This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa File: 3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa (raw, json) Hash identifier: FowuPiAKHxSp2B6MHrrm0+e81K+I214tGfGpKJRGKB4= Subject key identifier: 67:AB:E6:4E:F2:6B:F1:02:8A:F9:79:5A:F0:E4:B1:6D:1D:6B:DE:B3 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3B600DA16673109F2C954B8851A3D7BEBAFDB50E Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa Signing time: Mon 29 Dec 2025 09:50:53 +0000 ROA not before: Mon 29 Dec 2025 09:45:53 +0000 ROA not after: Mon 28 Dec 2026 09:50:53 +0000 asID: 136787 IP address blocks: 109.123.225.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3b:60:0d:a1:66:73:10:9f:2c:95:4b:88:51:a3:d7:be:ba:fd:b5:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:53 2025 GMT Not After : Dec 28 09:50:53 2026 GMT Subject: CN=67ABE64EF26BF1028AF9795AF0E4B16D1D6BDEB3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:63:99:15:5c:a9:f1:c8:4f:cf:7a:c5:d9:7a: a5:e2:c5:37:88:52:a9:b1:3a:8e:b8:b0:d0:1e:29: 3a:23:3a:e6:de:e9:a2:11:4b:6a:40:1e:fc:42:66: 2b:a3:55:0e:a8:81:b1:20:89:e9:77:72:d9:88:d8: ce:44:15:40:86:47:00:fa:71:12:50:d0:ad:1a:67: 5b:98:91:9c:c2:a8:dc:99:9e:0b:61:5f:18:5c:0e: a5:4c:db:5b:54:e3:16:a1:0f:e7:dc:a6:70:ff:43: 07:1d:31:14:5c:33:c4:fc:2e:9d:a6:7e:3c:43:e4: 0f:0e:f4:94:bc:e7:a3:1f:65:43:00:db:c5:b0:6a: a4:7e:aa:ba:33:4d:3a:7e:b1:fc:b5:ce:18:b8:8f: 05:a6:40:6b:d3:00:be:af:f7:1a:cf:d0:d9:04:d5: 3a:38:c6:fa:76:c3:e4:9c:3f:0a:e3:08:d2:c7:00: 19:05:1e:2e:43:14:8c:54:35:46:bb:52:da:28:49: 7e:29:52:42:bd:84:25:4d:69:f6:38:0f:b1:8f:8b: 0e:74:51:fb:98:75:3a:f4:b0:4a:4b:5e:a6:33:98: f6:98:8c:d5:9f:7b:ca:f2:19:00:7a:50:a2:c0:d0: 2c:4c:17:8a:05:31:74:df:9d:64:76:40:1d:ef:32: 59:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:AB:E6:4E:F2:6B:F1:02:8A:F9:79:5A:F0:E4:B1:6D:1D:6B:DE:B3 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232352e302f32342d3234203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.123.225.0/24 Signature Algorithm: sha256WithRSAEncryption 5f:4b:be:d3:d8:bc:66:10:b4:27:9c:32:1c:d9:fb:c8:da:c6: 3e:8a:97:62:61:0d:c9:d9:b5:26:6a:73:74:f4:01:7b:f0:15: 46:41:1e:c9:ac:a6:64:19:9a:05:2e:26:be:91:36:ab:ab:71: d6:f5:82:e0:63:9c:f8:71:3e:1d:01:57:23:26:7f:a7:d5:fe: 75:fa:e7:91:59:94:5c:db:0f:29:e3:cc:8d:43:18:ab:ce:cb: bf:c3:6d:80:1f:47:49:cc:26:6d:26:d5:8d:4b:8c:9c:7a:96: 77:48:a3:27:cc:eb:5c:12:a5:53:d1:eb:c8:3b:d4:90:62:08: 13:af:e0:09:04:85:5e:0e:47:9e:58:e1:18:f8:61:27:95:1d: 45:1a:10:1c:f2:22:a3:7b:ac:76:8a:3a:7c:26:c2:5e:4f:22: f5:04:81:c6:69:cb:e0:06:99:9d:e5:02:69:86:84:26:db:d5: 80:9f:c2:e9:c6:e6:b4:21:75:61:12:5a:58:cf:77:61:e2:d8: 1f:69:23:29:27:9e:e2:2f:76:3a:58:02:14:b4:94:9c:66:1a: 2c:3f:ed:81:5f:c0:fe:64:60:dc:90:af:d6:19:4b:3e:24:4d: 43:11:d8:03:8f:04:eb:8f:02:d4:a2:bf:f6:be:a8:e2:12:eb: 2f:d9:9b:67 -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgIUO2ANoWZzEJ8slUuIUaPXvrr9tQ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTNaFw0yNjEyMjgwOTUwNTNaMDMxMTAvBgNV BAMTKDY3QUJFNjRFRjI2QkYxMDI4QUY5Nzk1QUYwRTRCMTZEMUQ2QkRFQjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4Y5kVXKnxyE/PesXZeqXixTeI UqmxOo64sNAeKTojOube6aIRS2pAHvxCZiujVQ6ogbEgiel3ctmI2M5EFUCGRwD6 cRJQ0K0aZ1uYkZzCqNyZngthXxhcDqVM21tU4xahD+fcpnD/QwcdMRRcM8T8Lp2m fjxD5A8O9JS856MfZUMA28WwaqR+qrozTTp+sfy1zhi4jwWmQGvTAL6v9xrP0NkE 1To4xvp2w+ScPwrjCNLHABkFHi5DFIxUNUa7UtooSX4pUkK9hCVNafY4D7GPiw50 UfuYdTr0sEpLXqYzmPaYjNWfe8ryGQB6UKLA0CxMF4oFMXTfnWR2QB3vMlkzAgMB AAGjggJBMIICPTAdBgNVHQ4EFgQUZ6vmTvJr8QKK+Xla8OSxbR1r3rMwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMyMzMyZTMy MzIzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAG174TANBgkqhkiG9w0BAQsFAAOCAQEAX0u+09i8ZhC0J5wyHNn7yNrGPoqX YmENydm1JmpzdPQBe/AVRkEeyaymZBmaBS4mvpE2q6tx1vWC4GOc+HE+HQFXIyZ/ p9X+dfrnkVmUXNsPKePMjUMYq87Lv8NtgB9HScwmbSbVjUuMnHqWd0ijJ8zrXBKl U9HryDvUkGIIE6/gCQSFXg5HnljhGPhhJ5UdRRoQHPIio3usdoo6fCbCXk8i9QSB xmnL4AaZneUCaYaEJtvVgJ/C6cbmtCF1YRJaWM93YeLYH2kjKSee4i92OlgCFLSU nGYaLD/tgV/A/mRg3JCv1hlLPiRNQxHYA48E648C1KK/9r6o4hLrL9mbZw== -----END CERTIFICATE-----Generated at Mon Jan 19 14:27:19 2026 by rpki-client