This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa File: 33312e3232302e34332e302f32342d3234203d3e203432373038.roa (raw, json) Hash identifier: txPLGAS6IPFX/JhUpXiChd8/Z4bZTFhS/mZjhDG8or0= Subject key identifier: 5E:EB:21:F1:59:23:A8:54:2F:3C:65:9B:CD:7D:7D:46:52:97:12:18 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 085AE1E16622FE3A456CFA4E8E6FC0421D3D0D0E Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa Signing time: Mon 29 Dec 2025 09:50:34 +0000 ROA not before: Mon 29 Dec 2025 09:45:34 +0000 ROA not after: Mon 28 Dec 2026 09:50:34 +0000 asID: 42708 IP address blocks: 31.220.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 08:5a:e1:e1:66:22:fe:3a:45:6c:fa:4e:8e:6f:c0:42:1d:3d:0d:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:34 2025 GMT Not After : Dec 28 09:50:34 2026 GMT Subject: CN=5EEB21F15923A8542F3C659BCD7D7D4652971218 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:0e:e1:f0:1e:c4:a6:9e:6f:68:b5:a7:bd:8b: 4f:69:46:e9:e2:03:a6:d2:65:e5:a7:a4:49:4e:80: f7:16:11:c8:d0:64:4d:40:e0:9e:fc:6d:8f:9f:48: f3:c5:7d:75:4b:82:0d:39:48:a1:32:33:01:c7:d6: 9a:68:88:1b:28:1c:c5:08:65:34:08:78:28:60:c0: aa:91:bb:da:bf:16:dd:f2:c9:b3:70:14:66:9c:9c: 53:9a:90:db:94:56:c5:62:2d:d7:66:08:1c:8a:61: b2:4d:e9:f8:52:87:dc:61:10:24:f0:7b:e5:1b:da: 67:59:0e:44:74:e2:1e:4d:56:6a:58:5d:3f:2a:ce: eb:eb:b3:ee:81:6c:36:fd:38:63:d5:29:a6:03:91: 0a:5f:da:ea:fa:c8:b8:16:a2:f7:a4:97:2a:ac:76: c4:90:44:22:37:89:b0:55:cc:cd:81:fe:14:19:65: 1e:6c:9c:97:71:91:ad:ff:fe:e2:aa:82:4e:8c:03: a0:b0:f4:55:c8:ab:34:21:3b:22:1e:6e:db:07:e0: 72:a2:1c:08:2e:fd:66:64:56:87:c0:c3:48:01:61: d6:03:96:61:a1:4c:90:2b:8f:70:96:cb:ac:3c:0f: 70:29:08:6d:55:9e:31:d8:28:7a:64:c3:02:e5:b2: ac:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:EB:21:F1:59:23:A8:54:2F:3C:65:9B:CD:7D:7D:46:52:97:12:18 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203432373038.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.43.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:f5:a7:bd:d9:51:68:af:8c:cc:c5:5d:0d:0f:44:fd:ce:d1: 18:9f:cc:2c:d7:a1:8f:0e:d0:43:83:82:c6:cf:62:69:a0:27: 11:be:28:77:12:61:72:40:8d:75:c4:30:c5:2e:21:41:93:df: 39:35:45:f0:21:57:44:08:84:b0:bd:bf:c7:d3:c0:36:34:48: 26:01:cb:90:6c:2f:fe:30:62:7c:d8:49:37:e3:2e:ed:ac:57: 25:60:18:1a:7d:47:12:46:2d:c5:7c:04:8b:7b:24:ed:c0:b0: 03:b0:b0:a5:f9:56:83:c0:28:de:d4:49:59:34:c9:61:7a:b2: 3c:35:85:fa:49:8a:b1:aa:f9:a3:0a:fa:7a:e8:65:b9:c0:51: e4:b0:a5:cc:8f:00:ab:f6:10:2a:50:bb:72:64:29:84:4d:58: 4b:14:cd:59:6b:46:70:63:d4:ca:b2:2b:0c:44:92:9b:47:90: ed:38:69:0b:32:f6:41:e4:46:1f:4d:3c:0c:d6:9a:50:1e:58: 9f:26:9a:4b:52:51:19:8d:b5:79:a4:52:8b:83:f2:e1:3b:fa: 91:30:bf:1d:eb:4f:a6:50:9f:21:c1:01:e2:62:ee:d1:dd:0f: 65:5e:68:5c:4a:ef:22:b7:cb:64:fc:7f:c0:d2:27:65:fd:65: 04:29:44:a0 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUCFrh4WYi/jpFbPpOjm/AQh09DQ4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzRaFw0yNjEyMjgwOTUwMzRaMDMxMTAvBgNV BAMTKDVFRUIyMUYxNTkyM0E4NTQyRjNDNjU5QkNEN0Q3RDQ2NTI5NzEyMTgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzDuHwHsSmnm9otae9i09pRuni A6bSZeWnpElOgPcWEcjQZE1A4J78bY+fSPPFfXVLgg05SKEyMwHH1ppoiBsoHMUI ZTQIeChgwKqRu9q/Ft3yybNwFGacnFOakNuUVsViLddmCByKYbJN6fhSh9xhECTw e+Ub2mdZDkR04h5NVmpYXT8qzuvrs+6BbDb9OGPVKaYDkQpf2ur6yLgWoveklyqs dsSQRCI3ibBVzM2B/hQZZR5snJdxka3//uKqgk6MA6Cw9FXIqzQhOyIebtsH4HKi HAgu/WZkVofAw0gBYdYDlmGhTJArj3CWy6w8D3ApCG1VnjHYKHpkwwLlsqxlAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUXush8VkjqFQvPGWbzX19RlKXEhgwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDMz MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMjM3MzAzOC5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c KzANBgkqhkiG9w0BAQsFAAOCAQEAXfWnvdlRaK+MzMVdDQ9E/c7RGJ/MLNehjw7Q Q4OCxs9iaaAnEb4odxJhckCNdcQwxS4hQZPfOTVF8CFXRAiEsL2/x9PANjRIJgHL kGwv/jBifNhJN+Mu7axXJWAYGn1HEkYtxXwEi3sk7cCwA7CwpflWg8Ao3tRJWTTJ YXqyPDWF+kmKsar5owr6euhlucBR5LClzI8Aq/YQKlC7cmQphE1YSxTNWWtGcGPU yrIrDESSm0eQ7ThpCzL2QeRGH008DNaaUB5YnyaaS1JRGY21eaRSi4Py4Tv6kTC/ HetPplCfIcEB4mLu0d0PZV5oXErvIrfLZPx/wNInZf1lBClEoA== -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:11 2026 by rpki-client