This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa File: 3135382e3232302e39362e302f32302d3332203d3e203531313637.roa (raw, json) Hash identifier: w12CfY/eD3JWxbllzJaixho/bbtzy3VPLHi5DHAk6tU= Subject key identifier: 2C:F6:F1:57:52:50:B5:92:B0:7C:71:E4:00:F1:4C:05:0F:22:59:79 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 2869B305FF6336231696D67DB7C6952A51521FE4 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:57 +0000 ROA not before: Mon 29 Dec 2025 09:45:57 +0000 ROA not after: Mon 28 Dec 2026 09:50:57 +0000 asID: 51167 IP address blocks: 158.220.96.0/20 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:69:b3:05:ff:63:36:23:16:96:d6:7d:b7:c6:95:2a:51:52:1f:e4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:57 2025 GMT Not After : Dec 28 09:50:57 2026 GMT Subject: CN=2CF6F1575250B592B07C71E400F14C050F225979 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:8f:41:c3:de:f9:8d:2c:54:05:3a:48:b8:c6: 5a:35:98:2e:b2:76:29:23:6f:f6:84:93:cd:d8:6b: 4b:89:bd:c5:b4:48:72:e9:50:ec:6a:ef:6a:ac:c8: 4e:72:50:fd:fa:08:d8:9f:4d:b7:b2:0e:33:e8:32: 26:fe:44:b2:8f:6c:ad:e2:dc:69:d9:5e:ba:de:21: 94:dd:dd:01:b3:58:9d:3f:08:1f:c3:bc:6c:05:cb: 10:94:a6:38:b0:6e:6c:10:a8:da:5d:c7:d1:b7:04: f1:e7:a2:c0:86:55:65:9e:20:ec:af:98:a7:75:99: cd:fb:7a:01:39:f0:29:2e:cd:8e:88:89:60:89:6e: 76:fd:fd:db:35:c8:e7:98:11:f4:72:b7:5a:fb:5b: 29:21:3c:65:57:6f:2c:c1:82:5e:05:9e:bf:79:97: 7e:e6:bc:7e:7e:12:f3:4a:ec:c5:33:91:13:b0:69: 6b:be:59:a4:9e:72:b1:02:4b:49:0f:1d:93:26:b3: 1b:aa:b6:e9:5b:20:8d:49:94:7c:ac:c9:3a:a6:48: 2c:e9:93:9b:1b:b6:8c:58:73:5a:df:36:b3:a6:30: 5a:81:87:47:6d:df:ee:31:71:70:49:c7:62:74:d2: 42:74:01:bc:28:d4:98:49:50:98:f2:0b:04:c1:9f: eb:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:F6:F1:57:52:50:B5:92:B0:7C:71:E4:00:F1:4C:05:0F:22:59:79 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.220.96.0/20 Signature Algorithm: sha256WithRSAEncryption 27:04:1a:57:f0:e1:c6:ae:ad:0b:f8:40:d7:fd:29:0b:a5:c9: 22:71:04:5b:21:38:8c:9c:7b:2e:eb:cf:c9:ca:72:22:49:4c: 6f:4e:04:8c:9b:2d:ca:e8:a8:b4:84:74:46:fe:53:91:8c:77: c2:d1:1c:f0:29:66:c3:12:60:2d:61:44:db:cb:47:0b:26:50: 1b:2d:ed:0f:c7:87:0a:9a:13:7f:08:95:55:9e:48:3f:15:09: 77:4e:b4:cb:a0:bb:8c:1e:e6:6a:cd:e5:94:58:26:15:b0:f5: 9c:00:41:e8:a9:26:e6:b8:c6:e4:63:2d:1d:97:23:f3:fc:5f: 2b:ee:c3:b2:63:0e:58:11:1c:ca:8a:d6:86:b3:5b:25:bb:77: 40:d9:2b:38:3d:b0:77:32:f8:43:30:c5:e6:19:9a:a6:a1:7f: eb:77:0a:62:c7:60:98:1b:9c:49:fc:bf:36:eb:fd:c6:73:36: 3a:af:9e:d8:36:01:9c:c6:cd:9c:8e:96:04:0c:08:e3:af:8f: 04:dc:f9:f4:a1:35:97:e5:9f:97:00:76:05:c3:2d:0d:6d:5b: 61:98:6c:4d:39:d9:35:5a:81:a8:9d:46:bc:06:ca:44:68:b8: ab:16:5f:cc:24:2c:b0:76:99:1f:31:ce:b6:4b:f2:c9:c4:4b: 0f:b2:c6:36 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUKGmzBf9jNiMWltZ9t8aVKlFSH+QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTdaFw0yNjEyMjgwOTUwNTdaMDMxMTAvBgNV BAMTKDJDRjZGMTU3NTI1MEI1OTJCMDdDNzFFNDAwRjE0QzA1MEYyMjU5NzkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcj0HD3vmNLFQFOki4xlo1mC6y dikjb/aEk83Ya0uJvcW0SHLpUOxq72qsyE5yUP36CNifTbeyDjPoMib+RLKPbK3i 3GnZXrreIZTd3QGzWJ0/CB/DvGwFyxCUpjiwbmwQqNpdx9G3BPHnosCGVWWeIOyv mKd1mc37egE58CkuzY6IiWCJbnb9/ds1yOeYEfRyt1r7WykhPGVXbyzBgl4Fnr95 l37mvH5+EvNK7MUzkROwaWu+WaSecrECS0kPHZMmsxuqtulbII1JlHysyTqmSCzp k5sbtoxYc1rfNrOmMFqBh0dt3+4xcXBJx2J00kJ0Abwo1JhJUJjyCwTBn+vxAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQULPbxV1JQtZKwfHHkAPFMBQ8iWXkwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM5 MzYyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE ntxgMA0GCSqGSIb3DQEBCwUAA4IBAQAnBBpX8OHGrq0L+EDX/SkLpckicQRbITiM nHsu68/JynIiSUxvTgSMmy3K6Ki0hHRG/lORjHfC0RzwKWbDEmAtYUTby0cLJlAb Le0Px4cKmhN/CJVVnkg/FQl3TrTLoLuMHuZqzeWUWCYVsPWcAEHoqSbmuMbkYy0d lyPz/F8r7sOyYw5YERzKitaGs1slu3dA2Ss4PbB3MvhDMMXmGZqmoX/rdwpix2CY G5xJ/L826/3GczY6r57YNgGcxs2cjpYEDAjjr48E3Pn0oTWX5Z+XAHYFwy0NbVth mGxNOdk1WoGonUa8BspEaLirFl/MJCywdpkfMc62S/LJxEsPssY2 -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:16 2026 by rpki-client