This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa File: 34352e31332e3233352e302f32342d3234203d3e20313437303439.roa (raw, json) Hash identifier: +qoU2Q4ujlKrGBPm1l6x/Db5AFrzZejFfn6mX47HApU= Subject key identifier: 37:F9:1A:A1:29:2C:B9:DA:43:F3:0C:FD:2D:AA:D8:2A:55:C9:C2:11 Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 69869A6014E5FCDB0482744AA634E766D8DC70AF Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa Signing time: Fri 28 Nov 2025 11:49:30 +0000 ROA not before: Fri 28 Nov 2025 11:44:30 +0000 ROA not after: Fri 27 Nov 2026 11:49:30 +0000 asID: 147049 IP address blocks: 45.13.235.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 02:38:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 69:86:9a:60:14:e5:fc:db:04:82:74:4a:a6:34:e7:66:d8:dc:70:af Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:30 2025 GMT Not After : Nov 27 11:49:30 2026 GMT Subject: CN=37F91AA1292CB9DA43F30CFD2DAAD82A55C9C211 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:fc:04:48:ed:53:fd:8b:95:64:60:4c:1d:85: bc:8a:ac:75:c8:6f:48:e0:68:73:70:0c:7e:98:34: 4a:65:78:c2:e0:bb:62:76:04:84:d3:1e:60:27:5b: 20:40:d9:b2:c7:74:e1:72:f9:6e:d6:e7:5e:60:cc: 15:32:7f:a5:aa:65:af:2d:18:0c:5a:78:34:eb:3d: 9c:82:68:f9:67:23:e5:2b:1e:99:26:4c:67:ad:78: 18:64:2a:e5:79:b9:ec:66:c5:90:ad:fa:c0:f0:c1: f9:e7:b5:c1:5f:3e:cd:a0:28:b6:b9:d0:ec:e5:08: 21:df:d1:25:98:63:d4:87:e4:d9:f2:b6:c3:39:40: 94:39:7a:bc:67:29:1f:d7:12:2e:57:a8:d6:b9:1d: c5:79:0c:b8:b0:d1:1b:a2:3e:3d:a9:e6:f3:b7:23: d0:3d:9e:d9:2b:83:30:48:38:3e:b1:65:c3:4e:eb: bb:44:fb:95:d9:07:f3:5f:a5:87:af:a5:61:b5:69: 08:ab:24:28:43:d5:22:19:55:0e:d6:f5:f0:78:6a: 88:57:b6:f7:96:f8:f6:58:85:15:58:75:92:86:97: 55:85:50:a7:de:da:b8:16:82:ad:e7:7f:33:5e:f1: a3:77:d8:73:6f:c1:c3:10:5e:aa:df:0d:0e:e5:96: 10:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:F9:1A:A1:29:2C:B9:DA:43:F3:0C:FD:2D:AA:D8:2A:55:C9:C2:11 X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e31332e3233352e302f32342d3234203d3e20313437303439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.13.235.0/24 Signature Algorithm: sha256WithRSAEncryption 92:52:b0:dd:9d:1c:32:a9:c0:74:50:46:bc:66:40:65:75:e0: f2:ed:da:d5:da:0c:74:91:f2:2f:47:4c:f3:47:12:ad:e9:19: 9f:fb:a3:95:ec:8c:ba:93:63:b7:cb:48:36:b0:78:ed:85:57: 1a:55:f0:dd:5c:55:fe:ab:4a:58:b3:3c:ca:72:cf:65:0b:98: 21:8d:e6:41:fd:1c:0d:49:fd:10:66:4d:11:80:9b:5c:73:92: 8e:e9:c2:d2:c4:1f:98:69:14:14:21:12:71:78:e7:19:23:10: 78:0d:f4:c4:49:af:0b:a6:86:0b:b4:a2:81:88:01:df:01:cd: 67:26:ac:e9:61:f7:ed:df:86:79:3c:6c:7a:98:35:1b:29:48: be:b1:c9:76:fc:77:8f:01:59:06:06:71:04:98:bf:6c:2b:7e: 1a:f5:f9:1d:04:e1:17:dd:07:d6:d3:82:22:20:5f:b5:bb:37: 06:dc:fb:a3:7c:23:6a:b5:d1:42:23:72:7f:1e:fe:cd:ec:dd: 5a:04:d6:1f:89:4f:3f:f6:c4:08:e2:47:c5:d3:39:c0:5d:2b: 73:b8:04:45:23:fc:93:71:0e:21:23:17:6f:66:ab:93:57:12: 59:e4:30:5b:9d:1f:55:3b:2d:cc:34:b4:12:de:0d:c2:61:8d: 8d:63:b6:4b -----BEGIN CERTIFICATE----- MIIFODCCBCCgAwIBAgIUaYaaYBTl/NsEgnRKpjTnZtjccK8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MzBaFw0yNjExMjcxMTQ5MzBaMDMxMTAvBgNV BAMTKDM3RjkxQUExMjkyQ0I5REE0M0YzMENGRDJEQUFEODJBNTVDOUMyMTEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY/ARI7VP9i5VkYEwdhbyKrHXI b0jgaHNwDH6YNEpleMLgu2J2BITTHmAnWyBA2bLHdOFy+W7W515gzBUyf6WqZa8t GAxaeDTrPZyCaPlnI+UrHpkmTGeteBhkKuV5uexmxZCt+sDwwfnntcFfPs2gKLa5 0OzlCCHf0SWYY9SH5NnytsM5QJQ5erxnKR/XEi5XqNa5HcV5DLiw0RuiPj2p5vO3 I9A9ntkrgzBIOD6xZcNO67tE+5XZB/NfpYevpWG1aQirJChD1SIZVQ7W9fB4aohX tveW+PZYhRVYdZKGl1WFUKfe2rgWgq3nfzNe8aN32HNvwcMQXqrfDQ7llhCNAgMB AAGjggJCMIICPjAdBgNVHQ4EFgQUN/kaoSksudpD8wz9LarYKlXJwhEwHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzMTMzMmUz MjMzMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0MzczMDM0Mzkucm9hMBgG A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB MAYDBAAtDeswDQYJKoZIhvcNAQELBQADggEBAJJSsN2dHDKpwHRQRrxmQGV14PLt 2tXaDHSR8i9HTPNHEq3pGZ/7o5XsjLqTY7fLSDaweO2FVxpV8N1cVf6rSlizPMpy z2ULmCGN5kH9HA1J/RBmTRGAm1xzko7pwtLEH5hpFBQhEnF45xkjEHgN9MRJrwum hgu0ooGIAd8BzWcmrOlh9+3fhnk8bHqYNRspSL6xyXb8d48BWQYGcQSYv2wrfhr1 +R0E4RfdB9bTgiIgX7W7Nwbc+6N8I2q10UIjcn8e/s3s3VoE1h+JTz/2xAjiR8XT OcBdK3O4BEUj/JNxDiEjF29mq5NXElnkMFudH1U7Lcw0tBLeDcJhjY1jtks= -----END CERTIFICATE-----Generated at Fri Dec 5 11:35:24 2025 by rpki-client