This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa File: 38352e3233392e3233322e302f32312d3332203d3e203430303231.roa (raw, json) Hash identifier: WFqwKrCBrAotdGkXadAMdshXq7pe6Ji7Xk2t5YM7CSw= Subject key identifier: 2C:C7:94:A3:F1:7C:FE:4F:EF:B3:D5:DA:3F:FB:2F:70:D7:7A:EE:92 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 139168129B6BDC411D5CE546382D1640CF3A1124 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:50:49 +0000 ROA not before: Mon 29 Dec 2025 09:45:49 +0000 ROA not after: Mon 28 Dec 2026 09:50:49 +0000 asID: 40021 IP address blocks: 85.239.232.0/21 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13:91:68:12:9b:6b:dc:41:1d:5c:e5:46:38:2d:16:40:cf:3a:11:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:49 2025 GMT Not After : Dec 28 09:50:49 2026 GMT Subject: CN=2CC794A3F17CFE4FEFB3D5DA3FFB2F70D77AEE92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:c7:a7:ed:35:58:5c:d7:bc:cc:84:c3:d0:b3: 1c:0e:90:71:3d:6e:58:29:f8:38:b1:5d:7c:61:32: aa:95:c9:86:3a:8b:7f:ee:87:9a:9f:bd:ac:c1:8d: ad:b7:43:a7:d1:45:37:36:cf:f9:45:61:1a:ec:3b: b2:a9:c9:2c:db:86:ea:00:c8:df:33:ed:6a:95:18: af:78:26:7c:04:ff:b3:87:1a:1a:bd:f8:52:18:1b: f2:3a:23:b2:f7:5b:d1:11:7e:6f:79:29:49:19:cf: e5:23:c3:ba:1c:5c:16:0b:fc:e7:0c:23:fe:6c:8a: 67:29:72:52:fc:ab:fc:b7:d3:16:72:5d:66:0e:c4: e0:ca:99:56:8f:7a:91:2c:68:62:3b:7e:6d:50:b8: 2f:84:15:41:22:81:3b:ca:18:94:f6:25:a1:5d:4c: 55:66:bf:07:d6:dc:5a:d1:58:55:50:d7:d3:4b:d8: 19:bb:e1:fc:ee:c4:1d:9e:35:83:bc:59:1f:8a:89: 6f:9e:50:aa:56:ed:0c:ce:07:71:15:2e:d6:04:3f: 7d:c2:9b:e0:a0:bb:f2:18:fd:3d:e5:12:66:99:4f: 2c:f1:96:11:82:ff:91:1e:5f:e9:34:83:f1:87:eb: ae:26:90:30:6a:ea:53:4d:42:b1:39:f0:32:a0:f1: 0f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:C7:94:A3:F1:7C:FE:4F:EF:B3:D5:DA:3F:FB:2F:70:D7:7A:EE:92 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3233322e302f32312d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.239.232.0/21 Signature Algorithm: sha256WithRSAEncryption 8b:d6:a9:e5:c7:01:d9:78:0d:61:3d:8f:0b:77:46:30:3f:b8: 04:d0:f4:0f:38:e1:4e:fc:8a:45:d9:ac:3b:97:d8:6f:fc:91: 16:93:27:76:b8:b0:7e:fe:18:34:83:13:47:d7:d5:9d:47:8f: 7d:5c:43:92:41:96:ba:f0:43:87:de:99:7d:72:48:08:fc:0a: e4:70:38:af:fc:cb:b3:38:16:22:00:74:b6:5e:d3:38:b7:33: 45:a0:59:2b:89:c4:2a:b7:8f:4b:ba:74:83:a1:f8:85:ea:59: 25:cb:04:7d:c9:89:65:3a:ff:a0:65:72:62:eb:ff:10:e2:7f: d9:75:5a:ef:cf:e8:94:38:a5:4e:99:79:f7:98:95:eb:69:dc: 63:0e:f5:65:55:41:51:de:8f:03:41:2c:0e:ea:35:99:6e:17: c2:4a:16:cc:42:0c:32:15:eb:d0:a9:34:c1:e7:3c:91:a3:d9: 0e:2a:a4:78:d9:d9:72:09:12:a1:24:81:6c:34:da:cc:d9:d2: f9:6b:64:67:d9:6f:e9:b5:7b:6e:ab:15:e4:b3:75:cb:52:bc: 76:7a:18:1c:85:82:41:32:6e:ce:a1:2e:46:a6:eb:72:99:d7: 58:1c:71:98:ec:35:0a:57:64:90:bd:75:12:73:6f:32:bd:c8: 51:d9:51:16 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUE5FoEptr3EEdXOVGOC0WQM86ESQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDlaFw0yNjEyMjgwOTUwNDlaMDMxMTAvBgNV BAMTKDJDQzc5NEEzRjE3Q0ZFNEZFRkIzRDVEQTNGRkIyRjcwRDc3QUVFOTIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwx6ftNVhc17zMhMPQsxwOkHE9 blgp+DixXXxhMqqVyYY6i3/uh5qfvazBja23Q6fRRTc2z/lFYRrsO7KpySzbhuoA yN8z7WqVGK94JnwE/7OHGhq9+FIYG/I6I7L3W9ERfm95KUkZz+Ujw7ocXBYL/OcM I/5simcpclL8q/y30xZyXWYOxODKmVaPepEsaGI7fm1QuC+EFUEigTvKGJT2JaFd TFVmvwfW3FrRWFVQ19NL2Bm74fzuxB2eNYO8WR+KiW+eUKpW7QzOB3EVLtYEP33C m+Cgu/IY/T3lEmaZTyzxlhGC/5EeX+k0g/GH664mkDBq6lNNQrE58DKg8Q87AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQULMeUo/F8/k/vs9XaP/svcNd67pIwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNTJlMzIzMzM5MmUzMjMz MzIyZTMwMmYzMjMxMmQzMzMyMjAzZDNlMjAzNDMwMzAzMjMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD Ve/oMA0GCSqGSIb3DQEBCwUAA4IBAQCL1qnlxwHZeA1hPY8Ld0YwP7gE0PQPOOFO /IpF2aw7l9hv/JEWkyd2uLB+/hg0gxNH19WdR499XEOSQZa68EOH3pl9ckgI/Ark cDiv/MuzOBYiAHS2XtM4tzNFoFkricQqt49LunSDofiF6lklywR9yYllOv+gZXJi 6/8Q4n/ZdVrvz+iUOKVOmXn3mJXradxjDvVlVUFR3o8DQSwO6jWZbhfCShbMQgwy FevQqTTB5zyRo9kOKqR42dlyCRKhJIFsNNrM2dL5a2Rn2W/ptXtuqxXks3XLUrx2 ehgchYJBMm7OoS5GputymddYHHGY7DUKV2SQvXUSc28yvchR2VEW -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:54 2026 by rpki-client