This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa File: 38342e3234372e3136302e302f31392d3332203d3e203531313637.roa (raw, json) Hash identifier: ydvoAPT8OxXYjDQf1lu0kF37Pmp22HKXHAMNInLV9O4= Subject key identifier: 5B:FE:DF:49:D2:87:D4:F9:24:D5:B3:DA:5D:96:E5:92:9A:37:D3:2C Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 66FED129F59C6BEF687C16257A7118AE236E40C2 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa Signing time: Mon 17 Nov 2025 17:48:54 +0000 ROA not before: Mon 17 Nov 2025 17:43:54 +0000 ROA not after: Mon 16 Nov 2026 17:48:54 +0000 asID: 51167 IP address blocks: 84.247.160.0/19 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 66:fe:d1:29:f5:9c:6b:ef:68:7c:16:25:7a:71:18:ae:23:6e:40:c2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Nov 17 17:43:54 2025 GMT Not After : Nov 16 17:48:54 2026 GMT Subject: CN=5BFEDF49D287D4F924D5B3DA5D96E5929A37D32C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:a2:da:e0:75:e1:01:45:b6:f3:69:b1:08:1b: 7a:6c:af:ee:79:70:0c:77:3b:26:c4:d4:5c:40:6e: 79:a9:52:9d:9e:54:c7:02:b5:08:41:2d:bb:19:ed: 45:2e:c2:ea:1d:23:81:1c:9d:42:70:9b:7e:0e:63: cf:a4:ea:80:20:31:3d:5a:40:83:aa:f3:e9:5e:08: ca:62:7c:15:a5:82:ae:69:0b:9a:a9:73:d7:9e:9e: 1e:37:ae:af:5c:c5:8f:89:5d:d8:12:d9:20:ea:0c: 0c:17:ec:46:5d:42:dd:cf:09:51:96:6e:d1:a6:cb: 4d:e1:b9:7f:13:e2:5c:fe:3e:5a:22:2a:21:3e:37: c5:f1:08:ca:f3:89:9e:67:d3:f3:02:65:12:51:77: df:a4:ff:21:7f:ae:18:80:59:31:83:78:c9:0a:f8: 7b:8a:41:ff:68:43:8b:9b:ad:a7:58:8e:3a:dc:09: 24:d0:f3:73:1a:d5:cc:a0:45:73:52:1d:d0:d0:33: e5:b7:68:81:d8:74:4e:06:a1:f7:b9:cf:94:85:32: 5a:41:ea:0d:a9:24:82:86:76:a8:69:ec:21:fc:77: 34:78:d0:b7:f1:06:0e:bf:f2:ae:f2:0b:32:68:ba: 50:92:b2:3b:39:c1:3d:ea:54:f4:0f:09:fb:92:d4: c5:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:FE:DF:49:D2:87:D4:F9:24:D5:B3:DA:5D:96:E5:92:9A:37:D3:2C X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e3234372e3136302e302f31392d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.247.160.0/19 Signature Algorithm: sha256WithRSAEncryption 3a:89:7c:f8:0d:4c:6e:c6:90:ab:2d:d4:32:99:f0:32:db:ca: 4f:52:5a:06:5c:3e:7d:90:44:20:97:29:14:dc:e5:5f:19:ae: 22:ac:55:0f:56:63:b7:e7:ef:db:ba:63:89:1a:a5:1b:48:a4: bf:6e:87:eb:2c:97:87:a9:57:38:6f:5e:a3:37:ca:c3:cf:12: 08:e8:20:4c:7c:2e:ee:84:de:a0:75:98:b9:dc:53:be:b9:2b: a7:fa:b6:31:b8:35:86:92:88:dd:10:84:96:41:61:40:00:f4: 03:51:3a:49:ca:38:0b:5c:97:12:3d:24:79:29:90:bc:1e:2f: 42:2f:1c:d0:bb:90:75:57:91:a0:05:46:81:79:3d:32:e2:5b: ee:bc:d4:f7:36:47:7e:7c:b1:fe:17:cf:b1:8b:0e:88:3c:c2: c8:d2:f0:2a:04:9b:11:96:dd:c5:d5:8f:ef:9b:c0:0c:5c:a5: 15:b1:a9:ce:b7:92:7c:6e:43:92:39:59:05:38:2f:ee:5a:87: 59:ee:80:85:6f:03:40:ad:3a:06:77:86:54:9a:e9:71:3d:94: 14:c8:0f:a4:64:d6:41:9a:d8:c9:cf:9b:fc:bd:a4:65:b7:68: 6a:e2:6c:37:85:a1:1f:56:d3:9d:18:6b:8c:4d:45:30:c1:4c: 95:82:35:e2 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUZv7RKfWca+9ofBYlenEYriNuQMIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTExMTcxNzQzNTRaFw0yNjExMTYxNzQ4NTRaMDMxMTAvBgNV BAMTKDVCRkVERjQ5RDI4N0Q0RjkyNEQ1QjNEQTVEOTZFNTkyOUEzN0QzMkMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCotrgdeEBRbbzabEIG3psr+55 cAx3OybE1FxAbnmpUp2eVMcCtQhBLbsZ7UUuwuodI4EcnUJwm34OY8+k6oAgMT1a QIOq8+leCMpifBWlgq5pC5qpc9eenh43rq9cxY+JXdgS2SDqDAwX7EZdQt3PCVGW btGmy03huX8T4lz+PloiKiE+N8XxCMrziZ5n0/MCZRJRd9+k/yF/rhiAWTGDeMkK +HuKQf9oQ4ubradYjjrcCSTQ83Ma1cygRXNSHdDQM+W3aIHYdE4Gofe5z5SFMlpB 6g2pJIKGdqhp7CH8dzR40LfxBg6/8q7yCzJoulCSsjs5wT3qVPQPCfuS1MWNAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUW/7fSdKH1Pkk1bPaXZblkpo30ywwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzIzNDM3MmUzMTM2 MzAyZTMwMmYzMTM5MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF VPegMA0GCSqGSIb3DQEBCwUAA4IBAQA6iXz4DUxuxpCrLdQymfAy28pPUloGXD59 kEQglykU3OVfGa4irFUPVmO35+/bumOJGqUbSKS/bofrLJeHqVc4b16jN8rDzxII 6CBMfC7uhN6gdZi53FO+uSun+rYxuDWGkojdEISWQWFAAPQDUTpJyjgLXJcSPSR5 KZC8Hi9CLxzQu5B1V5GgBUaBeT0y4lvuvNT3Nkd+fLH+F8+xiw6IPMLI0vAqBJsR lt3F1Y/vm8AMXKUVsanOt5J8bkOSOVkFOC/uWodZ7oCFbwNArToGd4ZUmulxPZQU yA+kZNZBmtjJz5v8vaRlt2hq4mw3haEfVtOdGGuMTUUwwUyVgjXi -----END CERTIFICATE-----Generated at Fri Dec 5 06:22:23 2025 by rpki-client