This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa File: 34352e3133372e39392e302f32342d3234203d3e20323134323039.roa (raw, json) Hash identifier: ztob4QCP4N4Osr+P4zn23PAdAETP4qkX7k1633FiyJY= Subject key identifier: E3:9D:C7:8F:E5:A4:D6:A6:55:9D:F7:5A:A4:71:0A:A5:6A:E6:B6:ED Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Certificate serial: 2D15845F33D9B0BC5FA67B30C4B5F91BA95DD0B0 Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa Signing time: Tue 09 Dec 2025 01:55:14 +0000 ROA not before: Tue 09 Dec 2025 01:50:14 +0000 ROA not after: Tue 08 Dec 2026 01:55:14 +0000 asID: 214209 IP address blocks: 45.137.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 12 Dec 2025 14:32:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:15:84:5f:33:d9:b0:bc:5f:a6:7b:30:c4:b5:f9:1b:a9:5d:d0:b0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Validity Not Before: Dec 9 01:50:14 2025 GMT Not After : Dec 8 01:55:14 2026 GMT Subject: CN=E39DC78FE5A4D6A6559DF75AA4710AA56AE6B6ED Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:48:f1:b8:07:24:3c:0c:9e:d1:fd:cf:72:b5: 65:b3:61:58:37:2c:20:16:86:84:c6:1d:2e:13:ed: 76:56:1c:48:1e:b8:0e:bb:80:2e:1f:7d:fb:67:a0: 01:09:71:ac:ae:36:c7:58:ba:16:51:8f:95:06:b5: 55:bb:94:f1:70:6c:f3:81:22:fe:4d:3d:b6:81:30: 1e:61:7a:db:64:08:5a:97:84:1d:94:3b:f3:49:88: 6a:b3:fb:20:75:10:27:90:7a:93:e7:c4:7e:72:f9: a0:19:9b:71:ff:29:16:06:13:0f:3c:a5:c6:ca:30: e7:5c:9c:6d:16:bd:cd:db:7a:6a:c7:1e:c9:48:da: f7:77:d1:46:75:8a:ab:12:f0:14:65:73:66:7b:c1: 75:4d:70:20:7b:29:bb:b9:c9:70:b4:65:3a:85:a4: ac:25:58:4a:39:8a:4c:93:f8:65:e5:89:b2:bf:eb: 06:aa:ba:b1:f9:3f:e6:3c:bf:31:b1:4f:b2:4e:20: cd:3b:9f:e4:81:1d:18:37:ed:e6:bf:62:52:9c:9e: 34:19:4c:0a:ad:e9:74:d7:6c:a6:f8:f6:d5:dc:53: ab:fd:33:8c:7f:0a:0b:a0:f8:fd:fa:34:3f:c2:ab: cc:76:93:ad:81:3f:e6:75:fc:ae:d8:54:2f:5e:d4: 6e:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:9D:C7:8F:E5:A4:D6:A6:55:9D:F7:5A:A4:71:0A:A5:6A:E6:B6:ED X509v3 Authority Key Identifier: keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3133372e39392e302f32342d3234203d3e20323134323039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.137.99.0/24 Signature Algorithm: sha256WithRSAEncryption a9:5c:3b:c7:64:44:62:7e:fb:6e:cf:3b:d3:b2:79:a7:fa:d4: 31:23:c5:44:93:88:20:9a:47:dd:a5:33:7f:03:28:04:bf:d0: 7b:dc:30:b0:e4:5b:d3:a7:88:71:2b:4b:75:2f:36:15:7d:08: dc:25:92:6c:c6:9b:5a:df:f2:f8:f4:d4:2e:54:9a:3a:f8:64: 95:a9:46:c7:09:80:95:cf:e2:96:04:85:d1:ca:0d:2f:d1:5e: 95:8d:9b:4f:53:5c:b3:4d:35:bc:f7:28:3b:50:ea:1b:95:eb: 3e:2d:91:00:99:97:a2:a4:b5:92:e7:a2:37:d1:e5:46:ac:55: 4d:f5:a1:2f:8f:6b:2d:83:c9:16:c7:ca:a3:e6:9c:89:9c:d9: 0b:8d:f7:f2:1a:ff:2f:7e:48:3c:90:b8:3b:89:39:13:3e:4b: 76:c1:23:78:c7:b5:67:f0:27:d4:bf:2d:4c:c7:67:cc:4e:bd: 4c:27:f8:6a:5e:9c:9c:e0:9b:ab:fc:e9:43:74:85:0e:66:af: 4b:d1:87:7c:94:e7:c6:61:18:82:e6:5f:5e:bf:c6:73:53:6c: 40:68:51:d0:7f:08:3f:c7:4e:1b:bd:56:84:b3:71:be:b3:3f: 60:8f:5e:33:b1:c7:20:90:d2:77:58:85:85:b3:e4:8a:a8:f2: 57:fc:a1:1f -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIULRWEXzPZsLxfpnswxLX5G6ld0LAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3 OWI1ZmQ5MTAeFw0yNTEyMDkwMTUwMTRaFw0yNjEyMDgwMTU1MTRaMDMxMTAvBgNV BAMTKEUzOURDNzhGRTVBNEQ2QTY1NTlERjc1QUE0NzEwQUE1NkFFNkI2RUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwSPG4ByQ8DJ7R/c9ytWWzYVg3 LCAWhoTGHS4T7XZWHEgeuA67gC4ffftnoAEJcayuNsdYuhZRj5UGtVW7lPFwbPOB Iv5NPbaBMB5hettkCFqXhB2UO/NJiGqz+yB1ECeQepPnxH5y+aAZm3H/KRYGEw88 pcbKMOdcnG0Wvc3bemrHHslI2vd30UZ1iqsS8BRlc2Z7wXVNcCB7Kbu5yXC0ZTqF pKwlWEo5ikyT+GXlibK/6waqurH5P+Y8vzGxT7JOIM07n+SBHRg37ea/YlKcnjQZ TAqt6XTXbKb49tXcU6v9M4x/Cgug+P36ND/Cq8x2k62BP+Z1/K7YVC9e1G47AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU453Hj+Wk1qZVnfdapHEKpWrmtu0wHwYDVR0j BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5 ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzMzM3MmUzOTM5 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMTM0MzIzMDM5LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA LYljMA0GCSqGSIb3DQEBCwUAA4IBAQCpXDvHZERifvtuzzvTsnmn+tQxI8VEk4gg mkfdpTN/AygEv9B73DCw5FvTp4hxK0t1LzYVfQjcJZJsxpta3/L49NQuVJo6+GSV qUbHCYCVz+KWBIXRyg0v0V6VjZtPU1yzTTW89yg7UOobles+LZEAmZeipLWS56I3 0eVGrFVN9aEvj2stg8kWx8qj5pyJnNkLjffyGv8vfkg8kLg7iTkTPkt2wSN4x7Vn 8CfUvy1Mx2fMTr1MJ/hqXpyc4Jur/OlDdIUOZq9L0Yd8lOfGYRiC5l9ev8ZzU2xA aFHQfwg/x04bvVaEs3G+sz9gj14zsccgkNJ3WIWFs+SKqPJX/KEf -----END CERTIFICATE-----Generated at Fri Dec 12 04:45:33 2025 by rpki-client