This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa File: 38362e34382e302e302f32322d3332203d3e203531313637.roa (raw, json) Hash identifier: Wktl+cTzGmLKWBfIz7YhsNFfLCsiFyqLP5msEUS4Kvk= Subject key identifier: 72:86:B7:A3:45:91:06:BE:10:F4:41:E8:71:D7:63:95:F8:9E:EB:A0 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 50F032B1AC652BF088725F40B339911C6472A8BE Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:48 +0000 ROA not before: Mon 29 Dec 2025 09:45:48 +0000 ROA not after: Mon 28 Dec 2026 09:50:48 +0000 asID: 51167 IP address blocks: 86.48.0.0/22 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 50:f0:32:b1:ac:65:2b:f0:88:72:5f:40:b3:39:91:1c:64:72:a8:be Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:48 2025 GMT Not After : Dec 28 09:50:48 2026 GMT Subject: CN=7286B7A3459106BE10F441E871D76395F89EEBA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:6c:80:9b:ae:77:d0:1a:e5:d3:87:60:02:7e: 4b:15:cf:ce:a6:8d:59:8f:50:33:59:0c:a6:42:c9: d4:4b:78:17:ac:35:2d:a2:8e:84:b0:f4:16:85:d1: a7:f6:94:b6:43:9c:38:7d:4b:ab:7f:ae:57:7d:ec: fd:c1:af:c5:45:db:75:6a:44:8d:cf:d0:e3:c5:c8: d4:c2:e3:dc:91:26:df:f9:3b:87:90:40:11:a1:88: 98:9d:c5:00:c0:18:ad:61:3c:d2:1b:6c:ef:ae:b8: 2e:29:69:47:df:25:65:92:8d:11:f0:db:78:97:a5: 7c:78:19:f1:35:65:93:f5:1e:51:5c:60:8e:f9:bb: 16:67:af:03:70:77:27:ee:a4:a7:15:92:56:ab:39: 0f:9b:1c:b8:28:41:1c:65:a3:89:22:5b:4f:37:d4: 75:7c:43:17:c7:29:46:07:3d:55:90:ce:cd:d7:ec: 2f:d0:f4:6b:5a:56:fa:96:2a:c4:ff:a3:e1:31:9b: 60:1b:f3:0b:79:ad:e4:df:15:6c:6f:ea:6d:7e:69: dd:a4:28:f4:5d:e7:3d:2f:b0:80:ff:92:13:45:36: 7e:6d:ca:da:98:c1:e7:9c:c7:e1:32:5d:70:e5:40: 35:4d:f6:56:3f:94:b8:54:d6:20:f4:ea:ea:4e:41: 08:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:86:B7:A3:45:91:06:BE:10:F4:41:E8:71:D7:63:95:F8:9E:EB:A0 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e302e302f32322d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.48.0.0/22 Signature Algorithm: sha256WithRSAEncryption 81:38:36:17:70:1d:a7:0c:86:46:f3:60:af:e3:6c:b2:a5:fa: 92:23:6f:7a:ec:12:df:1e:de:0d:ae:19:f3:58:58:8b:d7:ee: c8:05:17:35:0f:4a:cd:ed:8b:da:0b:c0:5f:74:a2:51:09:2c: d5:b9:07:f3:f3:6a:ba:63:18:3b:1b:41:13:0c:a4:bc:ad:a9: 74:4c:3f:52:a1:19:6a:ca:ad:10:11:20:c1:30:70:e4:0b:cc: 44:b8:7f:b5:ae:be:96:69:55:04:d5:2d:ea:76:9c:27:3b:7e: 27:c5:c3:60:a7:11:b9:45:19:3e:19:c1:aa:41:40:62:79:c4: 8c:0a:f2:c9:60:18:02:62:e0:40:c5:b6:b9:20:51:d5:f0:9c: 4e:fe:bd:00:af:9d:a8:c1:7d:93:ef:4a:e9:dd:75:19:d3:9c: d4:96:3e:ca:e7:d9:eb:ca:0e:57:93:d3:46:a3:2b:be:81:d3: c0:f2:ff:76:c6:a3:fc:e9:03:6a:37:8c:d3:c8:55:2a:6f:ac: 90:24:84:ef:ee:08:6a:d2:7c:be:0b:d3:cf:97:f6:5a:6e:0d: 09:fe:ab:5e:40:e3:b8:6c:b3:1a:12:24:12:86:ec:f3:6f:f0: 31:9e:5c:67:a2:57:f3:ac:f1:ed:41:2e:e5:ad:cd:30:72:a6: 79:84:e2:58 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUUPAysaxlK/CIcl9AszmRHGRyqL4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDhaFw0yNjEyMjgwOTUwNDhaMDMxMTAvBgNV BAMTKDcyODZCN0EzNDU5MTA2QkUxMEY0NDFFODcxRDc2Mzk1Rjg5RUVCQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6bICbrnfQGuXTh2ACfksVz86m jVmPUDNZDKZCydRLeBesNS2ijoSw9BaF0af2lLZDnDh9S6t/rld97P3Br8VF23Vq RI3P0OPFyNTC49yRJt/5O4eQQBGhiJidxQDAGK1hPNIbbO+uuC4paUffJWWSjRHw 23iXpXx4GfE1ZZP1HlFcYI75uxZnrwNwdyfupKcVklarOQ+bHLgoQRxlo4kiW083 1HV8QxfHKUYHPVWQzs3X7C/Q9GtaVvqWKsT/o+Exm2Ab8wt5reTfFWxv6m1+ad2k KPRd5z0vsID/khNFNn5tytqYweecx+EyXXDlQDVN9lY/lLhU1iD06upOQQiJAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUcoa3o0WRBr4Q9EHocddjlfie66AwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzAyZTMw MmYzMjMyMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVjAAMA0G CSqGSIb3DQEBCwUAA4IBAQCBODYXcB2nDIZG82Cv42yypfqSI2967BLfHt4Nrhnz WFiL1+7IBRc1D0rN7YvaC8BfdKJRCSzVuQfz82q6Yxg7G0ETDKS8ral0TD9SoRlq yq0QESDBMHDkC8xEuH+1rr6WaVUE1S3qdpwnO34nxcNgpxG5RRk+GcGqQUBiecSM CvLJYBgCYuBAxba5IFHV8JxO/r0Ar52owX2T70rp3XUZ05zUlj7K59nryg5Xk9NG oyu+gdPA8v92xqP86QNqN4zTyFUqb6yQJITv7ghq0ny+C9PPl/Zabg0J/qteQOO4 bLMaEiQShuzzb/AxnlxnolfzrPHtQS7lrc0wcqZ5hOJY -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:33 2026 by rpki-client