This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa File: 3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa (raw, json) Hash identifier: 4Us7hfljTjoMiQ6xi9Zj+H7IHk+z7Ia1pMmpuHMJkYc= Subject key identifier: 75:9D:DC:9A:2E:7C:13:94:7C:0E:23:2B:F4:BE:CD:B4:86:F9:B0:7A Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 43D12F47193B3E12CBFC64E1546A915B409C8862 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa Signing time: Fri 28 Nov 2025 11:49:17 +0000 ROA not before: Fri 28 Nov 2025 11:44:17 +0000 ROA not after: Fri 27 Nov 2026 11:49:17 +0000 asID: 47583 IP address blocks: 185.249.224.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:d1:2f:47:19:3b:3e:12:cb:fc:64:e1:54:6a:91:5b:40:9c:88:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:17 2025 GMT Not After : Nov 27 11:49:17 2026 GMT Subject: CN=759DDC9A2E7C13947C0E232BF4BECDB486F9B07A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:e9:9a:a7:3e:ae:bf:77:0f:b5:86:19:3f:ac: 76:dc:94:a7:c5:07:03:87:da:39:45:c7:5d:0d:0f: aa:27:1d:a6:d1:79:d1:07:36:5f:97:25:39:c0:48: cc:a2:2c:68:27:a1:7a:be:7e:b9:86:94:25:4f:4d: c7:a1:1a:1b:77:8b:91:dc:15:54:b3:dd:8f:07:76: 37:75:23:ad:d0:38:09:15:1b:1e:c4:ea:9c:55:4c: 73:21:9f:09:bb:b1:80:69:c9:2f:7b:73:55:5f:93: 2a:01:7f:db:f4:2d:ec:89:f3:0b:87:85:7e:68:2a: a5:2b:06:5e:06:bc:5d:b9:2a:91:c8:43:d1:d7:8f: 73:cf:38:c4:a9:f9:d1:9f:d3:31:e7:88:9d:e5:e0: c5:8f:13:49:d2:09:54:c5:c3:c4:4b:cf:a2:5a:0f: 64:07:80:68:5b:33:b5:a1:39:a2:9b:ac:7b:02:ec: 7a:0b:33:98:2e:dd:3d:42:de:7e:92:ee:66:7a:b3: da:c0:98:b6:6f:3e:cf:4e:a6:d0:04:e8:05:8d:7d: cd:b1:67:6c:13:9e:5c:e3:7b:ad:69:5e:ff:2d:4c: 1f:1c:69:b5:8a:df:bf:64:08:ff:32:e4:3b:80:29: 49:6e:56:f7:25:d3:c3:62:1a:57:f8:04:ca:aa:eb: 83:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 75:9D:DC:9A:2E:7C:13:94:7C:0E:23:2B:F4:BE:CD:B4:86:F9:B0:7A X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234392e3232342e302f32342d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.249.224.0/24 Signature Algorithm: sha256WithRSAEncryption 35:8e:41:04:88:d0:c5:b1:90:aa:32:12:9d:15:f6:37:0a:dc: f6:0f:cd:f3:c4:e1:3d:61:40:bb:9b:6b:6a:13:b1:4a:a6:88: f7:9d:52:88:15:16:6e:a1:40:64:14:91:64:a4:fc:ef:62:fe: eb:a1:10:b5:33:b9:ea:65:3a:0d:4d:27:5d:2c:83:a9:24:ac: d7:c5:14:5b:b8:c9:ba:50:c5:5a:d9:b7:02:d4:aa:cd:79:2c: 74:e8:40:65:d5:0d:fe:f9:c8:f5:12:b9:8f:5a:1e:f8:81:6a: 03:67:b7:72:62:47:83:27:26:41:c8:f0:6c:30:8d:7c:d2:d6: 75:83:2a:9d:f8:45:5b:67:fa:b9:65:40:da:ee:6c:38:77:fe: 90:67:01:6a:6d:5d:be:9e:bd:67:37:95:bc:10:50:df:70:77: 13:3f:2c:53:f4:04:1f:b5:a8:3e:7c:32:3c:e5:d8:1f:11:f6: dc:b3:74:81:79:22:b5:5c:1a:c2:85:eb:dd:eb:77:18:47:8b: fc:14:11:b2:18:cb:00:9d:0d:82:f9:06:b3:7a:85:df:63:43: e2:ae:1f:99:cb:fc:25:c1:50:50:74:86:94:ae:ef:87:44:49: 5e:b3:36:a0:87:bb:6c:c7:8f:53:1c:99:c8:89:d7:7d:27:9b: e1:32:ef:ce -----BEGIN CERTIFICATE----- MIIFOjCCBCKgAwIBAgIUQ9EvRxk7PhLL/GThVGqRW0CciGIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MTdaFw0yNjExMjcxMTQ5MTdaMDMxMTAvBgNV BAMTKDc1OUREQzlBMkU3QzEzOTQ3QzBFMjMyQkY0QkVDREI0ODZGOUIwN0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr6ZqnPq6/dw+1hhk/rHbclKfF BwOH2jlFx10ND6onHabRedEHNl+XJTnASMyiLGgnoXq+frmGlCVPTcehGht3i5Hc FVSz3Y8Hdjd1I63QOAkVGx7E6pxVTHMhnwm7sYBpyS97c1VfkyoBf9v0LeyJ8wuH hX5oKqUrBl4GvF25KpHIQ9HXj3PPOMSp+dGf0zHniJ3l4MWPE0nSCVTFw8RLz6Ja D2QHgGhbM7WhOaKbrHsC7HoLM5gu3T1C3n6S7mZ6s9rAmLZvPs9OptAE6AWNfc2x Z2wTnlzje61pXv8tTB8cabWK379kCP8y5DuAKUluVvcl08NiGlf4BMqq64MdAgMB AAGjggJEMIICQDAdBgNVHQ4EFgQUdZ3cmi58E5R8DiMr9L7NtIb5sHowHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz OTJlMzIzMjM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2Ew GAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQC AAEwBgMEALn54DANBgkqhkiG9w0BAQsFAAOCAQEANY5BBIjQxbGQqjISnRX2Nwrc 9g/N88ThPWFAu5trahOxSqaI951SiBUWbqFAZBSRZKT872L+66EQtTO56mU6DU0n XSyDqSSs18UUW7jJulDFWtm3AtSqzXksdOhAZdUN/vnI9RK5j1oe+IFqA2e3cmJH gycmQcjwbDCNfNLWdYMqnfhFW2f6uWVA2u5sOHf+kGcBam1dvp69ZzeVvBBQ33B3 Ez8sU/QEH7WoPnwyPOXYHxH23LN0gXkitVwawoXr3et3GEeL/BQRshjLAJ0NgvkG s3qF32ND4q4fmcv8JcFQUHSGlK7vh0RJXrM2oIe7bMePUxyZyInXfSeb4TLvzg== -----END CERTIFICATE-----Generated at Fri Dec 5 18:56:54 2025 by rpki-client