This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa File: 3231322e39372e37302e302f32342d3234203d3e20313336373837.roa (raw, json) Hash identifier: OK+5GFD7wwhXD2SqEx1yXWGR0Of4O4llzez2RqFBu5o= Subject key identifier: DF:FA:D0:DA:E8:2A:9F:0B:C4:49:BE:9C:AE:DD:74:42:87:15:6C:8C Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 2BBEE94142829E7DFFCD9408B4D2F341AD300B59 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa Signing time: Tue 02 Dec 2025 19:50:12 +0000 ROA not before: Tue 02 Dec 2025 19:45:12 +0000 ROA not after: Tue 01 Dec 2026 19:50:12 +0000 asID: 136787 IP address blocks: 212.97.70.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2b:be:e9:41:42:82:9e:7d:ff:cd:94:08:b4:d2:f3:41:ad:30:0b:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 2 19:45:12 2025 GMT Not After : Dec 1 19:50:12 2026 GMT Subject: CN=DFFAD0DAE82A9F0BC449BE9CAEDD744287156C8C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:d3:3e:70:2d:33:20:40:34:ac:ed:2d:f9:55: 36:55:fe:b1:4e:83:ce:e0:d9:14:21:b6:bc:f3:be: 30:6b:40:3b:31:21:60:10:cf:2b:e7:17:44:b8:ab: 05:d5:6f:93:fa:8e:5a:98:8d:d3:07:d3:27:27:b9: 64:21:b1:f8:3f:1d:1a:27:b0:4a:39:46:20:10:b5: 84:5b:bc:aa:d7:a4:70:a2:de:d7:63:18:37:19:37: 8e:5f:58:02:af:12:ea:22:7c:6e:b5:e9:21:35:8b: 30:cd:dd:af:1b:86:85:b7:2b:ad:88:f3:30:20:cc: 88:14:e4:fa:ec:0d:a2:61:1d:84:52:62:a6:88:77: cd:b7:36:07:54:77:98:51:06:ac:1b:c1:98:48:83: 3c:3b:4a:22:12:77:74:39:18:24:cf:9e:8a:6f:87: 2d:b8:04:59:4f:be:5a:1d:7c:e5:97:05:d6:95:94: 40:3e:56:1b:8f:2d:ef:34:a5:72:f6:19:c7:5e:28: ae:2b:c6:3c:f2:5e:40:42:0b:21:2c:f0:66:a2:a6: 2e:9e:25:e8:58:86:80:f5:fb:4c:97:bd:f0:81:ef: 8a:97:1c:27:2d:e4:43:67:12:b0:41:0c:fd:cc:60: f0:60:f3:a0:d1:be:f9:60:1c:d2:8c:d6:97:27:e3: 4c:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FA:D0:DA:E8:2A:9F:0B:C4:49:BE:9C:AE:DD:74:42:87:15:6C:8C X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231322e39372e37302e302f32342d3234203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.97.70.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:70:ce:5f:b2:b4:0c:d5:6f:38:24:54:6d:ff:72:69:3d:02: bb:ac:14:b1:be:3f:92:73:81:4a:84:5c:2e:7b:62:0e:87:74: b8:f9:b8:02:00:9d:0b:fd:0d:62:9d:6a:5b:87:8b:d5:f6:e9: ef:2f:87:ef:fb:05:2a:e5:c6:a5:f3:6d:da:c4:e8:d0:73:07: 13:10:46:53:b0:8a:86:49:85:34:3f:24:ee:0e:e2:b3:13:c0: 47:3a:c9:a6:a9:63:5a:50:67:86:49:1c:af:94:f8:75:87:df: d0:13:f5:75:e6:45:10:e5:35:a1:ba:23:88:42:ce:24:26:53: 21:c5:d8:a4:c0:03:fb:39:a7:46:a7:b6:16:d0:7d:82:d4:43: 90:fc:77:90:23:58:0a:ba:1d:9b:04:c8:ad:c1:ad:61:5d:b8: fd:ed:94:94:e6:85:67:a4:da:86:bf:ff:52:23:50:21:43:ed: 84:8d:b6:89:e8:6a:a9:f4:3d:20:76:d7:25:26:5c:bd:37:19: e8:c9:35:ad:b4:ad:66:2b:6d:67:04:84:ae:b4:7a:70:e3:03: 96:44:4e:cd:1b:62:82:6d:fa:7d:2f:f0:ed:04:5e:4c:f8:e6: ca:06:7f:8a:ca:ba:aa:67:1c:29:8c:9f:01:e9:d3:3c:7c:c7: c7:8d:17:9a -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUK77pQUKCnn3/zZQItNLzQa0wC1kwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMDIxOTQ1MTJaFw0yNjEyMDExOTUwMTJaMDMxMTAvBgNV BAMTKERGRkFEMERBRTgyQTlGMEJDNDQ5QkU5Q0FFREQ3NDQyODcxNTZDOEMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa0z5wLTMgQDSs7S35VTZV/rFO g87g2RQhtrzzvjBrQDsxIWAQzyvnF0S4qwXVb5P6jlqYjdMH0ycnuWQhsfg/HRon sEo5RiAQtYRbvKrXpHCi3tdjGDcZN45fWAKvEuoifG616SE1izDN3a8bhoW3K62I 8zAgzIgU5PrsDaJhHYRSYqaId823NgdUd5hRBqwbwZhIgzw7SiISd3Q5GCTPnopv hy24BFlPvlodfOWXBdaVlEA+VhuPLe80pXL2GcdeKK4rxjzyXkBCCyEs8Gaipi6e JehYhoD1+0yXvfCB74qXHCct5ENnErBBDP3MYPBg86DRvvlgHNKM1pcn40y/AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQU3/rQ2ugqnwvESb6crt10QocVbIwwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTMyMmUzOTM3MmUzNzMw MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA 1GFGMA0GCSqGSIb3DQEBCwUAA4IBAQBbcM5fsrQM1W84JFRt/3JpPQK7rBSxvj+S c4FKhFwue2IOh3S4+bgCAJ0L/Q1inWpbh4vV9unvL4fv+wUq5cal823axOjQcwcT EEZTsIqGSYU0PyTuDuKzE8BHOsmmqWNaUGeGSRyvlPh1h9/QE/V15kUQ5TWhuiOI Qs4kJlMhxdikwAP7OadGp7YW0H2C1EOQ/HeQI1gKuh2bBMitwa1hXbj97ZSU5oVn pNqGv/9SI1AhQ+2EjbaJ6Gqp9D0gdtclJly9NxnoyTWttK1mK21nBISutHpw4wOW RE7NG2KCbfp9L/DtBF5M+ObKBn+KyrqqZxwpjJ8B6dM8fMfHjRea -----END CERTIFICATE-----Generated at Fri Dec 5 05:41:44 2025 by rpki-client