This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa File: 33312e3232302e33302e302f32342d3234203d3e203530363733.roa (raw, json) Hash identifier: kGia756uGI1WbMAGD6pXMnM60S/MR3GtrAlNFHcS2C0= Subject key identifier: 4B:54:08:E1:A4:CB:43:C6:7C:34:76:4C:29:07:27:7B:35:E3:4C:90 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 38EADB69B90017AF46F39C4905FD4E4D8240255F Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa Signing time: Mon 29 Dec 2025 09:50:37 +0000 ROA not before: Mon 29 Dec 2025 09:45:37 +0000 ROA not after: Mon 28 Dec 2026 09:50:37 +0000 asID: 50673 IP address blocks: 31.220.30.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 38:ea:db:69:b9:00:17:af:46:f3:9c:49:05:fd:4e:4d:82:40:25:5f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:37 2025 GMT Not After : Dec 28 09:50:37 2026 GMT Subject: CN=4B5408E1A4CB43C67C34764C2907277B35E34C90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:a9:92:9c:40:db:d7:d7:71:54:21:61:8e:36: 37:5a:1a:67:bb:fb:af:1e:30:cf:23:eb:1d:69:37: 9b:b4:9b:a1:8d:e8:2a:fc:d2:fe:01:3c:02:5e:a1: 10:d2:f2:18:ba:39:ab:65:0e:96:73:e2:69:a4:44: 92:11:aa:75:8e:ea:7c:8f:72:b9:be:42:f6:57:c9: 37:af:fa:09:ba:29:e8:fb:39:f4:5b:54:fc:51:31: 49:28:49:3c:0b:68:1f:de:c0:71:01:4b:cc:05:39: 61:a7:87:ab:c9:f1:a5:16:9f:b7:eb:7d:c2:cf:f1: f3:5d:d0:7b:68:7a:a3:76:8f:ac:56:c4:87:4e:0e: 48:7d:dd:0a:05:32:35:b9:2c:2b:f0:66:84:a0:0a: d1:e6:3d:74:56:b1:dd:ec:cf:d2:51:a6:96:b5:d7: 32:62:a8:ef:26:dc:41:61:b7:6b:9e:34:2b:f4:7f: df:de:f2:4c:7e:7a:01:0c:9d:41:71:0b:76:5b:39: 9e:31:9c:8f:68:49:b6:94:f0:2e:cb:ae:09:6f:3b: 04:79:e1:5d:e8:75:0d:ed:3d:2f:08:9f:33:c5:29: 2c:b8:e7:10:44:eb:8c:21:27:2d:13:bf:7d:40:ba: 06:4f:01:eb:17:d1:31:a3:51:ae:0f:68:0a:c6:e9: 5f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:54:08:E1:A4:CB:43:C6:7C:34:76:4C:29:07:27:7B:35:E3:4C:90 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.30.0/24 Signature Algorithm: sha256WithRSAEncryption 2c:da:e1:fc:3b:03:f8:35:9c:4a:c6:ec:75:e8:43:00:4b:f4: 77:53:4f:0f:0b:76:25:71:ac:74:9b:63:42:67:0b:b0:56:db: d0:77:39:7e:c7:fe:cf:7b:07:b5:21:c6:d7:0c:9c:0f:e8:a1: 5f:6f:71:f1:68:37:c7:66:33:bd:82:7e:99:1a:58:49:68:12: 5b:6d:f4:52:47:9c:1c:3d:f6:fa:0b:c8:cc:bf:93:95:15:a4: c2:81:3b:eb:d9:8a:5f:f2:c2:ac:a5:2f:ac:50:ef:72:18:97: 77:40:75:20:8d:d4:c2:ba:6e:2f:18:83:a7:3d:f2:0a:74:54: c4:a8:1a:82:90:82:1b:ab:2f:6e:07:42:80:dc:0b:13:47:eb: 0d:c7:55:cd:e0:9c:0e:61:5b:f6:bd:1c:a4:61:a5:a8:10:72: fd:34:0f:9b:3e:bf:b3:06:c9:1e:e9:04:cc:e4:a6:a0:46:39: e2:5e:06:59:96:62:5b:15:e2:00:7c:d9:ce:cc:91:68:41:8f: 9b:a7:d6:a1:e3:7a:c8:9f:c1:c3:d9:f6:03:68:a8:60:78:1c: a4:f9:95:11:71:7f:28:79:b3:44:7f:2e:1a:bc:77:54:92:9c: 62:64:33:37:e2:6d:1b:e4:82:46:72:49:97:34:30:f2:ad:24: b9:17:8b:15 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUOOrbabkAF69G85xJBf1OTYJAJV8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzdaFw0yNjEyMjgwOTUwMzdaMDMxMTAvBgNV BAMTKDRCNTQwOEUxQTRDQjQzQzY3QzM0NzY0QzI5MDcyNzdCMzVFMzRDOTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeqZKcQNvX13FUIWGONjdaGme7 +68eMM8j6x1pN5u0m6GN6Cr80v4BPAJeoRDS8hi6OatlDpZz4mmkRJIRqnWO6nyP crm+QvZXyTev+gm6Kej7OfRbVPxRMUkoSTwLaB/ewHEBS8wFOWGnh6vJ8aUWn7fr fcLP8fNd0HtoeqN2j6xWxIdODkh93QoFMjW5LCvwZoSgCtHmPXRWsd3sz9JRppa1 1zJiqO8m3EFht2ueNCv0f9/e8kx+egEMnUFxC3ZbOZ4xnI9oSbaU8C7LrglvOwR5 4V3odQ3tPS8InzPFKSy45xBE64whJy0Tv31AugZPAesX0TGjUa4PaArG6V9TAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUS1QI4aTLQ8Z8NHZMKQcnezXjTJAwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMzMw MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMDM2MzczMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c HjANBgkqhkiG9w0BAQsFAAOCAQEALNrh/DsD+DWcSsbsdehDAEv0d1NPDwt2JXGs dJtjQmcLsFbb0Hc5fsf+z3sHtSHG1wycD+ihX29x8Wg3x2YzvYJ+mRpYSWgSW230 UkecHD32+gvIzL+TlRWkwoE769mKX/LCrKUvrFDvchiXd0B1II3UwrpuLxiDpz3y CnRUxKgagpCCG6svbgdCgNwLE0frDcdVzeCcDmFb9r0cpGGlqBBy/TQPmz6/swbJ HukEzOSmoEY54l4GWZZiWxXiAHzZzsyRaEGPm6fWoeN6yJ/Bw9n2A2ioYHgcpPmV EXF/KHmzRH8uGrx3VJKcYmQzN+JtG+SCRnJJlzQw8q0kuReLFQ== -----END CERTIFICATE-----Generated at Sun Jan 11 11:46:41 2026 by rpki-client