This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32302e302f32342d3234203d3e20313336373837.roa File: 38342e35342e32302e302f32342d3234203d3e20313336373837.roa (raw, json) Hash identifier: S4Ar8WfozvAQPLI+yyV4+twBO0B9TBMf6YWP0/ViKAk= Subject key identifier: C0:8B:57:27:85:70:ED:D4:D0:23:F2:4A:A0:D5:38:F8:22:83:A0:DC Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 14C855F92281C892653A68DE2443459FAEE0C821 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32302e302f32342d3234203d3e20313336373837.roa Signing time: Sun 16 Nov 2025 18:48:52 +0000 ROA not before: Sun 16 Nov 2025 18:43:52 +0000 ROA not after: Sun 15 Nov 2026 18:48:52 +0000 asID: 136787 IP address blocks: 84.54.20.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 05 Dec 2025 21:22:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14:c8:55:f9:22:81:c8:92:65:3a:68:de:24:43:45:9f:ae:e0:c8:21 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Nov 16 18:43:52 2025 GMT Not After : Nov 15 18:48:52 2026 GMT Subject: CN=C08B57278570EDD4D023F24AA0D538F82283A0DC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:23:6b:12:c4:08:85:94:d2:e7:bd:bc:07:2b: 01:ee:7a:56:bd:94:da:60:0a:03:67:be:d2:ff:4b: 37:19:51:cd:55:e3:fc:1c:44:df:cc:f4:f7:b0:5e: 3b:89:93:65:98:01:80:b1:30:b4:e5:c2:c1:7b:9f: 1d:27:49:4a:73:e3:df:a7:4e:22:f7:d1:b7:d6:db: 4a:31:cc:ea:5b:26:fc:ed:91:c5:03:00:b1:ac:5c: 51:0c:70:6d:c0:f5:a1:5f:a1:44:aa:4d:39:93:d0: 03:81:12:25:10:a3:36:c1:fe:52:82:30:6a:fa:ce: ed:32:9e:86:28:84:ab:27:3c:bf:15:af:6b:51:d1: d9:c3:6e:6d:fc:f6:8f:c2:c5:cf:38:6e:20:be:30: 49:5e:cd:e7:96:34:15:dd:d5:2e:51:87:c7:21:38: ac:1f:1a:cd:8c:3f:a8:b9:07:3c:6b:76:24:28:f8: 37:06:d6:0e:c6:6b:31:10:4b:d9:81:15:f8:d4:03: 81:af:f9:7c:8b:20:61:79:17:5d:27:8f:63:90:e0: 8a:11:16:a8:15:d7:0a:9f:03:ee:f3:d9:cb:e8:2d: 9e:69:02:25:ae:e7:b4:c7:fd:77:b9:0b:67:d8:d8: fc:f6:df:82:f3:ec:eb:8c:a3:f5:f4:a1:b5:38:75: f2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C0:8B:57:27:85:70:ED:D4:D0:23:F2:4A:A0:D5:38:F8:22:83:A0:DC X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38342e35342e32302e302f32342d3234203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 84.54.20.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:5c:7d:44:8a:aa:98:e4:26:4f:1a:a6:34:41:e6:d3:3d:2e: 15:04:3f:88:78:28:43:57:26:5b:c6:8b:b9:fb:6f:2b:d5:f9: cc:b4:ce:fa:01:d0:c4:5b:d6:1e:e1:89:8d:6a:cf:27:0a:e9: 13:f4:50:ca:fe:dc:d5:76:93:e9:e0:94:c1:26:70:86:75:34: 61:e1:2a:15:75:de:06:27:08:fc:ac:89:c1:63:b5:f8:ce:74: 13:2e:d0:d5:b6:81:ba:db:dc:0c:04:7e:1f:99:86:43:62:80: ae:f5:5e:02:7e:fc:a1:92:7d:49:56:49:41:46:ed:e4:f3:68: 26:d0:10:85:95:ca:81:88:f9:3b:1c:af:37:f6:a1:89:d7:60: 01:84:65:d6:52:e6:a8:93:0c:fb:04:7e:d2:6a:5a:08:18:98: f9:b3:1a:61:f7:68:85:57:2d:1b:02:f8:d1:94:79:16:d7:65: 72:27:3b:91:cc:e5:75:16:45:2a:91:22:d6:05:eb:a6:ef:45: e1:ed:91:e6:4f:f9:1e:c7:71:25:2d:74:06:b1:31:e5:0c:cc: f0:a8:30:f2:04:a6:52:3c:cb:f2:cc:1e:e2:f4:08:86:86:99: 72:2f:1d:0b:56:6d:75:dc:44:2b:53:8f:24:33:d6:8d:6a:18: fc:e9:e9:c8 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUFMhV+SKByJJlOmjeJENFn67gyCEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTExMTYxODQzNTJaFw0yNjExMTUxODQ4NTJaMDMxMTAvBgNV BAMTKEMwOEI1NzI3ODU3MEVERDREMDIzRjI0QUEwRDUzOEY4MjI4M0EwREMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOI2sSxAiFlNLnvbwHKwHuela9 lNpgCgNnvtL/SzcZUc1V4/wcRN/M9PewXjuJk2WYAYCxMLTlwsF7nx0nSUpz49+n TiL30bfW20oxzOpbJvztkcUDALGsXFEMcG3A9aFfoUSqTTmT0AOBEiUQozbB/lKC MGr6zu0ynoYohKsnPL8Vr2tR0dnDbm389o/Cxc84biC+MElezeeWNBXd1S5Rh8ch OKwfGs2MP6i5BzxrdiQo+DcG1g7GazEQS9mBFfjUA4Gv+XyLIGF5F10nj2OQ4IoR FqgV1wqfA+7z2cvoLZ5pAiWu57TH/Xe5C2fY2Pz234Lz7OuMo/X0obU4dfJ9AgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUwItXJ4Vw7dTQI/JKoNU4+CKDoNwwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNDJlMzUzNDJlMzIzMDJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFQ2 FDANBgkqhkiG9w0BAQsFAAOCAQEAPFx9RIqqmOQmTxqmNEHm0z0uFQQ/iHgoQ1cm W8aLuftvK9X5zLTO+gHQxFvWHuGJjWrPJwrpE/RQyv7c1XaT6eCUwSZwhnU0YeEq FXXeBicI/KyJwWO1+M50Ey7Q1baButvcDAR+H5mGQ2KArvVeAn78oZJ9SVZJQUbt 5PNoJtAQhZXKgYj5OxyvN/ahiddgAYRl1lLmqJMM+wR+0mpaCBiY+bMaYfdohVct GwL40ZR5Ftdlcic7kczldRZFKpEi1gXrpu9F4e2R5k/5HsdxJS10BrEx5QzM8Kgw 8gSmUjzL8swe4vQIhoaZci8dC1ZtddxEK1OPJDPWjWoY/OnpyA== -----END CERTIFICATE-----Generated at Fri Dec 5 05:38:22 2025 by rpki-client