This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa File: 3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa (raw, json) Hash identifier: gyMvBC7oJd1VaIRSIyGKgaN4G0YrxUv828uDveSMqG8= Subject key identifier: 3A:E6:23:10:08:40:1E:57:C3:E7:22:8B:67:41:B9:D6:CA:42:F4:60 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 431592BF27D1AD26EFD4CA0A15047D6C75B6F2BD Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa Signing time: Mon 29 Dec 2025 09:50:44 +0000 ROA not before: Mon 29 Dec 2025 09:45:44 +0000 ROA not after: Mon 28 Dec 2026 09:50:44 +0000 asID: 141995 IP address blocks: 109.123.228.0/22 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:15:92:bf:27:d1:ad:26:ef:d4:ca:0a:15:04:7d:6c:75:b6:f2:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:44 2025 GMT Not After : Dec 28 09:50:44 2026 GMT Subject: CN=3AE6231008401E57C3E7228B6741B9D6CA42F460 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:82:8b:74:2a:88:d3:1f:b7:4c:4b:f5:61:97: 0e:6a:c0:e6:ac:f5:b9:b2:8a:95:51:ae:ba:ea:a7: c6:89:33:d5:5f:84:55:57:de:b1:84:23:02:18:ac: 37:66:8a:73:4e:eb:6f:09:45:63:a6:ab:6d:e3:35: 78:7a:23:8c:00:ca:24:ee:e5:e6:49:9e:3e:97:df: 28:b8:76:c0:fd:11:16:99:8c:c9:28:d6:d1:ce:b9: 10:47:d8:f0:a1:46:37:26:a0:0f:51:45:56:f1:5e: 5a:a3:fe:7c:18:68:68:49:2c:78:43:05:69:df:9c: f3:e4:eb:7c:f4:b0:e3:4c:c4:02:97:03:de:ea:ee: ea:fc:99:7c:d9:12:7b:76:02:aa:09:4a:c3:b3:9a: 78:5e:ee:66:e7:93:0f:eb:fa:62:56:5e:bd:a1:b1: 95:5e:c2:85:dc:d4:26:b3:fb:25:84:e9:7c:0b:09: 9a:9f:e7:91:d1:3c:14:22:b2:52:69:cf:29:91:a3: bf:ef:89:93:50:da:d9:f4:21:68:cc:61:9e:f9:e8: b3:ab:fc:65:73:bc:66:c0:7d:5d:19:c8:55:05:a5: 5e:90:79:be:a1:96:bd:b6:97:be:05:79:3d:8e:06: f9:1e:9d:1b:6d:d6:b2:d2:62:f6:1a:8c:12:9a:74: c1:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E6:23:10:08:40:1E:57:C3:E7:22:8B:67:41:B9:D6:CA:42:F4:60 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3130392e3132332e3232382e302f32322d3332203d3e20313431393935.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.123.228.0/22 Signature Algorithm: sha256WithRSAEncryption 5d:22:52:f0:39:03:4c:ce:9b:2e:51:90:86:43:67:8c:23:0a: b8:64:13:b1:6b:29:68:b1:50:5b:a7:3e:e6:9f:87:2f:54:ce: 71:c3:d9:62:7e:3d:f1:b7:76:ec:e0:7d:49:cf:19:ff:8a:ae: ba:12:a9:c6:52:89:85:fa:1d:dc:91:e6:06:45:b4:61:e8:d9: 65:27:5c:0b:94:ad:d2:5f:94:f1:32:e8:c0:ad:35:fc:dd:86: 5f:26:95:a1:ab:62:ed:33:50:a1:47:62:82:96:6f:20:72:7f: 5b:be:a6:93:3e:8b:9b:a7:97:65:c3:11:a9:c3:2b:50:d3:bf: 45:24:2a:a1:be:47:b8:b0:f4:6b:96:e2:c8:29:91:74:5d:98: 6d:b9:7a:68:59:95:c6:79:2e:01:83:28:5b:aa:98:7f:46:7d: 2a:d7:1f:8c:27:cd:44:1c:b5:0d:23:59:8c:5b:fa:ed:ff:1e: 86:0f:bf:5b:8c:be:2b:22:83:d3:f9:5e:63:96:3e:61:ed:ca: f0:de:3a:3d:3f:d7:0f:ea:1b:56:7f:38:f9:2a:b2:0b:b6:93: 8c:80:96:3e:0a:99:7c:21:0f:a1:ff:a6:d4:09:5e:a6:dd:82: 16:2a:9e:f9:45:99:0f:a4:c2:de:56:22:7a:5e:d5:7b:00:37: d9:8b:2c:5b -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgIUQxWSvyfRrSbv1MoKFQR9bHW28r0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDRaFw0yNjEyMjgwOTUwNDRaMDMxMTAvBgNV BAMTKDNBRTYyMzEwMDg0MDFFNTdDM0U3MjI4QjY3NDFCOUQ2Q0E0MkY0NjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1got0KojTH7dMS/Vhlw5qwOas 9bmyipVRrrrqp8aJM9VfhFVX3rGEIwIYrDdminNO628JRWOmq23jNXh6I4wAyiTu 5eZJnj6X3yi4dsD9ERaZjMko1tHOuRBH2PChRjcmoA9RRVbxXlqj/nwYaGhJLHhD BWnfnPPk63z0sONMxAKXA97q7ur8mXzZEnt2AqoJSsOzmnhe7mbnkw/r+mJWXr2h sZVewoXc1Caz+yWE6XwLCZqf55HRPBQislJpzymRo7/viZNQ2tn0IWjMYZ756LOr /GVzvGbAfV0ZyFUFpV6Qeb6hlr22l74FeT2OBvkenRtt1rLSYvYajBKadMHhAgMB AAGjggJBMIICPTAdBgNVHQ4EFgQUOuYjEAhAHlfD5yKLZ0G51spC9GAwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzMDM5MmUzMTMyMzMyZTMy MzIzODJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMxMzQzMTM5MzkzNS5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAm175DANBgkqhkiG9w0BAQsFAAOCAQEAXSJS8DkDTM6bLlGQhkNnjCMKuGQT sWspaLFQW6c+5p+HL1TOccPZYn498bd27OB9Sc8Z/4quuhKpxlKJhfod3JHmBkW0 YejZZSdcC5St0l+U8TLowK01/N2GXyaVoati7TNQoUdigpZvIHJ/W76mkz6Lm6eX ZcMRqcMrUNO/RSQqob5HuLD0a5biyCmRdF2Ybbl6aFmVxnkuAYMoW6qYf0Z9Ktcf jCfNRBy1DSNZjFv67f8ehg+/W4y+KyKD0/leY5Y+Ye3K8N46PT/XD+obVn84+Sqy C7aTjICWPgqZfCEPof+m1Alept2CFiqe+UWZD6TC3lYiel7VewA32YssWw== -----END CERTIFICATE-----Generated at Mon Jan 19 14:28:00 2026 by rpki-client