This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa File: 3231372e37362e34382e302f32302d3332203d3e203531313637.roa (raw, json) Hash identifier: qKslsMOCI9uWYmCdQNLNdjkoow/cORHf4g4LEt35Vqc= Subject key identifier: F6:2E:AE:59:6F:86:91:A0:31:93:DB:A3:21:25:B2:44:EC:62:91:49 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 358D8DE1A93A3095C626D8C276B28CB6044E5762 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:44 +0000 ROA not before: Mon 29 Dec 2025 09:45:44 +0000 ROA not after: Mon 28 Dec 2026 09:50:44 +0000 asID: 51167 IP address blocks: 217.76.48.0/20 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:8d:8d:e1:a9:3a:30:95:c6:26:d8:c2:76:b2:8c:b6:04:4e:57:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:44 2025 GMT Not After : Dec 28 09:50:44 2026 GMT Subject: CN=F62EAE596F8691A03193DBA32125B244EC629149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:f8:ec:b9:72:5c:91:76:cb:5d:39:c9:70:39: 08:df:54:a1:74:3a:cc:bc:9e:8e:74:5c:22:75:51: 53:e6:5c:3d:2b:72:79:46:e0:f0:fa:8c:71:dd:73: 01:5a:de:7c:2c:db:91:9a:48:16:f2:02:58:d7:4f: b1:b2:81:fb:d1:f3:3c:4c:f7:db:e5:cc:f7:ad:eb: 4e:ee:b4:5e:78:02:7e:4c:eb:f4:19:5d:df:f6:e6: e4:38:4d:c3:45:58:fc:be:8d:7e:9e:5f:5b:b3:51: 1b:0c:5d:1b:17:bf:a8:ff:17:61:d1:97:11:75:7d: 6f:3f:c1:a2:a3:43:e7:7b:28:cc:25:ce:1d:a4:3f: e2:87:fe:af:7d:8a:61:99:fa:c8:0f:bf:44:4b:81: b8:76:27:8b:3d:62:2c:21:3b:1e:d8:46:57:9c:80: df:60:21:b5:19:0e:72:33:b4:df:96:0c:5d:6a:7b: 0e:63:69:31:44:1d:cc:e7:30:79:b2:24:8a:a6:2f: a1:b1:3b:a9:1b:5a:72:52:8d:e1:1d:b0:5e:24:a1: 2b:dc:65:a9:50:f6:4e:44:f8:c3:de:d6:59:f1:31: d5:66:20:43:d5:84:f4:7f:e1:b7:fb:58:6d:ed:02: f3:cb:d2:86:89:ea:0c:db:88:ed:ce:7a:78:0c:2b: 62:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:2E:AE:59:6F:86:91:A0:31:93:DB:A3:21:25:B2:44:EC:62:91:49 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3231372e37362e34382e302f32302d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.76.48.0/20 Signature Algorithm: sha256WithRSAEncryption 23:a6:b2:4d:9a:7e:7d:bf:26:41:29:8f:c4:d6:43:c1:fc:d7: 6d:3f:62:da:73:6d:5c:43:44:2b:21:d6:f4:5b:09:0e:f3:51: 4d:a7:ea:6a:6b:b9:5d:bb:6e:b6:c7:6a:73:50:7b:42:a7:76: d7:3a:db:02:07:31:42:6e:b6:d1:1b:b8:27:59:b6:d4:db:f1: 34:06:c8:17:21:99:dc:a9:0a:a3:c3:63:40:d5:c0:d3:61:bb: 77:29:4a:90:a2:12:c7:07:1a:4f:92:a6:2b:70:a1:48:cf:76: 5c:1f:66:dc:13:ff:80:f2:a9:df:20:b9:e2:35:35:f1:f0:05: 15:5f:67:c8:d0:84:a9:56:2b:30:c7:54:02:80:a9:68:45:7a: b3:6f:78:de:36:d3:63:97:a8:06:6f:6b:80:59:db:38:8d:c3: 3e:9d:c2:5c:eb:7c:13:ed:23:0b:71:0f:c9:99:0d:b0:63:ab: a2:18:f5:48:2c:98:f0:f8:dd:0a:e2:0e:a0:49:5a:f4:46:5d: 20:16:89:03:45:fd:36:d3:3f:b9:fe:05:39:4d:96:e9:e5:16: 7b:87:6f:b6:28:d8:ae:c6:fa:68:d2:d1:cc:d4:c5:55:1a:2b: b4:3f:6c:76:18:16:76:cd:35:43:cf:3e:bc:9d:c7:b5:93:b8: 2d:3b:c6:41 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUNY2N4ak6MJXGJtjCdrKMtgROV2IwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDRaFw0yNjEyMjgwOTUwNDRaMDMxMTAvBgNV BAMTKEY2MkVBRTU5NkY4NjkxQTAzMTkzREJBMzIxMjVCMjQ0RUM2MjkxNDkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ+Oy5clyRdstdOclwOQjfVKF0 Osy8no50XCJ1UVPmXD0rcnlG4PD6jHHdcwFa3nws25GaSBbyAljXT7GygfvR8zxM 99vlzPet607utF54An5M6/QZXd/25uQ4TcNFWPy+jX6eX1uzURsMXRsXv6j/F2HR lxF1fW8/waKjQ+d7KMwlzh2kP+KH/q99imGZ+sgPv0RLgbh2J4s9YiwhOx7YRlec gN9gIbUZDnIztN+WDF1qew5jaTFEHcznMHmyJIqmL6GxO6kbWnJSjeEdsF4koSvc ZalQ9k5E+MPe1lnxMdVmIEPVhPR/4bf7WG3tAvPL0oaJ6gzbiO3OengMK2K1AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQU9i6uWW+GkaAxk9ujISWyROxikUkwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzIzMTM3MmUzNzM2MmUzNDM4 MmUzMDJmMzIzMDJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBNlM MDANBgkqhkiG9w0BAQsFAAOCAQEAI6ayTZp+fb8mQSmPxNZDwfzXbT9i2nNtXENE KyHW9FsJDvNRTafqamu5Xbtutsdqc1B7Qqd21zrbAgcxQm620Ru4J1m21NvxNAbI FyGZ3KkKo8NjQNXA02G7dylKkKISxwcaT5KmK3ChSM92XB9m3BP/gPKp3yC54jU1 8fAFFV9nyNCEqVYrMMdUAoCpaEV6s2943jbTY5eoBm9rgFnbOI3DPp3CXOt8E+0j C3EPyZkNsGOrohj1SCyY8PjdCuIOoEla9EZdIBaJA0X9NtM/uf4FOU2W6eUWe4dv tijYrsb6aNLRzNTFVRortD9sdhgWds01Q88+vJ3HtZO4LTvGQQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:08 2026 by rpki-client