This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa File: 33312e3232302e39362e302f32312d3332203d3e203430303231.roa (raw, json) Hash identifier: oHVWTLYsgzR3DoG3ZbSu9rlMJdwY/EKX4uqEe3LsbdM= Subject key identifier: 86:47:B4:AF:7E:86:2C:F6:5D:DB:A8:92:75:5F:EC:B1:53:22:38:36 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 621D8EF52A42755A4B9081B8410C98D556558D6D Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:50:58 +0000 ROA not before: Mon 29 Dec 2025 09:45:58 +0000 ROA not after: Mon 28 Dec 2026 09:50:58 +0000 asID: 40021 IP address blocks: 31.220.96.0/21 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62:1d:8e:f5:2a:42:75:5a:4b:90:81:b8:41:0c:98:d5:56:55:8d:6d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:58 2025 GMT Not After : Dec 28 09:50:58 2026 GMT Subject: CN=8647B4AF7E862CF65DDBA892755FECB153223836 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:03:48:65:5e:fb:f4:16:08:47:ac:bf:0f:35: 90:5e:67:a5:99:04:bb:c2:a9:2d:97:37:c0:0c:a5: 04:5f:9a:36:3f:ca:76:5b:6c:00:b1:18:36:3d:b1: 30:da:0f:81:a9:39:71:25:4f:0b:a4:b6:b3:3f:53: 0b:9b:e8:49:00:e0:40:73:b2:bb:9d:4d:70:29:b0: 2e:10:b6:aa:cc:c1:53:5a:bf:ea:63:20:93:5e:16: 8c:ff:50:51:d4:84:6f:dd:f7:52:5a:65:11:00:83: 64:20:81:b7:b0:98:35:c1:c8:79:a9:c6:5c:fb:9a: e7:b7:dc:d4:00:2e:0c:fc:ff:1b:d2:00:be:63:7b: a8:d7:e2:e6:00:d0:99:82:2b:f9:60:63:6f:8b:b0: d4:de:79:f4:d8:5e:61:4e:45:74:b1:0f:cc:13:8b: 4d:ca:cd:c5:f4:bc:bc:00:af:d4:6e:3d:13:91:aa: cc:84:7b:11:60:3c:ef:a2:73:cd:9f:f5:62:6d:3e: d8:01:fa:0d:7c:c2:67:f5:71:bc:f4:5e:09:ec:c1: ff:dc:0c:9d:92:e6:9a:04:4a:f8:15:c7:7d:5a:1f: d8:a0:3a:8a:ee:71:d3:38:8e:55:8a:da:f6:18:da: 37:ef:36:fe:cc:b3:86:3f:86:0a:d6:ac:e7:37:66: e8:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:47:B4:AF:7E:86:2C:F6:5D:DB:A8:92:75:5F:EC:B1:53:22:38:36 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/33312e3232302e39362e302f32312d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.96.0/21 Signature Algorithm: sha256WithRSAEncryption 7a:da:f8:26:24:84:7d:4c:5d:40:a7:0f:ba:92:a7:c4:f0:ae: 95:ed:fb:94:ab:a3:bf:0e:c7:6e:95:13:21:e7:da:64:f7:73: 7d:81:0d:1d:ef:6c:f6:0b:5d:50:1a:6e:86:fd:ae:a6:69:2b: 86:3b:95:f3:16:a1:98:fd:4a:4c:50:26:5b:a1:e2:4b:44:32: aa:72:64:6f:81:cf:4e:64:d9:79:cf:d1:54:0d:e8:a9:45:6d: cf:85:2d:40:1a:ff:7e:07:aa:bc:7a:95:b6:b4:70:ea:91:eb: 68:55:80:38:a7:a5:27:86:72:13:a2:cf:f1:41:35:f8:79:55: c4:b8:38:47:cf:45:1b:b1:d2:df:b3:da:41:71:ad:d5:85:53: 34:d0:aa:ad:b3:43:c1:32:ff:34:70:d9:7f:6d:7d:3d:fc:4c: 45:24:33:67:bd:d3:83:29:0a:ee:cb:67:62:e7:ed:23:66:48: 2e:71:9b:ba:23:7b:0a:25:c3:5a:ef:a0:6b:2e:94:26:9a:60: 9b:ec:43:92:53:cd:e2:86:6a:0a:fe:7c:31:b0:18:9b:92:90: 23:38:2a:e7:9c:0e:06:28:6e:eb:2a:b2:bd:b9:75:73:1b:7b: 25:22:49:16:91:d0:4c:fb:ee:82:fd:7b:5d:b4:41:75:89:66: 6d:64:6b:c5 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUYh2O9SpCdVpLkIG4QQyY1VZVjW0wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NThaFw0yNjEyMjgwOTUwNThaMDMxMTAvBgNV BAMTKDg2NDdCNEFGN0U4NjJDRjY1RERCQTg5Mjc1NUZFQ0IxNTMyMjM4MzYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXA0hlXvv0FghHrL8PNZBeZ6WZ BLvCqS2XN8AMpQRfmjY/ynZbbACxGDY9sTDaD4GpOXElTwuktrM/Uwub6EkA4EBz srudTXApsC4QtqrMwVNav+pjIJNeFoz/UFHUhG/d91JaZREAg2QggbewmDXByHmp xlz7mue33NQALgz8/xvSAL5je6jX4uYA0JmCK/lgY2+LsNTeefTYXmFORXSxD8wT i03KzcX0vLwAr9RuPRORqsyEexFgPO+ic82f9WJtPtgB+g18wmf1cbz0Xgnswf/c DJ2S5poESvgVx31aH9igOorucdM4jlWK2vYY2jfvNv7Ms4Y/hgrWrOc3ZuglAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUhke0r36GLPZd26iSdV/ssVMiODYwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzMzMTJlMzIzMjMwMmUzOTM2 MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzQzMDMwMzIzMS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAx/c YDANBgkqhkiG9w0BAQsFAAOCAQEAetr4JiSEfUxdQKcPupKnxPCule37lKujvw7H bpUTIefaZPdzfYENHe9s9gtdUBpuhv2upmkrhjuV8xahmP1KTFAmW6HiS0QyqnJk b4HPTmTZec/RVA3oqUVtz4UtQBr/fgeqvHqVtrRw6pHraFWAOKelJ4ZyE6LP8UE1 +HlVxLg4R89FG7HS37PaQXGt1YVTNNCqrbNDwTL/NHDZf219PfxMRSQzZ73TgykK 7stnYuftI2ZILnGbuiN7CiXDWu+gay6UJppgm+xDklPN4oZqCv58MbAYm5KQIzgq 55wOBihu6yqyvbl1cxt7JSJJFpHQTPvugv17XbRBdYlmbWRrxQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:56 2026 by rpki-client