This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139362e302f32322d3232203d3e20383334.roa File: 3231372e3231362e3139362e302f32322d3232203d3e20383334.roa (raw, json) Hash identifier: cR4dYvcoY89SM5PsJqa8TPH6aJThhSeM+pthf7eqKQI= Subject key identifier: D9:B9:3F:A9:74:94:DC:0F:23:09:BE:54:8C:01:14:F0:31:D2:27:EB Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 58EF5B0E409BC986F82EED5992447F334F51CC4D Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139362e302f32322d3232203d3e20383334.roa Signing time: Mon 12 Jan 2026 11:37:14 +0000 ROA not before: Mon 12 Jan 2026 11:32:14 +0000 ROA not after: Mon 11 Jan 2027 11:37:14 +0000 asID: 834 IP address blocks: 217.216.196.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 58:ef:5b:0e:40:9b:c9:86:f8:2e:ed:59:92:44:7f:33:4f:51:cc:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 12 11:32:14 2026 GMT Not After : Jan 11 11:37:14 2027 GMT Subject: CN=D9B93FA97494DC0F2309BE548C0114F031D227EB Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:e0:46:22:ee:49:b8:cb:f1:59:3d:d7:e2:d5: 3e:4b:fb:2a:b9:ba:10:41:7e:e9:40:03:7f:63:36: 8a:a8:f4:0e:bb:4a:03:f9:e0:a6:69:2e:38:60:00: f5:46:e5:ff:5a:fe:ff:80:26:b4:07:59:41:5f:ea: 69:c3:6a:63:18:2d:46:35:2a:c3:85:1c:12:c1:41: c5:20:84:2e:a3:b3:7d:e0:bc:27:cf:94:5f:a1:9c: bd:58:dd:52:f2:41:b7:fc:6e:a4:ff:7c:97:e4:e0: 2d:28:86:39:31:1a:44:8a:1d:50:d2:72:ff:4c:e2: 05:8a:23:4e:c2:b9:9a:4a:ec:7f:26:e5:69:00:9b: da:58:9b:8a:cb:46:d9:73:db:91:33:33:93:fe:5d: 19:a0:d0:98:7e:aa:f4:95:a6:e2:ff:9b:2b:11:dc: 24:0a:6f:c3:23:c1:8b:cb:a3:a7:92:b0:8b:79:8d: 2f:b5:a5:c3:d4:5b:9f:d2:56:96:34:52:14:89:aa: 42:ab:54:c7:c5:b8:23:e5:ee:a4:91:46:6a:ca:bb: b1:b5:66:24:ad:e1:5b:f2:c1:6a:5d:3a:0f:29:f1: 78:f8:ed:6b:ef:9d:9b:01:95:14:91:db:25:5d:58: 18:f0:ea:7e:82:8e:72:5e:76:27:4f:c3:d5:4f:ad: b3:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:B9:3F:A9:74:94:DC:0F:23:09:BE:54:8C:01:14:F0:31:D2:27:EB X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3139362e302f32322d3232203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.216.196.0/22 Signature Algorithm: sha256WithRSAEncryption 67:48:96:fb:f7:e2:fb:26:63:51:8d:57:39:4b:59:59:c4:89: cc:d2:e5:3e:7d:78:3e:c6:b8:9f:d1:e5:c6:24:e6:7f:d3:5b: 4e:7f:bf:1b:5c:7c:45:76:82:32:bc:a9:92:71:f6:8e:2e:fb: 6c:78:c5:82:8f:7d:83:4a:48:6e:65:89:a9:89:11:58:a9:40: 1a:c8:1a:6a:19:63:64:a3:d6:cd:7d:7e:c8:8f:e7:75:5f:7a: fc:0c:41:45:9a:38:22:50:77:76:c9:e0:82:34:74:fe:ea:c5: 85:8b:b2:60:c7:82:13:69:32:3d:38:4c:d5:92:82:23:ed:c4: 33:77:5a:f1:6e:0d:de:4c:6f:0d:6c:2e:1b:db:95:40:86:50: 93:3c:47:d6:95:56:4b:b3:32:30:b4:51:a0:8b:e6:61:a1:19: d3:43:c8:90:58:02:67:2b:72:26:2d:7e:63:9e:82:71:ab:5d: 5e:23:76:0c:95:c0:6a:98:b8:4d:73:1f:7e:ae:21:96:2e:5b: 83:65:cc:49:01:b1:f0:02:65:e5:da:71:51:b2:2d:2f:b4:57: 31:d2:31:f9:50:e2:99:9b:b0:d5:fb:38:44:08:f7:6a:50:84: 3d:48:85:49:a7:cd:23:90:cd:86:51:f3:c6:27:f2:3e:d5:dd: 96:4f:6d:a0 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUWO9bDkCbyYb4Lu1ZkkR/M09RzE0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMTIxMTMyMTRaFw0yNzAxMTExMTM3MTRaMDMxMTAvBgNV BAMTKEQ5QjkzRkE5NzQ5NERDMEYyMzA5QkU1NDhDMDExNEYwMzFEMjI3RUIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ4EYi7km4y/FZPdfi1T5L+yq5 uhBBfulAA39jNoqo9A67SgP54KZpLjhgAPVG5f9a/v+AJrQHWUFf6mnDamMYLUY1 KsOFHBLBQcUghC6js33gvCfPlF+hnL1Y3VLyQbf8bqT/fJfk4C0ohjkxGkSKHVDS cv9M4gWKI07CuZpK7H8m5WkAm9pYm4rLRtlz25EzM5P+XRmg0Jh+qvSVpuL/mysR 3CQKb8MjwYvLo6eSsIt5jS+1pcPUW5/SVpY0UhSJqkKrVMfFuCPl7qSRRmrKu7G1 ZiSt4VvywWpdOg8p8Xj47WvvnZsBlRSR2yVdWBjw6n6CjnJedidPw9VPrbONAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQU2bk/qXSU3A8jCb5UjAEU8DHSJ+swHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMx MzkzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAtnY xDANBgkqhkiG9w0BAQsFAAOCAQEAZ0iW+/fi+yZjUY1XOUtZWcSJzNLlPn14Psa4 n9HlxiTmf9NbTn+/G1x8RXaCMrypknH2ji77bHjFgo99g0pIbmWJqYkRWKlAGsga ahljZKPWzX1+yI/ndV96/AxBRZo4IlB3dsnggjR0/urFhYuyYMeCE2kyPThM1ZKC I+3EM3da8W4N3kxvDWwuG9uVQIZQkzxH1pVWS7MyMLRRoIvmYaEZ00PIkFgCZyty Ji1+Y56CcatdXiN2DJXAapi4TXMffq4hli5bg2XMSQGx8AJl5dpxUbItL7RXMdIx +VDimZuw1fs4RAj3alCEPUiFSafNI5DNhlHzxifyPtXdlk9toA== -----END CERTIFICATE-----Generated at Mon Jan 19 14:22:34 2026 by rpki-client