This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e37322e302f32312d3332203d3e203531313637.roa File: 33312e3232302e37322e302f32312d3332203d3e203531313637.roa (raw, json) Hash identifier: PHVTsCle9w2+WRhWIKQ8XMpAXWAVGmt74bxpfjr1abs= Subject key identifier: 27:BE:04:BD:F8:09:3C:3B:03:80:CC:24:F0:9C:2A:48:96:48:2E:7E Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 7ABEAB2E23FF8F7E589FD13E88EEB3F0CFCFCB32 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e37322e302f32312d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:41 +0000 ROA not before: Mon 29 Dec 2025 09:45:41 +0000 ROA not after: Mon 28 Dec 2026 09:50:41 +0000 asID: 51167 IP address blocks: 31.220.72.0/21 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7a:be:ab:2e:23:ff:8f:7e:58:9f:d1:3e:88:ee:b3:f0:cf:cf:cb:32 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:41 2025 GMT Not After : Dec 28 09:50:41 2026 GMT Subject: CN=27BE04BDF8093C3B0380CC24F09C2A4896482E7E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:32:a5:dc:da:83:8b:3a:c7:13:6b:51:3a:01: 35:58:d1:ca:a6:c9:c0:6d:62:46:15:b2:00:2b:04: d2:17:8e:fd:78:6c:8a:4e:ed:cd:7e:f6:e6:ce:79: 52:49:ef:c8:3f:06:b3:47:0b:75:c0:05:fd:bf:ee: 31:c7:7b:d7:a0:aa:4c:0e:39:78:58:56:67:15:f1: ef:b1:ea:30:e4:49:88:3e:46:4a:21:04:f4:43:62: 5a:d2:ed:c5:54:f7:05:97:37:48:7a:46:96:e9:9f: 76:f2:30:6d:e2:73:38:29:bf:9a:a9:b3:dc:81:d8: 06:28:e8:af:2e:d8:7e:65:aa:ba:9e:db:d1:27:96: b5:bb:74:64:5a:55:69:d9:04:da:ea:ea:c1:41:dd: 61:5b:bd:03:0e:1c:f2:da:03:2f:50:73:c2:09:1b: e2:a6:7d:c4:f7:ad:73:1f:ac:4d:e1:ba:f7:40:2c: 04:60:8d:3b:55:0e:7e:f3:8d:33:09:16:d6:79:ce: d4:ce:21:6b:4a:aa:e0:ed:36:32:58:2d:7e:ae:72: f7:15:14:13:fa:fa:15:8a:ed:dc:08:cc:0a:ad:77: e3:b6:e8:e3:0f:d0:12:a4:1f:c8:df:21:3a:dd:8f: 0b:d3:c4:5a:b9:7a:bb:11:11:6c:53:44:7e:5a:0e: cb:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:BE:04:BD:F8:09:3C:3B:03:80:CC:24:F0:9C:2A:48:96:48:2E:7E X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e37322e302f32312d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.72.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:1f:5e:0c:f0:dc:6a:2a:10:af:1b:69:01:b2:22:f3:9d:13: 40:23:2b:f0:2b:a7:e1:ca:22:61:67:5a:26:a9:1f:5a:e2:e9: 86:f1:df:6d:58:d9:ba:d7:c9:9f:5b:5f:09:fc:92:ac:c2:ea: 73:cb:17:6c:50:58:00:ec:c2:f3:0f:21:5f:a2:5a:d3:46:75: 6e:21:1b:f5:0d:82:a7:61:ee:08:78:b3:55:ef:c9:41:21:2b: 28:8e:95:16:5b:51:d2:7d:60:e5:b0:04:cf:eb:3c:c9:a9:56: 34:d0:d1:aa:7a:e7:5a:5b:ac:e9:30:09:d8:b0:25:fe:ff:f4: 26:6d:67:e0:c3:39:43:7d:0c:8d:91:86:dd:d0:5a:16:f6:ee: e3:ef:16:3d:0f:a3:04:f4:6a:fe:1a:42:b1:94:e9:5b:6b:bd: ad:cd:c6:63:bf:9d:13:f1:c9:d9:8f:8c:fe:87:a2:41:dc:13: dd:81:46:41:27:10:c4:10:60:de:4a:d6:1a:90:87:5b:4b:4e: 81:9e:42:04:cb:34:85:69:67:26:c2:73:b6:f7:95:eb:df:a9: 10:a3:9b:ea:58:b6:6f:9c:55:91:c7:64:28:88:a1:4f:7c:73: 74:ea:68:c4:c4:dd:3f:86:1b:e4:95:61:0a:bb:2d:ef:bb:fd: 39:a3:78:7f -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUer6rLiP/j35Yn9E+iO6z8M/PyzIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDFaFw0yNjEyMjgwOTUwNDFaMDMxMTAvBgNV BAMTKDI3QkUwNEJERjgwOTNDM0IwMzgwQ0MyNEYwOUMyQTQ4OTY0ODJFN0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMMqXc2oOLOscTa1E6ATVY0cqm ycBtYkYVsgArBNIXjv14bIpO7c1+9ubOeVJJ78g/BrNHC3XABf2/7jHHe9egqkwO OXhYVmcV8e+x6jDkSYg+RkohBPRDYlrS7cVU9wWXN0h6Rpbpn3byMG3iczgpv5qp s9yB2AYo6K8u2H5lqrqe29EnlrW7dGRaVWnZBNrq6sFB3WFbvQMOHPLaAy9Qc8IJ G+KmfcT3rXMfrE3huvdALARgjTtVDn7zjTMJFtZ5ztTOIWtKquDtNjJYLX6ucvcV FBP6+hWK7dwIzAqtd+O26OMP0BKkH8jfITrdjwvTxFq5ersREWxTRH5aDssZAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUJ74EvfgJPDsDgMwk8JwqSJZILn4wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzNzMy MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c SDANBgkqhkiG9w0BAQsFAAOCAQEAeh9eDPDcaioQrxtpAbIi850TQCMr8Cun4coi YWdaJqkfWuLphvHfbVjZutfJn1tfCfySrMLqc8sXbFBYAOzC8w8hX6Ja00Z1biEb 9Q2Cp2HuCHizVe/JQSErKI6VFltR0n1g5bAEz+s8yalWNNDRqnrnWlus6TAJ2LAl /v/0Jm1n4MM5Q30MjZGG3dBaFvbu4+8WPQ+jBPRq/hpCsZTpW2u9rc3GY7+dE/HJ 2Y+M/oeiQdwT3YFGQScQxBBg3krWGpCHW0tOgZ5CBMs0hWlnJsJztveV69+pEKOb 6li2b5xVkcdkKIihT3xzdOpoxMTdP4Yb5JVhCrst77v9OaN4fw== -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:26 2026 by rpki-client