This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa File: 38322e3138302e3137322e302f32322d3234203d3e203437353833.roa (raw, json) Hash identifier: S5pp1Cpe+2H2V6TzzD2SuNbXG4M1U2PV3+j3PDia1zs= Subject key identifier: 4E:6F:38:69:3B:02:C4:C4:9D:76:9E:96:FC:95:2D:7D:00:69:8D:D0 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 2D62FBFEEF2BF70A08942A0729601045DE08E277 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:47 +0000 ROA not before: Mon 29 Dec 2025 09:45:47 +0000 ROA not after: Mon 28 Dec 2026 09:50:47 +0000 asID: 47583 IP address blocks: 82.180.172.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2d:62:fb:fe:ef:2b:f7:0a:08:94:2a:07:29:60:10:45:de:08:e2:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:47 2025 GMT Not After : Dec 28 09:50:47 2026 GMT Subject: CN=4E6F38693B02C4C49D769E96FC952D7D00698DD0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:79:a9:ca:ba:96:29:30:ab:9f:d3:44:67:a4: b9:e5:0e:38:14:bd:0b:b9:b1:2e:66:98:d1:6d:df: 4e:6f:a0:d6:dc:9b:45:ea:b1:5b:2c:52:f5:42:35: 1c:f5:ac:c6:81:57:ab:3e:dd:1d:67:82:ea:29:20: 19:01:b5:af:87:6f:03:ca:b5:7e:ea:5e:3e:4f:c3: 33:89:6d:bd:96:ba:bf:23:e5:85:26:3d:4d:78:9f: fa:79:c1:23:04:1d:47:bc:49:07:77:33:96:ff:00: ea:a2:d9:ff:07:99:66:a5:96:6a:49:b9:49:ee:0f: 2b:45:24:64:c2:e8:68:8f:67:f1:44:d3:19:ff:db: 6c:e0:a9:4a:33:f6:2a:b4:70:9b:68:ad:15:a1:6d: 63:84:51:b6:cf:b5:ca:22:4d:23:1f:ce:8e:21:40: 31:bb:3d:df:f8:60:c9:e4:00:ba:2a:22:88:c1:23: 28:24:47:1d:e1:93:37:7b:17:91:02:1b:59:2c:ef: 0f:e1:f3:52:84:6c:5a:8e:96:2d:06:8b:82:a3:45: 0a:da:5c:07:c9:35:39:52:dc:d2:26:2e:8e:6a:cc: fb:17:b8:08:04:c3:de:99:e9:18:79:33:00:b5:80: 21:f5:0e:f4:91:c8:b7:11:0d:e3:7a:d1:10:66:f9: 13:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4E:6F:38:69:3B:02:C4:C4:9D:76:9E:96:FC:95:2D:7D:00:69:8D:D0 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3138302e3137322e302f32322d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.180.172.0/22 Signature Algorithm: sha256WithRSAEncryption 1c:e7:1d:82:ab:dc:93:99:47:a6:34:6c:aa:73:b7:81:51:c6: 0e:60:29:c8:6b:be:90:de:91:e8:3e:fd:af:64:b8:96:a8:3b: da:94:59:1a:d1:a3:64:b0:97:2b:8c:10:06:20:ee:55:dd:89: b8:8d:aa:0d:e1:4f:25:a9:ca:9e:68:fe:ab:88:c2:f3:c6:d7: cd:73:f3:71:f7:4c:7c:c6:91:17:88:cb:58:a4:71:a7:f3:79: 4d:14:d8:63:dd:10:42:ac:c5:2c:bd:cb:79:08:e1:bc:fd:94: 3d:51:d0:fb:74:9a:13:b6:96:07:0d:77:dc:38:ab:d7:29:83: c0:fd:39:d9:11:03:60:72:93:1b:cd:c7:c4:0f:d8:a5:c2:f2: 57:2c:48:b4:09:11:37:a6:cd:46:75:9f:7e:ea:47:df:08:44: 02:1c:d6:b0:fe:46:f2:d8:21:c2:4e:8b:59:96:8f:20:78:23: a4:22:e3:2c:1a:f0:d0:50:cb:12:3f:31:2a:be:1c:6e:41:28: 74:ce:a2:fb:28:37:f6:a7:1e:34:2a:f0:ef:c2:c6:54:48:89: c5:68:1f:93:0b:76:2e:8b:44:38:40:25:fd:2e:cf:dd:0f:e4: 2a:be:f5:1b:54:cb:04:06:7e:47:a4:1a:66:ff:7f:29:0b:2f: 31:c5:e3:4e -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIULWL7/u8r9woIlCoHKWAQRd4I4ncwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDdaFw0yNjEyMjgwOTUwNDdaMDMxMTAvBgNV BAMTKDRFNkYzODY5M0IwMkM0QzQ5RDc2OUU5NkZDOTUyRDdEMDA2OThERDAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6eanKupYpMKuf00RnpLnlDjgU vQu5sS5mmNFt305voNbcm0XqsVssUvVCNRz1rMaBV6s+3R1nguopIBkBta+HbwPK tX7qXj5PwzOJbb2Wur8j5YUmPU14n/p5wSMEHUe8SQd3M5b/AOqi2f8HmWallmpJ uUnuDytFJGTC6GiPZ/FE0xn/22zgqUoz9iq0cJtorRWhbWOEUbbPtcoiTSMfzo4h QDG7Pd/4YMnkALoqIojBIygkRx3hkzd7F5ECG1ks7w/h81KEbFqOli0Gi4KjRQra XAfJNTlS3NImLo5qzPsXuAgEw96Z6Rh5MwC1gCH1DvSRyLcRDeN60RBm+ROtAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUTm84aTsCxMSddp6W/JUtfQBpjdAwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzODMwMmUzMTM3 MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC UrSsMA0GCSqGSIb3DQEBCwUAA4IBAQAc5x2Cq9yTmUemNGyqc7eBUcYOYCnIa76Q 3pHoPv2vZLiWqDvalFka0aNksJcrjBAGIO5V3Ym4jaoN4U8lqcqeaP6riMLzxtfN c/Nx90x8xpEXiMtYpHGn83lNFNhj3RBCrMUsvct5COG8/ZQ9UdD7dJoTtpYHDXfc OKvXKYPA/TnZEQNgcpMbzcfED9ilwvJXLEi0CRE3ps1GdZ9+6kffCEQCHNaw/kby 2CHCTotZlo8geCOkIuMsGvDQUMsSPzEqvhxuQSh0zqL7KDf2px40KvDvwsZUSInF aB+TC3Yui0Q4QCX9Ls/dD+QqvvUbVMsEBn5HpBpm/38pCy8xxeNO -----END CERTIFICATE-----Generated at Mon Jan 19 14:28:30 2026 by rpki-client