This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa File: 33312e3232302e38382e302f32312d3332203d3e203531313637.roa (raw, json) Hash identifier: wIXFe5g19IwAMR9UanL2oohybSJ2xZ94wDHyFBHYF2g= Subject key identifier: 67:3F:A7:48:33:40:3D:28:98:CA:4B:EA:A7:78:A7:10:97:B8:5E:23 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 288EB2305C77FB5D7413188BC237EF9EC605DBBD Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:39 +0000 ROA not before: Mon 29 Dec 2025 09:45:39 +0000 ROA not after: Mon 28 Dec 2026 09:50:39 +0000 asID: 51167 IP address blocks: 31.220.88.0/21 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28:8e:b2:30:5c:77:fb:5d:74:13:18:8b:c2:37:ef:9e:c6:05:db:bd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:39 2025 GMT Not After : Dec 28 09:50:39 2026 GMT Subject: CN=673FA74833403D2898CA4BEAA778A71097B85E23 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:ad:ce:50:d1:09:3f:53:00:1e:8a:8b:1b:87: 3d:9e:8e:63:0c:41:06:30:45:0a:40:de:fd:2e:c6: 41:cd:bc:e1:cf:6f:da:12:89:85:5f:5c:a6:ff:c0: 96:64:95:b1:b0:6b:10:58:aa:fe:1e:ab:aa:4d:cd: bd:39:02:10:8e:29:67:03:fe:bc:a7:cc:69:88:9a: 92:c8:67:f2:b1:a9:45:7c:69:ec:e2:e4:88:53:79: d1:44:af:31:5f:c3:d6:ae:95:7c:fd:cd:66:6c:97: 87:d1:48:3a:b2:8b:ca:53:af:bc:b6:fb:56:ad:a9: b8:99:87:41:a7:09:2d:b5:59:79:e2:67:93:c0:6c: c5:34:54:32:a5:44:78:81:24:2f:70:4c:47:84:9d: 8c:24:ed:2f:15:1f:e0:22:a4:9f:fc:3b:6b:13:b9: 30:b4:a8:76:b8:2e:53:78:41:0b:7a:85:29:06:d6: 6f:ad:fb:b7:c2:09:18:37:84:57:90:e6:89:4d:2e: 1d:38:f7:70:4c:fa:57:18:80:47:17:ca:a5:bb:87: e0:6b:ba:02:58:ed:ad:be:36:de:aa:cf:3c:9c:ed: 28:e0:fd:98:8b:da:c0:62:55:7f:48:78:e0:bc:32: 8c:2f:5a:2f:72:b7:18:d7:5d:2a:79:cd:d2:58:b9: 40:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:3F:A7:48:33:40:3D:28:98:CA:4B:EA:A7:78:A7:10:97:B8:5E:23 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e38382e302f32312d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.88.0/21 Signature Algorithm: sha256WithRSAEncryption 0f:a1:e9:7b:20:53:60:bb:63:d0:78:d0:47:ab:72:d8:9d:97: f2:67:cc:dc:f0:22:27:9c:25:76:ed:94:31:77:b1:6b:f8:cc: 68:42:c0:48:b2:c0:f5:46:20:41:13:9a:59:9f:34:10:49:98: 63:c7:b6:d0:db:98:4e:e8:cc:52:d8:c7:22:a0:61:bf:1f:96: df:bc:1c:8f:10:a1:1b:84:5e:72:74:05:df:25:d0:2f:17:53: d5:ee:39:12:32:a7:15:99:b4:af:05:1e:c8:ac:be:da:77:15: d4:e1:6b:f9:07:a3:e3:f6:5a:f5:cb:05:3e:ba:0a:fd:01:88: 2b:ca:7d:2b:bc:97:d0:4c:15:2c:a2:f9:15:98:2b:27:84:50: 0f:5e:01:04:b3:91:fc:c8:13:16:bb:9b:d0:25:82:3b:bb:64: 98:34:9a:79:e6:df:d0:9a:d5:4c:e0:04:4c:95:e6:ab:f1:f8: ab:c9:39:39:d8:c1:b5:73:02:dc:f2:b3:71:c4:a3:f5:de:26: c6:c1:b2:b9:19:64:39:72:c0:b6:3d:83:ed:21:c5:a6:83:2f: 6a:d0:f4:0f:65:0b:29:86:71:50:47:26:55:56:f6:4f:10:c7: 66:7a:e9:f6:04:f3:fb:bb:4a:75:75:1e:5c:c8:3b:6e:fb:57: 9e:0b:e0:82 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUKI6yMFx3+110ExiLwjfvnsYF270wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzlaFw0yNjEyMjgwOTUwMzlaMDMxMTAvBgNV BAMTKDY3M0ZBNzQ4MzM0MDNEMjg5OENBNEJFQUE3NzhBNzEwOTdCODVFMjMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCorc5Q0Qk/UwAeiosbhz2ejmMM QQYwRQpA3v0uxkHNvOHPb9oSiYVfXKb/wJZklbGwaxBYqv4eq6pNzb05AhCOKWcD /rynzGmImpLIZ/KxqUV8aezi5IhTedFErzFfw9aulXz9zWZsl4fRSDqyi8pTr7y2 +1atqbiZh0GnCS21WXniZ5PAbMU0VDKlRHiBJC9wTEeEnYwk7S8VH+AipJ/8O2sT uTC0qHa4LlN4QQt6hSkG1m+t+7fCCRg3hFeQ5olNLh0493BM+lcYgEcXyqW7h+Br ugJY7a2+Nt6qzzyc7Sjg/ZiL2sBiVX9IeOC8MowvWi9ytxjXXSp5zdJYuUChAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUZz+nSDNAPSiYykvqp3inEJe4XiMwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzODM4 MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c WDANBgkqhkiG9w0BAQsFAAOCAQEAD6HpeyBTYLtj0HjQR6ty2J2X8mfM3PAiJ5wl du2UMXexa/jMaELASLLA9UYgQROaWZ80EEmYY8e20NuYTujMUtjHIqBhvx+W37wc jxChG4RecnQF3yXQLxdT1e45EjKnFZm0rwUeyKy+2ncV1OFr+Qej4/Za9csFProK /QGIK8p9K7yX0EwVLKL5FZgrJ4RQD14BBLOR/MgTFrub0CWCO7tkmDSaeebf0JrV TOAETJXmq/H4q8k5OdjBtXMC3PKzccSj9d4mxsGyuRlkOXLAtj2D7SHFpoMvatD0 D2ULKYZxUEcmVVb2TxDHZnrp9gTz+7tKdXUeXMg7bvtXngvggg== -----END CERTIFICATE-----Generated at Mon Jan 19 14:28:30 2026 by rpki-client