This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203530363733.roa File: 33312e3232302e34332e302f32342d3234203d3e203530363733.roa (raw, json) Hash identifier: bnDDWokdIZIS6Se92X0oX0VqnRsE1O66QkEb23Surhw= Subject key identifier: C5:B9:C5:06:3E:A6:A0:36:13:2E:34:2F:94:AA:03:F4:10:E6:3C:B8 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 5994DB4A41EDE6B9F7C1A48FBF317005BE69CC6B Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203530363733.roa Signing time: Mon 29 Dec 2025 09:50:47 +0000 ROA not before: Mon 29 Dec 2025 09:45:47 +0000 ROA not after: Mon 28 Dec 2026 09:50:47 +0000 asID: 50673 IP address blocks: 31.220.43.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59:94:db:4a:41:ed:e6:b9:f7:c1:a4:8f:bf:31:70:05:be:69:cc:6b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:47 2025 GMT Not After : Dec 28 09:50:47 2026 GMT Subject: CN=C5B9C5063EA6A036132E342F94AA03F410E63CB8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:17:08:11:97:4c:77:2d:14:3e:2f:54:d3:b8: 7b:87:d1:6f:cb:74:d9:03:87:d5:41:55:23:28:dd: c2:82:dc:2c:38:b6:e2:f9:14:69:50:a1:94:24:32: 46:12:c5:5e:70:7f:1c:d5:0c:8f:d4:e9:7d:12:29: b1:24:98:e4:45:63:d4:b5:e4:69:c6:13:fd:33:c5: 90:ec:b8:f0:81:8a:50:f4:2d:2a:44:e1:2e:a2:b7: 95:fa:93:73:84:75:d0:9f:6d:59:f7:cc:79:fd:0a: ca:32:a7:98:cf:4f:d2:8b:2b:d6:e5:e3:2b:69:05: f2:8d:5b:b0:20:74:db:b2:85:f4:3a:df:04:15:6b: 8b:4a:f5:e7:e6:a2:01:6f:13:43:db:53:9c:8c:35: 90:f9:42:e1:66:13:61:63:74:64:f8:fa:1a:11:84: a6:71:b0:cf:e9:a2:88:0c:f4:c1:35:34:6b:0b:87: c4:3d:d1:49:b4:a9:6b:f5:46:aa:af:30:9a:06:c5: 64:be:09:35:4e:8c:08:0e:7f:fe:30:8a:45:f8:8b: 4c:47:b0:40:d1:81:53:99:78:e4:89:37:b9:35:cf: 30:1a:f6:c4:83:e9:d6:80:b9:87:06:51:77:6e:4d: 4c:2d:43:8a:c0:92:ae:b0:6a:29:8e:b0:a9:a4:b2: 05:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:B9:C5:06:3E:A6:A0:36:13:2E:34:2F:94:AA:03:F4:10:E6:3C:B8 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34332e302f32342d3234203d3e203530363733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.43.0/24 Signature Algorithm: sha256WithRSAEncryption 50:c3:81:c6:ee:9c:ea:81:2c:3d:1c:fb:d1:6b:e3:c5:1a:4b: 34:00:46:f5:ed:f9:57:fa:de:6b:b8:b5:90:13:c2:59:b7:8e: 32:37:f9:9d:31:3b:e4:73:bb:13:0b:92:27:7e:b5:2a:b3:f4: 3d:66:d8:4c:01:ec:99:67:00:b5:78:a7:e9:ff:df:06:25:26: 75:62:d0:af:15:48:e6:05:80:2d:d6:a2:01:a6:43:f5:4b:64: 73:64:11:68:4f:4e:93:e7:fd:5d:7c:d2:26:8c:a3:f0:b0:44: 84:c6:5e:e5:94:54:fa:af:45:26:ab:81:b8:01:88:a8:9f:4b: be:09:d6:ae:6a:d5:0e:a9:69:e2:a1:d3:1c:93:7e:32:3f:ad: 8e:ba:42:9a:9a:78:8c:8d:ba:5d:27:0e:59:58:b0:8b:71:5c: 4a:fa:63:d5:2a:ba:fb:df:5f:c5:d0:ba:5d:4f:b5:99:84:b9: e1:de:10:76:2d:5b:5d:26:19:a2:d8:57:bb:c4:26:f1:36:e0: 66:98:75:f2:45:69:a9:ce:46:f1:13:7a:cb:d6:09:35:5c:6e: d6:9b:85:b2:a2:ea:09:e1:d8:33:2a:c1:83:ff:f5:3e:3c:56: 2b:fd:13:71:df:80:d4:ef:de:ba:b7:b1:d0:34:79:c0:89:a7: 60:01:59:1a -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUWZTbSkHt5rn3waSPvzFwBb5pzGswDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDdaFw0yNjEyMjgwOTUwNDdaMDMxMTAvBgNV BAMTKEM1QjlDNTA2M0VBNkEwMzYxMzJFMzQyRjk0QUEwM0Y0MTBFNjNDQjgwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5FwgRl0x3LRQ+L1TTuHuH0W/L dNkDh9VBVSMo3cKC3Cw4tuL5FGlQoZQkMkYSxV5wfxzVDI/U6X0SKbEkmORFY9S1 5GnGE/0zxZDsuPCBilD0LSpE4S6it5X6k3OEddCfbVn3zHn9Csoyp5jPT9KLK9bl 4ytpBfKNW7AgdNuyhfQ63wQVa4tK9efmogFvE0PbU5yMNZD5QuFmE2FjdGT4+hoR hKZxsM/poogM9ME1NGsLh8Q90Um0qWv1RqqvMJoGxWS+CTVOjAgOf/4wikX4i0xH sEDRgVOZeOSJN7k1zzAa9sSD6daAuYcGUXduTUwtQ4rAkq6waimOsKmksgV5AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUxbnFBj6moDYTLjQvlKoD9BDmPLgwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDMz MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMDM2MzczMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/c KzANBgkqhkiG9w0BAQsFAAOCAQEAUMOBxu6c6oEsPRz70WvjxRpLNABG9e35V/re a7i1kBPCWbeOMjf5nTE75HO7EwuSJ361KrP0PWbYTAHsmWcAtXin6f/fBiUmdWLQ rxVI5gWALdaiAaZD9Utkc2QRaE9Ok+f9XXzSJoyj8LBEhMZe5ZRU+q9FJquBuAGI qJ9LvgnWrmrVDqlp4qHTHJN+Mj+tjrpCmpp4jI26XScOWViwi3FcSvpj1Sq6+99f xdC6XU+1mYS54d4Qdi1bXSYZothXu8Qm8TbgZph18kVpqc5G8RN6y9YJNVxu1puF sqLqCeHYMyrBg//1PjxWK/0Tcd+A1O/eurex0DR5wImnYAFZGg== -----END CERTIFICATE-----Generated at Sun Jan 11 11:46:41 2026 by rpki-client