This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa File: 38362e34382e31362e302f32302d3332203d3e203430303231.roa (raw, json) Hash identifier: ykkuVQgwTrLuwTxZnaeMK/Goz1a7xeViI9z/1TOWa2Y= Subject key identifier: AA:AE:29:80:E5:6C:82:0F:DC:20:EA:0B:EE:35:72:AD:80:82:04:96 Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 2660F951BB14D07B44F47CAC4AE5771448AEDA59 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa Signing time: Mon 29 Dec 2025 09:50:56 +0000 ROA not before: Mon 29 Dec 2025 09:45:56 +0000 ROA not after: Mon 28 Dec 2026 09:50:56 +0000 asID: 40021 IP address blocks: 86.48.16.0/20 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 26:60:f9:51:bb:14:d0:7b:44:f4:7c:ac:4a:e5:77:14:48:ae:da:59 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:56 2025 GMT Not After : Dec 28 09:50:56 2026 GMT Subject: CN=AAAE2980E56C820FDC20EA0BEE3572AD80820496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:e8:1f:f9:3e:0c:b3:4b:bd:9f:aa:89:0c:89: 64:a4:33:0a:87:2a:51:5b:f1:24:4e:35:8e:56:97: 86:ae:65:ce:ec:37:9d:67:90:fd:8d:c8:5c:90:95: 48:a2:46:ca:b7:bf:3c:f1:05:b4:c4:fd:75:1b:61: d5:fc:41:6e:08:91:88:ba:44:e5:7d:dd:41:35:bc: e0:68:33:6f:a3:77:b5:16:21:fe:15:6d:d2:5f:b7: 71:3c:ac:83:70:1b:f1:77:0d:fb:dc:d8:61:c1:4f: 22:80:f3:5b:10:27:7f:e6:57:e9:aa:9b:f5:04:23: 07:6a:89:ec:65:4f:ac:b4:c7:07:ef:4f:57:b3:8e: 07:77:af:df:0c:3a:ec:44:ad:a7:9c:0e:9a:90:e8: 76:15:cf:cb:8b:05:72:7e:3e:ea:15:52:8c:6e:7d: 6b:a1:48:70:5e:d0:5c:4d:8d:84:df:87:1a:ea:dd: c7:67:70:51:79:d3:00:75:12:fe:9f:a5:64:64:ff: 79:fd:6c:6c:bb:42:65:f4:af:7e:84:7e:a7:fb:2b: 82:b1:f3:de:ad:81:97:79:bb:9f:d8:e3:58:bd:e9: e3:86:c3:ed:86:85:9b:5d:48:2d:f0:69:0d:35:82: b4:74:d6:84:0b:b4:90:60:ed:43:86:4b:3d:1a:19: cc:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:AE:29:80:E5:6C:82:0F:DC:20:EA:0B:EE:35:72:AD:80:82:04:96 X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e31362e302f32302d3332203d3e203430303231.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.48.16.0/20 Signature Algorithm: sha256WithRSAEncryption 45:25:a9:68:d5:6d:bc:a3:7c:6e:fb:69:99:95:9b:19:72:dc: c4:46:08:8d:a8:4d:f8:8f:e7:32:81:65:3d:74:35:6d:e0:dd: 17:ad:e7:3e:3f:a5:76:7d:31:f7:6f:8b:52:20:9c:27:dc:18: b6:04:76:63:72:4a:74:c9:ba:fb:f4:c8:22:7f:b5:79:07:16: ff:c1:26:25:d9:7f:ff:97:8f:35:57:f9:03:14:43:8f:dc:c9: d3:6e:83:8e:8a:69:08:02:c9:2f:65:53:9a:66:1d:f9:b1:4e: 35:fd:ea:f6:79:44:82:d8:cd:72:31:68:be:ea:19:fc:1a:c8: 4a:ad:8a:0b:f1:78:d3:30:d6:6c:79:62:0c:4c:60:e4:ac:1a: 8f:23:4f:bb:69:b1:db:66:bf:8d:8a:80:a6:a5:fc:71:15:b9: 40:88:8f:ed:0a:68:66:52:24:e8:c4:f1:58:36:68:da:25:6a: 00:60:5d:85:69:63:46:ab:97:f8:0a:85:f4:47:5e:96:6f:7c: 85:79:06:7b:82:11:3d:4e:f0:ac:aa:ad:51:e1:33:fb:61:53: f8:64:20:c8:97:0b:31:74:a3:7e:fb:a0:10:ee:de:bc:2f:ce: 4d:d4:26:9f:68:09:03:dc:cc:0a:57:4c:70:31:3b:fd:96:c8: f9:2c:f8:87 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUJmD5UbsU0HtE9HysSuV3FEiu2lkwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NTZaFw0yNjEyMjgwOTUwNTZaMDMxMTAvBgNV BAMTKEFBQUUyOTgwRTU2QzgyMEZEQzIwRUEwQkVFMzU3MkFEODA4MjA0OTYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU6B/5PgyzS72fqokMiWSkMwqH KlFb8SRONY5Wl4auZc7sN51nkP2NyFyQlUiiRsq3vzzxBbTE/XUbYdX8QW4IkYi6 ROV93UE1vOBoM2+jd7UWIf4VbdJft3E8rINwG/F3Dfvc2GHBTyKA81sQJ3/mV+mq m/UEIwdqiexlT6y0xwfvT1ezjgd3r98MOuxEraecDpqQ6HYVz8uLBXJ+PuoVUoxu fWuhSHBe0FxNjYTfhxrq3cdncFF50wB1Ev6fpWRk/3n9bGy7QmX0r36Efqf7K4Kx 896tgZd5u5/Y41i96eOGw+2GhZtdSC3waQ01grR01oQLtJBg7UOGSz0aGcyZAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUqq4pgOVsgg/cIOoL7jVyrYCCBJYwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzEzNjJl MzAyZjMyMzAyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBARWMBAw DQYJKoZIhvcNAQELBQADggEBAEUlqWjVbbyjfG77aZmVmxly3MRGCI2oTfiP5zKB ZT10NW3g3Ret5z4/pXZ9Mfdvi1IgnCfcGLYEdmNySnTJuvv0yCJ/tXkHFv/BJiXZ f/+XjzVX+QMUQ4/cydNug46KaQgCyS9lU5pmHfmxTjX96vZ5RILYzXIxaL7qGfwa yEqtigvxeNMw1mx5YgxMYOSsGo8jT7tpsdtmv42KgKal/HEVuUCIj+0KaGZSJOjE 8Vg2aNolagBgXYVpY0arl/gKhfRHXpZvfIV5BnuCET1O8KyqrVHhM/thU/hkIMiX CzF0o377oBDu3rwvzk3UJp9oCQPczApXTHAxO/2WyPks+Ic= -----END CERTIFICATE-----Generated at Mon Jan 19 14:23:32 2026 by rpki-client