This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa File: 38352e3139302e3235342e302f32342d3332203d3e203531313637.roa (raw, json) Hash identifier: 4Gyqpl3jCtklKf+s1ZdMsm2YMcacigVT33tuelidSXU= Subject key identifier: 1E:8D:18:43:E1:1A:E2:82:51:A4:84:3B:DE:7C:0C:AD:B4:B6:9F:27 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 56EA63B4F754026EE72A6FA00A0C7CE2D09F5006 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:35 +0000 ROA not before: Mon 29 Dec 2025 09:45:35 +0000 ROA not after: Mon 28 Dec 2026 09:50:35 +0000 asID: 51167 IP address blocks: 85.190.254.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 56:ea:63:b4:f7:54:02:6e:e7:2a:6f:a0:0a:0c:7c:e2:d0:9f:50:06 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:35 2025 GMT Not After : Dec 28 09:50:35 2026 GMT Subject: CN=1E8D1843E11AE28251A4843BDE7C0CADB4B69F27 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:4c:ca:43:46:1a:cd:49:2f:39:36:76:02:57: ab:a0:87:d2:cd:0e:63:18:3d:94:a0:e2:f1:74:0b: ab:9b:99:aa:eb:62:ec:0a:11:05:52:38:b9:b6:ac: 23:cb:13:cd:dd:31:51:a2:e1:72:84:d3:42:43:bb: 65:7d:8f:d4:60:36:0c:9b:4d:3d:75:0a:ff:b4:bc: 2e:56:3d:a0:24:18:b6:fd:d6:8b:2b:d5:12:e2:9a: f0:ad:b5:c7:3a:90:d3:b0:dc:eb:64:04:d1:a1:bb: f3:e9:ab:31:1a:40:8c:b8:d3:d2:3e:ce:a3:3f:4e: 4b:06:a4:91:e8:c1:c5:19:26:39:26:75:82:f8:b0: 61:5f:2f:30:01:c5:8c:00:eb:f1:1d:4f:68:fe:9e: 71:8e:78:be:2d:8a:ce:f9:60:a2:87:0f:f9:bf:15: 42:49:56:67:88:63:0f:65:57:64:07:bf:8f:30:72: 1f:4f:e2:90:19:16:c0:df:7d:64:1a:16:70:3a:32: 7a:29:1f:39:ad:da:fd:19:42:3b:ae:8d:4a:01:de: e3:5f:4f:97:bb:04:0c:dc:39:c7:12:bc:17:cb:44: eb:3c:5e:1b:10:dd:0f:b7:53:9b:03:fa:8c:a1:52: 2f:21:3d:91:8a:19:7f:fe:50:69:5e:7e:c1:2a:fd: 2f:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:8D:18:43:E1:1A:E2:82:51:A4:84:3B:DE:7C:0C:AD:B4:B6:9F:27 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3139302e3235342e302f32342d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.190.254.0/24 Signature Algorithm: sha256WithRSAEncryption 94:82:95:c2:46:bd:ff:44:69:7e:1b:b6:13:fd:89:9e:05:70: 89:f3:fc:b3:8d:81:b5:10:0a:9d:a9:78:74:b6:e2:31:2a:96: 78:9e:4b:cd:c0:b7:07:0c:47:66:5b:8e:87:ce:ac:37:82:2b: d6:a5:6f:05:b4:93:9e:86:92:42:83:62:90:b5:90:a6:bd:17: ba:14:eb:f1:73:c4:91:93:9c:24:51:3c:0e:cd:6c:9c:6f:65: 2a:e7:a6:24:02:84:4e:ec:92:2c:18:9b:76:42:a2:79:df:d9: fb:f6:99:c5:46:1e:6c:a4:1d:73:a6:c9:2a:6a:c8:76:58:2d: a7:a8:e7:1a:86:65:0b:60:b6:92:22:d7:08:25:f7:f7:cf:26: 87:8e:1a:e7:43:5d:41:35:10:c4:f1:85:67:94:3e:98:9c:fd: 14:24:99:fd:39:e0:ee:ae:ec:47:45:8c:6b:18:02:fe:18:8d: 6c:a4:c8:35:08:f1:07:e4:4d:5a:9d:25:d9:ba:3c:0e:37:99: 41:0a:5c:07:c0:88:54:38:02:07:05:34:8a:d3:cd:60:f0:81: b0:31:cd:15:bf:43:30:04:aa:40:a5:13:3f:c8:9e:c2:83:6d: 42:76:e1:20:9c:22:57:a0:6a:dd:96:51:24:bf:32:7b:8f:35: a3:eb:f3:30 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUVupjtPdUAm7nKm+gCgx84tCfUAYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1MzVaFw0yNjEyMjgwOTUwMzVaMDMxMTAvBgNV BAMTKDFFOEQxODQzRTExQUUyODI1MUE0ODQzQkRFN0MwQ0FEQjRCNjlGMjcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcTMpDRhrNSS85NnYCV6ugh9LN DmMYPZSg4vF0C6ubmarrYuwKEQVSOLm2rCPLE83dMVGi4XKE00JDu2V9j9RgNgyb TT11Cv+0vC5WPaAkGLb91osr1RLimvCttcc6kNOw3OtkBNGhu/PpqzEaQIy409I+ zqM/TksGpJHowcUZJjkmdYL4sGFfLzABxYwA6/EdT2j+nnGOeL4tis75YKKHD/m/ FUJJVmeIYw9lV2QHv48wch9P4pAZFsDffWQaFnA6MnopHzmt2v0ZQjuujUoB3uNf T5e7BAzcOccSvBfLROs8XhsQ3Q+3U5sD+oyhUi8hPZGKGX/+UGlefsEq/S9XAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUHo0YQ+Ea4oJRpIQ73nwMrbS2nycwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzEzOTMwMmUzMjM1 MzQyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA Vb7+MA0GCSqGSIb3DQEBCwUAA4IBAQCUgpXCRr3/RGl+G7YT/YmeBXCJ8/yzjYG1 EAqdqXh0tuIxKpZ4nkvNwLcHDEdmW46Hzqw3givWpW8FtJOehpJCg2KQtZCmvRe6 FOvxc8SRk5wkUTwOzWycb2Uq56YkAoRO7JIsGJt2QqJ539n79pnFRh5spB1zpskq ash2WC2nqOcahmULYLaSItcIJff3zyaHjhrnQ11BNRDE8YVnlD6YnP0UJJn9OeDu ruxHRYxrGAL+GI1spMg1CPEH5E1anSXZujwON5lBClwHwIhUOAIHBTSK081g8IGw Mc0Vv0MwBKpApRM/yJ7Cg21CduEgnCJXoGrdllEkvzJ7jzWj6/Mw -----END CERTIFICATE-----Generated at Mon Jan 19 14:26:20 2026 by rpki-client