This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa File: 38362e34382e31332e302f32342d3332203d3e20313336373837.roa (raw, json) Hash identifier: 9d/QCr/EDydPdxhfD2Ew99IwNAPgq68lDOtOzfJMnZU= Subject key identifier: AF:0C:C3:8C:2E:DA:E0:C9:B8:66:D7:53:85:72:17:D7:C9:FA:E8:17 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 25B4E274746E3CD5C674624A84A83AF8A10A58EE Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa Signing time: Mon 29 Dec 2025 09:51:04 +0000 ROA not before: Mon 29 Dec 2025 09:46:04 +0000 ROA not after: Mon 28 Dec 2026 09:51:04 +0000 asID: 136787 IP address blocks: 86.48.13.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25:b4:e2:74:74:6e:3c:d5:c6:74:62:4a:84:a8:3a:f8:a1:0a:58:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:04 2025 GMT Not After : Dec 28 09:51:04 2026 GMT Subject: CN=AF0CC38C2EDAE0C9B866D753857217D7C9FAE817 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:74:79:24:7a:8c:3b:8f:4b:af:e8:50:1b:4e: 57:f0:89:ca:56:b7:ec:16:1c:45:b1:7c:ae:0d:49: 8c:87:53:16:8d:b6:a6:2e:44:40:00:01:74:8f:fd: 52:cb:0f:5b:bc:a2:4f:e7:78:74:06:64:38:18:20: 96:54:1d:41:fe:81:61:7d:87:68:12:69:92:5c:5e: 37:09:5b:79:ca:97:16:bf:c3:b0:37:51:fd:80:9e: 05:65:41:06:c9:4c:3f:ab:59:5a:ca:c3:dc:ad:e1: 14:64:fe:78:c9:5f:f0:28:e3:5d:04:38:d9:f0:b7: 04:8a:73:53:2a:f2:e3:42:23:63:82:11:ec:0e:42: e9:01:2e:93:dc:63:26:0d:0b:04:1c:97:6e:4a:90: dd:01:cb:0f:30:cf:b6:42:ca:17:0e:a9:1e:41:75: d9:7e:3b:d6:7c:5d:53:3c:f5:03:6b:04:82:e9:ba: 06:3b:65:a3:3a:7a:26:89:4d:bc:0f:29:4c:2c:b3: 9a:9a:70:7e:c8:aa:b7:dc:db:a0:aa:7b:a0:57:43: a6:91:3c:2f:ac:2c:00:12:b0:a5:c7:09:04:d8:1f: 1e:91:74:02:1e:43:a9:e8:31:9f:b6:37:a3:17:6a: 4b:06:55:ae:8e:75:fe:2f:89:0c:fb:dc:db:b7:c0: 99:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:0C:C3:8C:2E:DA:E0:C9:B8:66:D7:53:85:72:17:D7:C9:FA:E8:17 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31332e302f32342d3332203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.48.13.0/24 Signature Algorithm: sha256WithRSAEncryption 03:87:ad:09:52:0a:1d:b6:c3:53:e5:41:41:72:ed:9d:5f:54: 7f:cf:9a:82:d9:0a:a9:39:e5:c6:29:b9:3e:bc:ed:61:84:8c: 4e:a6:42:c2:61:d5:68:fc:22:20:11:c2:6a:6e:09:cf:b5:2c: dd:70:26:8a:1f:02:b5:95:5c:2d:3c:4c:a4:69:44:a1:c8:f4: 36:94:f4:e2:7a:a4:27:69:9c:cc:e5:ce:c5:d6:af:09:9d:18: 8f:c8:28:be:c8:f5:e0:bb:ce:a2:9c:9d:1d:78:a2:e7:e8:43: ca:9b:a6:00:c4:cb:cd:5e:02:af:39:f9:c8:7f:a0:47:65:1c: dc:71:80:e7:fd:17:dc:83:59:26:6c:63:c2:a9:90:f7:b6:ea: a1:2d:60:71:ef:0f:e1:e5:b6:bd:0a:cc:01:00:7d:ea:2b:9e: e5:84:12:3d:51:30:18:84:4e:14:1e:48:85:d6:fc:83:6e:c0: 7f:d4:c3:75:a4:75:b1:ee:36:36:35:ab:b8:6c:13:ad:32:cc: 47:89:78:0d:0d:a8:41:85:e0:fd:22:ad:af:2f:ae:d5:b2:e9: d6:cc:b2:23:ef:d4:c0:bf:d6:ae:e7:89:0f:26:e8:2f:24:5a: 33:b7:06:bb:5f:81:4f:24:04:6e:01:ca:c8:a0:2b:56:32:c8: 33:a1:1f:15 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUJbTidHRuPNXGdGJKhKg6+KEKWO4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDRaFw0yNjEyMjgwOTUxMDRaMDMxMTAvBgNV BAMTKEFGMENDMzhDMkVEQUUwQzlCODY2RDc1Mzg1NzIxN0Q3QzlGQUU4MTcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLdHkkeow7j0uv6FAbTlfwicpW t+wWHEWxfK4NSYyHUxaNtqYuREAAAXSP/VLLD1u8ok/neHQGZDgYIJZUHUH+gWF9 h2gSaZJcXjcJW3nKlxa/w7A3Uf2AngVlQQbJTD+rWVrKw9yt4RRk/njJX/Ao410E ONnwtwSKc1Mq8uNCI2OCEewOQukBLpPcYyYNCwQcl25KkN0Byw8wz7ZCyhcOqR5B ddl+O9Z8XVM89QNrBILpugY7ZaM6eiaJTbwPKUwss5qacH7Iqrfc26Cqe6BXQ6aR PC+sLAASsKXHCQTYHx6RdAIeQ6noMZ+2N6MXaksGVa6Odf4viQz73Nu3wJkVAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUrwzDjC7a4Mm4ZtdThXIX18n66BcwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzMzJl MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFYw DTANBgkqhkiG9w0BAQsFAAOCAQEAA4etCVIKHbbDU+VBQXLtnV9Uf8+agtkKqTnl xim5PrztYYSMTqZCwmHVaPwiIBHCam4Jz7Us3XAmih8CtZVcLTxMpGlEocj0NpT0 4nqkJ2mczOXOxdavCZ0Yj8govsj14LvOopydHXii5+hDypumAMTLzV4Crzn5yH+g R2Uc3HGA5/0X3INZJmxjwqmQ97bqoS1gce8P4eW2vQrMAQB96iue5YQSPVEwGIRO FB5Ihdb8g27Af9TDdaR1se42NjWruGwTrTLMR4l4DQ2oQYXg/SKtry+u1bLp1syy I+/UwL/WrueJDyboLyRaM7cGu1+BTyQEbgHKyKArVjLIM6EfFQ== -----END CERTIFICATE-----Generated at Mon Jan 19 14:25:25 2026 by rpki-client