This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa File: 38362e34382e31342e302f32342d3332203d3e20313336373837.roa (raw, json) Hash identifier: HnfNpcboFODpZ8KUXNBg90S1mPFYoOoP2r7FS8PwTSM= Subject key identifier: 23:C5:D5:6B:4D:3A:16:6E:28:D0:0C:03:91:61:00:9A:4B:A8:E6:02 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 31EDAF49F950BD3745FA17789BA2205AB3EB3E8C Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa Signing time: Mon 29 Dec 2025 09:50:50 +0000 ROA not before: Mon 29 Dec 2025 09:45:50 +0000 ROA not after: Mon 28 Dec 2026 09:50:50 +0000 asID: 136787 IP address blocks: 86.48.14.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 31:ed:af:49:f9:50:bd:37:45:fa:17:78:9b:a2:20:5a:b3:eb:3e:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:50 2025 GMT Not After : Dec 28 09:50:50 2026 GMT Subject: CN=23C5D56B4D3A166E28D00C039161009A4BA8E602 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:72:4e:1a:ae:29:ed:91:df:72:d9:c2:37:75: 40:90:f3:01:9a:b6:af:d4:a6:6a:a6:21:8f:34:78: 2d:4d:0a:87:46:ad:da:8b:7a:0a:59:d9:cb:5b:e1: b4:4c:46:b8:a6:ad:45:bb:50:3a:f0:eb:9f:e3:0b: 98:5c:71:9b:7e:1d:78:41:6a:01:b9:65:84:8c:30: df:4e:aa:b6:a2:aa:cd:68:63:9f:9e:5b:80:a6:4d: 11:99:00:4c:63:85:c9:1d:68:06:28:3a:4c:c9:c3: f4:29:e5:eb:ce:8d:91:ea:45:f5:97:37:ed:6b:74: 09:69:a2:bd:bc:9f:1d:45:9a:a4:dc:8a:3a:ad:ac: 4e:c5:69:c5:4f:ea:7d:42:28:ad:05:53:39:b7:b1: 66:87:af:e9:b2:a6:a2:b9:7a:ac:40:0c:23:48:82: d7:d8:9d:78:b8:da:68:f0:e4:1a:e7:38:6e:13:51: 96:93:d3:e5:cc:f3:f4:0f:c6:ae:fc:69:a5:7c:08: de:60:3d:2e:03:27:44:0a:9c:3b:83:29:99:5a:6d: 2a:4f:5f:be:c0:46:2f:4c:7c:64:e4:c3:89:1c:c4: 6d:1a:5b:b1:d6:5a:5c:a3:63:af:c8:66:81:a9:43: 41:74:34:6a:47:ac:9e:0e:a5:8a:01:62:8a:f2:30: 69:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:C5:D5:6B:4D:3A:16:6E:28:D0:0C:03:91:61:00:9A:4B:A8:E6:02 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31342e302f32342d3332203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.48.14.0/24 Signature Algorithm: sha256WithRSAEncryption 2d:f7:5e:ac:6b:ee:e3:94:5d:7e:32:24:6b:77:98:aa:37:e5: 9f:ce:70:ac:a9:98:c9:53:dc:4d:af:3f:1f:2c:e4:b8:86:7e: 06:4b:cf:5e:11:d9:83:b1:91:af:39:e8:f2:1a:91:a0:44:c9: 0d:03:94:08:04:b1:3f:77:f2:18:04:48:28:a8:52:e0:b0:44: da:bb:fc:14:5b:e5:1e:eb:b1:aa:09:df:38:10:a9:c6:8e:71: ac:2b:f8:aa:69:61:6e:a7:30:0c:5e:f3:cb:62:b7:0f:92:ab: 36:a9:e4:ce:30:6b:fc:a3:a5:22:fc:d3:5f:45:6c:f6:f8:3d: d6:e3:6f:ec:9a:6b:0e:1d:f3:a5:4b:fd:ce:9b:64:9e:e6:cd: c4:bd:e9:81:c4:eb:e3:d7:21:cc:88:65:8f:66:a6:94:45:8e: d5:9e:86:35:f3:c2:b4:94:26:0b:e8:97:5a:9f:e2:ee:70:46: 3d:01:88:a6:12:e5:0e:64:a8:c8:62:e3:0f:a9:64:80:d2:7a: e1:c4:a9:97:39:b2:7c:25:2b:3e:65:a6:ac:36:b9:c7:90:a1: a9:c7:5e:0e:41:37:17:6a:2f:91:f2:27:3f:e7:ec:fe:72:5f: a1:02:d3:3a:9d:c1:89:ad:fe:74:a9:96:0b:0d:7a:a6:50:cd: 08:03:1e:ce -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUMe2vSflQvTdF+hd4m6IgWrPrPowwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTBaFw0yNjEyMjgwOTUwNTBaMDMxMTAvBgNV BAMTKDIzQzVENTZCNEQzQTE2NkUyOEQwMEMwMzkxNjEwMDlBNEJBOEU2MDIwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLck4arintkd9y2cI3dUCQ8wGa tq/UpmqmIY80eC1NCodGrdqLegpZ2ctb4bRMRrimrUW7UDrw65/jC5hccZt+HXhB agG5ZYSMMN9Oqraiqs1oY5+eW4CmTRGZAExjhckdaAYoOkzJw/Qp5evOjZHqRfWX N+1rdAlpor28nx1FmqTcijqtrE7FacVP6n1CKK0FUzm3sWaHr+mypqK5eqxADCNI gtfYnXi42mjw5BrnOG4TUZaT0+XM8/QPxq78aaV8CN5gPS4DJ0QKnDuDKZlabSpP X77ARi9MfGTkw4kcxG0aW7HWWlyjY6/IZoGpQ0F0NGpHrJ4OpYoBYoryMGmrAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUI8XVa006Fm4o0AwDkWEAmkuo5gIwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzNDJl MzAyZjMyMzQyZDMzMzIyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFYw DjANBgkqhkiG9w0BAQsFAAOCAQEALfderGvu45RdfjIka3eYqjfln85wrKmYyVPc Ta8/HyzkuIZ+BkvPXhHZg7GRrzno8hqRoETJDQOUCASxP3fyGARIKKhS4LBE2rv8 FFvlHuuxqgnfOBCpxo5xrCv4qmlhbqcwDF7zy2K3D5KrNqnkzjBr/KOlIvzTX0Vs 9vg91uNv7JprDh3zpUv9zptknubNxL3pgcTr49chzIhlj2amlEWO1Z6GNfPCtJQm C+iXWp/i7nBGPQGIphLlDmSoyGLjD6lkgNJ64cSplzmyfCUrPmWmrDa5x5Chqcde DkE3F2ovkfInP+fs/nJfoQLTOp3Bia3+dKmWCw16plDNCAMezg== -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:21 2026 by rpki-client