This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa File: 3231322e39372e36362e302f32342d3234203d3e20313336373837.roa (raw, json) Hash identifier: 3yYvTk27l9Zr+tSRGO1h7cGPT0Tn+v0f67ItujjSXbM= Subject key identifier: 13:C1:61:5B:B6:14:D2:A9:27:A9:97:C4:CF:F2:3A:83:27:B9:00:2A Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3AAA447FFE0AB6401719F072E7183C74AA3A76E7 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa Signing time: Fri 28 Nov 2025 19:49:57 +0000 ROA not before: Fri 28 Nov 2025 19:44:57 +0000 ROA not after: Fri 27 Nov 2026 19:49:57 +0000 asID: 136787 IP address blocks: 212.97.66.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:aa:44:7f:fe:0a:b6:40:17:19:f0:72:e7:18:3c:74:aa:3a:76:e7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Nov 28 19:44:57 2025 GMT Not After : Nov 27 19:49:57 2026 GMT Subject: CN=13C1615BB614D2A927A997C4CFF23A8327B9002A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:4b:f4:90:87:0b:f7:a3:18:78:13:91:99:c2: d8:49:68:dd:11:b1:8d:a6:c1:ad:0e:fb:a6:f0:73: 1a:24:30:0e:ef:6f:22:e4:55:a9:ad:8d:4a:12:60: 44:ac:8d:51:4b:79:3e:46:cd:09:ea:28:68:d7:87: 78:5d:fd:78:41:ee:06:5f:22:16:7a:53:19:b0:e8: 41:9a:b8:3b:28:cb:56:13:cd:a4:02:79:f8:35:f9: 32:ca:99:85:4c:d9:40:6d:c5:ff:74:29:82:55:42: 52:09:44:3c:f3:70:31:b5:3d:12:41:6e:eb:a8:0a: 7e:e1:a6:16:95:0e:5d:a4:1e:31:3f:12:27:da:dc: f9:23:0a:a0:40:a8:bf:a6:71:ab:68:b9:82:fb:88: 9d:a0:98:ea:25:6e:7a:e1:9b:84:08:cd:83:f4:b3: db:95:1f:f8:60:78:1e:02:01:7e:14:9d:41:e1:0f: 44:a3:35:2e:18:8f:8f:c7:08:fd:9a:32:a2:a3:53: b3:2f:c6:c1:20:12:13:86:8c:27:e4:01:94:10:df: d5:95:7d:ab:49:99:5f:e5:25:00:c4:1f:db:b7:5d: 39:f9:0f:10:74:e4:23:4a:8b:8e:07:b1:44:b4:06: e3:d1:a6:6a:ea:88:1d:5c:1a:e2:34:57:c7:6a:18: fb:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:C1:61:5B:B6:14:D2:A9:27:A9:97:C4:CF:F2:3A:83:27:B9:00:2A X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e36362e302f32342d3234203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.97.66.0/24 Signature Algorithm: sha256WithRSAEncryption 95:54:ed:3a:c0:32:24:65:25:cb:9e:40:32:d1:4e:47:a0:34: 94:b9:cc:9b:a6:54:1f:67:ed:0c:aa:65:66:57:8f:5b:6f:2e: aa:7b:0e:34:dd:92:8c:a6:9e:a2:2a:a2:aa:bd:ce:b3:1e:53: 9e:09:3d:84:16:c1:f7:b2:59:16:68:53:3a:3d:92:aa:44:5d: f7:64:0a:e0:9d:a1:28:02:3b:b9:c7:05:0b:49:c1:a9:22:62: 28:9f:f4:48:06:58:0f:28:3c:36:a9:06:a0:ef:6a:1c:ea:17: e2:a6:1f:36:0e:6c:19:69:9a:77:0a:48:4e:11:62:c1:47:f3: 11:3f:ea:2f:6d:0d:a0:ba:7d:cc:e7:dd:55:ad:ac:5c:2c:b1: e6:e5:f9:d6:ee:72:3f:e8:42:79:52:2e:e3:15:42:53:68:f6: 4a:f2:4d:3f:6b:06:47:52:f3:d0:b5:b0:1c:92:31:22:c4:0f: 16:b0:9d:e8:7f:26:ee:e6:5e:1f:e4:d9:d9:91:18:d2:c6:39: f5:fe:2e:1d:0f:65:bd:cc:8a:a4:57:46:b5:56:f6:f3:dd:88: 98:42:02:7d:d0:15:86:0c:50:12:e1:34:bb:ae:92:3d:52:2e: 7f:ef:15:b3:87:f3:8a:fb:9f:e8:ca:5e:a9:64:93:52:56:6c: 45:b7:44:04 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUOqpEf/4KtkAXGfBy5xg8dKo6ducwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTExMjgxOTQ0NTdaFw0yNjExMjcxOTQ5NTdaMDMxMTAvBgNV BAMTKDEzQzE2MTVCQjYxNEQyQTkyN0E5OTdDNENGRjIzQTgzMjdCOTAwMkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkS/SQhwv3oxh4E5GZwthJaN0R sY2mwa0O+6bwcxokMA7vbyLkVamtjUoSYESsjVFLeT5GzQnqKGjXh3hd/XhB7gZf IhZ6Uxmw6EGauDsoy1YTzaQCefg1+TLKmYVM2UBtxf90KYJVQlIJRDzzcDG1PRJB buuoCn7hphaVDl2kHjE/Eifa3PkjCqBAqL+mcatouYL7iJ2gmOolbnrhm4QIzYP0 s9uVH/hgeB4CAX4UnUHhD0SjNS4Yj4/HCP2aMqKjU7MvxsEgEhOGjCfkAZQQ39WV fatJmV/lJQDEH9u3XTn5DxB05CNKi44HsUS0BuPRpmrqiB1cGuI0V8dqGPu7AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUE8FhW7YU0qknqZfEz/I6gye5ACowHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNjM2 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA 1GFCMA0GCSqGSIb3DQEBCwUAA4IBAQCVVO06wDIkZSXLnkAy0U5HoDSUucybplQf Z+0MqmVmV49bby6qew403ZKMpp6iKqKqvc6zHlOeCT2EFsH3slkWaFM6PZKqRF33 ZArgnaEoAju5xwULScGpImIon/RIBlgPKDw2qQag72oc6hfiph82DmwZaZp3CkhO EWLBR/MRP+ovbQ2gun3M591VraxcLLHm5fnW7nI/6EJ5Ui7jFUJTaPZK8k0/awZH UvPQtbAckjEixA8WsJ3ofybu5l4f5NnZkRjSxjn1/i4dD2W9zIqkV0a1Vvbz3YiY QgJ90BWGDFAS4TS7rpI9Ui5/7xWzh/OK+5/oyl6pZJNSVmxFt0QE -----END CERTIFICATE-----Generated at Fri Dec 5 05:41:41 2025 by rpki-client