This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa File: 3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa (raw, json) Hash identifier: 5oaFDS/jjpPguojtvvslJaiNQ7OqwUltxLxfBlTWSdM= Subject key identifier: 13:C1:52:11:C9:35:AD:9C:CC:F1:25:F4:66:7D:D0:A6:E4:3B:45:AD Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 1119E406F6E81305FCE1F7A098EFBED036D7D1A0 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa Signing time: Fri 28 Nov 2025 11:49:22 +0000 ROA not before: Fri 28 Nov 2025 11:44:22 +0000 ROA not after: Fri 27 Nov 2026 11:49:22 +0000 asID: 147049 IP address blocks: 192.166.244.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 02:38:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11:19:e4:06:f6:e8:13:05:fc:e1:f7:a0:98:ef:be:d0:36:d7:d1:a0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:22 2025 GMT Not After : Nov 27 11:49:22 2026 GMT Subject: CN=13C15211C935AD9CCCF125F4667DD0A6E43B45AD Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:95:79:9e:71:84:4e:fc:72:91:47:4b:b4:30: 1a:e0:c4:ff:e0:a9:98:a0:59:7e:ec:c9:dc:b0:58: 5b:b3:71:7d:8b:b9:7d:6c:f0:07:17:23:6c:ef:28: b8:56:94:43:a6:f4:ba:3e:16:b4:49:17:24:ab:84: 04:19:d0:0e:c3:63:6e:2c:4b:95:8c:d6:22:80:5a: 81:48:60:01:ec:9f:37:be:fb:4c:4b:2a:b7:c5:52: 28:ec:49:1c:e3:9a:b3:82:d7:c2:ce:e8:cc:08:01: a6:72:57:80:90:46:4c:c4:26:9a:91:7d:0c:fd:99: 56:4d:40:c9:a1:b3:a9:7f:a6:da:51:36:b6:97:b7: b2:8c:7b:98:ff:b3:b7:66:67:50:a6:8a:7f:cb:5a: eb:49:b1:55:88:ea:5a:65:2e:9e:e5:0c:14:cf:8b: d5:ab:c9:20:5e:4e:cb:01:b9:16:27:e1:48:00:1b: 70:d9:cf:44:08:08:33:cd:e0:67:79:1d:e0:53:8e: f6:ab:8c:0b:fd:51:4c:dd:63:66:f2:1e:d0:f6:93: 4f:3a:74:31:01:0d:60:4a:4a:a4:ed:b4:2a:1f:d2: 79:6c:c6:ed:41:2b:b1:94:d0:f0:ad:f1:81:37:b7: 2a:1c:20:6c:54:49:f0:7f:72:6a:0c:c8:90:21:53: 79:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:C1:52:11:C9:35:AD:9C:CC:F1:25:F4:66:7D:D0:A6:E4:3B:45:AD X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3139322e3136362e3234342e302f32342d3234203d3e20313437303439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.166.244.0/24 Signature Algorithm: sha256WithRSAEncryption 85:8e:f4:f8:36:aa:a8:d3:2e:d2:47:b1:d6:5e:8d:4e:69:58: f4:c5:28:2d:4d:62:6b:4f:77:5a:6c:cb:c1:eb:28:26:4f:fb: d8:d8:3d:3c:ea:65:48:89:13:aa:0d:e0:dc:b0:b6:71:a2:cd: 77:87:69:fd:c5:9b:bf:a8:e1:72:90:04:84:04:b5:4f:8e:89: 06:93:b0:b4:fd:7f:dd:18:92:a4:a1:25:7e:9c:8e:1d:3a:69: d1:db:3d:e3:98:a2:e4:36:bc:ac:e0:8a:e7:40:20:14:b3:13: f9:b4:ab:19:a1:4f:2f:bc:4e:e5:51:17:0f:89:df:72:c7:bd: 05:7d:dc:4b:55:ef:a3:5f:ff:77:13:df:b9:d5:1f:2b:79:67: f8:9f:e7:32:b6:43:e9:c5:da:2f:c8:22:d6:f0:2e:43:11:a5: 88:7e:f3:27:e8:c2:67:6a:c9:fb:72:a9:1c:a5:a3:cb:18:48: 86:d7:1a:2d:70:26:50:75:e4:68:5c:7a:c6:e6:b0:04:03:3d: d8:51:84:ae:f6:33:0e:49:c0:a9:1d:79:1c:a8:30:d8:9d:0d: 17:23:54:04:62:ec:ba:63:ea:74:5e:ae:04:52:a1:64:b8:7f: cd:78:bf:b2:66:3a:18:07:37:5a:ff:fd:ce:1d:bb:58:a4:c5: ae:cd:23:cb -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUERnkBvboEwX84fegmO++0DbX0aAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MjJaFw0yNjExMjcxMTQ5MjJaMDMxMTAvBgNV BAMTKDEzQzE1MjExQzkzNUFEOUNDQ0YxMjVGNDY2N0REMEE2RTQzQjQ1QUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDslXmecYRO/HKRR0u0MBrgxP/g qZigWX7sydywWFuzcX2LuX1s8AcXI2zvKLhWlEOm9Lo+FrRJFySrhAQZ0A7DY24s S5WM1iKAWoFIYAHsnze++0xLKrfFUijsSRzjmrOC18LO6MwIAaZyV4CQRkzEJpqR fQz9mVZNQMmhs6l/ptpRNraXt7KMe5j/s7dmZ1Cmin/LWutJsVWI6lplLp7lDBTP i9WrySBeTssBuRYn4UgAG3DZz0QICDPN4Gd5HeBTjvarjAv9UUzdY2byHtD2k086 dDEBDWBKSqTttCof0nlsxu1BK7GU0PCt8YE3tyocIGxUSfB/cmoMyJAhU3n5AgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUE8FSEck1rZzM8SX0Zn3QpuQ7Ra0wHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM5MzIyZTMxMzYz NjJlMzIzNDM0MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzNDM3MzAzNDM5LnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAwKb0MA0GCSqGSIb3DQEBCwUAA4IBAQCFjvT4Nqqo0y7SR7HWXo1O aVj0xSgtTWJrT3dabMvB6ygmT/vY2D086mVIiROqDeDcsLZxos13h2n9xZu/qOFy kASEBLVPjokGk7C0/X/dGJKkoSV+nI4dOmnR2z3jmKLkNrys4IrnQCAUsxP5tKsZ oU8vvE7lURcPid9yx70FfdxLVe+jX/93E9+51R8reWf4n+cytkPpxdovyCLW8C5D EaWIfvMn6MJnasn7cqkcpaPLGEiG1xotcCZQdeRoXHrG5rAEAz3YUYSu9jMOScCp HXkcqDDYnQ0XI1QEYuy6Y+p0Xq4EUqFkuH/NeL+yZjoYBzda//3OHbtYpMWuzSPL -----END CERTIFICATE-----Generated at Fri Dec 5 11:38:34 2025 by rpki-client