This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa File: 38352e3233392e3234302e302f32312d3332203d3e203430303231.roa (raw, json) Hash identifier: X2WWxVr7brFMu5PbwZY+2Nu16HcBS7cHFxDsX41yU38= Subject key identifier: 65:4E:18:0E:55:9A:F7:1D:33:E4:1E:F4:E6:D4:50:B6:C0:78:1C:50 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 461993C9BEE93BAB957793890547B496017351 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:50:43 +0000 ROA not before: Mon 29 Dec 2025 09:45:43 +0000 ROA not after: Mon 28 Dec 2026 09:50:43 +0000 asID: 40021 IP address blocks: 85.239.240.0/21 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 46:19:93:c9:be:e9:3b:ab:95:77:93:89:05:47:b4:96:01:73:51 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:43 2025 GMT Not After : Dec 28 09:50:43 2026 GMT Subject: CN=654E180E559AF71D33E41EF4E6D450B6C0781C50 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:44:fa:19:48:b2:04:c4:16:b5:0a:eb:98:73: 51:2d:2e:a7:e7:6f:71:78:d6:51:81:79:8a:e6:eb: 5f:f7:5b:57:f3:f5:ad:7f:65:02:2c:6a:1e:cc:83: ff:31:2c:13:6d:fe:bb:4b:dd:87:f0:2d:f5:4f:a4: cc:28:e3:78:a3:e5:6a:c7:84:bf:6c:b0:0f:98:11: 82:24:29:c4:24:71:a9:be:59:c6:05:6e:bc:0e:02: 1d:1e:55:a1:47:46:a9:d3:5a:a6:b5:8e:70:f6:96: 79:d1:ef:1e:8e:4f:58:4e:3c:dc:e4:58:83:76:81: 2c:04:d5:91:e0:d5:5d:d0:c7:60:3e:b9:b8:2e:38: 61:6b:56:1b:db:bb:53:36:fd:f1:c1:11:64:a9:71: b9:c1:8b:de:48:0a:2e:5b:97:2e:9d:e4:e9:ea:da: 75:c0:8f:bd:f2:a7:1e:78:7b:fc:a5:76:85:cb:f8: 14:72:ec:2c:7b:0f:19:47:fa:51:b2:ca:01:43:bb: 5c:ae:86:e5:40:3c:a2:41:00:91:fd:df:ca:73:1a: 98:0d:6d:cf:89:9b:33:14:3a:55:eb:be:31:80:7e: 09:72:0d:92:b5:f6:69:fb:eb:5f:2b:9d:42:f9:86: 48:ad:6f:44:ef:ec:1e:d3:d5:b2:0b:11:40:db:72: ad:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:4E:18:0E:55:9A:F7:1D:33:E4:1E:F4:E6:D4:50:B6:C0:78:1C:50 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38352e3233392e3234302e302f32312d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.239.240.0/21 Signature Algorithm: sha256WithRSAEncryption 36:32:70:f6:2f:b9:c4:25:49:17:8a:9a:c0:4c:bb:ad:35:ad: ce:ae:8d:ac:53:57:db:0c:04:cc:51:ad:57:02:32:10:2e:88: 24:1a:1e:fe:65:68:2b:07:7d:67:86:3e:bc:ae:7a:07:7b:c9: 12:49:c1:4f:da:ca:69:ba:f4:93:f0:4f:49:94:75:46:95:f6: ce:c8:7b:52:c9:0e:7d:d8:9d:6e:3c:13:ba:b1:a6:ba:5a:18: 4f:ba:d8:f6:46:55:86:9c:ba:c7:53:0d:03:2c:b5:eb:14:cd: d8:fc:b7:3c:6f:82:2d:cf:25:e7:c4:99:c8:1d:59:cc:28:a6: 92:d5:cb:d6:20:b1:09:09:30:d6:0f:20:3d:4c:6c:ad:c9:aa: ca:cf:f0:9c:8b:55:a5:a0:43:a6:03:a9:1a:13:87:8f:bd:dc: c9:d9:4f:1c:7a:38:5c:ff:cb:40:ed:23:7c:35:3d:48:67:61: e2:91:3a:fa:bb:26:cc:9e:72:5e:3b:c4:32:35:7a:8c:9d:9a: d8:49:6e:fe:00:13:53:3c:ea:99:04:c1:b9:44:1d:09:86:47: 3b:96:06:85:de:da:08:18:ec:37:05:73:68:69:17:0a:b8:12: 9d:8e:4e:ec:cd:d4:ff:5e:24:23:74:5a:8c:12:be:22:91:77: 6b:00:8d:01 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgITRhmTyb7pO6uVd5OJBUe0lgFzUTANBgkqhkiG9w0BAQsF ADAzMTEwLwYDVQQDEyhhYjJkY2MxNjljOTVmMmIxNGRmMzFkZDI0YTFmNjcwMzRl YTc3NzljMB4XDTI1MTIyOTA5NDU0M1oXDTI2MTIyODA5NTA0M1owMzExMC8GA1UE AxMoNjU0RTE4MEU1NTlBRjcxRDMzRTQxRUY0RTZENDUwQjZDMDc4MUM1MDCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ9E+hlIsgTEFrUK65hzUS0up+dv cXjWUYF5iubrX/dbV/P1rX9lAixqHsyD/zEsE23+u0vdh/At9U+kzCjjeKPlaseE v2ywD5gRgiQpxCRxqb5ZxgVuvA4CHR5VoUdGqdNaprWOcPaWedHvHo5PWE483ORY g3aBLATVkeDVXdDHYD65uC44YWtWG9u7Uzb98cERZKlxucGL3kgKLluXLp3k6era dcCPvfKnHnh7/KV2hcv4FHLsLHsPGUf6UbLKAUO7XK6G5UA8okEAkf3fynMamA1t z4mbMxQ6Veu+MYB+CXINkrX2afvrXyudQvmGSK1vRO/sHtPVsgsRQNtyrYUCAwEA AaOCAj0wggI5MB0GA1UdDgQWBBRlThgOVZr3HTPkHvTm1FC2wHgcUDAfBgNVHSME GDAWgBSrLcwWnJXysU3zHdJKH2cDTqd3nDAOBgNVHQ8BAf8EBAMCB4AwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5u ZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5 YWYvNC9BQjJEQ0MxNjlDOTVGMkIxNERGMzFERDI0QTFGNjcwMzRFQTc3NzlDLmNy bDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvcXkzTUZweVY4ckZOOHgzU1NoOW5BMDZu ZDV3LmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoGCCsGAQUFBzALhoGNcnN5bmM6 Ly9yc3luYy5wYWFzLnJwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9mZTM3MDhhMC02 N2Q1LTRhYzItYWJjNC1hMzMyNTkwYjk5YWYvNC8zODM1MmUzMjMzMzkyZTMyMzQz MDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1UdIAEB /wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBANV 7/AwDQYJKoZIhvcNAQELBQADggEBADYycPYvucQlSReKmsBMu601rc6ujaxTV9sM BMxRrVcCMhAuiCQaHv5laCsHfWeGPryuegd7yRJJwU/aymm69JPwT0mUdUaV9s7I e1LJDn3YnW48E7qxprpaGE+62PZGVYacusdTDQMstesUzdj8tzxvgi3PJefEmcgd WcwoppLVy9YgsQkJMNYPID1MbK3JqsrP8JyLVaWgQ6YDqRoTh4+93MnZTxx6OFz/ y0DtI3w1PUhnYeKROvq7Jsyecl47xDI1eoydmthJbv4AE1M86pkEwblEHQmGRzuW BoXe2ggY7DcFc2hpFwq4Ep2OTuzN1P9eJCN0WowSviKRd2sAjQE= -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:20 2026 by rpki-client