This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa File: 322e35392e35392e302f32342d3234203d3e20323132333335.roa (raw, json) Hash identifier: V7FU6+Mh84pe/MsaoHJviA2KffTtgimxgl18paH1u4c= Subject key identifier: D4:47:80:64:F3:8A:70:D0:52:CA:E0:35:F5:4E:3D:A3:AC:F5:5E:D9 Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Certificate serial: 269EAB7E7060FD1DBDCD4498E021E66AD6FFFE00 Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa Signing time: Wed 24 Dec 2025 19:55:32 +0000 ROA not before: Wed 24 Dec 2025 19:50:32 +0000 ROA not after: Wed 23 Dec 2026 19:55:32 +0000 asID: 212335 IP address blocks: 2.59.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 03:14:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:9e:ab:7e:70:60:fd:1d:bd:cd:44:98:e0:21:e6:6a:d6:ff:fe:00 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Validity Not Before: Dec 24 19:50:32 2025 GMT Not After : Dec 23 19:55:32 2026 GMT Subject: CN=D4478064F38A70D052CAE035F54E3DA3ACF55ED9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:be:95:63:02:c7:8f:d3:a9:2b:db:d9:f9:66: 69:e9:72:dc:68:30:04:3d:51:3c:4e:3b:78:c0:a5: 17:40:53:95:98:28:d0:3a:ad:8e:16:33:b5:b1:73: 89:4b:90:d2:95:88:aa:51:9e:c7:71:35:8e:6b:41: 37:d9:bd:c8:84:13:f2:d1:4e:e7:94:7a:ab:7a:56: 78:df:f7:37:e9:9e:32:f1:78:10:5b:16:97:e1:e7: 3d:a3:8d:55:84:63:d8:b9:85:37:a1:2a:80:16:39: b0:20:5e:ce:75:40:3d:9e:e9:cc:e2:02:f4:58:b7: 0e:87:85:64:9c:eb:03:7c:0f:15:a5:1a:e9:93:52: 70:88:f5:ea:13:e8:a0:52:71:de:22:b2:04:7d:f3: 67:af:71:bc:f7:c9:f7:11:c1:12:eb:11:37:c8:90: 28:67:71:48:e3:4f:6b:7e:ae:a6:6d:e1:a0:23:1a: c5:bd:7e:57:b8:f1:07:a4:f2:59:11:99:1f:cb:46: cd:fe:9e:b3:1d:bf:5c:1c:a8:1e:ad:67:69:d3:87: 73:87:a7:7f:12:8b:de:a0:ed:7d:c0:59:a0:95:6b: 6c:98:71:b2:02:ef:fc:9d:73:5d:ea:f9:ea:48:ad: 4c:ed:f5:12:c3:1e:24:b8:a0:03:87:f0:4c:50:a1: 60:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:47:80:64:F3:8A:70:D0:52:CA:E0:35:F5:4E:3D:A3:AC:F5:5E:D9 X509v3 Authority Key Identifier: keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/322e35392e35392e302f32342d3234203d3e20323132333335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.59.59.0/24 Signature Algorithm: sha256WithRSAEncryption 54:f9:52:9c:af:8e:51:b6:69:fb:c2:fa:05:b6:02:e1:08:f2: 34:9c:98:8f:80:ac:91:63:45:76:9c:cf:3e:f1:a5:cf:71:9f: f0:aa:ae:40:e0:b5:2a:8b:c2:c6:20:14:a3:82:37:e4:cf:01: ee:91:44:26:2b:b0:e0:6a:46:37:7a:47:99:54:79:fe:39:3f: 98:b0:45:b8:c3:15:37:9b:1e:df:a3:92:2d:83:1b:c5:29:b5: 6c:91:7b:f7:9a:0e:9d:6d:93:12:ca:3a:05:3a:cf:5a:57:fe: 1d:2c:bf:7f:a3:08:f2:46:2c:c4:f4:0c:8d:f2:79:d1:93:08: 14:17:f4:64:24:d0:3c:9d:e2:54:ff:4e:7d:6c:76:df:fb:8f: d6:24:99:36:72:b9:52:8a:90:84:b0:47:2e:eb:50:95:3e:2d: df:5b:3e:7f:38:cd:75:a3:32:75:85:34:2c:54:b6:0c:cf:23: 2a:b7:d4:a0:f5:c4:6b:41:94:e2:09:96:95:82:1c:0b:16:0e: 60:3c:6c:a9:0a:dc:8e:ab:bd:ee:5b:ab:60:2f:82:67:d6:62: 1c:78:54:c2:29:63:26:5e:51:77:70:eb:d4:30:77:bf:db:66: 4e:03:e7:87:85:3b:fc:fe:28:b9:a8:86:98:bb:16:e7:4a:f4: 6b:45:da:5c -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUJp6rfnBg/R29zUSY4CHmatb//gAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3 OWI1ZmQ5MTAeFw0yNTEyMjQxOTUwMzJaFw0yNjEyMjMxOTU1MzJaMDMxMTAvBgNV BAMTKEQ0NDc4MDY0RjM4QTcwRDA1MkNBRTAzNUY1NEUzREEzQUNGNTVFRDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwvpVjAseP06kr29n5Zmnpctxo MAQ9UTxOO3jApRdAU5WYKNA6rY4WM7Wxc4lLkNKViKpRnsdxNY5rQTfZvciEE/LR TueUeqt6Vnjf9zfpnjLxeBBbFpfh5z2jjVWEY9i5hTehKoAWObAgXs51QD2e6czi AvRYtw6HhWSc6wN8DxWlGumTUnCI9eoT6KBScd4isgR982evcbz3yfcRwRLrETfI kChncUjjT2t+rqZt4aAjGsW9fle48Qek8lkRmR/LRs3+nrMdv1wcqB6tZ2nTh3OH p38Si96g7X3AWaCVa2yYcbIC7/ydc13q+epIrUzt9RLDHiS4oAOH8ExQoWABAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU1EeAZPOKcNBSyuA19U49o6z1XtkwHwYDVR0j BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5 ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t MV9aRS5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzIyZTM1MzkyZTM1MzkyZTMw MmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMxMzIzMzMzMzUucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAACOzsw DQYJKoZIhvcNAQELBQADggEBAFT5UpyvjlG2afvC+gW2AuEI8jScmI+ArJFjRXac zz7xpc9xn/CqrkDgtSqLwsYgFKOCN+TPAe6RRCYrsOBqRjd6R5lUef45P5iwRbjD FTebHt+jki2DG8UptWyRe/eaDp1tkxLKOgU6z1pX/h0sv3+jCPJGLMT0DI3yedGT CBQX9GQk0Dyd4lT/Tn1sdt/7j9YkmTZyuVKKkISwRy7rUJU+Ld9bPn84zXWjMnWF NCxUtgzPIyq31KD1xGtBlOIJlpWCHAsWDmA8bKkK3I6rve5bq2AvgmfWYhx4VMIp YyZeUXdw69Qwd7/bZk4D54eFO/z+KLmohpi7FudK9GtF2lw= -----END CERTIFICATE-----Generated at Mon Jan 19 20:02:36 2026 by rpki-client