This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e38302e302f32302d3332203d3e203430303231.roa File: 3231372e3231362e38302e302f32302d3332203d3e203430303231.roa (raw, json) Hash identifier: WY4PdfDKmtC5vYv9bC9qoSG/snc4t0B3Vm8aNDQrZIE= Subject key identifier: 3F:88:E5:EA:28:12:1E:18:AC:B5:2F:A3:77:FC:30:3C:73:7E:29:32 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 2D951282FD11064BA7A55FA3B1CFE0BAE5960D5B Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e38302e302f32302d3332203d3e203430303231.roa Signing time: Wed 05 Nov 2025 12:57:46 +0000 ROA not before: Wed 05 Nov 2025 12:52:46 +0000 ROA not after: Wed 04 Nov 2026 12:57:46 +0000 asID: 40021 IP address blocks: 217.216.80.0/20 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:95:12:82:fd:11:06:4b:a7:a5:5f:a3:b1:cf:e0:ba:e5:96:0d:5b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Nov 5 12:52:46 2025 GMT Not After : Nov 4 12:57:46 2026 GMT Subject: CN=3F88E5EA28121E18ACB52FA377FC303C737E2932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:2c:6c:b0:21:47:d5:4d:07:8a:64:e5:16:8f: 05:0f:b0:f6:39:b7:61:37:ae:a5:b2:44:a1:62:12: 59:43:92:d2:88:3b:5f:2e:10:cc:0c:df:9e:6b:56: ee:cb:f6:93:76:7d:6f:8b:f4:13:58:66:68:74:04: 70:7e:49:1b:42:9f:55:22:07:91:ae:b0:c2:a1:c4: 1d:25:65:b0:2f:25:b8:2c:54:b4:29:39:60:b5:dd: 92:f0:f2:78:65:9c:33:d9:3a:70:50:54:cc:30:f4: 1e:c3:9b:83:a8:52:29:0b:44:f5:e8:b6:ac:95:39: 23:67:ee:12:9c:96:6b:df:6f:35:38:64:5f:4f:c3: 40:27:69:87:44:44:5a:c7:e9:3d:a3:b5:fe:af:67: ba:53:ec:8b:ba:f8:88:11:fd:52:45:0d:11:f1:22: 46:3e:bb:4b:ba:ba:31:e6:28:bc:c1:00:b1:75:78: d8:95:f0:35:df:98:09:90:32:1b:76:fd:0f:7d:2d: e8:e4:19:2f:c8:50:9a:0c:58:c5:36:82:3b:85:f4: b7:9b:f5:ad:01:7e:71:35:6b:b4:b9:50:11:40:97: a4:04:86:77:ba:c9:0f:8e:07:3f:b5:d3:64:2f:6b: 86:5e:0f:47:8f:fb:8a:9c:ad:5d:61:8e:9a:3f:7b: 30:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:88:E5:EA:28:12:1E:18:AC:B5:2F:A3:77:FC:30:3C:73:7E:29:32 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e3231362e38302e302f32302d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.216.80.0/20 Signature Algorithm: sha256WithRSAEncryption 27:84:2a:3b:d6:a6:a3:c3:4f:16:74:fe:27:79:a5:2a:1b:eb: e2:03:c8:7a:ba:e9:8b:86:57:5e:c0:73:30:4a:e4:6a:0e:4a: 8c:3e:1c:37:98:28:ea:d4:57:84:5b:42:1a:8e:2a:0e:d7:9d: 5b:08:e2:d1:a4:d2:1c:d7:2c:c2:75:95:a9:bb:e0:1f:5b:17: 10:ab:80:74:d8:f0:fa:ba:f7:09:81:4f:f9:76:8b:cb:3a:ee: de:0a:00:33:e0:8d:29:96:98:c6:30:3a:9e:9f:b7:dd:39:c9: 9c:6d:f0:71:76:ef:3e:7e:80:ab:97:fc:cf:82:69:b0:de:b1: 78:5a:6d:07:2c:52:51:26:fd:51:8e:c6:33:93:13:69:d9:bd: fd:24:8b:73:e3:ae:f6:a6:d2:1e:57:dc:fa:d7:66:71:37:49: 3b:c2:e0:c8:41:e9:57:ae:24:52:b4:96:ff:75:6b:f5:bc:4a: 48:7d:9a:49:a1:87:a2:2b:01:4b:bd:8e:89:d1:a6:68:4f:e0: b0:71:19:c7:01:d9:e8:f7:7e:06:ac:9b:cf:c9:74:95:43:c2: ce:2e:d9:3b:8a:ca:b9:2e:78:69:c7:9a:59:3e:55:f1:6a:9b: bb:ac:50:ad:d9:ba:fc:0c:9a:68:6d:15:e7:e9:9d:cd:c6:62: 60:9f:92:93 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIULZUSgv0RBkunpV+jsc/guuWWDVswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTExMDUxMjUyNDZaFw0yNjExMDQxMjU3NDZaMDMxMTAvBgNV BAMTKDNGODhFNUVBMjgxMjFFMThBQ0I1MkZBMzc3RkMzMDNDNzM3RTI5MzIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5LGywIUfVTQeKZOUWjwUPsPY5 t2E3rqWyRKFiEllDktKIO18uEMwM355rVu7L9pN2fW+L9BNYZmh0BHB+SRtCn1Ui B5GusMKhxB0lZbAvJbgsVLQpOWC13ZLw8nhlnDPZOnBQVMww9B7Dm4OoUikLRPXo tqyVOSNn7hKclmvfbzU4ZF9Pw0AnaYdERFrH6T2jtf6vZ7pT7Iu6+IgR/VJFDRHx IkY+u0u6ujHmKLzBALF1eNiV8DXfmAmQMht2/Q99LejkGS/IUJoMWMU2gjuF9Leb 9a0BfnE1a7S5UBFAl6QEhne6yQ+OBz+102Qva4ZeD0eP+4qcrV1hjpo/ezBTAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUP4jl6igSHhistS+jd/wwPHN+KTIwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzMjMxMzYyZTM4 MzAyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE 2dhQMA0GCSqGSIb3DQEBCwUAA4IBAQAnhCo71qajw08WdP4neaUqG+viA8h6uumL hldewHMwSuRqDkqMPhw3mCjq1FeEW0IajioO151bCOLRpNIc1yzCdZWpu+AfWxcQ q4B02PD6uvcJgU/5dovLOu7eCgAz4I0plpjGMDqen7fdOcmcbfBxdu8+foCrl/zP gmmw3rF4Wm0HLFJRJv1RjsYzkxNp2b39JItz4672ptIeV9z612ZxN0k7wuDIQelX riRStJb/dWv1vEpIfZpJoYeiKwFLvY6J0aZoT+CwcRnHAdno934GrJvPyXSVQ8LO Ltk7isq5Lnhpx5pZPlXxapu7rFCt2br8DJpobRXn6Z3NxmJgn5KT -----END CERTIFICATE-----Generated at Fri Dec 5 05:36:35 2025 by rpki-client