This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa File: 3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa (raw, json) Hash identifier: DkVaZ6Y8AF/+kpiINCxG/+otShN267jaqNrM8lw0dfk= Subject key identifier: A8:6B:0E:D9:CB:D2:46:D2:ED:2C:56:BD:E0:3D:40:40:EA:F1:E6:CB Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 672C03DBD4C8B26B0C298F86B721329F40757A91 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa Signing time: Mon 05 Jan 2026 09:51:16 +0000 ROA not before: Mon 05 Jan 2026 09:46:16 +0000 ROA not after: Mon 04 Jan 2027 09:51:16 +0000 asID: 209854 IP address blocks: 185.209.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67:2c:03:db:d4:c8:b2:6b:0c:29:8f:86:b7:21:32:9f:40:75:7a:91 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 5 09:46:16 2026 GMT Not After : Jan 4 09:51:16 2027 GMT Subject: CN=A86B0ED9CBD246D2ED2C56BDE03D4040EAF1E6CB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:64:97:65:b0:af:f3:c3:0a:97:54:64:ee:4a: a4:14:7b:46:75:8c:5e:27:91:c9:08:c9:db:d0:fb: ce:9e:27:91:d0:78:67:a1:1b:30:54:7e:26:91:4b: 07:be:dd:4c:7b:1a:be:87:2c:05:57:ad:ed:35:06: 61:a3:55:da:60:39:98:71:8a:fe:f7:4b:22:1a:ee: e9:c4:a7:93:6e:41:d3:48:04:d0:fc:6f:cf:f7:2e: d2:91:fd:85:ba:1c:63:ce:11:9c:5b:65:74:ad:db: ca:cf:95:81:0e:f5:db:fd:44:4b:b9:c2:f9:a3:bb: f6:20:31:c4:78:c9:32:91:d1:7f:c9:2a:6b:d4:df: 84:24:41:e7:98:38:8d:a6:17:57:1f:4e:2b:bb:ef: c6:b3:aa:6e:8c:63:24:5d:c0:ba:28:ad:ea:23:e7: 07:4d:61:d8:ce:72:ce:fd:c6:be:a0:bd:a3:6b:d2: b2:fc:c7:1f:75:1c:4c:db:a5:db:83:df:9f:0a:09: 1b:cf:1d:cd:6c:51:93:d6:9c:47:2b:77:0d:7f:2e: 5c:25:04:66:20:71:df:0c:f2:b4:f3:6d:bd:e4:a5: 9f:98:58:db:6c:11:3a:b8:48:2b:5e:1c:63:c5:93: a4:25:c1:1d:8e:05:7d:4e:95:7c:11:1e:d5:c9:d7: a0:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:6B:0E:D9:CB:D2:46:D2:ED:2C:56:BD:E0:3D:40:40:EA:F1:E6:CB X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3230392e3232322e302f32342d3234203d3e20323039383534.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.209.222.0/24 Signature Algorithm: sha256WithRSAEncryption 9b:04:1d:4d:31:56:8d:4e:9d:d0:17:fd:ba:43:dc:98:57:d8: d2:31:43:54:df:80:74:91:61:84:c7:73:68:f1:db:de:f4:d0: 43:94:6c:23:de:6e:39:c9:f8:bb:85:04:80:50:38:fa:e1:30: 7b:a1:c9:fd:da:c5:76:18:0c:dc:fa:e4:1d:24:68:ee:28:49: ac:28:33:2a:76:35:11:f7:b3:6d:29:08:e6:af:51:8e:60:9b: c7:fb:74:36:53:fd:3b:70:37:e7:16:d6:e7:6e:60:fb:d0:7c: d0:b4:7c:55:fb:3f:ba:2a:2f:ea:df:d6:9a:4e:9b:00:d4:74: 79:0e:ff:d9:42:0a:44:43:1b:27:53:19:22:1f:49:b6:c1:80: 17:53:2c:92:e4:88:34:d7:7c:71:77:62:9c:79:a8:fc:2e:4c: f0:ef:d7:be:95:ad:fe:bc:29:33:02:71:82:e3:0f:9a:9b:19: 99:9d:cd:c2:38:3c:b1:bd:b8:f1:4c:75:50:0e:61:56:2b:8b: fa:9b:f9:ae:dd:de:b6:f7:a9:f3:65:3c:8a:13:95:77:17:2d: 4c:61:27:76:40:f9:11:cd:29:7f:f2:38:8b:7c:78:43:da:73: f0:38:8e:8a:5f:b9:51:fa:d4:14:a2:ae:e5:15:9a:5f:79:31: 49:3e:b7:80 -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgIUZywD29TIsmsMKY+GtyEyn0B1epEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMDUwOTQ2MTZaFw0yNzAxMDQwOTUxMTZaMDMxMTAvBgNV BAMTKEE4NkIwRUQ5Q0JEMjQ2RDJFRDJDNTZCREUwM0Q0MDQwRUFGMUU2Q0IwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKZJdlsK/zwwqXVGTuSqQUe0Z1 jF4nkckIydvQ+86eJ5HQeGehGzBUfiaRSwe+3Ux7Gr6HLAVXre01BmGjVdpgOZhx iv73SyIa7unEp5NuQdNIBND8b8/3LtKR/YW6HGPOEZxbZXSt28rPlYEO9dv9REu5 wvmju/YgMcR4yTKR0X/JKmvU34QkQeeYOI2mF1cfTiu778azqm6MYyRdwLooreoj 5wdNYdjOcs79xr6gvaNr0rL8xx91HEzbpduD358KCRvPHc1sUZPWnEcrdw1/Llwl BGYgcd8M8rTzbb3kpZ+YWNtsETq4SCteHGPFk6QlwR2OBX1OlXwRHtXJ16DHAgMB AAGjggJBMIICPTAdBgNVHQ4EFgQUqGsO2cvSRtLtLFa94D1AQOrx5sswHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMwMzkyZTMy MzIzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzAzOTM4MzUzNC5yb2EwGAYD VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEALnR3jANBgkqhkiG9w0BAQsFAAOCAQEAmwQdTTFWjU6d0Bf9ukPcmFfY0jFD VN+AdJFhhMdzaPHb3vTQQ5RsI95uOcn4u4UEgFA4+uEwe6HJ/drFdhgM3PrkHSRo 7ihJrCgzKnY1EfezbSkI5q9RjmCbx/t0NlP9O3A35xbW525g+9B80LR8Vfs/uiov 6t/Wmk6bANR0eQ7/2UIKREMbJ1MZIh9JtsGAF1MskuSINNd8cXdinHmo/C5M8O/X vpWt/rwpMwJxguMPmpsZmZ3Nwjg8sb248Ux1UA5hViuL+pv5rt3etvep82U8ihOV dxctTGEndkD5Ec0pf/I4i3x4Q9pz8DiOil+5UfrUFKKu5RWaX3kxST63gA== -----END CERTIFICATE-----Generated at Mon Jan 19 17:35:18 2026 by rpki-client