This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa File: 3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa (raw, json) Hash identifier: 4qMnIzJ3XpO3qZkZh432A9SVttPu5LX472LJLPHoHQE= Subject key identifier: 50:3A:5B:E8:2B:17:B1:B3:35:B2:F7:F9:E7:AD:7A:07:2D:6F:1E:34 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 5419361D41ED4B87D877B9FB951814ECED0D8A66 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:53 +0000 ROA not before: Mon 29 Dec 2025 09:45:53 +0000 ROA not after: Mon 28 Dec 2026 09:50:53 +0000 asID: 47583 IP address blocks: 109.106.240.0/21 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 54:19:36:1d:41:ed:4b:87:d8:77:b9:fb:95:18:14:ec:ed:0d:8a:66 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:53 2025 GMT Not After : Dec 28 09:50:53 2026 GMT Subject: CN=503A5BE82B17B1B335B2F7F9E7AD7A072D6F1E34 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:3c:e7:42:e7:d8:27:f4:f5:32:e1:a3:52:a1: 92:9a:d7:ea:72:02:19:56:ca:9f:37:47:3e:f7:ca: c6:af:ab:f8:9f:e3:73:87:e3:18:c4:81:85:3b:bc: bc:ac:44:f3:01:ca:48:58:c1:32:5a:fc:57:43:c5: 19:6d:b6:de:65:0f:50:19:3e:3c:f0:a6:b8:d8:03: bc:49:69:42:fc:05:08:77:cd:73:f8:02:7b:ba:e1: a4:b4:a5:e8:0a:6a:72:7b:37:9f:a6:0b:9c:5d:32: 38:56:cf:fe:c3:66:15:0c:45:81:48:2e:7a:88:d7: c4:fc:66:aa:f0:1c:35:ae:68:64:3c:75:39:71:8a: 3a:d7:20:05:e5:55:c2:94:1a:da:a3:f7:f3:f6:42: 0f:57:64:a6:35:88:f8:ca:bd:f5:7b:41:ff:26:75: a9:fb:6f:f0:31:e5:04:c1:13:5a:4e:3f:8f:3c:28: 96:7b:74:6c:9f:9b:22:4b:86:70:a7:4b:2c:bf:71: 40:26:fe:ee:84:18:38:19:8a:0f:99:c3:48:1a:0e: fb:86:26:81:f6:a8:f4:c1:32:93:80:00:f6:9a:46: ad:c9:77:7b:6b:b6:b2:7d:6f:82:7f:1c:cf:9d:4d: f5:f2:a1:78:4d:52:79:4a:c3:fe:49:29:81:1d:5e: 15:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:3A:5B:E8:2B:17:B1:B3:35:B2:F7:F9:E7:AD:7A:07:2D:6F:1E:34 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3130362e3234302e302f32312d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.106.240.0/21 Signature Algorithm: sha256WithRSAEncryption 7c:40:14:07:47:75:3b:60:e1:6e:c1:e6:d6:89:1f:ca:80:1f: f3:ac:ab:33:16:10:a7:4e:3c:e4:08:b1:a5:ed:c1:83:21:60: d5:ac:b4:59:1d:86:09:fc:c9:15:93:77:f8:de:e5:e1:64:1e: 1f:1f:a2:0a:ab:80:81:77:d5:22:7c:86:b1:e6:3d:d6:72:57: 61:69:b4:ca:68:a1:bc:20:d1:48:1e:2d:cd:61:5e:ed:b7:a6: 92:7e:3c:c7:ad:db:13:7f:91:17:a6:5c:25:6a:22:4d:8b:d4: f9:f5:73:a1:54:a4:10:2e:00:7b:7d:7b:8e:0c:82:77:e0:2c: 25:b3:51:47:6d:05:65:64:56:00:1e:27:14:88:74:dd:f0:94: 09:e7:88:82:5c:07:6b:00:29:b3:36:32:5c:cb:74:15:1d:04: f2:b7:07:47:c4:8c:b0:8d:85:18:b3:99:37:47:64:62:1f:4c: e9:30:0e:e0:7c:e7:4c:65:f0:12:53:5c:c7:a4:c4:d0:b8:f5: 2b:52:83:8a:fd:11:c8:b4:45:4a:25:8d:8f:c9:be:12:54:88: 3f:26:5f:94:9d:6d:fa:8b:16:7e:72:b9:1b:ff:a5:e8:da:6b: d5:73:16:5d:42:d9:d5:21:f6:4d:e6:9a:f9:38:e1:9b:32:cb: 9c:8c:9b:f4 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUVBk2HUHtS4fYd7n7lRgU7O0NimYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTNaFw0yNjEyMjgwOTUwNTNaMDMxMTAvBgNV BAMTKDUwM0E1QkU4MkIxN0IxQjMzNUIyRjdGOUU3QUQ3QTA3MkQ2RjFFMzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnPOdC59gn9PUy4aNSoZKa1+py AhlWyp83Rz73ysavq/if43OH4xjEgYU7vLysRPMBykhYwTJa/FdDxRlttt5lD1AZ PjzwprjYA7xJaUL8BQh3zXP4Anu64aS0pegKanJ7N5+mC5xdMjhWz/7DZhUMRYFI LnqI18T8ZqrwHDWuaGQ8dTlxijrXIAXlVcKUGtqj9/P2Qg9XZKY1iPjKvfV7Qf8m dan7b/Ax5QTBE1pOP488KJZ7dGyfmyJLhnCnSyy/cUAm/u6EGDgZig+Zw0gaDvuG JoH2qPTBMpOAAPaaRq3Jd3trtrJ9b4J/HM+dTfXyoXhNUnlKw/5JKYEdXhWrAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUUDpb6CsXsbM1svf55616By1vHjQwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMwMzYyZTMy MzQzMDJlMzAyZjMyMzEyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BANtavAwDQYJKoZIhvcNAQELBQADggEBAHxAFAdHdTtg4W7B5taJH8qAH/OsqzMW EKdOPOQIsaXtwYMhYNWstFkdhgn8yRWTd/je5eFkHh8fogqrgIF31SJ8hrHmPdZy V2FptMpoobwg0UgeLc1hXu23ppJ+PMet2xN/kRemXCVqIk2L1Pn1c6FUpBAuAHt9 e44MgnfgLCWzUUdtBWVkVgAeJxSIdN3wlAnniIJcB2sAKbM2MlzLdBUdBPK3B0fE jLCNhRizmTdHZGIfTOkwDuB850xl8BJTXMekxNC49StSg4r9Eci0RUoljY/JvhJU iD8mX5SdbfqLFn5yuRv/pejaa9VzFl1C2dUh9k3mmvk44Zsyy5yMm/Q= -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:52 2026 by rpki-client