This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa File: 33312e3232302e34322e302f32342d3234203d3e203530363733.roa (raw, json) Hash identifier: uZSmQgP8DQBGGuqJP1qP1ub3FNSmFAPVr9jK12R0auc= Subject key identifier: 07:60:DB:25:FB:6B:54:12:CA:C9:42:47:47:05:0B:EA:6B:02:B8:3C Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 179D7F757D54AF4B09E451D383463842E150F1DC Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa Signing time: Mon 29 Dec 2025 09:50:49 +0000 ROA not before: Mon 29 Dec 2025 09:45:49 +0000 ROA not after: Mon 28 Dec 2026 09:50:49 +0000 asID: 50673 IP address blocks: 31.220.42.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17:9d:7f:75:7d:54:af:4b:09:e4:51:d3:83:46:38:42:e1:50:f1:dc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:49 2025 GMT Not After : Dec 28 09:50:49 2026 GMT Subject: CN=0760DB25FB6B5412CAC9424747050BEA6B02B83C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:8f:ca:31:d8:19:af:54:e1:76:1e:95:fe:51: 1e:b6:ea:44:88:1d:78:37:a3:df:a7:ce:dd:75:84: ce:b1:24:df:99:14:4d:97:32:e7:37:8f:70:bb:11: 4f:d2:ec:f1:bf:0b:97:75:48:55:0b:dc:62:96:a9: f9:4a:38:4e:0c:3d:f8:1d:15:64:e2:36:53:38:2e: 17:54:78:e0:11:2a:49:2f:4e:4e:b7:de:c4:49:b6: 6f:7c:fe:8a:80:c6:ed:5d:a3:f3:d0:3c:13:55:23: c3:46:f7:60:0a:48:14:d4:e4:07:0f:ce:ff:ec:b4: a1:8f:ca:da:0c:33:54:3a:fe:f6:e5:02:78:09:8a: d9:9f:86:13:7b:cf:0b:d0:1c:82:3e:bc:32:47:60: 09:e7:21:c0:5a:3f:42:e9:59:9f:a3:db:dc:f0:61: 3f:aa:1a:78:20:42:b7:ba:db:68:18:73:24:0e:db: 30:f9:ee:fd:3c:de:3a:64:10:33:44:e4:da:4a:b0: 9a:70:bb:d5:fe:24:dc:55:2c:df:b0:a7:63:45:d3: 54:38:77:00:d2:45:88:d0:74:2b:05:6d:06:6a:d1: 5d:ec:4c:ec:56:b8:20:75:70:c9:f3:0c:88:3a:e1: ba:92:29:61:2e:36:ab:7a:ce:0b:18:5b:a0:a4:27: 8b:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:60:DB:25:FB:6B:54:12:CA:C9:42:47:47:05:0B:EA:6B:02:B8:3C X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34322e302f32342d3234203d3e203530363733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.42.0/24 Signature Algorithm: sha256WithRSAEncryption 25:b8:1c:aa:41:94:a9:ab:c0:af:79:8d:02:41:3c:53:d9:04: f2:cd:ab:af:7a:98:06:e6:51:aa:ee:13:7a:52:a3:f2:25:8b: f9:d0:1d:89:08:58:f8:77:42:27:89:6f:dc:2a:20:0a:1e:4e: f3:30:f0:ab:2d:c5:dd:f5:93:66:e4:ef:60:14:57:32:e9:72: 0c:5e:ab:bc:c5:b7:6f:6d:05:d6:7a:3d:37:76:88:8a:e9:d9: 74:1d:8d:e6:15:c9:5a:1f:87:55:9d:2e:46:b6:28:d6:68:72: 3d:c0:d5:05:7d:c7:b5:ad:f4:c5:cc:5c:2a:b8:12:2c:8d:fd: f3:55:63:cd:a7:54:97:e3:f6:55:20:d2:16:ea:25:d8:fb:92: 64:3c:42:79:5a:60:2d:9e:2d:52:2a:7f:82:78:ad:d9:6a:97: 85:cb:df:64:b8:fb:84:d0:b7:77:6b:10:b1:ce:6d:60:b4:b2: 5f:9e:18:67:c5:e1:ac:6b:3b:07:bf:1d:07:12:4f:82:db:02: 70:70:5c:ba:f5:39:9d:cb:1c:f3:ca:b7:e5:9b:bd:d3:84:44: 61:55:64:c1:cc:d5:ca:44:9c:64:14:1d:c6:8e:8c:5e:8e:07: 50:5b:f2:0e:ca:72:ea:d7:2a:63:dd:3f:89:09:a0:b8:6e:24: 70:da:11:5b -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUF51/dX1Ur0sJ5FHTg0Y4QuFQ8dwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDlaFw0yNjEyMjgwOTUwNDlaMDMxMTAvBgNV BAMTKDA3NjBEQjI1RkI2QjU0MTJDQUM5NDI0NzQ3MDUwQkVBNkIwMkI4M0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUj8ox2BmvVOF2HpX+UR626kSI HXg3o9+nzt11hM6xJN+ZFE2XMuc3j3C7EU/S7PG/C5d1SFUL3GKWqflKOE4MPfgd FWTiNlM4LhdUeOARKkkvTk633sRJtm98/oqAxu1do/PQPBNVI8NG92AKSBTU5AcP zv/stKGPytoMM1Q6/vblAngJitmfhhN7zwvQHII+vDJHYAnnIcBaP0LpWZ+j29zw YT+qGnggQre622gYcyQO2zD57v083jpkEDNE5NpKsJpwu9X+JNxVLN+wp2NF01Q4 dwDSRYjQdCsFbQZq0V3sTOxWuCB1cMnzDIg64bqSKWEuNqt6zgsYW6CkJ4tFAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUB2DbJftrVBLKyUJHRwUL6msCuDwwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDMy MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMDM2MzczMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c KjANBgkqhkiG9w0BAQsFAAOCAQEAJbgcqkGUqavAr3mNAkE8U9kE8s2rr3qYBuZR qu4TelKj8iWL+dAdiQhY+HdCJ4lv3CogCh5O8zDwqy3F3fWTZuTvYBRXMulyDF6r vMW3b20F1no9N3aIiunZdB2N5hXJWh+HVZ0uRrYo1mhyPcDVBX3Hta30xcxcKrgS LI3981VjzadUl+P2VSDSFuol2PuSZDxCeVpgLZ4tUip/gnit2WqXhcvfZLj7hNC3 d2sQsc5tYLSyX54YZ8XhrGs7B78dBxJPgtsCcHBcuvU5ncsc88q35Zu904REYVVk wczVykScZBQdxo6MXo4HUFvyDspy6tcqY90/iQmguG4kcNoRWw== -----END CERTIFICATE-----Generated at Sun Jan 11 11:46:41 2026 by rpki-client