This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa File: 3139352e34322e3131332e302f32342d3234203d3e203438343335.roa (raw, json) Hash identifier: pchbJm+Br/uCuzzDsgfU4W3Dq3tZwJWDYbuhydm/Eyc= Subject key identifier: 0F:A7:32:60:E3:DB:A4:54:C2:F2:8A:BD:97:A4:DA:23:CE:15:C9:5A Certificate issuer: /CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d Certificate serial: 04B638FCCD299EA448D4C86698B059A01BFF9560 Authority key identifier: BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa Signing time: Tue 20 Jan 2026 17:55:34 +0000 ROA not before: Tue 20 Jan 2026 17:50:34 +0000 ROA not after: Tue 19 Jan 2027 17:55:34 +0000 asID: 48435 IP address blocks: 195.42.113.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.mft rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:31:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 04:b6:38:fc:cd:29:9e:a4:48:d4:c8:66:98:b0:59:a0:1b:ff:95:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=be0bb78869cdb2ad0c971a6a858a30213eaec47d Validity Not Before: Jan 20 17:50:34 2026 GMT Not After : Jan 19 17:55:34 2027 GMT Subject: CN=0FA73260E3DBA454C2F28ABD97A4DA23CE15C95A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1a:4f:0b:42:70:0e:9f:f5:8f:95:9c:91:0e: b0:46:be:24:43:95:a7:89:f8:04:a7:f2:06:f3:cd: 9b:1a:0e:43:9d:9b:09:43:59:1c:e6:50:d6:16:36: d8:ce:23:6a:5b:4b:e6:0b:f6:ae:f1:0a:f0:3f:fc: 5e:e9:fc:66:87:18:df:7d:8d:e8:d7:a9:52:c2:ca: 7f:09:61:ef:1c:0d:1b:35:d1:53:a7:63:eb:b7:81: 80:85:ac:90:90:ac:47:0c:ee:58:73:c5:01:3b:a5: 9f:b2:63:fc:64:60:d9:91:79:25:8a:38:b5:f7:16: 91:82:1d:3f:78:6b:ad:dd:2d:a0:1d:ef:3a:b4:c8: aa:92:82:7f:33:08:d7:f7:ae:56:85:3b:17:cb:5b: 1a:8d:a1:4f:b0:f2:06:3d:5a:22:de:7a:d9:49:31: 87:01:41:29:34:26:db:fa:18:a6:d1:06:63:1f:9d: ba:5f:32:2b:ea:28:fb:e9:4e:32:aa:d0:1d:63:92: df:4d:6c:c6:95:6f:6a:0c:14:d8:74:0e:2a:85:6f: 50:1c:03:6c:84:46:99:53:a8:d1:22:e2:60:5f:53: b8:66:fc:8d:aa:3f:bb:5c:9c:7b:f3:16:cc:75:59: 82:6a:bd:4a:98:82:3a:24:35:fd:5b:18:8c:56:b0: 71:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:A7:32:60:E3:DB:A4:54:C2:F2:8A:BD:97:A4:DA:23:CE:15:C9:5A X509v3 Authority Key Identifier: keyid:BE:0B:B7:88:69:CD:B2:AD:0C:97:1A:6A:85:8A:30:21:3E:AE:C4:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/BE0BB78869CDB2AD0C971A6A858A30213EAEC47D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vgu3iGnNsq0MlxpqhYowIT6uxH0.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ac143387-f013-4922-838e-e18864be1e4a/0/3139352e34322e3131332e302f32342d3234203d3e203438343335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.42.113.0/24 Signature Algorithm: sha256WithRSAEncryption 4b:ae:50:61:d8:88:1c:29:46:50:8c:46:4e:7c:ae:24:73:7f: 7a:20:6b:59:eb:b5:43:ba:92:f4:4b:e7:92:2e:62:44:de:e7: 00:22:42:84:82:45:c3:f8:f7:a5:49:79:8f:c6:cf:b9:c8:2e: 84:d5:08:06:3c:c8:d5:71:0e:41:91:4b:80:a6:cb:33:f3:57: 10:ee:a5:3c:b6:08:44:e1:93:31:8c:ce:b5:44:61:fc:55:20: 5c:0d:20:43:7a:52:cc:17:50:2c:c1:2c:59:1a:0d:96:79:5f: 35:05:80:72:79:79:cd:75:74:db:f4:33:6b:52:95:ff:67:f1: 31:8e:a3:e3:ae:2d:23:31:9c:a9:af:99:b7:47:0e:a8:9c:7f: 37:97:ee:02:8f:0f:36:23:52:30:b7:c6:83:3b:7c:70:e1:d7: e8:bd:e7:f4:60:b5:37:4c:a4:3c:cb:f4:00:fb:5f:e4:a1:ad: 08:9d:93:44:9a:fd:44:fa:fc:4c:ae:fa:49:fa:a6:b8:1a:14: 51:a6:49:53:05:04:35:72:14:ed:45:6b:79:ce:2b:bd:de:69: a1:54:5c:2b:51:2b:73:99:aa:09:19:e7:fa:f3:21:d7:e5:5e: d2:88:de:f2:36:ce:60:ea:24:a3:38:12:bc:77:c8:dd:24:61: 7e:11:24:d5 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUBLY4/M0pnqRI1MhmmLBZoBv/lWAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYmUwYmI3ODg2OWNkYjJhZDBjOTcxYTZhODU4YTMwMjEz ZWFlYzQ3ZDAeFw0yNjAxMjAxNzUwMzRaFw0yNzAxMTkxNzU1MzRaMDMxMTAvBgNV BAMTKDBGQTczMjYwRTNEQkE0NTRDMkYyOEFCRDk3QTREQTIzQ0UxNUM5NUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAGk8LQnAOn/WPlZyRDrBGviRD laeJ+ASn8gbzzZsaDkOdmwlDWRzmUNYWNtjOI2pbS+YL9q7xCvA//F7p/GaHGN99 jejXqVLCyn8JYe8cDRs10VOnY+u3gYCFrJCQrEcM7lhzxQE7pZ+yY/xkYNmReSWK OLX3FpGCHT94a63dLaAd7zq0yKqSgn8zCNf3rlaFOxfLWxqNoU+w8gY9WiLeetlJ MYcBQSk0Jtv6GKbRBmMfnbpfMivqKPvpTjKq0B1jkt9NbMaVb2oMFNh0DiqFb1Ac A2yERplTqNEi4mBfU7hm/I2qP7tcnHvzFsx1WYJqvUqYgjokNf1bGIxWsHFhAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUD6cyYOPbpFTC8oq9l6TaI84VyVowHwYDVR0j BBgwFoAUvgu3iGnNsq0MlxpqhYowIT6uxH0wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWMxNDMzODctZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUx ZTRhLzAvQkUwQkI3ODg2OUNEQjJBRDBDOTcxQTZBODU4QTMwMjEzRUFFQzQ3RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ZndTNpR25Oc3EwTWx4cHFoWW93SVQ2 dXhIMC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWMxNDMzODct ZjAxMy00OTIyLTgzOGUtZTE4ODY0YmUxZTRhLzAvMzEzOTM1MmUzNDMyMmUzMTMx MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM4MzQzMzM1LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA wypxMA0GCSqGSIb3DQEBCwUAA4IBAQBLrlBh2IgcKUZQjEZOfK4kc396IGtZ67VD upL0S+eSLmJE3ucAIkKEgkXD+PelSXmPxs+5yC6E1QgGPMjVcQ5BkUuApssz81cQ 7qU8tghE4ZMxjM61RGH8VSBcDSBDelLMF1AswSxZGg2WeV81BYByeXnNdXTb9DNr UpX/Z/ExjqPjri0jMZypr5m3Rw6onH83l+4Cjw82I1Iwt8aDO3xw4dfovef0YLU3 TKQ8y/QA+1/koa0InZNEmv1E+vxMrvpJ+qa4GhRRpklTBQQ1chTtRWt5ziu93mmh VFwrUStzmaoJGef68yHX5V7SiN7yNs5g6iSjOBK8d8jdJGF+ESTV -----END CERTIFICATE-----Generated at Tue Jan 27 08:37:51 2026 by rpki-client