This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa File: 3137362e3132362e38372e302f32342d3332203d3e203531313637.roa (raw, json) Hash identifier: N77vwm36rODLPY+qgHFd13YLIrOUdF8nh05BDVnrBnY= Subject key identifier: 69:F6:95:C7:52:CA:AC:8C:B9:AC:FD:A0:44:BB:61:7B:2E:29:1D:29 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 5B0D30F97DEFF2BF893799C99B570A8B4FE96E1F Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:36 +0000 ROA not before: Mon 29 Dec 2025 09:45:36 +0000 ROA not after: Mon 28 Dec 2026 09:50:36 +0000 asID: 51167 IP address blocks: 176.126.87.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:0d:30:f9:7d:ef:f2:bf:89:37:99:c9:9b:57:0a:8b:4f:e9:6e:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:36 2025 GMT Not After : Dec 28 09:50:36 2026 GMT Subject: CN=69F695C752CAAC8CB9ACFDA044BB617B2E291D29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:7e:67:20:00:26:e7:b7:da:a8:d3:ee:15:66: 97:b6:5f:5b:9d:9e:e4:e0:57:37:c3:30:23:30:5b: ac:97:5e:ea:e4:8f:17:62:ad:dd:d1:23:b0:91:fa: 78:11:00:44:b0:df:01:3f:c2:84:a6:a8:d4:74:81: d7:93:4e:2c:81:c2:15:0c:aa:07:46:6b:e5:52:c0: 8d:94:ce:60:61:b1:24:b9:3d:fe:fb:ff:0c:e5:ce: 57:9f:7f:f9:38:fc:ff:25:35:c5:6c:1a:1c:f5:f7: 6e:67:8b:2d:94:8a:06:0e:49:4c:bb:59:7c:06:f5: f4:d4:50:c5:42:1f:8d:63:f7:9a:13:82:d0:b0:9e: 8f:49:fd:1e:1c:e0:8a:d3:e0:1e:13:cf:70:ab:65: dc:2d:c3:ac:12:24:85:b8:76:0e:90:d4:bd:90:cb: 4b:58:e5:1c:c0:55:55:f6:2a:48:2e:f0:b2:58:b6: aa:44:ab:d9:bb:88:3e:1d:7d:22:69:e8:eb:f9:82: ac:7d:1c:c5:49:31:d1:ef:6d:50:41:ed:84:90:f9: d2:d8:76:4f:50:21:67:5b:47:79:88:19:33:fb:bd: 58:eb:f1:3d:aa:c8:ab:75:bf:1e:1e:89:2a:37:37: 2d:07:da:36:4b:60:79:55:33:c4:61:bc:05:e1:37: 9f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 69:F6:95:C7:52:CA:AC:8C:B9:AC:FD:A0:44:BB:61:7B:2E:29:1D:29 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.126.87.0/24 Signature Algorithm: sha256WithRSAEncryption 11:6a:f0:d6:c7:f3:5a:da:cd:d9:0f:ec:6b:3e:c7:f4:de:d2: 7d:c1:2f:18:cd:a1:cf:88:8d:a3:9f:3d:21:d8:85:6d:6c:f4: 72:e2:d5:3d:33:32:42:91:c4:12:d3:c1:4b:33:2c:49:a3:77: 13:74:a1:ed:fc:aa:9c:85:3e:fa:7f:03:2b:57:c6:ed:8c:21: 64:de:9e:bf:0c:e6:28:2c:26:cc:3f:f3:a3:9e:bf:58:b6:10: 30:db:b2:5c:15:aa:34:17:91:43:8c:e9:13:8c:43:ae:95:47: 45:88:7f:3c:cf:63:0c:ab:30:36:6e:23:55:56:6c:df:83:c9: 87:22:a9:ed:6a:e8:26:9e:32:12:c5:e6:00:c2:ef:8a:b4:02: 8b:48:4b:63:12:c1:30:84:09:56:c0:9f:fb:d5:f6:a0:26:a8: 63:93:aa:d4:51:69:29:32:f4:30:ba:27:bc:bf:a6:e5:ff:64: 5b:8d:99:fc:a7:8a:e7:28:bd:6e:67:d5:3f:39:a8:0e:cd:d8: 30:5a:1a:b7:27:8c:6e:a1:a7:10:88:a2:4f:7c:9f:66:ef:a1: fe:3f:88:ec:d4:f0:fa:c3:df:d1:8d:a3:45:8c:92:bf:c7:4d: 2e:71:27:0e:0c:db:6c:a6:92:37:86:49:51:22:fa:1d:f2:8f: 7e:37:9d:b4 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUWw0w+X3v8r+JN5nJm1cKi0/pbh8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzZaFw0yNjEyMjgwOTUwMzZaMDMxMTAvBgNV BAMTKDY5RjY5NUM3NTJDQUFDOENCOUFDRkRBMDQ0QkI2MTdCMkUyOTFEMjkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCufmcgACbnt9qo0+4VZpe2X1ud nuTgVzfDMCMwW6yXXurkjxdird3RI7CR+ngRAESw3wE/woSmqNR0gdeTTiyBwhUM qgdGa+VSwI2UzmBhsSS5Pf77/wzlzleff/k4/P8lNcVsGhz1925niy2UigYOSUy7 WXwG9fTUUMVCH41j95oTgtCwno9J/R4c4IrT4B4Tz3CrZdwtw6wSJIW4dg6Q1L2Q y0tY5RzAVVX2Kkgu8LJYtqpEq9m7iD4dfSJp6Ov5gqx9HMVJMdHvbVBB7YSQ+dLY dk9QIWdbR3mIGTP7vVjr8T2qyKt1vx4eiSo3Ny0H2jZLYHlVM8RhvAXhN5/pAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUafaVx1LKrIy5rP2gRLthey4pHSkwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4 MzcyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA sH5XMA0GCSqGSIb3DQEBCwUAA4IBAQARavDWx/Na2s3ZD+xrPsf03tJ9wS8YzaHP iI2jnz0h2IVtbPRy4tU9MzJCkcQS08FLMyxJo3cTdKHt/KqchT76fwMrV8btjCFk 3p6/DOYoLCbMP/Ojnr9YthAw27JcFao0F5FDjOkTjEOulUdFiH88z2MMqzA2biNV Vmzfg8mHIqntaugmnjISxeYAwu+KtAKLSEtjEsEwhAlWwJ/71fagJqhjk6rUUWkp MvQwuie8v6bl/2RbjZn8p4rnKL1uZ9U/OagOzdgwWhq3J4xuoacQiKJPfJ9m76H+ P4js1PD6w9/RjaNFjJK/x00ucScODNtsppI3hklRIvod8o9+N520 -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:56 2026 by rpki-client