This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa File: 3231372e32312e37362e302f32322d3234203d3e203437353833.roa (raw, json) Hash identifier: dPiR1lFLcJRcwUhWLSBlbs0m9UMcw+i1PcrNqlDXHKU= Subject key identifier: CC:17:CA:84:6D:C8:D9:35:B2:08:E1:E1:15:00:3D:B6:20:6D:8B:85 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3D8E7A70C10C0CB3B1BD3AA2D92331071F89E1EA Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:38 +0000 ROA not before: Mon 29 Dec 2025 09:45:38 +0000 ROA not after: Mon 28 Dec 2026 09:50:38 +0000 asID: 47583 IP address blocks: 217.21.76.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3d:8e:7a:70:c1:0c:0c:b3:b1:bd:3a:a2:d9:23:31:07:1f:89:e1:ea Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:38 2025 GMT Not After : Dec 28 09:50:38 2026 GMT Subject: CN=CC17CA846DC8D935B208E1E115003DB6206D8B85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:94:a7:a2:cd:fd:8d:fd:63:03:1e:23:66:bd: 79:d3:74:cb:47:87:38:41:33:24:19:9a:0e:94:89: 82:b8:6f:a5:d1:ba:90:dc:29:91:16:94:2b:85:40: 3a:bf:81:ca:a2:b3:54:37:75:5d:b1:ac:e7:17:a6: 31:61:fe:60:f4:f1:11:1b:15:fa:2b:0d:74:e3:73: 39:35:7b:30:4b:1b:f3:57:5f:cf:7f:47:5a:cb:62: 19:b3:29:d3:7b:9c:89:2e:7a:e0:ff:4a:54:1f:33: 1a:ab:0e:7e:e3:2f:24:08:ca:bb:d3:f4:80:eb:61: d2:b7:01:9d:3c:30:ef:1a:95:50:02:1b:4e:55:d3: 91:e7:e3:de:1a:9e:b8:52:39:c5:9e:11:b9:31:49: 02:de:bc:97:96:6b:04:ef:20:46:43:71:af:a3:c3: de:21:57:b6:89:79:da:87:7d:23:8c:0b:5d:f4:5b: 01:7c:c1:13:fe:83:1c:0d:92:3c:95:f0:97:c4:ea: 82:98:9e:61:21:e1:ae:42:b1:2a:3e:5b:05:41:e6: d9:30:e0:b9:f0:17:62:93:e9:36:56:3e:05:6e:a6: 24:7c:8a:4d:a4:b9:90:bc:15:55:a4:50:89:74:30: 51:82:1d:ae:8c:10:24:74:e3:85:41:a7:39:1f:6e: 80:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:17:CA:84:6D:C8:D9:35:B2:08:E1:E1:15:00:3D:B6:20:6D:8B:85 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e37362e302f32322d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.21.76.0/22 Signature Algorithm: sha256WithRSAEncryption 6c:95:f7:c9:9f:a2:44:3b:bb:41:9c:03:53:44:b8:28:8f:9d: c4:a6:ff:b5:8d:ae:75:57:28:64:4e:5e:4d:c7:64:13:28:07: 3c:8d:c7:79:23:99:a3:56:9a:a3:5e:0f:8d:ab:96:94:0b:ac: bc:72:c6:b9:30:9c:94:81:9c:72:5f:84:a9:dd:45:7d:10:5d: 5e:fc:0d:f3:ec:ac:21:32:e8:98:ed:c0:f9:20:70:13:b7:8e: 7a:0c:85:b2:e2:61:60:0e:2a:43:50:13:70:81:68:57:39:36: 5d:ac:c1:e2:ae:8c:bf:d5:44:fc:80:6d:e3:e0:47:09:10:3c: 0a:8a:8d:df:71:b7:62:22:94:cb:20:61:5d:4e:52:74:c2:2e: 80:11:88:09:aa:04:8d:c7:87:6b:0a:6e:2c:b9:ef:02:5c:43: 97:bb:d6:8c:83:c7:f4:d8:92:5c:a9:9a:b2:92:45:af:6f:37: e8:d8:bf:b5:26:34:c8:25:82:b3:97:2c:8d:ba:66:fe:9e:26: 76:11:81:94:1c:15:76:56:88:ad:13:94:9d:df:08:03:97:25: 42:9e:a0:07:5b:4e:3b:88:03:cb:ce:d9:1b:a6:af:75:7e:27: ab:33:1e:f2:b6:3e:c6:b7:e7:df:21:03:a1:53:b6:b7:5a:52: 3b:d0:26:45 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUPY56cMEMDLOxvTqi2SMxBx+J4eowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzhaFw0yNjEyMjgwOTUwMzhaMDMxMTAvBgNV BAMTKENDMTdDQTg0NkRDOEQ5MzVCMjA4RTFFMTE1MDAzREI2MjA2RDhCODUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/lKeizf2N/WMDHiNmvXnTdMtH hzhBMyQZmg6UiYK4b6XRupDcKZEWlCuFQDq/gcqis1Q3dV2xrOcXpjFh/mD08REb FforDXTjczk1ezBLG/NXX89/R1rLYhmzKdN7nIkueuD/SlQfMxqrDn7jLyQIyrvT 9IDrYdK3AZ08MO8alVACG05V05Hn494anrhSOcWeEbkxSQLevJeWawTvIEZDca+j w94hV7aJedqHfSOMC130WwF8wRP+gxwNkjyV8JfE6oKYnmEh4a5CsSo+WwVB5tkw 4LnwF2KT6TZWPgVupiR8ik2kuZC8FVWkUIl0MFGCHa6MECR044VBpzkfboAbAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUzBfKhG3I2TWyCOHhFQA9tiBti4UwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMmUzNzM2 MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtkV TDANBgkqhkiG9w0BAQsFAAOCAQEAbJX3yZ+iRDu7QZwDU0S4KI+dxKb/tY2udVco ZE5eTcdkEygHPI3HeSOZo1aao14PjauWlAusvHLGuTCclIGccl+Eqd1FfRBdXvwN 8+ysITLomO3A+SBwE7eOegyFsuJhYA4qQ1ATcIFoVzk2XazB4q6Mv9VE/IBt4+BH CRA8CoqN33G3YiKUyyBhXU5SdMIugBGICaoEjceHawpuLLnvAlxDl7vWjIPH9NiS XKmaspJFr2836Ni/tSY0yCWCs5csjbpm/p4mdhGBlBwVdlaIrROUnd8IA5clQp6g B1tOO4gDy87ZG6avdX4nqzMe8rY+xrfn3yEDoVO2t1pSO9AmRQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:33 2026 by rpki-client