This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa File: 3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa (raw, json) Hash identifier: L+WgdNUewJqFStZ2UWHnpTPjaohUw8DPCIcQ+tyClus= Subject key identifier: 4D:CA:56:76:FC:49:3E:BB:16:B9:D4:E3:37:13:EE:EF:55:DB:C7:9D Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 6E6C4CDE1C2608DD8DD90A38CDF2081DDA288BB4 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:50:54 +0000 ROA not before: Mon 29 Dec 2025 09:45:54 +0000 ROA not after: Mon 28 Dec 2026 09:50:54 +0000 asID: 40021 IP address blocks: 194.140.196.0/22 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6e:6c:4c:de:1c:26:08:dd:8d:d9:0a:38:cd:f2:08:1d:da:28:8b:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:54 2025 GMT Not After : Dec 28 09:50:54 2026 GMT Subject: CN=4DCA5676FC493EBB16B9D4E33713EEEF55DBC79D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:6a:65:c3:90:e3:40:69:e2:72:6c:12:e7:6f: c6:d5:e2:14:e5:f0:81:9a:c7:7b:15:f9:ea:85:c9: bf:ad:1a:ca:23:c1:57:af:42:d4:84:a4:cd:c5:db: 4c:f5:88:5c:c6:1b:b6:b2:be:1f:10:e0:b4:ba:9e: ac:aa:d0:2f:bb:62:72:f3:31:21:b1:88:b7:ff:8e: 0d:4a:ff:04:5f:5b:7e:85:a1:9c:e2:cd:22:52:b1: 5d:b5:bd:6c:6f:3d:38:97:64:b3:8b:c1:1c:01:4e: 85:bd:76:3d:85:af:3c:40:9d:3e:0f:9c:1f:05:41: 18:2c:3d:ae:cc:f0:46:29:f5:e0:7d:d2:d1:cd:b6: 75:21:aa:62:c6:f5:e9:29:aa:60:0c:10:10:b7:b5: 76:5b:82:6c:cb:9d:77:f2:dd:1f:be:36:57:2c:25: 8f:57:17:61:b9:52:69:a9:51:0c:2c:2f:9e:5c:fc: 07:b5:3d:79:e6:5b:d0:de:84:84:61:e8:9c:e8:96: e1:6f:c9:b7:54:91:e9:cc:d1:2d:ad:4c:48:f1:99: d3:ea:a5:ae:c8:13:62:7d:bd:aa:85:f8:45:bc:52: 38:6f:22:4f:41:5f:78:a0:4f:d6:cd:72:dd:4f:d3: 84:bf:41:2e:ee:b7:ad:1d:c7:13:e3:30:33:da:cf: 41:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:CA:56:76:FC:49:3E:BB:16:B9:D4:E3:37:13:EE:EF:55:DB:C7:9D X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3139342e3134302e3139362e302f32322d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.140.196.0/22 Signature Algorithm: sha256WithRSAEncryption 5f:4f:22:3e:31:aa:87:59:9b:f7:55:73:9c:cc:ff:ce:73:53: 56:5b:4a:ac:99:d0:08:a3:24:04:b4:fc:44:77:28:74:3c:b5: 01:1e:dd:cc:d1:9f:29:90:e6:f6:a7:1a:ec:d3:e2:d4:b3:d7: 06:02:36:7a:ef:79:db:81:d1:bc:9e:a1:7d:3d:e4:b6:64:eb: 48:7b:75:7a:fe:b2:cf:05:b8:82:d5:90:b3:4f:81:d0:2d:68: 25:a3:28:d3:bc:5a:cb:fa:a6:5d:9b:b7:45:7f:b7:3c:51:89: a2:f4:c6:62:dd:15:ca:23:c4:0a:e8:24:12:aa:cf:e1:b0:2a: d1:79:2d:2d:44:71:dc:f9:94:e5:5a:77:f2:e2:e6:b3:01:43: 29:d8:c7:04:15:c3:de:cb:07:ca:29:b1:74:52:f5:aa:9f:b1: bc:c1:2f:34:8a:d6:4a:45:22:93:28:14:57:5e:b5:76:60:9a: f8:ef:80:1c:ef:ee:18:27:eb:b1:97:21:2f:4d:bb:b1:ef:e1: 77:14:3c:f7:76:cb:1d:14:b6:44:dd:a4:4e:90:52:54:ee:4f: be:4f:4c:e8:2d:9f:10:83:57:ce:9a:0e:68:66:34:90:cb:39: 0d:41:54:ae:77:f5:11:08:a6:38:11:52:bb:2e:1b:4d:7f:26: 43:e6:0e:b7 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUbmxM3hwmCN2N2Qo4zfIIHdooi7QwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTRaFw0yNjEyMjgwOTUwNTRaMDMxMTAvBgNV BAMTKDREQ0E1Njc2RkM0OTNFQkIxNkI5RDRFMzM3MTNFRUVGNTVEQkM3OUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwamXDkONAaeJybBLnb8bV4hTl 8IGax3sV+eqFyb+tGsojwVevQtSEpM3F20z1iFzGG7ayvh8Q4LS6nqyq0C+7YnLz MSGxiLf/jg1K/wRfW36FoZzizSJSsV21vWxvPTiXZLOLwRwBToW9dj2FrzxAnT4P nB8FQRgsPa7M8EYp9eB90tHNtnUhqmLG9ekpqmAMEBC3tXZbgmzLnXfy3R++Nlcs JY9XF2G5UmmpUQwsL55c/Ae1PXnmW9DehIRh6JzoluFvybdUkenM0S2tTEjxmdPq pa7IE2J9vaqF+EW8UjhvIk9BX3igT9bNct1P04S/QS7ut60dxxPjMDPaz0FdAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUTcpWdvxJPrsWudTjNxPu71Xbx50wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzOTM0MmUzMTM0MzAyZTMx MzkzNjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BALCjMQwDQYJKoZIhvcNAQELBQADggEBAF9PIj4xqodZm/dVc5zM/85zU1ZbSqyZ 0AijJAS0/ER3KHQ8tQEe3czRnymQ5vanGuzT4tSz1wYCNnrveduB0byeoX095LZk 60h7dXr+ss8FuILVkLNPgdAtaCWjKNO8Wsv6pl2bt0V/tzxRiaL0xmLdFcojxAro JBKqz+GwKtF5LS1Ecdz5lOVad/Li5rMBQynYxwQVw97LB8opsXRS9aqfsbzBLzSK 1kpFIpMoFFdetXZgmvjvgBzv7hgn67GXIS9Nu7Hv4XcUPPd2yx0UtkTdpE6QUlTu T75PTOgtnxCDV86aDmhmNJDLOQ1BVK539REIpjgRUrsuG01/JkPmDrc= -----END CERTIFICATE-----Generated at Mon Jan 19 14:28:11 2026 by rpki-client