This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa File: 33312e3232302e34342e302f32332d3233203d3e203530363733.roa (raw, json) Hash identifier: r1kIcRMcbuvPCF+EG8y64Atzwg+nhbdOAvdNmXl/V4g= Subject key identifier: 41:C0:A5:7C:31:8F:92:B9:E5:F3:43:64:CD:99:9D:B8:58:53:DB:E9 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 53B41DC1B1CC3DED55CDC22F81ED059406A977D0 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa Signing time: Mon 29 Dec 2025 09:51:00 +0000 ROA not before: Mon 29 Dec 2025 09:46:00 +0000 ROA not after: Mon 28 Dec 2026 09:51:00 +0000 asID: 50673 IP address blocks: 31.220.44.0/23 maxlen: 23 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 07:52:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53:b4:1d:c1:b1:cc:3d:ed:55:cd:c2:2f:81:ed:05:94:06:a9:77:d0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:00 2025 GMT Not After : Dec 28 09:51:00 2026 GMT Subject: CN=41C0A57C318F92B9E5F34364CD999DB85853DBE9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7a:b7:92:34:c7:46:b5:a7:42:e6:6d:83:ca: 92:ab:5b:b5:dd:de:57:61:8e:77:80:69:4c:4c:72: 3f:0e:8a:01:94:20:ae:23:e5:64:e9:34:7e:8b:6a: 0d:86:7d:a9:5e:79:88:d4:55:8f:2d:b1:8f:d5:33: b6:6f:44:ed:8f:f5:6e:6f:2d:ab:c2:0b:e1:24:37: 02:17:df:17:d3:3d:c4:fe:cd:62:3f:7c:c6:99:21: 1a:24:5d:be:cc:99:a4:7c:69:8d:0f:2f:08:83:43: 4e:bf:29:27:fd:83:ed:83:c9:a7:5a:86:96:da:ab: 0c:48:b9:5d:e4:b7:0a:61:a9:f8:f9:2e:00:30:da: 02:f4:8a:19:06:fa:aa:72:2e:4f:26:81:d9:4b:5c: 8d:f8:51:6e:c2:53:16:a9:22:62:e8:c1:e8:bd:a4: 7b:43:c9:a6:49:32:88:09:9e:6b:98:95:4d:bd:85: 61:2f:86:38:b0:6b:de:89:21:bc:ad:fc:a3:58:c4: b2:8b:3a:38:b6:4d:6a:9a:38:a0:71:63:32:7b:c0: 29:2d:fc:63:08:c6:12:5e:87:c0:e6:71:ac:bf:05: d3:4c:f3:b9:7f:f5:ca:83:7a:c8:5d:22:c4:72:ed: d4:dd:c9:a4:8e:35:ea:be:7b:d8:08:30:d9:e2:7d: ab:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:C0:A5:7C:31:8F:92:B9:E5:F3:43:64:CD:99:9D:B8:58:53:DB:E9 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.44.0/23 Signature Algorithm: sha256WithRSAEncryption 1e:1e:ff:a5:27:48:ce:8c:a9:2e:1f:2c:6e:e1:66:66:fc:9e: a6:ae:e4:df:c1:61:86:ef:09:8b:4e:96:0f:e1:b6:66:cc:b0: 77:88:88:2e:58:ff:0e:20:9a:e5:bc:7d:c5:d5:67:66:ce:cd: c9:fc:54:b4:eb:b2:82:e1:f9:73:69:a4:d9:42:c0:84:28:c4: 0b:34:e2:56:38:38:2a:6b:2d:38:43:99:ee:d3:c0:29:4a:6f: 29:98:32:9d:72:b4:ef:90:38:46:65:ee:d8:8b:26:ed:bd:a6: 91:4b:5c:cb:ec:84:1c:d7:4d:91:f3:be:3c:f7:c7:f4:df:8f: 5c:84:14:a2:ea:7a:a3:dd:4d:a1:8d:c9:fb:ba:be:0d:0c:48: 59:c5:c3:7a:11:a3:21:f9:fd:44:07:46:23:08:47:71:b8:1b: 3b:28:c4:59:22:bb:15:d9:17:e6:f4:c0:ab:76:b9:da:c8:ef: b7:06:0d:e4:9e:c0:a0:f6:09:7e:96:1e:9f:c6:90:b5:08:70: bc:fb:0d:71:f4:64:de:05:96:a9:d0:cb:8e:f6:54:3d:a3:85: 66:29:63:8b:3e:db:b4:29:37:bf:63:bc:0a:32:9d:a6:21:64: a8:ba:2e:a1:e0:fd:ff:30:e0:9c:a8:da:42:56:92:6b:cb:72: 17:e6:4d:ea -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUU7QdwbHMPe1VzcIvge0FlAapd9AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDBaFw0yNjEyMjgwOTUxMDBaMDMxMTAvBgNV BAMTKDQxQzBBNTdDMzE4RjkyQjlFNUYzNDM2NENEOTk5REI4NTg1M0RCRTkwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPereSNMdGtadC5m2DypKrW7Xd 3ldhjneAaUxMcj8OigGUIK4j5WTpNH6Lag2GfaleeYjUVY8tsY/VM7ZvRO2P9W5v LavCC+EkNwIX3xfTPcT+zWI/fMaZIRokXb7MmaR8aY0PLwiDQ06/KSf9g+2Dyada hpbaqwxIuV3ktwphqfj5LgAw2gL0ihkG+qpyLk8mgdlLXI34UW7CUxapImLowei9 pHtDyaZJMogJnmuYlU29hWEvhjiwa96JIbyt/KNYxLKLOji2TWqaOKBxYzJ7wCkt /GMIxhJeh8Dmcay/BdNM87l/9cqDeshdIsRy7dTdyaSONeq+e9gIMNnifatXAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUQcClfDGPkrnl80NkzZmduFhT2+kwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNDM0 MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzUzMDM2MzczMy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAR/c LDANBgkqhkiG9w0BAQsFAAOCAQEAHh7/pSdIzoypLh8sbuFmZvyepq7k38Fhhu8J i06WD+G2Zsywd4iILlj/DiCa5bx9xdVnZs7NyfxUtOuyguH5c2mk2ULAhCjECzTi Vjg4KmstOEOZ7tPAKUpvKZgynXK075A4RmXu2Ism7b2mkUtcy+yEHNdNkfO+PPfH 9N+PXIQUoup6o91NoY3J+7q+DQxIWcXDehGjIfn9RAdGIwhHcbgbOyjEWSK7FdkX 5vTAq3a52sjvtwYN5J7AoPYJfpYen8aQtQhwvPsNcfRk3gWWqdDLjvZUPaOFZilj iz7btCk3v2O8CjKdpiFkqLouoeD9/zDgnKjaQlaSa8tyF+ZN6g== -----END CERTIFICATE-----Generated at Sun Jan 11 11:46:41 2026 by rpki-client