This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa File: 33312e3232302e342e302f32342d3234203d3e203633343733.roa (raw, json) Hash identifier: CxUstzqPApdJxFVoiz1a7O+NYsop18MOo4kpbeBj9rI= Subject key identifier: 0B:24:3D:A7:0D:FE:06:DE:0B:4E:9E:C0:0B:27:CF:B2:50:18:A6:9E Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 20E9A56FAFCFD3A130D92CFDB29968B46FED7532 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa Signing time: Mon 29 Dec 2025 09:51:06 +0000 ROA not before: Mon 29 Dec 2025 09:46:06 +0000 ROA not after: Mon 28 Dec 2026 09:51:06 +0000 asID: 63473 IP address blocks: 31.220.4.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20:e9:a5:6f:af:cf:d3:a1:30:d9:2c:fd:b2:99:68:b4:6f:ed:75:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:06 2025 GMT Not After : Dec 28 09:51:06 2026 GMT Subject: CN=0B243DA70DFE06DE0B4E9EC00B27CFB25018A69E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:e8:21:80:6e:8a:01:65:c6:55:ce:0f:bb:57: 65:39:08:83:de:15:10:20:2d:b5:f4:ac:1e:18:19: 73:32:f2:07:63:cb:9c:54:04:df:1d:57:6e:7b:7f: f8:b6:f9:b3:ea:46:6f:12:d9:7e:ab:5a:68:e9:8b: 1f:55:14:c5:f6:15:f4:e4:1f:a7:01:66:9f:a8:93: 40:a3:92:a8:bb:54:54:e6:12:52:0f:2c:33:cd:03: dd:a1:9f:77:50:4e:0e:df:e9:7d:d8:57:9d:c1:11: a2:d4:9e:f8:29:7a:40:a4:44:08:41:c2:93:ed:4b: 35:2a:10:38:55:42:b6:7f:21:1d:d7:a2:96:f2:61: 5c:d9:95:d9:73:99:ce:d9:e8:7d:d3:74:4e:24:1e: 84:0f:15:d9:04:b5:4d:53:b5:8c:ef:7f:34:b4:eb: 9c:01:35:7f:41:63:07:9d:a5:b8:9a:0b:2f:ad:47: 06:53:8b:f1:ce:51:aa:70:bc:7a:9b:0f:51:36:4e: c1:29:e3:89:82:63:d6:2a:9e:fa:f6:56:2c:a3:ae: 3f:88:a4:c1:34:9b:88:e4:cd:27:7b:e0:1a:b7:f6: 85:99:d6:f1:60:b8:ff:d8:59:cd:c9:de:12:57:56: a9:14:19:d6:4a:1a:97:63:19:41:a5:2d:fa:3d:1c: 7f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:24:3D:A7:0D:FE:06:DE:0B:4E:9E:C0:0B:27:CF:B2:50:18:A6:9E X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e342e302f32342d3234203d3e203633343733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.4.0/24 Signature Algorithm: sha256WithRSAEncryption 49:95:ad:64:54:1c:dd:74:1f:aa:54:c1:d9:50:a4:ff:8a:de: 21:5a:01:ae:5f:9d:1c:3c:bd:5f:69:fa:a4:fd:00:0e:7a:ff: da:9c:b0:82:60:22:d7:bb:41:89:d3:3a:ce:c8:f0:91:53:74: eb:28:0c:f9:b6:51:b7:b0:06:33:d7:3f:77:5f:86:37:72:3e: bb:78:b8:ff:98:55:b4:b0:12:8f:40:5e:71:c7:db:04:35:f2: 1b:a2:95:50:db:b5:ba:24:c7:8d:a8:e5:5a:f9:97:23:30:42: 8e:28:2d:99:aa:7a:48:03:92:65:1c:8f:92:6a:30:b8:4f:2a: eb:da:4f:b7:1d:75:2e:ec:48:50:9f:56:0c:93:29:ae:22:ea: 51:7a:ba:8c:aa:d5:a8:2f:37:f0:15:1c:8a:39:e0:b8:05:80: a0:c0:49:b0:cc:29:64:c6:7e:b0:dd:05:63:7c:aa:1b:6b:b4: 09:49:12:e2:ec:f3:a6:d3:27:70:10:70:0f:4e:b9:1c:f1:aa: 15:82:4e:e6:26:76:26:6d:8b:d8:88:05:26:ea:1c:0e:83:25: ad:0e:e4:a5:8d:66:2d:99:f3:2a:36:31:ae:ab:0d:af:44:f9: 7e:8b:0e:eb:cc:47:f1:52:96:17:c8:9a:24:eb:62:eb:69:bb: 0c:68:63:3d -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUIOmlb6/P06Ew2Sz9splotG/tdTIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDZaFw0yNjEyMjgwOTUxMDZaMDMxMTAvBgNV BAMTKDBCMjQzREE3MERGRTA2REUwQjRFOUVDMDBCMjdDRkIyNTAxOEE2OUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk6CGAbooBZcZVzg+7V2U5CIPe FRAgLbX0rB4YGXMy8gdjy5xUBN8dV257f/i2+bPqRm8S2X6rWmjpix9VFMX2FfTk H6cBZp+ok0Cjkqi7VFTmElIPLDPNA92hn3dQTg7f6X3YV53BEaLUnvgpekCkRAhB wpPtSzUqEDhVQrZ/IR3XopbyYVzZldlzmc7Z6H3TdE4kHoQPFdkEtU1TtYzvfzS0 65wBNX9BYwedpbiaCy+tRwZTi/HOUapwvHqbD1E2TsEp44mCY9Yqnvr2Viyjrj+I pME0m4jkzSd74Bq39oWZ1vFguP/YWc3J3hJXVqkUGdZKGpdjGUGlLfo9HH9JAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUCyQ9pw3+Bt4LTp7ACyfPslAYpp4wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzMzNDM3MzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAf3AQw DQYJKoZIhvcNAQELBQADggEBAEmVrWRUHN10H6pUwdlQpP+K3iFaAa5fnRw8vV9p +qT9AA56/9qcsIJgIte7QYnTOs7I8JFTdOsoDPm2UbewBjPXP3dfhjdyPrt4uP+Y VbSwEo9AXnHH2wQ18huilVDbtbokx42o5Vr5lyMwQo4oLZmqekgDkmUcj5JqMLhP KuvaT7cddS7sSFCfVgyTKa4i6lF6uoyq1agvN/AVHIo54LgFgKDASbDMKWTGfrDd BWN8qhtrtAlJEuLs86bTJ3AQcA9OuRzxqhWCTuYmdiZti9iIBSbqHA6DJa0O5KWN Zi2Z8yo2Ma6rDa9E+X6LDuvMR/FSlhfImiTrYutpuwxoYz0= -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:11 2026 by rpki-client