This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa File: 33312e3232302e31332e302f32342d3234203d3e203237343538.roa (raw, json) Hash identifier: MDqT8nUbxo1q31B2v3aHXYHsx8u+sCuhVL1JQe6ILqI= Subject key identifier: C8:9A:3A:2F:57:8D:3E:B3:9E:BD:99:F3:79:7E:77:E1:75:EF:A5:3D Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 1EF0425E396792955A7B1EA017C6973CDFEA7085 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa Signing time: Mon 29 Dec 2025 09:51:01 +0000 ROA not before: Mon 29 Dec 2025 09:46:01 +0000 ROA not after: Mon 28 Dec 2026 09:51:01 +0000 asID: 27458 IP address blocks: 31.220.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1e:f0:42:5e:39:67:92:95:5a:7b:1e:a0:17:c6:97:3c:df:ea:70:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:01 2025 GMT Not After : Dec 28 09:51:01 2026 GMT Subject: CN=C89A3A2F578D3EB39EBD99F3797E77E175EFA53D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:d9:a4:73:f9:41:36:38:ae:a8:c4:a2:59:c0: b0:07:76:72:fb:a0:48:af:a9:67:45:cc:9c:4e:7f: 55:77:14:05:bb:19:cc:39:a3:d8:aa:c7:3b:14:f0: f7:95:b5:e0:c0:0f:a6:f9:dd:05:9b:e3:4e:12:59: 34:65:58:cb:75:29:13:3d:3e:81:7c:1a:f6:0a:96: f0:97:58:52:e9:8b:5c:f3:05:1d:f4:6e:a6:3b:ec: 79:1d:a9:3c:de:0f:15:be:a9:46:34:2a:80:92:56: 1f:ac:9a:7a:08:1c:91:fa:fd:9e:8f:75:f5:1c:5d: 9e:44:7a:aa:3d:5f:c2:63:22:9e:1e:99:40:09:ca: 93:fe:89:d1:e8:bc:d7:ea:19:40:48:74:38:08:6d: dd:c9:e4:a3:45:ca:ce:2c:27:a0:c5:e9:3f:f9:ac: 92:95:fb:15:79:88:21:77:1b:90:89:16:6d:79:85: 82:48:73:68:cc:2f:c8:f2:17:71:16:08:93:d4:80: 4a:9f:10:0b:43:fb:62:5b:3d:8f:5b:60:60:e3:f9: 80:9e:b8:db:08:f7:14:e8:80:9b:18:32:1e:86:90: c7:f3:6d:9d:cb:f0:cb:e7:98:ad:20:68:b7:18:11: 49:1f:f8:f2:b9:3f:e0:52:d0:e3:8d:9c:99:3d:60: 5c:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:9A:3A:2F:57:8D:3E:B3:9E:BD:99:F3:79:7E:77:E1:75:EF:A5:3D X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e31332e302f32342d3234203d3e203237343538.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.13.0/24 Signature Algorithm: sha256WithRSAEncryption 44:93:d6:b9:78:a9:d1:ee:d0:a3:09:7a:97:da:4b:da:c0:a9: ce:6e:b1:56:ba:ea:5a:c6:29:75:b9:4b:7a:ee:c9:c8:16:e6: c0:57:f8:47:60:4c:cb:fc:48:26:58:fd:47:6d:a6:99:94:1f: f4:16:9b:3f:cd:45:02:58:02:2e:71:54:ca:f0:f0:9b:53:1f: be:87:32:8d:c7:46:72:bb:0e:d3:69:73:5e:28:7d:de:85:db: 65:82:8d:a4:ab:17:aa:c5:80:92:a0:70:27:ca:c8:5f:fb:8d: 58:e7:1f:4e:7f:bb:01:a2:29:5c:d9:19:4d:85:80:f5:bc:71: 51:ef:ed:09:75:11:ed:d1:57:64:5d:96:d8:92:1a:92:90:04: b6:ce:b6:0d:ec:88:6f:a0:8d:d0:b4:9b:14:a2:2a:9b:5c:ac: f5:f2:6f:56:08:e5:13:98:a6:d5:1e:1e:e4:17:d0:87:46:65: 71:50:e4:b6:95:7c:a3:f5:72:58:02:3e:bb:1e:d4:93:3f:ea: e5:13:9e:8c:10:a0:4d:43:f7:70:f7:e0:84:99:66:cc:f3:aa: 8c:27:88:8b:38:91:8e:17:aa:70:55:18:58:70:5b:78:03:15: bb:a6:3f:b0:62:df:5e:b4:ce:83:e3:59:7c:e4:ee:d6:25:66: fc:4a:cb:b8 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUHvBCXjlnkpVaex6gF8aXPN/qcIUwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDFaFw0yNjEyMjgwOTUxMDFaMDMxMTAvBgNV BAMTKEM4OUEzQTJGNTc4RDNFQjM5RUJEOTlGMzc5N0U3N0UxNzVFRkE1M0QwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM2aRz+UE2OK6oxKJZwLAHdnL7 oEivqWdFzJxOf1V3FAW7Gcw5o9iqxzsU8PeVteDAD6b53QWb404SWTRlWMt1KRM9 PoF8GvYKlvCXWFLpi1zzBR30bqY77HkdqTzeDxW+qUY0KoCSVh+smnoIHJH6/Z6P dfUcXZ5Eeqo9X8JjIp4emUAJypP+idHovNfqGUBIdDgIbd3J5KNFys4sJ6DF6T/5 rJKV+xV5iCF3G5CJFm15hYJIc2jML8jyF3EWCJPUgEqfEAtD+2JbPY9bYGDj+YCe uNsI9xTogJsYMh6GkMfzbZ3L8MvnmK0gaLcYEUkf+PK5P+BS0OONnJk9YFz3AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUyJo6L1eNPrOevZnzeX534XXvpT0wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMTMz MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM0MzUzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c DTANBgkqhkiG9w0BAQsFAAOCAQEARJPWuXip0e7Qowl6l9pL2sCpzm6xVrrqWsYp dblLeu7JyBbmwFf4R2BMy/xIJlj9R22mmZQf9BabP81FAlgCLnFUyvDwm1Mfvocy jcdGcrsO02lzXih93oXbZYKNpKsXqsWAkqBwJ8rIX/uNWOcfTn+7AaIpXNkZTYWA 9bxxUe/tCXUR7dFXZF2W2JIakpAEts62DeyIb6CN0LSbFKIqm1ys9fJvVgjlE5im 1R4e5BfQh0ZlcVDktpV8o/VyWAI+ux7Ukz/q5ROejBCgTUP3cPfghJlmzPOqjCeI iziRjheqcFUYWHBbeAMVu6Y/sGLfXrTOg+NZfOTu1iVm/ErLuA== -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:28 2026 by rpki-client