This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e382e302f32342d3234203d3e20313437303439.roa File: 3136392e34302e382e302f32342d3234203d3e20313437303439.roa (raw, json) Hash identifier: oS/Oa0nybuHup7S3WFJYHD7tcJW7hNnVlFosHlNwDVQ= Subject key identifier: 99:62:21:E0:96:07:A4:0B:89:4E:D6:19:42:DF:DC:7B:9B:FA:67:49 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 57046E1B346128CD079FB91C40BB3D7A98F54643 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e382e302f32342d3234203d3e20313437303439.roa Signing time: Wed 14 Jan 2026 08:25:32 +0000 ROA not before: Wed 14 Jan 2026 08:20:32 +0000 ROA not after: Wed 13 Jan 2027 08:25:32 +0000 asID: 147049 IP address blocks: 169.40.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 57:04:6e:1b:34:61:28:cd:07:9f:b9:1c:40:bb:3d:7a:98:f5:46:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 14 08:20:32 2026 GMT Not After : Jan 13 08:25:32 2027 GMT Subject: CN=996221E09607A40B894ED61942DFDC7B9BFA6749 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:40:40:ea:1d:de:cd:66:81:19:ce:3a:9f:97: 6d:08:8e:63:5c:80:fb:7e:f0:36:bc:4b:fe:8c:b0: be:d4:1b:2c:dd:d8:7c:63:8e:81:70:71:f9:67:8e: 1e:52:43:25:10:e2:11:c0:54:f9:c9:1e:1a:01:b0: cd:8e:95:cf:15:0f:18:fe:80:28:51:31:fa:f4:b5: 9d:fd:18:6b:f5:83:6f:d3:bf:87:c3:42:e8:5f:ed: b3:1d:19:58:81:23:aa:23:80:22:0a:43:e5:00:61: 14:a5:b3:a3:86:ad:5d:d4:9d:91:f3:84:29:a4:21: c3:96:be:20:4f:ee:5b:23:26:8d:6e:69:4e:f4:eb: 90:fa:86:33:b3:78:1e:c3:5e:16:18:bb:b2:db:08: 28:b3:cf:3c:ec:ab:45:77:3d:dc:d9:58:18:48:b0: 74:40:c2:a7:7c:7b:16:75:11:86:9e:13:8b:6f:89: 85:73:db:ac:34:09:44:a6:0d:88:ec:73:ea:6d:ac: b7:22:f1:da:29:b5:7f:b7:7e:4b:d1:28:2a:4d:03: 3f:c5:20:55:e5:9a:29:5c:2a:d8:d5:b4:fb:79:4c: 40:19:0c:9f:4c:06:3a:7a:df:08:27:b3:b6:50:20: 4f:31:26:e6:3a:a3:2f:21:9b:a3:03:70:9f:2a:42: 2b:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:62:21:E0:96:07:A4:0B:89:4E:D6:19:42:DF:DC:7B:9B:FA:67:49 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e382e302f32342d3234203d3e20313437303439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 169.40.8.0/24 Signature Algorithm: sha256WithRSAEncryption 65:72:4d:44:82:ba:78:c7:ff:98:c2:50:f7:8e:ea:de:22:26: e7:08:a0:22:0e:ac:67:83:c6:d3:59:f9:8e:e6:db:34:42:e2: cc:02:ee:62:9b:e2:d9:fb:52:fa:6d:d4:a7:74:a7:7d:cf:ac: 22:52:ff:cd:df:86:20:80:de:cd:07:fa:3f:c2:2a:12:52:17: 74:38:fc:d6:25:10:75:27:7e:cd:1d:16:49:4e:2e:84:92:56: 8b:3c:d9:d0:70:62:66:38:02:13:f2:0f:d2:38:15:73:32:1a: 7a:f6:55:ad:4d:4c:32:5c:1f:e2:9e:fc:8b:01:d7:ce:12:fe: aa:02:b0:ba:57:5c:01:11:24:11:44:c5:db:8b:78:ad:28:72: 58:37:8c:e7:c7:1b:c4:2d:67:ae:53:38:17:7a:e4:45:09:bf: 07:8f:a1:8f:3f:08:a3:74:6e:5a:33:c2:08:16:2d:34:02:41: 69:24:b4:7c:ad:a8:a8:4d:24:23:09:eb:5c:c7:3a:06:1f:5e: c1:a0:72:07:a9:68:d7:75:79:17:2d:b1:b8:ec:8e:74:ba:40: f2:3b:c8:c6:27:88:09:ad:0c:ac:eb:e3:3d:aa:96:fb:f3:a9: fa:cf:38:4e:82:d0:9d:4b:71:f4:68:dd:66:5c:65:88:f1:3a: b8:e6:d2:2d -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUVwRuGzRhKM0Hn7kcQLs9epj1RkMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMTQwODIwMzJaFw0yNzAxMTMwODI1MzJaMDMxMTAvBgNV BAMTKDk5NjIyMUUwOTYwN0E0MEI4OTRFRDYxOTQyREZEQzdCOUJGQTY3NDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwQEDqHd7NZoEZzjqfl20IjmNc gPt+8Da8S/6MsL7UGyzd2HxjjoFwcflnjh5SQyUQ4hHAVPnJHhoBsM2Olc8VDxj+ gChRMfr0tZ39GGv1g2/Tv4fDQuhf7bMdGViBI6ojgCIKQ+UAYRSls6OGrV3UnZHz hCmkIcOWviBP7lsjJo1uaU7065D6hjOzeB7DXhYYu7LbCCizzzzsq0V3PdzZWBhI sHRAwqd8exZ1EYaeE4tviYVz26w0CUSmDYjsc+ptrLci8doptX+3fkvRKCpNAz/F IFXlmilcKtjVtPt5TEAZDJ9MBjp63wgns7ZQIE8xJuY6oy8hm6MDcJ8qQisfAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUmWIh4JYHpAuJTtYZQt/ce5v6Z0kwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNjM5MmUzNDMwMmUzODJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKko CDANBgkqhkiG9w0BAQsFAAOCAQEAZXJNRIK6eMf/mMJQ947q3iIm5wigIg6sZ4PG 01n5jubbNELizALuYpvi2ftS+m3Up3Snfc+sIlL/zd+GIIDezQf6P8IqElIXdDj8 1iUQdSd+zR0WSU4uhJJWizzZ0HBiZjgCE/IP0jgVczIaevZVrU1MMlwf4p78iwHX zhL+qgKwuldcAREkEUTF24t4rShyWDeM58cbxC1nrlM4F3rkRQm/B4+hjz8Io3Ru WjPCCBYtNAJBaSS0fK2oqE0kIwnrXMc6Bh9ewaByB6lo13V5Fy2xuOyOdLpA8jvI xieICa0MrOvjPaqW+/Op+s84ToLQnUtx9GjdZlxliPE6uObSLQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:22:32 2026 by rpki-client