This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3234302e302f32302d3230203d3e203230333236.roa File: 3231372e3231362e3234302e302f32302d3230203d3e203230333236.roa (raw, json) Hash identifier: IbVXd2uOJoHVa9Ry9j4rdQVnGjmA4iknHqBMOvUuSG0= Subject key identifier: 64:C0:E3:02:5A:A7:BB:53:86:FD:25:D2:7E:29:8F:49:49:E0:F3:32 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3AFE3940232F67905277A8C43323528A442DB37D Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3234302e302f32302d3230203d3e203230333236.roa Signing time: Wed 19 Nov 2025 07:01:06 +0000 ROA not before: Wed 19 Nov 2025 06:56:06 +0000 ROA not after: Wed 18 Nov 2026 07:01:06 +0000 asID: 20326 IP address blocks: 217.216.240.0/20 maxlen: 20 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 04 Dec 2025 17:45:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3a:fe:39:40:23:2f:67:90:52:77:a8:c4:33:23:52:8a:44:2d:b3:7d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Nov 19 06:56:06 2025 GMT Not After : Nov 18 07:01:06 2026 GMT Subject: CN=64C0E3025AA7BB5386FD25D27E298F4949E0F332 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:0a:ea:fa:55:0b:d2:8e:ee:b4:1a:0d:f5:20: 40:54:22:74:26:32:ed:56:93:76:ae:6c:9e:f8:31: a5:bc:a3:ce:26:58:df:fd:70:dd:52:8e:19:8f:29: 05:46:87:14:61:64:9d:09:72:e5:bf:d2:8e:a5:68: 3d:81:8e:13:2b:f7:ef:48:f7:14:1d:05:11:cf:2c: ec:0f:3c:a9:85:78:86:7a:a4:a8:3f:c5:40:b0:ab: 2d:6f:c2:aa:4c:e0:86:45:82:30:74:bd:e6:6e:12: a3:c9:95:6c:a7:3f:59:53:95:a5:e9:1e:bf:99:cc: 44:34:ba:50:d6:3f:39:91:70:11:bf:f9:d0:2c:78: 1f:37:65:db:ea:6b:1f:a4:dd:1d:4d:fe:7e:39:4e: 8c:63:30:08:c3:b5:af:5a:c5:e4:ad:c6:f5:3a:04: 2f:9a:5f:71:ec:36:50:51:99:25:5f:c0:fa:a1:50: a9:b7:f7:d9:90:df:05:7a:f1:ef:95:10:89:87:3f: 13:bb:61:ca:fd:f4:e2:88:41:f7:98:79:98:cc:b5: e7:5d:29:60:5b:16:68:0b:8a:80:c0:de:b8:2f:cf: 8c:a1:c5:24:ee:63:43:c2:12:da:81:75:bc:38:3d: 53:da:b6:1d:20:1d:aa:3d:ea:ca:92:0c:cc:d6:88: e2:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:C0:E3:02:5A:A7:BB:53:86:FD:25:D2:7E:29:8F:49:49:E0:F3:32 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e3234302e302f32302d3230203d3e203230333236.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.216.240.0/20 Signature Algorithm: sha256WithRSAEncryption 20:69:86:75:a4:d3:c9:90:d0:92:65:2a:a3:3f:e1:18:c5:bf: a8:aa:e3:97:9c:ab:7a:b3:fa:01:53:75:65:f8:35:6d:d0:a3: 4d:4a:09:4a:3b:32:e4:59:87:72:6d:31:24:d1:82:75:60:23: 51:42:ac:66:3f:e6:63:33:96:b0:c1:f3:d6:c0:39:e5:cb:7e: e7:6f:64:26:55:d8:35:b9:2b:5f:90:2c:26:f1:30:c6:92:71: 5c:77:1f:42:dd:3b:c7:ac:00:4e:e5:ae:6a:76:d2:e6:99:4e: dc:b7:ac:f3:dd:e3:6d:6b:0b:99:a9:06:da:c6:28:1b:37:71: f0:c5:ab:f9:61:5b:a2:96:77:84:1b:58:fb:b3:e6:6f:c0:69: c8:0b:2c:aa:af:d6:6c:8c:30:d8:dd:8d:8d:c0:ec:be:72:35: d7:c1:60:92:7c:72:df:77:c2:3e:bc:8f:e1:03:4a:d3:dd:af: 4b:46:87:ac:d5:02:d8:37:27:d2:67:81:14:24:66:13:01:54: d4:71:c5:fb:42:ed:91:76:97:6b:b8:09:50:93:90:ab:25:fe: 10:da:f6:c3:cc:2a:8b:71:3d:a6:12:d4:05:b1:07:9c:11:6a: 17:a5:5e:02:8f:2a:59:dd:55:fa:40:87:24:07:39:c4:83:bc: f8:f2:7a:76 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUOv45QCMvZ5BSd6jEMyNSikQts30wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTExMTkwNjU2MDZaFw0yNjExMTgwNzAxMDZaMDMxMTAvBgNV BAMTKDY0QzBFMzAyNUFBN0JCNTM4NkZEMjVEMjdFMjk4RjQ5NDlFMEYzMzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBCur6VQvSju60Gg31IEBUInQm Mu1Wk3aubJ74MaW8o84mWN/9cN1SjhmPKQVGhxRhZJ0JcuW/0o6laD2BjhMr9+9I 9xQdBRHPLOwPPKmFeIZ6pKg/xUCwqy1vwqpM4IZFgjB0veZuEqPJlWynP1lTlaXp Hr+ZzEQ0ulDWPzmRcBG/+dAseB83Zdvqax+k3R1N/n45ToxjMAjDta9axeStxvU6 BC+aX3HsNlBRmSVfwPqhUKm399mQ3wV68e+VEImHPxO7Ycr99OKIQfeYeZjMtedd KWBbFmgLioDA3rgvz4yhxSTuY0PCEtqBdbw4PVPath0gHao96sqSDMzWiOJrAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUZMDjAlqnu1OG/SXSfimPSUng8zIwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTMy MzQzMDJlMzAyZjMyMzAyZDMyMzAyMDNkM2UyMDMyMzAzMzMyMzYucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BATZ2PAwDQYJKoZIhvcNAQELBQADggEBACBphnWk08mQ0JJlKqM/4RjFv6iq45ec q3qz+gFTdWX4NW3Qo01KCUo7MuRZh3JtMSTRgnVgI1FCrGY/5mMzlrDB89bAOeXL fudvZCZV2DW5K1+QLCbxMMaScVx3H0LdO8esAE7lrmp20uaZTty3rPPd421rC5mp BtrGKBs3cfDFq/lhW6KWd4QbWPuz5m/AacgLLKqv1myMMNjdjY3A7L5yNdfBYJJ8 ct93wj68j+EDStPdr0tGh6zVAtg3J9JngRQkZhMBVNRxxftC7ZF2l2u4CVCTkKsl /hDa9sPMKotxPaYS1AWxB5wRahelXgKPKlndVfpAhyQHOcSDvPjyenY= -----END CERTIFICATE-----Generated at Thu Dec 4 07:38:19 2025 by rpki-client