This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33312e302f32342d3234203d3e203437353833.roa File: 33312e3232302e33312e302f32342d3234203d3e203437353833.roa (raw, json) Hash identifier: OAUVgNzWdIZQa80Eb9vfGOy5tjxhkfHqj8OOT2RDmzM= Subject key identifier: 5E:38:F6:45:D6:C9:C5:6A:87:42:08:6E:5E:CC:94:E8:15:90:3C:68 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 34F47655E3C7EFB38ADCD7CF656CDCE358988397 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33312e302f32342d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:58 +0000 ROA not before: Mon 29 Dec 2025 09:45:58 +0000 ROA not after: Mon 28 Dec 2026 09:50:58 +0000 asID: 47583 IP address blocks: 31.220.31.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:f4:76:55:e3:c7:ef:b3:8a:dc:d7:cf:65:6c:dc:e3:58:98:83:97 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:58 2025 GMT Not After : Dec 28 09:50:58 2026 GMT Subject: CN=5E38F645D6C9C56A8742086E5ECC94E815903C68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ea:f3:3b:6e:f9:4e:ae:c8:15:e0:6b:e0:43: d3:9a:26:3b:0c:de:32:8b:60:cf:c3:c0:d2:e1:a0: c9:dd:50:20:37:f5:db:d6:5f:b8:48:15:3f:4d:a8: b4:90:cc:c3:06:30:d5:81:1d:eb:27:14:94:3c:20: f6:b6:66:ec:a2:b3:6d:bf:03:00:fd:9b:b4:41:75: 0b:e6:50:a5:2b:80:10:3d:b4:b4:e3:ea:07:fb:9e: 3a:27:78:33:27:fe:47:93:8a:81:73:92:ab:0c:2e: 4e:a7:45:c9:b3:32:e8:c2:63:02:1a:7a:ca:43:fd: 6c:59:42:99:05:fe:5e:9a:59:fe:66:fd:5f:6c:5b: 9d:32:bb:f0:dc:89:1c:95:4d:30:44:2a:74:0d:91: 64:b5:86:a8:ca:68:8a:c7:60:a1:e6:0f:fb:b2:7a: a5:20:05:b1:04:31:ee:2a:82:d4:31:8e:ee:51:f6: 63:90:67:80:57:0f:f7:c0:5a:65:91:81:de:c4:e3: 98:04:3c:de:52:f6:6a:e5:fc:1f:47:a7:f3:e2:f7: 75:89:d5:83:f8:a7:c2:a5:b1:53:c3:66:b2:e7:8e: c2:c0:52:63:23:17:13:c8:4b:2a:39:2e:5e:91:fe: 0f:50:80:6b:e9:06:4b:00:52:0e:3d:73:ef:dd:83: fc:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:38:F6:45:D6:C9:C5:6A:87:42:08:6E:5E:CC:94:E8:15:90:3C:68 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e33312e302f32342d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.31.0/24 Signature Algorithm: sha256WithRSAEncryption 88:6f:55:c2:e0:b8:ec:e1:6a:64:68:cb:62:0a:de:a2:a5:db: 2f:39:35:17:9b:7e:9a:9a:47:08:79:c9:97:48:ba:77:a1:7c: 68:b2:25:3c:8f:07:91:7a:da:85:f6:d9:2c:4c:04:49:4b:1f: 77:0a:46:4e:ce:8b:4e:cf:dd:77:ef:df:34:3d:f3:4f:50:5f: 5e:ae:b0:72:fc:aa:81:0d:5f:9e:6e:d8:84:4b:85:d4:e5:9d: e0:a9:9e:94:e3:e9:e3:0a:d2:69:2f:36:f3:a9:79:37:f1:ae: f4:9d:2e:31:c7:ba:88:12:3f:d5:52:50:d2:6f:42:c0:30:35: 27:84:74:e7:0a:18:be:f4:8c:45:e2:b1:36:98:cc:02:9f:4e: d3:0c:7e:31:b7:3b:22:99:c6:7a:57:72:7e:d7:73:10:1b:8d: 1b:42:08:9d:6a:41:cb:87:8a:e3:23:e3:21:72:24:47:a7:98: 67:a5:20:6c:ac:92:0a:a7:e0:ef:d9:8e:87:03:24:88:70:20: ce:81:c8:a0:22:d6:9b:6a:31:2d:85:1d:23:73:d9:6e:c7:37: f0:aa:34:cd:3e:e2:d4:a5:8f:23:c9:03:7a:fe:87:ca:d6:f0: f4:d0:a7:18:e9:e0:27:8c:df:80:55:9b:87:18:b2:ef:e6:6f: 26:3e:98:2d -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUNPR2VePH77OK3NfPZWzc41iYg5cwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NThaFw0yNjEyMjgwOTUwNThaMDMxMTAvBgNV BAMTKDVFMzhGNjQ1RDZDOUM1NkE4NzQyMDg2RTVFQ0M5NEU4MTU5MDNDNjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI6vM7bvlOrsgV4GvgQ9OaJjsM 3jKLYM/DwNLhoMndUCA39dvWX7hIFT9NqLSQzMMGMNWBHesnFJQ8IPa2Zuyis22/ AwD9m7RBdQvmUKUrgBA9tLTj6gf7njoneDMn/keTioFzkqsMLk6nRcmzMujCYwIa espD/WxZQpkF/l6aWf5m/V9sW50yu/DciRyVTTBEKnQNkWS1hqjKaIrHYKHmD/uy eqUgBbEEMe4qgtQxju5R9mOQZ4BXD/fAWmWRgd7E45gEPN5S9mrl/B9Hp/Pi93WJ 1YP4p8KlsVPDZrLnjsLAUmMjFxPISyo5Ll6R/g9QgGvpBksAUg49c+/dg/w7AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUXjj2RdbJxWqHQghuXsyU6BWQPGgwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzMzMx MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c HzANBgkqhkiG9w0BAQsFAAOCAQEAiG9VwuC47OFqZGjLYgreoqXbLzk1F5t+mppH CHnJl0i6d6F8aLIlPI8HkXrahfbZLEwESUsfdwpGTs6LTs/dd+/fND3zT1BfXq6w cvyqgQ1fnm7YhEuF1OWd4KmelOPp4wrSaS8286l5N/Gu9J0uMce6iBI/1VJQ0m9C wDA1J4R05woYvvSMReKxNpjMAp9O0wx+Mbc7IpnGeldyftdzEBuNG0IInWpBy4eK 4yPjIXIkR6eYZ6UgbKySCqfg79mOhwMkiHAgzoHIoCLWm2oxLYUdI3PZbsc38Ko0 zT7i1KWPI8kDev6Hytbw9NCnGOngJ4zfgFWbhxiy7+ZvJj6YLQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:12 2026 by rpki-client