This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232302e302f32342d3234203d3e203437353833.roa File: 34352e39302e3232302e302f32342d3234203d3e203437353833.roa (raw, json) Hash identifier: QjM0zfbFRig7aAl65Pe45vGb+XPU9kHKouIMPgyhnpc= Subject key identifier: 96:E3:2D:7C:17:70:00:0A:6F:B8:45:7D:92:9A:9E:BD:40:2E:5A:EC Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 2A23C2CEA382E51154EE88E52EFBA824E5664AC2 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232302e302f32342d3234203d3e203437353833.roa Signing time: Fri 28 Nov 2025 11:49:26 +0000 ROA not before: Fri 28 Nov 2025 11:44:26 +0000 ROA not after: Fri 27 Nov 2026 11:49:26 +0000 asID: 47583 IP address blocks: 45.90.220.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 11:00:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:23:c2:ce:a3:82:e5:11:54:ee:88:e5:2e:fb:a8:24:e5:66:4a:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:26 2025 GMT Not After : Nov 27 11:49:26 2026 GMT Subject: CN=96E32D7C1770000A6FB8457D929A9EBD402E5AEC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:cc:eb:38:bd:24:dc:f1:99:08:d2:b7:8c:61: 21:26:3c:f5:8d:7d:29:c4:59:0b:77:45:cf:93:9e: 11:78:54:8d:5e:e3:9c:fe:17:26:9a:b2:96:c1:8a: a4:d8:f4:e1:c9:f0:e2:5c:fe:1f:1f:b9:67:0e:be: 94:58:20:a0:a1:28:45:c2:71:76:36:7b:65:87:f2: b1:73:04:5f:32:12:32:e6:16:d3:ea:31:47:1f:2e: 69:da:e4:eb:c9:a0:69:86:dd:a6:9a:84:cb:51:38: 55:5b:71:e1:61:9a:6f:b5:d5:1b:8a:a3:f1:84:aa: 46:1d:c1:c3:42:0c:53:7e:63:67:9f:14:87:a0:80: be:16:26:b8:24:36:65:35:21:93:15:55:d1:d2:7e: ed:ca:22:39:53:64:14:5a:3c:54:87:fd:13:de:ef: 86:c4:c6:a5:a2:72:25:c4:4c:7d:83:40:73:ba:84: fc:3a:c5:90:9f:7f:cf:78:9d:03:fb:02:5f:66:7f: 69:cc:a8:ff:f8:7c:a5:82:a3:e2:49:a6:42:b9:0f: 2b:ca:79:89:7a:a7:3d:b7:3a:fa:17:9a:fd:c8:83: 62:14:2d:67:20:c6:ed:09:8c:17:27:6b:09:2b:4d: 6b:6c:9f:85:27:0c:86:07:4f:ca:04:9b:05:1f:b3: a4:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:E3:2D:7C:17:70:00:0A:6F:B8:45:7D:92:9A:9E:BD:40:2E:5A:EC X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/34352e39302e3232302e302f32342d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.90.220.0/24 Signature Algorithm: sha256WithRSAEncryption 84:4f:7a:c6:74:03:8f:d9:c8:a9:53:cd:e2:ef:e8:98:e9:96: 8d:d5:6b:19:80:fb:89:aa:27:cb:81:24:7e:5b:9d:45:e9:c4: e4:7e:7f:1d:3b:8a:ea:99:de:98:ca:c9:23:3d:4f:60:ad:1c: c7:55:59:c0:38:5e:ca:1c:91:ee:50:b5:17:17:53:dd:27:3a: 04:b4:ae:c7:f0:41:ee:fb:e0:2c:cd:f9:b0:d6:c2:bb:b4:c7: a8:d0:64:c6:4c:37:37:1f:ae:51:bf:8b:d0:09:43:76:01:eb: bf:2d:c3:12:03:e1:e1:f9:4b:67:8c:fc:88:88:93:4e:53:85: 80:53:45:c0:64:40:db:bc:fd:58:4d:2a:47:90:a7:9d:33:b4: 7e:a2:c8:76:5a:ab:79:fa:0c:e3:03:bb:01:3d:77:a2:b7:eb: 3e:97:13:0f:dc:14:f2:ab:fc:42:90:59:b0:03:0c:d4:c3:7c: 73:6f:e6:69:23:48:44:b5:3a:7b:3d:37:2c:ff:ff:ee:a4:7a: 5d:c1:84:da:b6:ee:25:d3:2f:50:3a:35:a5:d6:f5:3c:80:08: 0c:9b:c7:8f:ae:e1:e4:82:bb:9b:a0:19:84:30:df:2b:d0:3d: 8c:38:ff:44:19:1a:92:1a:6f:8e:a4:6c:5f:27:1d:bb:55:c4: 1b:a2:30:68 -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgIUKiPCzqOC5RFU7ojlLvuoJOVmSsIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MjZaFw0yNjExMjcxMTQ5MjZaMDMxMTAvBgNV BAMTKDk2RTMyRDdDMTc3MDAwMEE2RkI4NDU3RDkyOUE5RUJENDAyRTVBRUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2zOs4vSTc8ZkI0reMYSEmPPWN fSnEWQt3Rc+TnhF4VI1e45z+FyaaspbBiqTY9OHJ8OJc/h8fuWcOvpRYIKChKEXC cXY2e2WH8rFzBF8yEjLmFtPqMUcfLmna5OvJoGmG3aaahMtROFVbceFhmm+11RuK o/GEqkYdwcNCDFN+Y2efFIeggL4WJrgkNmU1IZMVVdHSfu3KIjlTZBRaPFSH/RPe 74bExqWiciXETH2DQHO6hPw6xZCff894nQP7Al9mf2nMqP/4fKWCo+JJpkK5DyvK eYl6pz23OvoXmv3Ig2IULWcgxu0JjBcnawkrTWtsn4UnDIYHT8oEmwUfs6QZAgMB AAGjggJAMIICPDAdBgNVHQ4EFgQUluMtfBdwAApvuEV9kpqevUAuWuwwHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zNDM1MmUzOTMwMmUz MjMyMzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNV HSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAG AwQALVrcMA0GCSqGSIb3DQEBCwUAA4IBAQCET3rGdAOP2cipU83i7+iY6ZaN1WsZ gPuJqifLgSR+W51F6cTkfn8dO4rqmd6YyskjPU9grRzHVVnAOF7KHJHuULUXF1Pd JzoEtK7H8EHu++Aszfmw1sK7tMeo0GTGTDc3H65Rv4vQCUN2Aeu/LcMSA+Hh+Utn jPyIiJNOU4WAU0XAZEDbvP1YTSpHkKedM7R+osh2Wqt5+gzjA7sBPXeit+s+lxMP 3BTyq/xCkFmwAwzUw3xzb+ZpI0hEtTp7PTcs///upHpdwYTatu4l0y9QOjWl1vU8 gAgMm8ePruHkgruboBmEMN8r0D2MOP9EGRqSGm+OpGxfJx27VcQbojBo -----END CERTIFICATE-----Generated at Fri Dec 5 18:54:43 2025 by rpki-client