This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa File: 3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa (raw, json) Hash identifier: PYj6JzWjmemz7mVyfJPxJ1ApLI5GvwDXp8PqL23UTaw= Subject key identifier: D9:11:51:A6:A7:81:E4:FA:9F:F4:CD:1A:26:3F:2D:57:5F:54:93:AA Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 5AB1C44580E992A384FAD4239B1CA81947E0E164 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:52 +0000 ROA not before: Mon 29 Dec 2025 09:45:52 +0000 ROA not after: Mon 28 Dec 2026 09:50:52 +0000 asID: 51167 IP address blocks: 185.230.138.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5a:b1:c4:45:80:e9:92:a3:84:fa:d4:23:9b:1c:a8:19:47:e0:e1:64 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:52 2025 GMT Not After : Dec 28 09:50:52 2026 GMT Subject: CN=D91151A6A781E4FA9FF4CD1A263F2D575F5493AA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:78:ce:c3:67:33:47:7d:2c:08:aa:ff:94:84: 8e:88:b1:a8:9a:26:20:b5:ce:d7:b4:a3:43:81:6e: 54:c1:05:18:83:9c:45:d4:f9:c6:32:84:32:3a:5d: aa:e3:3a:6e:ac:e3:90:62:d9:2f:a3:d9:47:03:a4: 68:ce:92:02:bb:22:a1:51:92:63:cc:b4:05:8f:4d: dc:34:f3:41:51:be:8b:6a:6d:81:da:79:a4:a4:27: ca:69:2c:c8:7f:b4:e3:3e:c8:06:aa:7d:99:9d:6e: 85:54:9b:c7:f3:63:04:c5:97:ba:1b:c3:d8:5b:5b: a1:0d:7d:d1:cf:45:10:ac:5a:84:aa:09:6f:fe:0a: 65:99:1f:3c:dd:18:7a:5a:ea:83:b8:06:fd:fc:69: cb:27:0d:7c:f9:8e:8b:4f:77:94:e6:6f:57:3e:8c: 6a:a5:f0:ce:18:d6:74:6e:82:98:da:bb:b9:7d:45: 59:68:fd:27:2a:99:05:40:86:a6:97:93:ba:10:a2: 28:45:f1:99:5d:7d:e6:75:e4:11:19:29:ea:5d:e1: a4:06:e0:17:17:43:be:28:3f:0c:86:e9:ce:36:ef: 41:6a:cb:a1:25:75:af:f4:a0:1d:d4:a4:a0:9c:1d: 41:dc:6e:41:1b:80:26:68:95:48:f1:f3:74:1a:5a: 93:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:11:51:A6:A7:81:E4:FA:9F:F4:CD:1A:26:3F:2D:57:5F:54:93:AA X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3138352e3233302e3133382e302f32342d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.230.138.0/24 Signature Algorithm: sha256WithRSAEncryption 17:bb:b3:a9:ed:b8:29:2a:83:2d:6d:2e:c0:23:bb:e0:7c:92: b0:f2:d4:7d:d9:2d:43:9b:c6:96:d3:5e:d1:21:58:58:5b:7d: f6:6b:96:32:7d:d5:1e:f5:3c:79:77:08:52:b1:98:55:1f:6c: 5e:6a:a3:04:9c:fc:c7:1d:fe:32:2f:22:83:0f:88:af:17:1d: a1:fc:6e:e1:ed:82:6e:9e:0e:6a:8c:cc:9b:da:ab:b4:f6:7d: 3f:f0:52:24:c3:0d:5e:18:42:ef:02:0c:bf:cb:37:d9:83:cb: 31:7b:1e:99:cd:40:1c:8d:4c:c9:eb:04:21:27:64:08:01:68: 61:d3:c5:21:12:1f:69:50:32:d8:9c:b9:d2:8e:89:f7:00:33: b4:f8:ca:fd:af:9c:58:87:c5:39:94:44:10:0d:7a:30:32:aa: bd:4e:d7:2f:4a:7b:ec:e9:2e:6a:4f:da:4f:37:0a:79:e8:a7: 12:d1:d1:45:04:41:f9:92:5e:38:8e:26:c4:95:3c:a1:4d:73: d5:13:5e:55:ed:2d:e4:de:05:be:3f:10:74:43:2e:78:c4:bc: 9f:c7:b3:18:67:fd:38:73:d7:05:fc:4b:0a:05:ff:4e:b2:e0: e7:bb:45:3a:f6:8e:00:40:c6:a4:54:2b:8d:3f:4c:3d:78:ed: 85:cd:5f:ce -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUWrHERYDpkqOE+tQjmxyoGUfg4WQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTJaFw0yNjEyMjgwOTUwNTJaMDMxMTAvBgNV BAMTKEQ5MTE1MUE2QTc4MUU0RkE5RkY0Q0QxQTI2M0YyRDU3NUY1NDkzQUEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+eM7DZzNHfSwIqv+UhI6Isaia JiC1zte0o0OBblTBBRiDnEXU+cYyhDI6XarjOm6s45Bi2S+j2UcDpGjOkgK7IqFR kmPMtAWPTdw080FRvotqbYHaeaSkJ8ppLMh/tOM+yAaqfZmdboVUm8fzYwTFl7ob w9hbW6ENfdHPRRCsWoSqCW/+CmWZHzzdGHpa6oO4Bv38acsnDXz5jotPd5Tmb1c+ jGql8M4Y1nRugpjau7l9RVlo/ScqmQVAhqaXk7oQoihF8ZldfeZ15BEZKepd4aQG 4BcXQ74oPwyG6c4270Fqy6Elda/0oB3UpKCcHUHcbkEbgCZolUjx83QaWpM1AgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU2RFRpqeB5Pqf9M0aJj8tV19Uk6owHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzODM1MmUzMjMzMzAyZTMx MzMzODJlMzAyZjMyMzQyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAC55oowDQYJKoZIhvcNAQELBQADggEBABe7s6ntuCkqgy1tLsAju+B8krDy1H3Z LUObxpbTXtEhWFhbffZrljJ91R71PHl3CFKxmFUfbF5qowSc/Mcd/jIvIoMPiK8X HaH8buHtgm6eDmqMzJvaq7T2fT/wUiTDDV4YQu8CDL/LN9mDyzF7HpnNQByNTMnr BCEnZAgBaGHTxSESH2lQMticudKOifcAM7T4yv2vnFiHxTmURBANejAyqr1O1y9K e+zpLmpP2k83CnnopxLR0UUEQfmSXjiOJsSVPKFNc9UTXlXtLeTeBb4/EHRDLnjE vJ/Hsxhn/Thz1wX8SwoF/06y4Oe7RTr2jgBAxqRUK40/TD147YXNX84= -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:25 2026 by rpki-client