This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa File: 3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa (raw, json) Hash identifier: 3w/dq/cOoMpUwUOem7HEK4qvzHQe2EGpIj7sIldXAeo= Subject key identifier: BD:7F:EA:CD:9A:20:83:8B:EA:11:3D:1C:11:39:01:D0:30:43:4C:4E Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 7F8884FAB7782F570B48253D073546C4C3768085 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa Signing time: Mon 29 Dec 2025 09:50:41 +0000 ROA not before: Mon 29 Dec 2025 09:45:41 +0000 ROA not after: Mon 28 Dec 2026 09:50:41 +0000 asID: 61317 IP address blocks: 185.111.158.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 08:34:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7f:88:84:fa:b7:78:2f:57:0b:48:25:3d:07:35:46:c4:c3:76:80:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:41 2025 GMT Not After : Dec 28 09:50:41 2026 GMT Subject: CN=BD7FEACD9A20838BEA113D1C113901D030434C4E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:77:a0:e5:5f:66:b7:b3:80:f3:fc:82:94:2e: 74:e9:01:35:48:2a:13:23:ba:c8:5b:22:98:b9:f3: 5c:a8:f1:f0:1e:5a:4f:fe:73:3c:8e:9d:5f:5e:38: d5:38:0f:e0:7b:03:28:b9:4a:28:0c:c3:54:6b:e2: 97:5d:0e:d9:6e:84:d3:4d:df:66:99:c8:9e:84:8c: cb:0e:74:95:9b:e9:e0:a7:0d:4b:f9:df:89:54:f2: f3:3d:f4:d0:9a:13:e5:79:fa:7a:3a:cf:ab:5b:a8: bc:0e:d7:39:db:d5:cd:86:fe:0a:91:fa:b0:c1:61: 81:43:28:9a:fb:d2:7b:e6:95:0a:11:c1:4e:04:e3: 71:8c:7f:5b:19:a7:ae:95:25:0d:ce:f4:cd:c8:63: 46:00:18:56:9f:d8:7a:43:16:48:9b:49:df:1b:21: a7:a3:3e:af:cb:11:e4:2f:d4:58:71:77:7b:71:c2: 7b:54:bd:e7:21:9c:af:48:5e:f7:81:b4:36:bd:60: 56:a1:36:39:0f:18:64:0e:c1:71:65:a2:38:a4:78: 0c:5a:5b:65:69:9b:f3:18:72:52:f6:2a:4a:14:4d: 5f:7d:fc:0f:ec:02:69:c5:7c:07:f0:6b:e3:4e:39: 20:53:fd:bd:59:94:77:3c:7c:36:0c:15:06:16:be: 01:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:7F:EA:CD:9A:20:83:8B:EA:11:3D:1C:11:39:01:D0:30:43:4C:4E X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3131312e3135382e302f32342d3234203d3e203631333137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.111.158.0/24 Signature Algorithm: sha256WithRSAEncryption 56:db:fe:64:c8:08:ae:29:25:73:94:a2:fd:78:91:c0:b3:89: 64:0b:b9:8f:94:ab:ab:4c:ce:a8:d0:38:f8:00:c2:50:73:75: 9f:27:f2:21:99:a1:53:a7:91:d0:b6:a1:92:c2:d9:0b:42:28: 0c:15:52:1c:f5:08:5d:c1:91:ba:ca:55:6d:7b:84:2d:05:e1: b5:6d:aa:66:f7:ea:cd:3f:f9:22:4e:a8:45:ef:74:d0:6f:dd: 04:5c:3c:65:7c:a3:da:c0:4e:ec:98:4b:4f:14:b8:b8:76:00: 5e:25:f7:91:d4:db:18:02:4e:db:96:09:94:14:16:ef:d1:58: f1:87:cc:b4:45:f8:60:c5:a7:f8:5a:7f:ac:52:13:64:fc:73: 8c:1b:40:f8:6d:1f:85:fd:19:64:06:bb:35:5c:60:3f:89:62: de:3a:a3:0b:68:f0:61:25:71:bc:1c:11:00:4b:75:c2:d2:a8: 55:d9:55:aa:e3:0b:5f:0a:22:c2:46:ae:dd:e7:88:07:1e:b7: 49:71:d4:8f:8e:c5:a8:b8:63:bc:5a:94:10:24:8f:f8:fc:71: 88:c2:ea:51:f9:24:46:c2:2a:26:29:9c:65:5c:6e:cd:71:c9: 65:a5:e0:c4:4b:4d:65:0f:48:a5:15:1e:ed:60:8a:a2:34:29: ae:5f:f2:97 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUf4iE+rd4L1cLSCU9BzVGxMN2gIUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDFaFw0yNjEyMjgwOTUwNDFaMDMxMTAvBgNV BAMTKEJEN0ZFQUNEOUEyMDgzOEJFQTExM0QxQzExMzkwMUQwMzA0MzRDNEUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAd6DlX2a3s4Dz/IKULnTpATVI KhMjushbIpi581yo8fAeWk/+czyOnV9eONU4D+B7Ayi5SigMw1Rr4pddDtluhNNN 32aZyJ6EjMsOdJWb6eCnDUv534lU8vM99NCaE+V5+no6z6tbqLwO1znb1c2G/gqR +rDBYYFDKJr70nvmlQoRwU4E43GMf1sZp66VJQ3O9M3IY0YAGFaf2HpDFkibSd8b IaejPq/LEeQv1Fhxd3txwntUvechnK9IXveBtDa9YFahNjkPGGQOwXFlojikeAxa W2Vpm/MYclL2KkoUTV99/A/sAmnFfAfwa+NOOSBT/b1ZlHc8fDYMFQYWvgGpAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUvX/qzZogg4vqET0cETkB0DBDTE4wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMTMxMzEyZTMx MzUzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzMzMxMzcucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAC5b54wDQYJKoZIhvcNAQELBQADggEBAFbb/mTICK4pJXOUov14kcCziWQLuY+U q6tMzqjQOPgAwlBzdZ8n8iGZoVOnkdC2oZLC2QtCKAwVUhz1CF3BkbrKVW17hC0F 4bVtqmb36s0/+SJOqEXvdNBv3QRcPGV8o9rATuyYS08UuLh2AF4l95HU2xgCTtuW CZQUFu/RWPGHzLRF+GDFp/haf6xSE2T8c4wbQPhtH4X9GWQGuzVcYD+JYt46owto 8GElcbwcEQBLdcLSqFXZVarjC18KIsJGrt3niAcet0lx1I+Oxai4Y7xalBAkj/j8 cYjC6lH5JEbCKiYpnGVcbs1xyWWl4MRLTWUPSKUVHu1giqI0Ka5f8pc= -----END CERTIFICATE-----Generated at Thu Jan 8 12:58:52 2026 by rpki-client