This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa File: 3135392e34382e342e302f32322d3234203d3e20323034313730.roa (raw, json) Hash identifier: Vr3EKuPf/w6zZsh7asZ26hIkY9a9PEh3TDE2qkebxyw= Subject key identifier: 37:FF:A8:A8:33:9F:7D:C2:A3:D6:11:B3:40:29:1E:A8:C7:7F:63:53 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 31BC724644DF100BAC08E755500587F83114B4F6 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa Signing time: Mon 29 Dec 2025 09:50:37 +0000 ROA not before: Mon 29 Dec 2025 09:45:37 +0000 ROA not after: Mon 28 Dec 2026 09:50:37 +0000 asID: 204170 IP address blocks: 159.48.4.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:bc:72:46:44:df:10:0b:ac:08:e7:55:50:05:87:f8:31:14:b4:f6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:37 2025 GMT Not After : Dec 28 09:50:37 2026 GMT Subject: CN=37FFA8A8339F7DC2A3D611B340291EA8C77F6353 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:ae:07:70:b4:53:b0:21:21:2c:41:80:4b:27: 29:fe:1c:0c:dd:30:88:c5:a8:06:ab:62:51:c2:0b: 4c:7e:42:fd:da:6c:0d:49:37:39:d8:ca:73:cf:cd: 1f:59:c6:eb:39:05:bc:b7:08:a4:87:3d:ca:d5:46: 7d:df:b0:a3:b1:1e:8e:e3:87:9d:79:c0:40:bf:31: b2:ab:29:28:cf:bb:da:77:35:c0:08:b7:c9:1a:55: 83:5e:06:43:b3:4f:14:71:ba:98:7e:3b:3a:8d:56: f0:d5:b0:c8:a4:c0:f3:b2:11:8d:4f:88:37:03:31: ba:99:91:00:20:38:e2:34:e7:59:17:ea:ce:8d:00: f5:95:7a:96:7a:25:bd:29:37:56:57:24:2b:75:04: 92:1a:ad:9c:3f:51:8b:0f:40:d9:93:fe:e6:56:26: 99:35:1c:2c:74:93:c8:e3:e1:63:54:a9:71:34:2d: 9b:a5:a0:2e:09:a9:04:02:de:0d:b3:10:a0:63:fa: 5c:26:56:4e:8a:13:de:75:9a:8a:9a:fb:4a:18:8e: 30:8e:11:52:36:f7:1e:1a:88:a9:bd:29:61:0d:d8: 2d:92:6a:9f:83:5e:0d:b9:75:38:e4:42:64:70:b9: 94:9b:1f:f8:4a:ea:a9:c0:9e:03:a3:8a:08:6e:80: 5b:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:FF:A8:A8:33:9F:7D:C2:A3:D6:11:B3:40:29:1E:A8:C7:7F:63:53 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135392e34382e342e302f32322d3234203d3e20323034313730.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 159.48.4.0/22 Signature Algorithm: sha256WithRSAEncryption 4d:6f:e2:06:98:53:c4:42:5c:9c:d9:64:c4:fc:62:31:e9:41: 3b:6e:fa:9b:06:46:05:2d:8d:a0:8e:e8:f6:b4:ca:69:ad:b6: 39:d5:0a:3e:e6:b3:f6:d0:d7:b8:10:19:f5:20:50:03:cc:62: 32:2b:17:61:29:2b:b0:b6:e5:39:41:fd:89:8c:02:44:e0:53: 76:9c:a8:07:b8:df:77:9c:38:19:1f:45:ef:9d:aa:c4:ab:4f: 42:b1:85:07:f6:6b:47:49:6c:31:fc:4b:ba:fd:a3:d2:ec:c5: 10:b2:c1:f9:aa:21:ba:10:d7:b5:60:5e:44:84:1c:f5:54:e6: 1c:18:e0:26:34:c8:87:59:f5:ba:80:67:6f:28:e5:84:00:6f: d2:2a:3f:dc:05:4e:3f:21:3a:62:77:77:21:44:c6:78:f1:fa: 55:ba:a3:27:c6:6f:55:2c:89:9a:85:ca:af:fc:c5:d5:4c:2f: b5:f3:9e:b1:2d:43:7e:07:40:76:93:be:0d:6b:2f:93:16:05: ec:9b:3a:78:f8:ae:58:f7:d7:dc:31:7d:e9:32:d8:a4:26:80: 77:5c:15:b4:4f:7f:06:9e:cb:cb:19:47:ed:2b:4a:f1:e9:55: 15:4d:fa:3b:c6:1c:71:00:7e:a5:c2:70:2d:1f:3b:ce:ae:95: 10:14:04:7c -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUMbxyRkTfEAusCOdVUAWH+DEUtPYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzdaFw0yNjEyMjgwOTUwMzdaMDMxMTAvBgNV BAMTKDM3RkZBOEE4MzM5RjdEQzJBM0Q2MTFCMzQwMjkxRUE4Qzc3RjYzNTMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdrgdwtFOwISEsQYBLJyn+HAzd MIjFqAarYlHCC0x+Qv3abA1JNznYynPPzR9Zxus5Bby3CKSHPcrVRn3fsKOxHo7j h515wEC/MbKrKSjPu9p3NcAIt8kaVYNeBkOzTxRxuph+OzqNVvDVsMikwPOyEY1P iDcDMbqZkQAgOOI051kX6s6NAPWVepZ6Jb0pN1ZXJCt1BJIarZw/UYsPQNmT/uZW Jpk1HCx0k8jj4WNUqXE0LZuloC4JqQQC3g2zEKBj+lwmVk6KE951moqa+0oYjjCO EVI29x4aiKm9KWEN2C2Sap+DXg25dTjkQmRwuZSbH/hK6qnAngOjighugFv1AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUN/+oqDOffcKj1hGzQCkeqMd/Y1MwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM5MmUzNDM4MmUzNDJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzAzNDMxMzczMC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAp8w BDANBgkqhkiG9w0BAQsFAAOCAQEATW/iBphTxEJcnNlkxPxiMelBO276mwZGBS2N oI7o9rTKaa22OdUKPuaz9tDXuBAZ9SBQA8xiMisXYSkrsLblOUH9iYwCROBTdpyo B7jfd5w4GR9F752qxKtPQrGFB/ZrR0lsMfxLuv2j0uzFELLB+aohuhDXtWBeRIQc 9VTmHBjgJjTIh1n1uoBnbyjlhABv0io/3AVOPyE6Ynd3IUTGePH6VbqjJ8ZvVSyJ moXKr/zF1UwvtfOesS1DfgdAdpO+DWsvkxYF7Js6ePiuWPfX3DF96TLYpCaAd1wV tE9/Bp7LyxlH7StK8elVFU36O8YccQB+pcJwLR87zq6VEBQEfA== -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:21 2026 by rpki-client