This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e203235313938.roa File: 38322e3139382e3235332e302f32342d3234203d3e203235313938.roa (raw, json) Hash identifier: Kjyl2oinQ9gbM9KPQbxHwF6jQhpGK9G4C+V7umB0o5A= Subject key identifier: A2:34:46:9F:C8:6D:86:61:4A:1A:19:4A:3E:64:F0:0F:07:06:71:25 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 35774B1FF3D53EF01787E1FEC46C412170B643E5 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e203235313938.roa Signing time: Sat 10 Jan 2026 12:28:18 +0000 ROA not before: Sat 10 Jan 2026 12:23:18 +0000 ROA not after: Sat 09 Jan 2027 12:28:18 +0000 asID: 25198 IP address blocks: 82.198.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 35:77:4b:1f:f3:d5:3e:f0:17:87:e1:fe:c4:6c:41:21:70:b6:43:e5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 10 12:23:18 2026 GMT Not After : Jan 9 12:28:18 2027 GMT Subject: CN=A234469FC86D86614A1A194A3E64F00F07067125 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6a:8b:a1:c4:2d:5e:fc:e8:93:9c:27:03:71: df:db:09:3f:f0:e0:19:e6:08:b0:be:11:af:ca:34: 0e:9a:02:a2:06:fb:8e:17:df:be:59:68:ac:bc:6f: 0e:a3:60:0a:65:5e:be:15:ad:5d:89:0c:73:17:4a: 64:c9:e3:73:f5:43:09:22:03:2f:d2:89:63:29:64: a8:57:41:73:e4:39:34:84:4b:dd:27:c9:d8:ff:f4: 43:26:03:ec:e0:2c:35:cb:d4:fd:ff:98:55:fd:cb: 9d:70:20:a3:32:21:1c:f8:fc:5c:c0:73:ab:26:70: 68:f6:66:e6:32:e2:5f:63:0f:5c:3a:78:a6:5c:8d: bc:ae:a1:5e:1c:f0:17:3b:e5:c8:e3:ad:2d:4d:ba: d2:8b:54:bd:7a:0c:8b:66:1b:9b:d7:d4:1f:d2:2e: 6f:11:b7:d2:ed:d8:7c:96:af:ac:ca:54:35:f7:41: 04:85:d4:81:8c:de:3e:c9:aa:b2:1b:8b:43:7d:ec: 12:57:57:ed:dc:f9:3f:89:9f:49:2a:f0:70:0b:a5: ff:a7:c5:8f:a2:f5:55:37:5e:6f:48:4a:6e:23:54: c6:86:4c:70:58:30:6a:11:5b:ec:ec:1a:12:49:9a: 3b:16:69:e7:cc:2d:09:93:0b:d1:45:b7:9d:27:d6: bf:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:34:46:9F:C8:6D:86:61:4A:1A:19:4A:3E:64:F0:0F:07:06:71:25 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e203235313938.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.198.253.0/24 Signature Algorithm: sha256WithRSAEncryption 87:01:1a:7c:cd:3a:95:7b:93:a2:ed:0b:07:d5:2f:dc:83:c8: 9c:36:23:e7:5e:78:23:49:1f:7a:42:48:40:f1:a8:a0:de:af: 14:64:e8:00:ff:0f:e8:80:36:9b:97:b6:ed:60:7e:80:84:a6: 09:aa:68:a3:92:bc:c8:89:5a:bf:c4:dd:f9:9f:c1:d4:a1:e7: e9:74:e7:1b:90:ff:65:90:20:cc:93:cd:20:b6:b3:33:95:be: 6c:b1:cc:58:2c:b3:71:af:43:49:d0:20:21:41:68:49:bc:98: b8:86:67:16:84:dd:60:7a:96:c9:a5:48:ad:5b:df:24:95:d6: 38:5c:80:e6:7f:27:0b:b7:c7:99:f4:16:d1:57:a2:9f:26:22: ab:64:e3:89:b9:fa:4f:ab:ec:02:2c:9e:ec:cc:f0:12:41:ed: 64:c0:fd:7e:1a:4c:db:29:46:10:4a:84:17:b4:06:08:71:9b: 70:34:6f:ae:a7:2e:ea:38:82:87:f5:03:b4:2a:58:8d:d7:08: 7b:73:b3:67:d5:30:33:3c:ed:96:4f:44:0d:7c:c3:71:a5:4a: f7:44:08:34:64:a3:e2:16:3e:20:26:8a:f0:4c:78:3b:b8:6b: 93:e4:92:ed:2b:5d:64:13:1b:90:be:b8:3d:22:0d:37:9b:16: ac:4b:3d:45 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUNXdLH/PVPvAXh+H+xGxBIXC2Q+UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMTAxMjIzMThaFw0yNzAxMDkxMjI4MThaMDMxMTAvBgNV BAMTKEEyMzQ0NjlGQzg2RDg2NjE0QTFBMTk0QTNFNjRGMDBGMDcwNjcxMjUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnaouhxC1e/OiTnCcDcd/bCT/w 4BnmCLC+Ea/KNA6aAqIG+44X375ZaKy8bw6jYAplXr4VrV2JDHMXSmTJ43P1Qwki Ay/SiWMpZKhXQXPkOTSES90nydj/9EMmA+zgLDXL1P3/mFX9y51wIKMyIRz4/FzA c6smcGj2ZuYy4l9jD1w6eKZcjbyuoV4c8Bc75cjjrS1NutKLVL16DItmG5vX1B/S Lm8Rt9Lt2HyWr6zKVDX3QQSF1IGM3j7JqrIbi0N97BJXV+3c+T+Jn0kq8HALpf+n xY+i9VU3Xm9ISm4jVMaGTHBYMGoRW+zsGhJJmjsWaefMLQmTC9FFt50n1r8jAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUojRGn8hthmFKGhlKPmTwDwcGcSUwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1 MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM1MzEzOTM4LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA Usb9MA0GCSqGSIb3DQEBCwUAA4IBAQCHARp8zTqVe5Oi7QsH1S/cg8icNiPnXngj SR96QkhA8aig3q8UZOgA/w/ogDabl7btYH6AhKYJqmijkrzIiVq/xN35n8HUoefp dOcbkP9lkCDMk80gtrMzlb5sscxYLLNxr0NJ0CAhQWhJvJi4hmcWhN1gepbJpUit W98kldY4XIDmfycLt8eZ9BbRV6KfJiKrZOOJufpPq+wCLJ7szPASQe1kwP1+Gkzb KUYQSoQXtAYIcZtwNG+upy7qOIKH9QO0KliN1wh7c7Nn1TAzPO2WT0QNfMNxpUr3 RAg0ZKPiFj4gJorwTHg7uGuT5JLtK11kExuQvrg9Ig03mxasSz1F -----END CERTIFICATE-----Generated at Mon Jan 19 14:22:31 2026 by rpki-client