This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa File: 34352e3135382e35382e302f32342d3234203d3e20343030303339.roa (raw, json) Hash identifier: 1wicTuO9zFRaBqU+L0XllF5WvX0m2JKZzkFHugdxyTQ= Subject key identifier: 72:71:87:7B:A5:50:DB:B4:1B:0C:35:BC:63:02:1C:A2:A2:FD:D1:F6 Certificate issuer: /CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Certificate serial: 509EE436C08E54B5806C5F1535C9FD5C42774FA1 Authority key identifier: 70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa Signing time: Wed 24 Dec 2025 19:55:32 +0000 ROA not before: Wed 24 Dec 2025 19:50:32 +0000 ROA not after: Wed 23 Dec 2026 19:55:32 +0000 asID: 400039 IP address blocks: 45.158.58.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.mft rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 03:14:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:9e:e4:36:c0:8e:54:b5:80:6c:5f:15:35:c9:fd:5c:42:77:4f:a1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=70cbd7a9817e470009c0f40ea1e370aa79b5fd91 Validity Not Before: Dec 24 19:50:32 2025 GMT Not After : Dec 23 19:55:32 2026 GMT Subject: CN=7271877BA550DBB41B0C35BC63021CA2A2FDD1F6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:b3:f0:2f:b7:bd:cf:11:aa:40:03:b6:ed:c6: e3:a0:2c:e6:68:db:74:21:b1:d2:c3:9a:b3:36:5f: 69:cc:0c:6f:f4:78:71:e0:3b:95:98:3f:08:7f:a3: ba:da:7a:1a:c3:f9:ee:d9:47:4a:23:fa:27:f0:22: 1b:a4:d6:b3:6a:d5:ff:3c:21:f1:84:67:88:3f:d2: df:9f:4a:cb:84:09:96:6e:c2:06:64:fd:b9:14:f2: 3b:cc:c1:63:f8:65:ce:a8:53:2d:0d:cd:66:e0:ff: 5e:fd:f1:0b:65:d4:35:37:39:2f:7a:e7:06:77:7b: 1f:fa:51:c9:c8:dd:f1:62:18:2d:48:c3:0d:3e:0e: 3f:28:9c:94:ca:e4:71:37:c6:f1:cd:60:e9:16:a1: 85:e2:08:7a:7a:2f:0b:a0:39:71:8a:a4:88:f1:5c: a8:46:15:02:5e:52:0b:c3:a9:f7:63:72:ce:51:3c: 39:4e:8a:ac:d7:06:b3:68:ad:71:c3:fb:50:60:97: 1d:50:57:b5:07:ad:d1:7b:53:c5:cc:84:9e:6c:d3: 74:c8:b3:20:98:3b:f6:3b:67:44:6d:83:5e:33:70: 89:f5:98:45:0a:54:d2:75:b8:9a:43:00:89:ab:16: 58:29:f7:75:0d:a8:06:85:23:c1:6c:b3:e8:23:26: 57:c1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:71:87:7B:A5:50:DB:B4:1B:0C:35:BC:63:02:1C:A2:A2:FD:D1:F6 X509v3 Authority Key Identifier: keyid:70:CB:D7:A9:81:7E:47:00:09:C0:F4:0E:A1:E3:70:AA:79:B5:FD:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/70CBD7A9817E470009C0F40EA1E370AA79B5FD91.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cMvXqYF-RwAJwPQOoeNwqnm1_ZE.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/b7332af0-dd73-4755-9d20-693ea8289f8a/0/34352e3135382e35382e302f32342d3234203d3e20343030303339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.158.58.0/24 Signature Algorithm: sha256WithRSAEncryption bf:45:19:bd:53:ea:07:a7:1a:80:b7:4a:d8:67:6d:89:56:fe: 0b:56:18:12:18:a0:8a:44:a2:2a:50:23:8d:43:b5:43:eb:56: 91:db:e4:e6:c5:e9:60:b5:cf:cf:15:62:76:7c:c8:1d:f8:af: 53:2c:ca:4e:0a:99:4f:61:e8:bb:37:52:26:64:44:67:86:e6: 71:88:12:04:ca:0e:e4:7d:4f:30:18:24:84:83:5f:c4:7d:eb: 54:23:64:b6:df:96:b1:03:e7:d7:03:33:18:0f:0a:d8:4a:73: ed:b7:01:73:8a:41:10:03:bb:50:53:f9:13:08:d5:e8:30:a4: 4f:ab:18:ae:bf:9e:a0:38:1d:7f:14:3c:ef:6b:22:9b:27:34: 5b:6c:9d:90:4f:c2:f0:bf:c1:69:9f:e2:94:8f:ef:bf:0a:9b: 17:d4:a7:e9:77:b5:92:50:b1:59:2a:02:c1:81:23:4e:ee:a8: fb:57:cc:81:be:d5:74:ec:86:bf:84:fe:67:f7:3a:60:53:c0: ef:8f:ff:40:63:20:06:f4:b9:95:4b:ba:c6:39:cb:fa:78:20: 60:44:24:59:a2:30:a3:11:4a:7b:82:71:e1:80:0b:b6:71:89: 20:41:32:f0:c3:0e:49:11:71:60:4b:e4:94:7e:2e:cc:be:c4: 5a:a5:cf:2e -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUUJ7kNsCOVLWAbF8VNcn9XEJ3T6EwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNzBjYmQ3YTk4MTdlNDcwMDA5YzBmNDBlYTFlMzcwYWE3 OWI1ZmQ5MTAeFw0yNTEyMjQxOTUwMzJaFw0yNjEyMjMxOTU1MzJaMDMxMTAvBgNV BAMTKDcyNzE4NzdCQTU1MERCQjQxQjBDMzVCQzYzMDIxQ0EyQTJGREQxRjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXs/Avt73PEapAA7btxuOgLOZo 23QhsdLDmrM2X2nMDG/0eHHgO5WYPwh/o7raehrD+e7ZR0oj+ifwIhuk1rNq1f88 IfGEZ4g/0t+fSsuECZZuwgZk/bkU8jvMwWP4Zc6oUy0NzWbg/1798Qtl1DU3OS96 5wZ3ex/6UcnI3fFiGC1Iww0+Dj8onJTK5HE3xvHNYOkWoYXiCHp6LwugOXGKpIjx XKhGFQJeUgvDqfdjcs5RPDlOiqzXBrNorXHD+1Bglx1QV7UHrdF7U8XMhJ5s03TI syCYO/Y7Z0Rtg14zcIn1mEUKVNJ1uJpDAImrFlgp93UNqAaFI8Fss+gjJlfBAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUcnGHe6VQ27QbDDW8YwIcoqL90fYwHwYDVR0j BBgwFoAUcMvXqYF+RwAJwPQOoeNwqnm1/ZEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYjczMzJhZjAtZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5 ZjhhLzAvNzBDQkQ3QTk4MTdFNDcwMDA5QzBGNDBFQTFFMzcwQUE3OUI1RkQ5MS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2NNdlhxWUYtUndBSndQUU9vZU53cW5t MV9aRS5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYjczMzJhZjAt ZGQ3My00NzU1LTlkMjAtNjkzZWE4Mjg5ZjhhLzAvMzQzNTJlMzEzNTM4MmUzNTM4 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDMwMzAzMzM5LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA LZ46MA0GCSqGSIb3DQEBCwUAA4IBAQC/RRm9U+oHpxqAt0rYZ22JVv4LVhgSGKCK RKIqUCONQ7VD61aR2+Tmxelgtc/PFWJ2fMgd+K9TLMpOCplPYei7N1ImZERnhuZx iBIEyg7kfU8wGCSEg1/EfetUI2S235axA+fXAzMYDwrYSnPttwFzikEQA7tQU/kT CNXoMKRPqxiuv56gOB1/FDzvayKbJzRbbJ2QT8Lwv8Fpn+KUj++/CpsX1Kfpd7WS ULFZKgLBgSNO7qj7V8yBvtV07Ia/hP5n9zpgU8Dvj/9AYyAG9LmVS7rGOcv6eCBg RCRZojCjEUp7gnHhgAu2cYkgQTLwww5JEXFgS+SUfi7MvsRapc8u -----END CERTIFICATE-----Generated at Mon Jan 19 20:02:31 2026 by rpki-client