This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e302e302f31392d3234203d3e2032393134.roa File: 3231372e3231362e302e302f31392d3234203d3e2032393134.roa (raw, json) Hash identifier: o7gFK2LzSVfIM/jSwu7hw8iyTdd2BxCswo1fbj2h8us= Subject key identifier: 28:D3:0F:28:CA:22:0F:97:19:78:D9:99:86:52:62:F7:69:E1:46:BC Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3649F8510DCB3BDD228FA6BE5DC430F6D6D3A14C Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e302e302f31392d3234203d3e2032393134.roa Signing time: Wed 03 Dec 2025 14:01:09 +0000 ROA not before: Wed 03 Dec 2025 13:56:09 +0000 ROA not after: Wed 02 Dec 2026 14:01:09 +0000 asID: 2914 IP address blocks: 217.216.0.0/19 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36:49:f8:51:0d:cb:3b:dd:22:8f:a6:be:5d:c4:30:f6:d6:d3:a1:4c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 3 13:56:09 2025 GMT Not After : Dec 2 14:01:09 2026 GMT Subject: CN=28D30F28CA220F971978D999865262F769E146BC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:36:45:ff:82:e3:96:8c:30:4c:84:c6:51:48: 1a:85:9a:96:35:f2:97:d4:66:9f:54:b5:b5:03:2a: 61:d6:72:ef:0e:ab:08:b6:ad:e1:5f:35:40:a5:ea: 82:a0:34:58:e1:b8:1b:67:1f:72:4b:df:1f:7b:c9: 6a:79:ee:d7:e1:d3:8b:57:42:79:78:fe:f7:17:df: 23:84:11:c9:8c:3f:ec:49:6d:93:c6:69:bb:30:a4: 09:76:0e:86:3d:f7:30:f0:45:b2:9c:ed:23:de:21: ca:25:34:b6:f2:79:f2:7f:bb:c8:48:0c:1e:02:0a: 0f:63:84:85:61:de:c4:fd:1e:06:7a:4b:b2:cf:4e: 57:02:ab:49:77:3a:0f:01:77:75:50:c8:a1:29:2e: 52:fb:76:16:9d:c4:de:fb:2a:a4:49:b3:00:c6:ae: ad:f4:fb:9b:b8:2f:3f:91:15:6c:f9:69:11:c7:9f: 74:96:6c:6b:72:28:a4:f8:82:25:90:6f:09:6f:07: 17:89:0d:16:c2:00:28:7c:c1:c7:86:36:8c:5d:09: f3:bb:31:46:e5:07:82:b4:de:61:c6:8c:7a:78:91: 7b:df:48:61:d1:b1:b6:6f:0c:d8:cd:79:9f:a2:d4: 95:f7:f7:83:f4:54:4d:86:9e:19:d0:38:c3:00:bd: 20:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:D3:0F:28:CA:22:0F:97:19:78:D9:99:86:52:62:F7:69:E1:46:BC X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e302e302f31392d3234203d3e2032393134.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.216.0.0/19 Signature Algorithm: sha256WithRSAEncryption 5e:3a:10:86:83:52:c8:83:58:17:c9:71:43:78:e5:bc:7c:2c: 41:19:91:bd:6c:9d:cd:a2:9a:62:18:7f:57:83:7d:2c:6d:d5: 83:b5:c4:0a:28:c9:23:68:73:e1:79:5a:1f:94:91:8b:a7:f0: c5:66:65:1c:a5:32:b7:c4:2a:40:67:17:e0:a2:31:87:6d:6e: 2b:44:e7:bd:59:a7:fe:04:89:18:10:63:b9:b9:30:89:fc:57: 9b:7d:58:de:84:16:98:b0:51:a7:f1:8a:c8:c9:62:3c:b5:86: 27:a6:a0:8d:b1:28:41:66:fd:21:a5:59:e6:0c:23:bc:f9:d0: ef:4c:43:1c:a5:e6:5d:23:51:4a:ad:7b:68:71:35:2f:13:f1: b1:61:54:20:6f:35:37:27:86:92:a7:63:bc:da:9b:e4:cb:75: c4:a7:79:6e:77:dc:63:4a:cf:2b:c3:19:1b:ba:cf:2e:8b:71: c3:be:3f:a9:ba:2e:c5:06:e1:ff:9d:a7:60:19:b9:e7:a6:cc: a9:6f:f8:15:e2:af:c9:fc:a4:e0:46:cd:16:94:80:51:a1:5b: d2:da:15:f6:0b:a8:45:5e:93:fc:1e:c9:25:45:62:cc:3b:b8: c1:55:d6:65:57:2d:32:ae:23:93:e5:92:91:da:b2:21:8c:6e: f4:6e:6b:5a -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUNkn4UQ3LO90ij6a+XcQw9tbToUwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMDMxMzU2MDlaFw0yNjEyMDIxNDAxMDlaMDMxMTAvBgNV BAMTKDI4RDMwRjI4Q0EyMjBGOTcxOTc4RDk5OTg2NTI2MkY3NjlFMTQ2QkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsNkX/guOWjDBMhMZRSBqFmpY1 8pfUZp9UtbUDKmHWcu8Oqwi2reFfNUCl6oKgNFjhuBtnH3JL3x97yWp57tfh04tX Qnl4/vcX3yOEEcmMP+xJbZPGabswpAl2DoY99zDwRbKc7SPeIcolNLbyefJ/u8hI DB4CCg9jhIVh3sT9HgZ6S7LPTlcCq0l3Og8Bd3VQyKEpLlL7dhadxN77KqRJswDG rq30+5u4Lz+RFWz5aRHHn3SWbGtyKKT4giWQbwlvBxeJDRbCACh8wceGNoxdCfO7 MUblB4K03mHGjHp4kXvfSGHRsbZvDNjNeZ+i1JX394P0VE2GnhnQOMMAvSDTAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUKNMPKMoiD5cZeNmZhlJi92nhRrwwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMw MmUzMDJmMzEzOTJkMzIzNDIwM2QzZTIwMzIzOTMxMzQucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAXZ2AAw DQYJKoZIhvcNAQELBQADggEBAF46EIaDUsiDWBfJcUN45bx8LEEZkb1snc2immIY f1eDfSxt1YO1xAooySNoc+F5Wh+UkYun8MVmZRylMrfEKkBnF+CiMYdtbitE571Z p/4EiRgQY7m5MIn8V5t9WN6EFpiwUafxisjJYjy1hiemoI2xKEFm/SGlWeYMI7z5 0O9MQxyl5l0jUUqte2hxNS8T8bFhVCBvNTcnhpKnY7zam+TLdcSneW533GNKzyvD GRu6zy6LccO+P6m6LsUG4f+dp2AZueemzKlv+BXir8n8pOBGzRaUgFGhW9LaFfYL qEVek/weySVFYsw7uMFV1mVXLTKuI5PlkpHasiGMbvRua1o= -----END CERTIFICATE-----Generated at Fri Dec 5 05:38:29 2025 by rpki-client