This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e392e3138382e302f32322d3234203d3e203437353833.roa File: 34352e392e3138382e302f32322d3234203d3e203437353833.roa (raw, json) Hash identifier: amS8Axlrlzqvd1sdSyz5vrj1uh2ETeSl+cDIBFJZHPc= Subject key identifier: 6B:59:BA:6A:1D:1A:4D:9C:BE:9B:58:FB:86:71:95:34:3D:52:E3:C4 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3EA92B692BE6783785B7E2CC45CC0645422C9AE1 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e392e3138382e302f32322d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:51 +0000 ROA not before: Mon 29 Dec 2025 09:45:51 +0000 ROA not after: Mon 28 Dec 2026 09:50:51 +0000 asID: 47583 IP address blocks: 45.9.188.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:a9:2b:69:2b:e6:78:37:85:b7:e2:cc:45:cc:06:45:42:2c:9a:e1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:51 2025 GMT Not After : Dec 28 09:50:51 2026 GMT Subject: CN=6B59BA6A1D1A4D9CBE9B58FB867195343D52E3C4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:75:bc:07:14:eb:25:64:7b:e2:6a:5d:33:68: 89:2e:31:71:77:d9:e2:df:4c:4a:b0:42:a0:26:3b: da:ba:df:82:0d:e5:9c:7f:05:b4:81:d0:4d:2e:6b: 15:ee:c2:f8:a9:78:29:0e:5b:c2:70:cf:90:45:17: 79:f7:a5:5d:9e:df:a3:43:7e:fa:f3:e9:9e:56:cb: 54:5e:ad:16:3f:cd:60:4f:44:0f:f6:d0:db:9a:1c: d0:fb:1b:98:5b:87:62:25:90:f5:71:76:c4:d2:69: bf:e3:72:01:ed:dc:93:4f:08:0d:2c:c7:df:00:0a: b5:60:dc:b0:c7:d2:8c:94:a0:c5:f2:5e:a0:ec:0a: ff:f1:83:ef:e5:55:89:ef:66:9b:be:0f:8d:0e:ba: 1f:89:32:f7:f2:90:f8:62:c7:c3:67:1a:c6:80:33: 71:50:25:94:1e:00:c1:62:59:c4:2f:3e:d4:ea:0f: 35:95:9a:0c:4b:92:7a:90:65:e8:a2:fa:45:c7:29: 66:fb:58:e2:4d:b2:7b:22:63:8d:3d:8d:3c:36:38: 7d:92:a8:88:ed:b8:1c:86:18:45:18:c7:ff:ab:4f: 45:9a:fa:8c:d8:77:3a:36:d5:32:f1:dd:ca:8f:7e: ea:fb:3a:3f:6e:2a:5d:ab:71:95:63:03:6a:69:d4: c3:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:59:BA:6A:1D:1A:4D:9C:BE:9B:58:FB:86:71:95:34:3D:52:E3:C4 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/34352e392e3138382e302f32322d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.9.188.0/22 Signature Algorithm: sha256WithRSAEncryption 9e:bb:22:6b:54:b6:46:ab:e3:8a:44:35:7c:9b:73:4f:ab:41: c5:a8:73:79:a0:3f:76:e6:8e:ab:fc:96:33:eb:31:c2:d3:3a: 9b:3c:26:61:1d:61:e1:16:bd:86:64:0d:30:11:f7:97:c1:f0: a3:51:d8:af:9d:a8:d1:b7:9f:bb:7d:55:76:da:a0:f1:69:30: 41:8d:09:0a:e2:d4:2b:d1:97:46:d6:0e:3e:e9:12:2b:c9:21: 57:2e:2e:db:67:80:05:f7:06:2b:7f:f6:64:3a:63:19:7d:cb: 69:34:9a:a3:8d:57:eb:78:77:5f:d7:63:bb:d8:84:b5:e6:de: 15:eb:60:ec:36:fd:55:b6:be:05:6e:30:37:2e:02:1c:c7:24: 1b:87:24:32:21:44:85:d0:d0:c2:22:45:b8:d2:7e:25:a0:11: 65:44:b8:c7:18:22:be:60:c9:94:46:19:73:b3:45:75:f1:cb: cd:63:71:b2:c6:d9:6c:a9:a1:57:96:1e:26:aa:d1:f8:87:e2: 0f:c7:d1:8d:86:d4:2d:25:28:ca:38:ee:7e:9e:61:0c:b3:08: 97:e7:ba:f8:93:d4:f4:ad:0e:ec:f5:50:ad:45:cb:73:67:2a: 44:88:91:f4:45:4e:c9:47:8b:a0:80:04:da:ed:fe:ea:88:cf: d1:95:98:a2 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUPqkraSvmeDeFt+LMRcwGRUIsmuEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTFaFw0yNjEyMjgwOTUwNTFaMDMxMTAvBgNV BAMTKDZCNTlCQTZBMUQxQTREOUNCRTlCNThGQjg2NzE5NTM0M0Q1MkUzQzQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGdbwHFOslZHvial0zaIkuMXF3 2eLfTEqwQqAmO9q634IN5Zx/BbSB0E0uaxXuwvipeCkOW8Jwz5BFF3n3pV2e36ND fvrz6Z5Wy1RerRY/zWBPRA/20NuaHND7G5hbh2IlkPVxdsTSab/jcgHt3JNPCA0s x98ACrVg3LDH0oyUoMXyXqDsCv/xg+/lVYnvZpu+D40Ouh+JMvfykPhix8NnGsaA M3FQJZQeAMFiWcQvPtTqDzWVmgxLknqQZeii+kXHKWb7WOJNsnsiY409jTw2OH2S qIjtuByGGEUYx/+rT0Wa+ozYdzo21TLx3cqPfur7Oj9uKl2rcZVjA2pp1MO9AgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUa1m6ah0aTZy+m1j7hnGVND1S48QwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzQzNTJlMzkyZTMxMzgzODJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAItCbww DQYJKoZIhvcNAQELBQADggEBAJ67ImtUtkar44pENXybc0+rQcWoc3mgP3bmjqv8 ljPrMcLTOps8JmEdYeEWvYZkDTAR95fB8KNR2K+dqNG3n7t9VXbaoPFpMEGNCQri 1CvRl0bWDj7pEivJIVcuLttngAX3Bit/9mQ6Yxl9y2k0mqONV+t4d1/XY7vYhLXm 3hXrYOw2/VW2vgVuMDcuAhzHJBuHJDIhRIXQ0MIiRbjSfiWgEWVEuMcYIr5gyZRG GXOzRXXxy81jcbLG2WypoVeWHiaq0fiH4g/H0Y2G1C0lKMo47n6eYQyzCJfnuviT 1PStDuz1UK1Fy3NnKkSIkfRFTslHi6CABNrt/uqIz9GVmKI= -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:12 2026 by rpki-client