This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa File: 3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa (raw, json) Hash identifier: GekrOAOp1uo7y5oZJ3cj9iTg+iqnX0V6uh1r0jhcBbA= Subject key identifier: 92:ED:01:3F:DD:FC:05:26:31:F7:F3:2A:3C:26:C7:95:A8:8D:45:F3 Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 5F02D58326E52561CBB9FC5264ADAEA68DC229F5 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa Signing time: Fri 28 Nov 2025 11:49:25 +0000 ROA not before: Fri 28 Nov 2025 11:44:25 +0000 ROA not after: Fri 27 Nov 2026 11:49:25 +0000 asID: 209854 IP address blocks: 176.227.240.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 02:38:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:02:d5:83:26:e5:25:61:cb:b9:fc:52:64:ad:ae:a6:8d:c2:29:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:25 2025 GMT Not After : Nov 27 11:49:25 2026 GMT Subject: CN=92ED013FDDFC052631F7F32A3C26C795A88D45F3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:36:bb:ca:21:43:16:85:84:8a:d6:3f:e7:67: 79:2b:21:f3:b1:bb:0d:8b:d1:de:4f:c8:6f:6c:e6: c9:ee:d0:b7:74:52:ce:73:2c:9a:7d:57:e6:34:0b: 89:5d:9d:d8:33:91:eb:f9:7a:9b:be:c0:2b:69:33: 58:0f:d1:eb:03:3f:e5:1a:0b:20:e1:ca:33:a9:21: 08:f5:ec:9d:5c:9f:35:c7:dd:93:5b:d9:3c:4e:d2: 40:e5:12:cd:47:80:8c:85:8c:77:c2:34:c3:6f:98: 5d:c3:ac:46:b9:e8:f8:87:30:32:7a:f4:c2:41:4d: 8b:a1:de:7c:8a:03:3f:22:6c:92:07:1f:8e:24:a4: 12:44:64:e9:19:10:e0:e5:14:52:c0:2e:33:74:3c: ca:f8:6c:c6:1b:62:96:25:d2:22:65:bf:d8:af:9c: b3:75:c8:72:d1:90:9e:8b:c4:87:c6:22:36:c8:52: c7:33:24:ca:e0:90:08:26:a8:b4:06:ed:8f:1d:f2: 85:ab:e7:8e:6f:b1:0e:af:56:00:3e:b8:17:19:bb: 67:4a:1e:8e:21:15:8f:63:bc:32:12:07:aa:e8:24: ac:0e:09:97:9f:d8:73:15:46:25:b6:34:5d:18:6c: 99:63:2c:bd:6e:a4:da:9e:ce:cf:da:db:d4:9c:31: 0f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:ED:01:3F:DD:FC:05:26:31:F7:F3:2A:3C:26:C7:95:A8:8D:45:F3 X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3137362e3232372e3234302e302f32342d3234203d3e20323039383534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.227.240.0/24 Signature Algorithm: sha256WithRSAEncryption 99:b4:1c:0e:10:87:25:f1:e2:ea:d8:d9:79:c5:4d:12:96:d8: 8b:63:58:82:be:1b:03:98:55:96:36:19:2b:90:e8:d8:38:17: 90:23:7a:10:83:7f:f2:b7:56:ae:4d:48:35:67:e0:31:0d:77: 9d:d4:f2:ea:40:0b:f5:9a:82:2a:82:b7:3b:ea:06:1c:f5:b4: 4c:e8:4b:5f:f8:49:2c:fa:4b:72:4a:0e:8b:1f:16:d7:f1:f3: 95:8c:a2:60:1b:76:92:42:49:ac:17:bd:b0:96:f7:56:df:57: 61:6d:12:d9:ab:25:bd:52:1a:7c:b3:63:4d:15:68:24:b7:06: be:4e:3b:6d:96:f7:fa:54:8d:09:24:fb:e7:79:ee:c0:a2:c2: da:e7:25:64:04:59:96:a3:91:a4:94:40:31:53:39:c9:a2:2f: 27:32:50:96:42:5e:31:b0:5b:67:7b:21:8b:e7:0b:62:42:5c: ce:c8:cb:8c:a7:13:c3:53:41:92:0d:2f:8f:7d:eb:06:40:e0: 8b:47:d3:c1:43:94:f6:67:c0:2b:f7:ee:d2:5a:8e:8d:cf:f9: 15:d6:d4:27:1a:92:8b:b8:df:d0:e5:62:2e:75:f5:3b:8a:63: c3:c6:96:03:05:1d:25:24:fa:01:5c:9d:b5:99:9c:7c:b2:05: 2a:48:09:19 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUXwLVgyblJWHLufxSZK2upo3CKfUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MjVaFw0yNjExMjcxMTQ5MjVaMDMxMTAvBgNV BAMTKDkyRUQwMTNGRERGQzA1MjYzMUY3RjMyQTNDMjZDNzk1QTg4RDQ1RjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyNrvKIUMWhYSK1j/nZ3krIfOx uw2L0d5PyG9s5snu0Ld0Us5zLJp9V+Y0C4ldndgzkev5epu+wCtpM1gP0esDP+Ua CyDhyjOpIQj17J1cnzXH3ZNb2TxO0kDlEs1HgIyFjHfCNMNvmF3DrEa56PiHMDJ6 9MJBTYuh3nyKAz8ibJIHH44kpBJEZOkZEODlFFLALjN0PMr4bMYbYpYl0iJlv9iv nLN1yHLRkJ6LxIfGIjbIUsczJMrgkAgmqLQG7Y8d8oWr545vsQ6vVgA+uBcZu2dK Ho4hFY9jvDISB6roJKwOCZef2HMVRiW2NF0YbJljLL1upNqezs/a29ScMQ9LAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUku0BP938BSYx9/MqPCbHlaiNRfMwHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM3MzYyZTMyMzIz NzJlMzIzNDMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM5MzgzNTM0LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAsOPwMA0GCSqGSIb3DQEBCwUAA4IBAQCZtBwOEIcl8eLq2Nl5xU0S ltiLY1iCvhsDmFWWNhkrkOjYOBeQI3oQg3/yt1auTUg1Z+AxDXed1PLqQAv1moIq grc76gYc9bRM6Etf+Eks+ktySg6LHxbX8fOVjKJgG3aSQkmsF72wlvdW31dhbRLZ qyW9Uhp8s2NNFWgktwa+Tjttlvf6VI0JJPvnee7AosLa5yVkBFmWo5GklEAxUznJ oi8nMlCWQl4xsFtneyGL5wtiQlzOyMuMpxPDU0GSDS+PfesGQOCLR9PBQ5T2Z8Ar 9+7SWo6Nz/kV1tQnGpKLuN/Q5WIudfU7imPDxpYDBR0lJPoBXJ21mZx8sgUqSAkZ -----END CERTIFICATE-----Generated at Fri Dec 5 15:02:25 2025 by rpki-client