This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa File: 3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa (raw, json) Hash identifier: wrP6L1KoQuezYbozo5GE/UD4/aighbLy7Epp+ifxCgU= Subject key identifier: EA:FB:A8:9B:15:74:71:F3:8C:DD:91:44:D2:AD:1E:1F:0B:B8:66:66 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 192C1A016DF1F8397F0541AA9D151ED094F53A06 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:51:07 +0000 ROA not before: Mon 29 Dec 2025 09:46:07 +0000 ROA not after: Mon 28 Dec 2026 09:51:07 +0000 asID: 40021 IP address blocks: 185.111.156.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 19:2c:1a:01:6d:f1:f8:39:7f:05:41:aa:9d:15:1e:d0:94:f5:3a:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:07 2025 GMT Not After : Dec 28 09:51:07 2026 GMT Subject: CN=EAFBA89B157471F38CDD9144D2AD1E1F0BB86666 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:c4:e7:90:a7:09:a8:54:ec:6a:dc:26:12:47: 8b:e6:d2:94:bc:a9:d3:34:99:52:0c:69:f5:06:c0: d4:8f:b6:c1:55:5b:d7:a8:2d:74:0d:83:a6:c2:9e: 2c:ee:56:2b:fc:77:62:94:10:28:39:10:c4:94:0c: 6c:92:59:2b:95:2e:44:b7:2b:29:b8:4a:a3:71:0a: 49:3d:01:b8:8f:7a:6f:07:eb:33:81:5f:4e:29:bc: 59:24:c9:c3:ca:a7:02:68:e1:78:25:41:ab:d1:49: 3e:3d:96:83:4a:18:d3:6e:b5:a6:d4:e2:0e:0d:8f: 14:4a:63:de:14:f2:ee:4d:5b:7c:c9:29:5c:cb:5b: 5c:60:84:85:67:e8:55:64:91:4c:59:d8:22:f2:f1: 2a:9a:38:5d:5c:f9:da:37:75:a9:2a:42:37:3e:83: b2:66:8a:8a:0e:96:43:b9:5a:a2:1c:c1:00:51:f1: d7:c0:6f:be:8f:ee:59:a8:6c:4f:53:06:e8:6f:5f: e8:5f:4a:ca:bd:39:6b:a1:45:0a:1c:50:59:2f:be: df:45:1b:8c:54:a9:1d:81:21:ee:f9:c5:8a:52:60: 52:19:56:78:ea:91:5a:6d:ee:6f:c5:da:38:93:60: 0e:af:e8:c4:32:33:94:ae:19:a8:6f:a5:a8:b3:fe: d9:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:FB:A8:9B:15:74:71:F3:8C:DD:91:44:D2:AD:1E:1F:0B:B8:66:66 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135362e302f32342d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.111.156.0/24 Signature Algorithm: sha256WithRSAEncryption 64:f1:ba:1f:d5:35:f3:46:17:ec:9c:32:6d:6e:71:ec:52:d0: 7a:75:70:f1:37:28:fe:f2:5d:de:92:5b:1e:a6:84:5e:e6:dd: b4:5c:62:49:06:4a:7f:6c:b9:57:60:5d:5e:9c:fa:f3:b8:ca: 5f:7e:cd:90:48:b9:4d:f2:d8:15:f6:b6:5c:20:67:70:41:2c: fe:2c:98:7c:57:65:a6:ef:d6:4f:49:44:b7:98:3f:4e:0e:49: 0d:78:10:41:4e:ab:0d:3a:f6:1e:8a:f3:52:18:b9:9a:4f:63: ac:ae:df:f1:e4:0c:fc:17:5c:34:be:82:05:57:37:19:f6:f9: e5:81:2f:1b:7f:af:d2:66:64:78:b8:3c:ea:14:55:0c:77:d5: 3a:ab:e2:3a:aa:30:59:c7:44:1a:3e:e2:ef:b4:68:70:f0:42: 1b:c9:32:70:b9:40:bf:ec:0d:ec:5d:98:82:f1:63:ac:aa:06: fe:95:68:e2:c5:0e:14:37:ae:38:44:f6:16:9b:08:af:60:4b: e9:9c:ae:7a:36:89:ed:fb:5b:c8:53:62:5b:d0:d4:5b:ce:97: 72:65:40:c1:3b:44:a4:01:ee:bf:78:16:06:07:b0:15:8e:d4: 76:c7:b1:1b:80:e6:51:a4:09:43:ca:00:9a:1a:c6:ab:a5:eb: 52:78:01:d8 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUGSwaAW3x+Dl/BUGqnRUe0JT1OgYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDdaFw0yNjEyMjgwOTUxMDdaMDMxMTAvBgNV BAMTKEVBRkJBODlCMTU3NDcxRjM4Q0REOTE0NEQyQUQxRTFGMEJCODY2NjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9xOeQpwmoVOxq3CYSR4vm0pS8 qdM0mVIMafUGwNSPtsFVW9eoLXQNg6bCnizuViv8d2KUECg5EMSUDGySWSuVLkS3 Kym4SqNxCkk9AbiPem8H6zOBX04pvFkkycPKpwJo4XglQavRST49loNKGNNutabU 4g4NjxRKY94U8u5NW3zJKVzLW1xghIVn6FVkkUxZ2CLy8SqaOF1c+do3dakqQjc+ g7JmiooOlkO5WqIcwQBR8dfAb76P7lmobE9TBuhvX+hfSsq9OWuhRQocUFkvvt9F G4xUqR2BIe75xYpSYFIZVnjqkVpt7m/F2jiTYA6v6MQyM5SuGahvpaiz/tmLAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU6vuomxV0cfOM3ZFE0q0eHwu4ZmYwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx MzUzNjJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAC5b5wwDQYJKoZIhvcNAQELBQADggEBAGTxuh/VNfNGF+ycMm1ucexS0Hp1cPE3 KP7yXd6SWx6mhF7m3bRcYkkGSn9suVdgXV6c+vO4yl9+zZBIuU3y2BX2tlwgZ3BB LP4smHxXZabv1k9JRLeYP04OSQ14EEFOqw069h6K81IYuZpPY6yu3/HkDPwXXDS+ ggVXNxn2+eWBLxt/r9JmZHi4POoUVQx31Tqr4jqqMFnHRBo+4u+0aHDwQhvJMnC5 QL/sDexdmILxY6yqBv6VaOLFDhQ3rjhE9habCK9gS+mcrno2ie37W8hTYlvQ1FvO l3JlQME7RKQB7r94FgYHsBWO1HbHsRuA5lGkCUPKAJoaxqul61J4Adg= -----END CERTIFICATE-----Generated at Mon Jan 19 14:26:24 2026 by rpki-client