This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230302e302f32312d3231203d3e20383334.roa File: 3231372e3231362e3230302e302f32312d3231203d3e20383334.roa (raw, json) Hash identifier: 6hcWXpD2R2lHKw0XH6F+Mziu3lSzGnph7lgZvFnIF7Q= Subject key identifier: 39:EB:B5:2A:FA:3D:91:DA:CB:72:1B:64:04:F3:39:64:13:44:FF:64 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 4973C21F373A9030417C2C3E8A0C2FA52304754D Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230302e302f32312d3231203d3e20383334.roa Signing time: Mon 12 Jan 2026 11:36:37 +0000 ROA not before: Mon 12 Jan 2026 11:31:37 +0000 ROA not after: Mon 11 Jan 2027 11:36:37 +0000 asID: 834 IP address blocks: 217.216.200.0/21 maxlen: 21 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49:73:c2:1f:37:3a:90:30:41:7c:2c:3e:8a:0c:2f:a5:23:04:75:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 12 11:31:37 2026 GMT Not After : Jan 11 11:36:37 2027 GMT Subject: CN=39EBB52AFA3D91DACB721B6404F339641344FF64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:2b:d7:29:15:70:f5:58:aa:85:ee:03:7b:c2: ba:35:6d:9a:a1:c4:ca:ce:3d:f6:cd:60:85:2f:db: d1:2f:f1:2a:81:b7:63:bc:d4:6c:2c:48:83:e8:bc: 2b:3c:8f:55:90:22:1e:17:18:7e:f4:58:75:75:61: 30:b6:fa:35:8d:45:87:94:98:2c:4d:72:07:5c:2e: 9d:42:59:65:41:d1:a9:bd:59:bd:6e:14:f9:d8:00: 2d:29:69:c2:4f:72:0b:78:a9:19:ab:b2:44:a4:86: 0e:df:68:e3:a4:70:b7:52:fe:63:f4:01:10:2f:bb: f4:3f:95:0d:18:93:84:f9:5b:89:7b:c3:f7:d7:fb: a7:5e:f9:f2:24:3b:7a:cb:22:f0:5e:52:fa:19:a2: 50:33:19:2a:c6:1e:93:64:61:7f:16:68:cc:37:3e: b8:19:8e:d7:c3:9d:73:f0:84:9f:ef:53:0a:b8:8b: 3b:cd:89:f9:ba:71:02:bf:2d:93:45:49:0d:5d:50: 27:b2:3b:11:69:07:f4:dd:b3:4a:71:22:21:b2:a9: dc:db:4c:72:aa:75:5d:c5:65:e2:35:91:0a:4f:08: 60:0b:3c:c1:35:95:36:e6:df:af:f5:16:a5:94:83: 8b:d1:c8:89:c7:9b:ba:c8:c9:2c:af:92:30:38:54: 91:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:EB:B5:2A:FA:3D:91:DA:CB:72:1B:64:04:F3:39:64:13:44:FF:64 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3230302e302f32312d3231203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.216.200.0/21 Signature Algorithm: sha256WithRSAEncryption 2e:2b:10:17:85:e0:dd:e8:87:e2:ea:be:ff:2d:ca:78:7c:3e: 21:bd:cb:95:56:62:67:43:3d:88:0e:ea:6e:f1:c1:ac:6d:59: 37:86:2f:f6:0b:74:92:63:a9:6f:8f:4a:b1:24:1e:46:53:0d: e2:f1:17:00:d3:7b:7b:df:58:05:14:9f:5c:10:86:e3:af:74: 1f:41:53:a3:43:08:6c:b6:04:9b:d9:8d:d3:e6:e0:bd:c0:8f: eb:21:1e:cc:71:92:e9:2f:89:14:02:41:23:d0:12:cf:95:f1: 7e:e3:b3:65:a4:b6:1c:fc:d7:a3:36:e7:77:9f:3e:05:82:82: a0:fe:32:f7:6d:21:59:e7:dc:6f:20:d8:5a:96:46:4a:3f:33: 5a:c2:6a:11:5e:75:27:1f:f3:a6:2c:ca:c1:62:88:a8:15:5e: 20:0d:69:67:b8:1e:e9:aa:3c:56:fd:af:79:da:c5:34:c1:de: 86:e1:a0:33:9f:40:b2:2e:00:3a:98:38:c3:88:52:ba:ce:5d: b6:6e:80:6d:c6:2d:a9:56:d4:9b:48:a3:98:57:26:cb:6f:91: 0d:17:96:d7:92:9f:40:61:6a:52:67:9d:36:71:f6:ac:0b:7d: 87:1e:45:e9:3e:03:49:9d:d0:4d:d6:7e:1a:78:f2:b2:a0:a7: 22:32:97:4e -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUSXPCHzc6kDBBfCw+igwvpSMEdU0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMTIxMTMxMzdaFw0yNzAxMTExMTM2MzdaMDMxMTAvBgNV BAMTKDM5RUJCNTJBRkEzRDkxREFDQjcyMUI2NDA0RjMzOTY0MTM0NEZGNjQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXK9cpFXD1WKqF7gN7wro1bZqh xMrOPfbNYIUv29Ev8SqBt2O81GwsSIPovCs8j1WQIh4XGH70WHV1YTC2+jWNRYeU mCxNcgdcLp1CWWVB0am9Wb1uFPnYAC0pacJPcgt4qRmrskSkhg7faOOkcLdS/mP0 ARAvu/Q/lQ0Yk4T5W4l7w/fX+6de+fIkO3rLIvBeUvoZolAzGSrGHpNkYX8WaMw3 PrgZjtfDnXPwhJ/vUwq4izvNifm6cQK/LZNFSQ1dUCeyOxFpB/Tds0pxIiGyqdzb THKqdV3FZeI1kQpPCGALPME1lTbm36/1FqWUg4vRyInHm7rIySyvkjA4VJEZAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUOeu1Kvo9kdrLchtkBPM5ZBNE/2QwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMy MzAzMDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDM4MzMzNC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA9nY yDANBgkqhkiG9w0BAQsFAAOCAQEALisQF4Xg3eiH4uq+/y3KeHw+Ib3LlVZiZ0M9 iA7qbvHBrG1ZN4Yv9gt0kmOpb49KsSQeRlMN4vEXANN7e99YBRSfXBCG4690H0FT o0MIbLYEm9mN0+bgvcCP6yEezHGS6S+JFAJBI9ASz5XxfuOzZaS2HPzXozbnd58+ BYKCoP4y920hWefcbyDYWpZGSj8zWsJqEV51Jx/zpizKwWKIqBVeIA1pZ7ge6ao8 Vv2vedrFNMHehuGgM59Asi4AOpg4w4hSus5dtm6AbcYtqVbUm0ijmFcmy2+RDReW 15KfQGFqUmedNnH2rAt9hx5F6T4DSZ3QTdZ+GnjysqCnIjKXTg== -----END CERTIFICATE-----Generated at Mon Jan 19 14:22:36 2026 by rpki-client