This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa File: 322e35392e35362e302f32342d3234203d3e20343030303339.roa (raw, json) Hash identifier: SvueGYLTcdwsq/bObh4mLVHSaFlGIWe/rQTysAiyAT8= Subject key identifier: 5C:A5:5A:93:3B:2C:9E:A7:C4:28:2A:48:B9:10:D5:C8:AF:E3:34:61 Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Certificate serial: 4291A645152A3E0738D4D2A659B117810B4DF91D Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa Signing time: Wed 24 Dec 2025 19:55:32 +0000 ROA not before: Wed 24 Dec 2025 19:50:32 +0000 ROA not after: Wed 23 Dec 2026 19:55:32 +0000 asID: 400039 IP address blocks: 2.59.56.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 03:14:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:91:a6:45:15:2a:3e:07:38:d4:d2:a6:59:b1:17:81:0b:4d:f9:1d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Validity Not Before: Dec 24 19:50:32 2025 GMT Not After : Dec 23 19:55:32 2026 GMT Subject: CN=5CA55A933B2C9EA7C4282A48B910D5C8AFE33461 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:02:a6:99:51:bb:0b:7a:71:14:44:55:c9:19: fd:13:14:4f:ae:f7:7a:e6:05:eb:a2:63:5e:32:a7: 30:6e:e6:c7:8a:fd:44:5e:3d:d1:5e:26:f7:10:e7: 20:31:f1:21:26:79:af:e2:b6:55:b4:8a:e1:14:af: 64:61:3c:46:ea:26:41:e8:61:12:2c:36:2c:25:1e: 86:e4:14:96:ef:4a:e4:43:19:26:d9:12:be:2b:20: 8f:85:f9:58:0d:d8:b1:01:00:63:3c:76:32:3f:a3: 9a:18:91:75:95:a7:db:ee:5e:25:e4:a8:6e:d8:9a: b5:d5:aa:66:66:02:7c:5f:5c:ec:72:b7:16:1c:f6: b1:67:a9:73:ff:60:c9:fc:da:af:53:60:cc:2b:67: 20:0f:8f:9c:e5:50:33:f6:b8:f1:68:d5:e7:51:91: 93:15:ed:b3:aa:96:ed:95:b2:da:71:2c:92:8c:aa: e6:65:ec:19:e9:33:72:03:59:d0:c6:3c:b5:f5:c8: 21:e8:40:64:bd:ba:25:ea:bd:02:d7:a4:9f:d9:5e: d7:90:ea:c8:87:37:06:98:cf:a2:8c:2e:47:0d:a8: 6d:a1:82:df:57:98:86:21:20:e5:43:62:f4:0e:39: 02:27:9f:7a:a1:c1:df:00:0b:68:7b:f5:6e:29:03: 84:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:A5:5A:93:3B:2C:9E:A7:C4:28:2A:48:B9:10:D5:C8:AF:E3:34:61 X509v3 Authority Key Identifier: keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35362e302f32342d3234203d3e20343030303339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.56.0/24 Signature Algorithm: sha256WithRSAEncryption 22:c2:65:7e:9b:59:fa:61:fe:b2:70:2a:e0:5f:1b:cf:6a:51: 0f:9b:ef:08:db:14:51:92:b4:1e:75:a7:d6:16:76:11:ec:92: 72:65:cf:4e:25:19:1c:f4:8a:67:c0:5e:7d:b2:b5:ec:e6:05: f6:5c:06:14:26:3c:07:cb:ce:fb:bb:4f:29:54:f2:78:b3:c4: 53:be:69:aa:da:b9:d0:a8:03:85:6d:17:07:5c:48:3d:b4:ab: b0:1a:24:c2:f0:06:ad:e2:f0:af:59:4e:63:4c:37:fd:0b:c6: 91:8a:0c:8c:26:09:b5:e4:dc:f4:11:28:73:3f:41:c8:02:20: f4:fb:b1:b6:9e:60:ea:67:65:ff:d0:2f:81:1c:b5:46:a9:f3: 6f:93:c1:dd:c3:0a:2c:cc:5a:34:e9:09:23:26:bb:b6:aa:ba: 3d:09:2d:81:bd:87:de:c9:fa:01:fd:31:6f:82:1b:09:95:98: 7c:92:35:d6:96:cb:d4:51:d5:d3:a0:50:45:c6:7d:29:03:76: ba:02:0c:9b:d2:20:3f:66:55:48:d3:7b:0f:c2:d1:50:18:29: 06:03:a0:2f:98:60:f5:da:1d:a5:79:c3:05:ff:e2:18:64:32: 41:b2:b1:a1:42:bc:82:3d:48:fa:7a:cc:3b:a6:0f:26:8b:bd: 6b:8a:59:61 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUQpGmRRUqPgc41NKmWbEXgQtN+R0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3 OWI1ZmQ5MTAeFw0yNTEyMjQxOTUwMzJaFw0yNjEyMjMxOTU1MzJaMDMxMTAvBgNV BAMTKDVDQTU1QTkzM0IyQzlFQTdDNDI4MkE0OEI5MTBENUM4QUZFMzM0NjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiAqaZUbsLenEURFXJGf0TFE+u 93rmBeuiY14ypzBu5seK/URePdFeJvcQ5yAx8SEmea/itlW0iuEUr2RhPEbqJkHo YRIsNiwlHobkFJbvSuRDGSbZEr4rII+F+VgN2LEBAGM8djI/o5oYkXWVp9vuXiXk qG7YmrXVqmZmAnxfXOxytxYc9rFnqXP/YMn82q9TYMwrZyAPj5zlUDP2uPFo1edR kZMV7bOqlu2VstpxLJKMquZl7BnpM3IDWdDGPLX1yCHoQGS9uiXqvQLXpJ/ZXteQ 6siHNwaYz6KMLkcNqG2hgt9XmIYhIOVDYvQOOQInn3qhwd8AC2h79W4pA4TZAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUXKVakzssnqfEKCpIuRDVyK/jNGEwHwYDVR0j BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5 ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzYyZTMw MmYzMjM0MmQzMjM0MjAzZDNlMjAzNDMwMzAzMDMzMzkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzgw DQYJKoZIhvcNAQELBQADggEBACLCZX6bWfph/rJwKuBfG89qUQ+b7wjbFFGStB51 p9YWdhHsknJlz04lGRz0imfAXn2ytezmBfZcBhQmPAfLzvu7TylU8nizxFO+aara udCoA4VtFwdcSD20q7AaJMLwBq3i8K9ZTmNMN/0LxpGKDIwmCbXk3PQRKHM/QcgC IPT7sbaeYOpnZf/QL4EctUap82+Twd3DCizMWjTpCSMmu7aquj0JLYG9h97J+gH9 MW+CGwmVmHySNdaWy9RR1dOgUEXGfSkDdroCDJvSID9mVUjTew/C0VAYKQYDoC+Y YPXaHaV5wwX/4hhkMkGysaFCvII9SPp6zDumDyaLvWuKWWE= -----END CERTIFICATE-----Generated at Mon Jan 19 20:02:22 2026 by rpki-client