This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e38302e302f32302d3234203d3e203437353833.roa File: 3231372e32312e38302e302f32302d3234203d3e203437353833.roa (raw, json) Hash identifier: XuR2Tlp/MI8IvdZ9V+nijU2HCvTe+YMi60rBx4PKFSQ= Subject key identifier: 21:1F:B8:D9:3F:4A:C7:00:3A:EC:33:F1:BB:71:DA:3D:EE:4D:06:2E Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 52D6A3697C4DD973AC8EEDA81AA81D6B1AACB5C0 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e38302e302f32302d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:51 +0000 ROA not before: Mon 29 Dec 2025 09:45:51 +0000 ROA not after: Mon 28 Dec 2026 09:50:51 +0000 asID: 47583 IP address blocks: 217.21.80.0/20 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 52:d6:a3:69:7c:4d:d9:73:ac:8e:ed:a8:1a:a8:1d:6b:1a:ac:b5:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:51 2025 GMT Not After : Dec 28 09:50:51 2026 GMT Subject: CN=211FB8D93F4AC7003AEC33F1BB71DA3DEE4D062E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:d4:9b:ea:f3:19:6b:5a:0b:7e:2b:fc:22:9c: fe:de:9f:0d:93:ad:ba:24:ee:dd:07:b8:b2:48:3e: 99:0c:96:e6:7d:8a:68:fb:52:78:d6:57:76:38:11: 48:99:6f:50:f4:9d:e7:91:76:a1:7f:51:ff:b7:bf: fe:f6:8e:bc:86:66:17:90:c8:d3:76:d5:d3:6a:2d: 0e:49:dd:86:2b:20:42:d8:f5:aa:d2:5b:15:39:f9: 58:d7:dd:55:21:98:1c:da:56:fe:3d:8c:d4:2f:9a: b7:00:99:9b:3d:c6:50:81:a4:dd:a9:60:c6:67:05: 74:9f:c3:ea:7d:a5:57:7b:9c:d0:0c:e8:2d:49:a9: 44:a2:86:c8:bb:d2:78:53:79:53:ee:9d:f4:e2:e0: 66:92:2d:d0:c1:01:f4:4e:63:3b:bf:77:10:a8:cc: 28:a7:59:69:4c:a5:4c:f2:a3:3c:ce:68:34:cc:9f: 55:f8:60:5c:ee:c8:1e:e8:31:bb:c9:e5:51:86:20: 1a:1a:c6:bb:a9:85:c0:0f:a7:79:a9:2a:77:0a:52: 9c:a1:e0:bd:a5:e9:55:34:86:b3:c5:4b:22:45:83: 97:1a:e1:1c:b6:cf:4c:5f:ae:ad:a9:70:e4:08:c7: ef:78:4e:18:44:1f:5e:39:95:4b:50:86:e6:a8:a5: 58:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:1F:B8:D9:3F:4A:C7:00:3A:EC:33:F1:BB:71:DA:3D:EE:4D:06:2E X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e32312e38302e302f32302d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.21.80.0/20 Signature Algorithm: sha256WithRSAEncryption 2c:6d:59:a8:b5:e3:b3:bf:bc:89:82:da:c7:0b:02:92:5d:d3: 2c:ee:3b:2c:79:6b:88:bd:88:6b:c3:4e:12:2e:d0:88:9f:db: 3a:e9:be:46:50:0d:5e:93:07:77:47:9b:53:12:25:6b:5a:63: 36:ac:f9:0e:f1:43:06:c6:1d:7b:ba:0d:4b:6e:23:13:c7:c6: 0e:6b:d3:a5:f1:cb:17:f2:f4:87:73:b6:6e:e9:30:12:a8:d6: a5:01:c6:c1:0c:64:d5:c0:09:ba:0c:50:6a:8a:68:5c:2f:de: ff:e2:de:d4:93:8a:11:25:73:1f:8f:36:4d:cb:c5:44:11:c4: dc:64:70:d8:79:6e:bd:85:e8:62:3a:9c:ca:04:7e:d9:7d:91: 2d:0e:71:c1:97:56:0b:34:72:e8:7f:5a:0b:2a:a3:78:ec:ac: 40:e3:55:2b:69:b4:ba:71:f1:98:b0:db:97:59:29:65:0f:bd: 71:bb:b8:e4:82:a0:62:9b:64:18:24:81:24:11:a3:d0:13:04: a5:8a:35:e4:3d:52:1e:43:d0:00:92:47:c3:f7:d4:5f:fd:7d: 81:e5:6c:22:58:f4:e7:3d:a8:d3:a8:72:d8:14:b4:27:37:b9: a0:fc:dd:12:3e:b4:ec:56:01:e3:aa:3b:a5:95:55:0c:f8:42: f4:db:1e:e8 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUUtajaXxN2XOsju2oGqgdaxqstcAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTFaFw0yNjEyMjgwOTUwNTFaMDMxMTAvBgNV BAMTKDIxMUZCOEQ5M0Y0QUM3MDAzQUVDMzNGMUJCNzFEQTNERUU0RDA2MkUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa1Jvq8xlrWgt+K/winP7enw2T rbok7t0HuLJIPpkMluZ9imj7UnjWV3Y4EUiZb1D0neeRdqF/Uf+3v/72jryGZheQ yNN21dNqLQ5J3YYrIELY9arSWxU5+VjX3VUhmBzaVv49jNQvmrcAmZs9xlCBpN2p YMZnBXSfw+p9pVd7nNAM6C1JqUSihsi70nhTeVPunfTi4GaSLdDBAfROYzu/dxCo zCinWWlMpUzyozzOaDTMn1X4YFzuyB7oMbvJ5VGGIBoaxruphcAPp3mpKncKUpyh 4L2l6VU0hrPFSyJFg5ca4Ry2z0xfrq2pcOQIx+94ThhEH145lUtQhuaopVgFAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUIR+42T9KxwA67DPxu3HaPe5NBi4wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMmUzODMw MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNkV UDANBgkqhkiG9w0BAQsFAAOCAQEALG1ZqLXjs7+8iYLaxwsCkl3TLO47LHlriL2I a8NOEi7QiJ/bOum+RlANXpMHd0ebUxIla1pjNqz5DvFDBsYde7oNS24jE8fGDmvT pfHLF/L0h3O2bukwEqjWpQHGwQxk1cAJugxQaopoXC/e/+Le1JOKESVzH482TcvF RBHE3GRw2HluvYXoYjqcygR+2X2RLQ5xwZdWCzRy6H9aCyqjeOysQONVK2m0unHx mLDbl1kpZQ+9cbu45IKgYptkGCSBJBGj0BMEpYo15D1SHkPQAJJHw/fUX/19geVs Ilj05z2o06hy2BS0Jze5oPzdEj607FYB46o7pZVVDPhC9Nse6A== -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:22 2026 by rpki-client