This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa File: 33312e34302e3231322e302f32342d3234203d3e203538323132.roa (raw, json) Hash identifier: lbqYl+/6VJSJUYjmBB/I+WIgreJlMSRQH1gmQia5Vnc= Subject key identifier: CE:70:7B:DF:1D:12:01:75:4B:88:F6:CE:B3:4B:D4:08:E9:92:C6:BF Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 4CC2618D812BFB34A882CEBBBFE5EBD3420E319B Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa Signing time: Fri 28 Nov 2025 11:49:37 +0000 ROA not before: Fri 28 Nov 2025 11:44:37 +0000 ROA not after: Fri 27 Nov 2026 11:49:37 +0000 asID: 58212 IP address blocks: 31.40.212.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4c:c2:61:8d:81:2b:fb:34:a8:82:ce:bb:bf:e5:eb:d3:42:0e:31:9b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:37 2025 GMT Not After : Nov 27 11:49:37 2026 GMT Subject: CN=CE707BDF1D1201754B88F6CEB34BD408E992C6BF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:8f:bd:df:b1:a1:98:9a:a5:a3:cc:97:bc:e8: 49:51:ac:64:73:11:07:49:3d:9d:a8:a5:60:6e:d0: 6e:16:42:de:88:a1:cb:c0:3b:db:f4:6d:2b:20:ab: 19:e9:c0:43:06:db:ef:73:15:bd:a9:91:6a:1b:da: 4e:65:f3:5f:07:f7:3b:fc:1b:4b:d7:5a:d9:24:44: 86:fd:f7:0f:3d:52:45:aa:b8:f5:8e:8e:76:64:86: 52:3d:bf:8a:3c:1a:71:5c:f0:88:50:48:4e:8d:fe: ad:04:02:0b:dc:46:78:d3:03:73:b3:a7:25:59:9f: 9e:c0:bd:f9:58:bc:b0:07:93:a5:f6:cd:7a:5e:d2: bc:65:17:28:98:9a:1c:8a:4e:e5:e1:83:2b:9b:b5: 5b:2a:33:db:77:6c:fe:6b:b4:a2:2d:74:87:86:8d: 32:a0:3b:34:c4:b5:ea:d3:b2:47:f2:2f:b0:12:96: d6:3d:25:44:ec:ec:b0:67:e9:73:44:a3:e5:3f:73: f6:3b:d3:13:c0:6e:0f:29:3a:f9:0f:3a:3e:a5:6f: e4:7a:7e:65:a8:cf:b6:52:be:a7:a8:87:0a:03:5e: be:39:fa:89:e7:52:9e:18:35:d9:ae:88:73:a8:41: d7:ac:4c:6e:06:2d:d7:27:26:b4:2e:0e:b8:8c:07: b9:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:70:7B:DF:1D:12:01:75:4B:88:F6:CE:B3:4B:D4:08:E9:92:C6:BF X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/33312e34302e3231322e302f32342d3234203d3e203538323132.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.40.212.0/24 Signature Algorithm: sha256WithRSAEncryption b9:39:ee:63:c1:f0:d7:0a:1a:7a:15:99:77:a5:05:d2:61:aa: ed:4e:15:a9:a7:34:b6:79:aa:c2:a0:02:d9:02:78:1e:84:88: 57:a7:2b:39:fd:f4:f8:8f:8b:32:75:d1:e3:0c:fb:79:eb:10: b6:09:60:00:66:bb:ca:62:99:03:9d:0b:3c:8b:6e:10:d2:66: 4d:bb:13:b9:c0:2b:41:72:1b:51:b0:ad:dd:86:3d:98:93:e8: 15:8f:a1:de:11:78:d8:f0:3a:5f:94:25:0a:0a:f3:6c:f5:88: 2f:2e:fd:a8:75:ba:15:d1:8a:1a:a8:f0:14:81:00:1a:d8:26: f3:e7:c0:8d:c2:bf:af:bc:68:26:27:2a:da:7b:51:e5:aa:0f: 70:e1:00:16:3d:0d:e3:e3:14:11:25:42:9e:2c:a2:0e:72:2a: 21:62:0a:e2:e8:63:5d:63:7e:0a:8b:06:3c:59:de:96:4f:0a: ab:e5:7d:80:0e:e5:db:6f:59:41:4d:7b:5b:aa:06:68:a3:f1: a2:6e:f1:71:96:2d:97:09:6f:25:e2:a2:d0:f7:57:68:11:2e: ba:e9:1c:3d:30:24:91:35:dd:de:12:df:f3:1a:3b:64:1d:52: 82:ca:d0:6d:26:92:95:4e:6e:7c:54:70:58:bb:ff:96:7a:d4: 6f:5c:f4:63 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIUTMJhjYEr+zSogs67v+Xr00IOMZswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MzdaFw0yNjExMjcxMTQ5MzdaMDMxMTAvBgNV BAMTKENFNzA3QkRGMUQxMjAxNzU0Qjg4RjZDRUIzNEJENDA4RTk5MkM2QkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD3j73fsaGYmqWjzJe86ElRrGRz EQdJPZ2opWBu0G4WQt6IocvAO9v0bSsgqxnpwEMG2+9zFb2pkWob2k5l818H9zv8 G0vXWtkkRIb99w89UkWquPWOjnZkhlI9v4o8GnFc8IhQSE6N/q0EAgvcRnjTA3Oz pyVZn57AvflYvLAHk6X2zXpe0rxlFyiYmhyKTuXhgyubtVsqM9t3bP5rtKItdIeG jTKgOzTEterTskfyL7ASltY9JUTs7LBn6XNEo+U/c/Y70xPAbg8pOvkPOj6lb+R6 fmWoz7ZSvqeohwoDXr45+onnUp4YNdmuiHOoQdesTG4GLdcnJrQuDriMB7kPAgMB AAGjggJAMIICPDAdBgNVHQ4EFgQUznB73x0SAXVLiPbOs0vUCOmSxr8wHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMzMxMmUzNDMwMmUz MjMxMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTM4MzIzMTMyLnJvYTAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQAHyjUMA0GCSqGSIb3DQEBCwUAA4IBAQC5Oe5jwfDXChp6FZl3pQXSYartThWp pzS2earCoALZAngehIhXpys5/fT4j4syddHjDPt56xC2CWAAZrvKYpkDnQs8i24Q 0mZNuxO5wCtBchtRsK3dhj2Yk+gVj6HeEXjY8DpflCUKCvNs9YgvLv2odboV0Yoa qPAUgQAa2Cbz58CNwr+vvGgmJyrae1Hlqg9w4QAWPQ3j4xQRJUKeLKIOciohYgri 6GNdY34KiwY8Wd6WTwqr5X2ADuXbb1lBTXtbqgZoo/GibvFxli2XCW8l4qLQ91do ES666Rw9MCSRNd3eEt/zGjtkHVKCytBtJpKVTm58VHBYu/+WetRvXPRj -----END CERTIFICATE-----Generated at Fri Dec 5 07:05:31 2025 by rpki-client