This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa File: 326130313a3666303a3a2f33322d3332203d3e203432333636.roa (raw, json) Hash identifier: EfE+gm0KbwVDNX9uW6bR7NCR9/BYeRFPArOSDQaMVxY= Subject key identifier: 42:3E:04:5C:76:73:96:5E:40:96:0C:21:E6:E6:95:7A:6F:1A:3F:C5 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 1B141B4991402D2DD0CACD684F57AFD2A927FD69 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa Signing time: Mon 29 Dec 2025 09:50:59 +0000 ROA not before: Mon 29 Dec 2025 09:45:59 +0000 ROA not after: Mon 28 Dec 2026 09:50:59 +0000 asID: 42366 IP address blocks: 2a01:6f0::/32 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1b:14:1b:49:91:40:2d:2d:d0:ca:cd:68:4f:57:af:d2:a9:27:fd:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:59 2025 GMT Not After : Dec 28 09:50:59 2026 GMT Subject: CN=423E045C7673965E40960C21E6E6957A6F1A3FC5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:a3:9a:f8:bd:b0:7a:5a:e0:ce:06:39:fc:01: dc:eb:19:78:01:33:4a:37:48:61:16:81:d0:46:8a: f8:15:06:d8:72:3b:bd:7e:ca:40:20:de:40:c0:99: cf:a7:98:bc:65:70:04:9b:16:4d:c1:40:a6:23:e0: 1f:89:8d:c2:7c:e9:bd:84:72:f3:c2:be:01:84:3d: 9c:22:92:be:7f:25:db:7e:bf:78:56:0a:78:bc:57: 83:0d:3d:a9:61:bd:b9:7e:c0:c5:88:a9:ae:d1:59: 73:17:b9:ea:18:bb:76:6f:fe:9d:23:70:92:fc:42: 16:94:60:aa:7c:c5:0b:6c:b1:84:06:dd:e0:c4:9a: d1:b1:ad:37:fd:1c:01:aa:dd:05:15:02:35:0c:64: fa:b5:01:9e:1a:ff:da:5c:3d:5f:66:56:9b:96:79: 7a:26:6e:cb:61:a3:53:3f:b1:85:30:49:f6:60:d8: d7:b2:26:ee:ee:70:82:b0:fa:75:04:c9:ce:95:4c: 30:54:d3:17:06:b6:fc:16:fa:1d:58:a0:8b:26:2d: eb:d3:6a:d1:5f:2a:83:60:a1:13:b7:e6:bb:81:c2: 22:68:39:9a:5f:a5:5d:d2:41:bb:92:a3:37:44:81: 8e:80:17:0e:b6:3e:a0:44:d7:8f:9e:85:d3:8d:7e: 8e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:3E:04:5C:76:73:96:5E:40:96:0C:21:E6:E6:95:7A:6F:1A:3F:C5 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/326130313a3666303a3a2f33322d3332203d3e203432333636.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:6f0::/32 Signature Algorithm: sha256WithRSAEncryption 3e:7f:cd:cc:c5:ad:61:29:30:fe:84:49:38:9f:fe:e5:c0:53: b9:60:b4:c0:f8:30:6b:9e:0c:24:34:69:15:f4:dd:cb:f0:9c: 25:93:f0:c8:69:bc:fd:2c:f0:5d:98:a6:08:72:7d:52:54:c3: a0:17:50:51:a6:44:38:bc:07:1f:2b:80:ef:74:4d:fb:4a:a0: 77:e2:60:58:88:ed:ab:e2:2c:2e:8f:9d:8a:86:ad:d4:de:b5: 49:cd:a6:8f:8b:d1:dc:76:cc:d8:a4:95:e6:97:ea:80:88:c4: 9b:de:c5:65:21:26:6f:fb:f3:18:08:77:57:29:9e:24:ef:8a: 8a:0f:0b:0c:17:91:bc:4e:94:86:37:fa:09:f0:78:bc:bb:7c: 4f:d8:4c:78:db:e4:f0:c2:ec:e7:5f:53:d2:0a:27:e4:4a:50: b7:c9:83:8e:d1:d4:50:32:77:4d:31:72:b9:f7:48:ca:80:5c: 5d:32:fb:a0:56:b9:f7:d1:25:9b:da:5e:b2:c1:de:82:68:c2: 49:99:83:a2:e3:58:e5:32:e8:53:7f:c1:d7:67:d4:d1:b3:b6: 21:b6:4a:59:9e:f8:e1:26:2e:ae:0e:9e:00:2d:12:2c:33:64: 4d:f3:8f:5c:e5:c9:44:75:9d:46:67:b3:c2:67:c2:9b:b6:fe: 0e:30:31:aa -----BEGIN CERTIFICATE----- MIIFMDCCBBigAwIBAgIUGxQbSZFALS3Qys1oT1ev0qkn/WkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTlaFw0yNjEyMjgwOTUwNTlaMDMxMTAvBgNV BAMTKDQyM0UwNDVDNzY3Mzk2NUU0MDk2MEMyMUU2RTY5NTdBNkYxQTNGQzUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgo5r4vbB6WuDOBjn8AdzrGXgB M0o3SGEWgdBGivgVBthyO71+ykAg3kDAmc+nmLxlcASbFk3BQKYj4B+JjcJ86b2E cvPCvgGEPZwikr5/Jdt+v3hWCni8V4MNPalhvbl+wMWIqa7RWXMXueoYu3Zv/p0j cJL8QhaUYKp8xQtssYQG3eDEmtGxrTf9HAGq3QUVAjUMZPq1AZ4a/9pcPV9mVpuW eXombstho1M/sYUwSfZg2NeyJu7ucIKw+nUEyc6VTDBU0xcGtvwW+h1YoIsmLevT atFfKoNgoRO35ruBwiJoOZpfpV3SQbuSozdEgY6AFw62PqBE14+ehdONfo6HAgMB AAGjggI6MIICNjAdBgNVHQ4EFgQUQj4EXHZzll5Algwh5uaVem8aP8UwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzI2MTMwMzEzYTM2NjYzMDNh M2EyZjMzMzIyZDMzMzIyMDNkM2UyMDM0MzIzMzM2MzYucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8EETAPMA0EAgACMAcDBQAqAQbw MA0GCSqGSIb3DQEBCwUAA4IBAQA+f83Mxa1hKTD+hEk4n/7lwFO5YLTA+DBrngwk NGkV9N3L8Jwlk/DIabz9LPBdmKYIcn1SVMOgF1BRpkQ4vAcfK4DvdE37SqB34mBY iO2r4iwuj52Khq3U3rVJzaaPi9HcdszYpJXml+qAiMSb3sVlISZv+/MYCHdXKZ4k 74qKDwsMF5G8TpSGN/oJ8Hi8u3xP2Ex42+TwwuznX1PSCifkSlC3yYOO0dRQMndN MXK590jKgFxdMvugVrn30SWb2l6ywd6CaMJJmYOi41jlMuhTf8HXZ9TRs7YhtkpZ nvjhJi6uDp4ALRIsM2RN849c5clEdZ1GZ7PCZ8Kbtv4OMDGq -----END CERTIFICATE-----Generated at Mon Jan 19 14:27:27 2026 by rpki-client