:3d:f6:e4:f7:e8:1c:58:51:8a:60:ef:45:dc: 58:24:ad:0c:f9:a9:e0:50:d7:94:ac:c6:0f:6c:8f:ff:ee:2a: 1b:cf:4d:e0:9e:32:8b:6c:d0:e0:5e:54:a3:2f:94:5c:11:f4: b9:8b:30:05:b9:dc:13:57:92:f0:e7:6c:97:c6:da:8a:93:fe: cc:97:64:11:11:6a:52:9a:f6:9e:1b:99:c8:81:60:b2:d9:1d: db:b8:99:4f:fb:cf:48:6e:ae:33:8d:0c:a9:41:69:9b:3a:77: 70:f0:40:09:d5:44:6e:a5:d6:66:0a:87:45:56:ac:c9:46:7d: fe:56:fa:3a -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUbSHsR2VwhWm1wjPHxRUJtbqRfjwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTMwOTA2MzFaFw0yNjEyMTIwOTExMzFaMDMxMTAvBgNV BAMTKEQzRkE2N0ZFRjk0NkMwMTdDRkMzN0MwRDA2MUU3N0E0NjZDNzU4NEIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZqUX/uknT/7WnOKMD9RBAYtUC XQzqlgLjkLpDTJoDyeJVDTSLiX2aQzIqHmMZasKYe3VP0GfG08Nffb1GkcX0IH8Y OGB1AxP9IjMLw9caB2nJyJ/2ANl9L8zpHY4zKXsN/3gCPtDpTxVMB+9VUM/C6MTz A+ZHWF2UBwUOeOATcZiUIKzkicllnSq4kU4nPumov5UuxU0vglYdCCWZzm/yyuqf QljaXY4u0v9QgrlhzAHIcW3zjMomQDQUVbgqjSJj5vv+YtuQYTANolRI5wF2lKK2 N84YbRZgLe9dOxNoL3dj9Og6oJmtZ1vSH+Hu7FmAeIX1TWfuYBaJ/qVWrBllAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU0/pn/vlGwBfPw3wNBh53pGbHWEswHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzIzMzM3MmUzMjMy MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMjMzMzgucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BABV7d8wDQYJKoZIhvcNAQELBQADggEBAEHUHoh0HZVRfNZ+FmuVk9FWM09Y7k5D dblq409CQ3jmShCMzG2amNHpD2q4r+rXCzYZnstWLomWcBS8uNlCC5cEEsaYoDsv W+Gd4huC5T9vg7amWjaPq44AAUycGMsMlDCoM9898SRNU7qRSW9JyEMJWOoKCUS5 kDvQhfbeYHK/tKB7Pfbk9+gcWFGKYO9F3FgkrQz5qeBQ15Ssxg9sj//uKhvPTeCe Mots0OBeVKMvlFwR9LmLMAW53BNXkvDnbJfG2oqT/syXZBERalKa9p4bmciBYLLZ Hdu4mU/7z0hurjONDKlBaZs6d3DwQAnVRG6l1mYKh0VWrMlGff5W+jo= -----END CERTIFICATE-----Generated at Tue Dec 16 16:28:54 2025 by rpki-client