This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa File: 38362e34382e382e302f32342d3234203d3e20313337343039.roa (raw, json) Hash identifier: 1DHeKgt+t1U90SnnPXx6rcp24Rb7aYVab3gq9k7ZNzg= Subject key identifier: 79:6C:2E:AE:9E:61:65:07:34:8B:F0:21:B7:F8:94:E6:6E:B6:58:AC Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 51B7DAA8F10B38F9ECBA70D59500D40638A9F453 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa Signing time: Mon 29 Dec 2025 09:50:46 +0000 ROA not before: Mon 29 Dec 2025 09:45:46 +0000 ROA not after: Mon 28 Dec 2026 09:50:46 +0000 asID: 137409 IP address blocks: 86.48.8.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 01:05:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 51:b7:da:a8:f1:0b:38:f9:ec:ba:70:d5:95:00:d4:06:38:a9:f4:53 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:45:46 2025 GMT Not After : Dec 28 09:50:46 2026 GMT Subject: CN=796C2EAE9E616507348BF021B7F894E66EB658AC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:ee:5a:d4:c1:2b:aa:fc:16:67:f5:43:2f:48: 0d:ec:a2:b6:51:f4:ed:58:f3:69:af:0a:4a:c2:21: bc:d6:72:f7:f5:8e:48:0f:d3:f4:2d:51:bb:24:f8: 07:92:a0:59:ea:ae:53:93:60:30:ea:cf:44:46:ca: 02:c7:b9:d4:cc:a3:8e:1b:99:09:1f:7b:94:7f:56: 85:d3:c0:11:e8:db:d8:3a:2c:10:aa:3b:4f:fc:fd: 1a:e5:df:bd:64:bf:4f:73:22:32:c1:9c:2b:55:c1: 69:4d:a7:47:90:ac:db:91:a4:00:2d:32:ea:18:8b: f1:f9:87:aa:cb:98:d0:26:8b:04:1d:6b:9c:58:66: a7:57:50:6e:6e:ee:ce:7b:59:f4:dc:62:af:7b:cf: be:4a:a7:35:b3:50:a4:11:5b:85:6d:ac:8d:04:16: a0:d7:9f:3a:52:2c:bf:5d:30:49:74:aa:87:0b:d2: c7:e5:2e:cf:8c:05:b8:d2:80:54:ef:27:f7:34:c2: 6e:f0:a1:eb:95:d2:25:38:55:46:30:6a:5d:b0:0e: 98:b8:44:90:24:fc:31:44:83:27:70:ee:0b:da:68: c2:b0:9d:41:9a:ae:21:04:7e:e6:ba:f9:5f:fc:67: 92:30:de:17:3e:fa:d5:37:48:75:ef:7f:34:88:c0: bb:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:6C:2E:AE:9E:61:65:07:34:8B:F0:21:B7:F8:94:E6:6E:B6:58:AC X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38362e34382e382e302f32342d3234203d3e20313337343039.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 86.48.8.0/24 Signature Algorithm: sha256WithRSAEncryption 64:da:64:0b:f2:c8:02:ef:a1:63:49:e5:1c:79:a8:88:45:99: 95:36:5b:39:ef:d1:9d:2a:64:30:44:fa:03:3e:83:77:6c:ee: ca:93:b3:46:54:1a:63:03:d1:9d:51:95:b9:8a:bc:29:f4:5e: 32:1d:ef:3c:90:be:5f:37:c8:95:ec:88:e1:2e:6e:03:09:4f: 7e:33:52:0f:ff:37:c0:da:1a:29:7b:cf:93:8b:98:af:45:cf: 67:c0:37:8c:a7:01:7a:bf:80:0a:38:92:34:98:98:81:59:b2: a1:27:14:9c:ec:d9:25:0b:ed:2b:1a:81:6d:25:95:a4:44:79: 4e:a9:a3:e1:7b:bd:4b:af:09:a3:eb:7e:1d:f5:24:8d:ce:b1: 40:8c:60:27:19:a5:86:97:6e:c6:43:73:04:0f:20:7e:1e:e3: e8:4d:80:93:8d:28:01:f7:e5:87:1f:af:49:f7:5f:b2:6a:e4: 52:22:98:78:85:94:27:f6:a7:e4:95:17:e0:5a:64:52:77:e6: b9:a9:28:79:4a:15:38:7f:1e:75:15:ef:5a:11:73:43:53:27: 6e:6c:f7:68:f5:de:ef:03:d3:a7:7c:78:de:d3:0c:c8:47:95: ba:40:e8:35:f0:19:b8:4a:94:21:27:22:1c:1d:a8:8c:24:c1: 0b:7b:12:c9 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUUbfaqPELOPnsunDVlQDUBjip9FMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ1NDZaFw0yNjEyMjgwOTUwNDZaMDMxMTAvBgNV BAMTKDc5NkMyRUFFOUU2MTY1MDczNDhCRjAyMUI3Rjg5NEU2NkVCNjU4QUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDK7lrUwSuq/BZn9UMvSA3sorZR 9O1Y82mvCkrCIbzWcvf1jkgP0/QtUbsk+AeSoFnqrlOTYDDqz0RGygLHudTMo44b mQkfe5R/VoXTwBHo29g6LBCqO0/8/Rrl371kv09zIjLBnCtVwWlNp0eQrNuRpAAt MuoYi/H5h6rLmNAmiwQda5xYZqdXUG5u7s57WfTcYq97z75KpzWzUKQRW4VtrI0E FqDXnzpSLL9dMEl0qocL0sflLs+MBbjSgFTvJ/c0wm7woeuV0iU4VUYwal2wDpi4 RJAk/DFEgydw7gvaaMKwnUGariEEfua6+V/8Z5Iw3hc++tU3SHXvfzSIwLu/AgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUeWwurp5hZQc0i/Aht/iU5m62WKwwHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzNjJlMzQzODJlMzgyZTMw MmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzczNDMwMzkucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWMAgw DQYJKoZIhvcNAQELBQADggEBAGTaZAvyyALvoWNJ5Rx5qIhFmZU2Wznv0Z0qZDBE +gM+g3ds7sqTs0ZUGmMD0Z1RlbmKvCn0XjId7zyQvl83yJXsiOEubgMJT34zUg// N8DaGil7z5OLmK9Fz2fAN4ynAXq/gAo4kjSYmIFZsqEnFJzs2SUL7SsagW0llaRE eU6po+F7vUuvCaPrfh31JI3OsUCMYCcZpYaXbsZDcwQPIH4e4+hNgJONKAH35Ycf r0n3X7Jq5FIimHiFlCf2p+SVF+BaZFJ35rmpKHlKFTh/HnUV71oRc0NTJ25s92j1 3u8D06d8eN7TDMhHlbpA6DXwGbhKlCEnIhwdqIwkwQt7Esk= -----END CERTIFICATE-----Generated at Mon Jan 19 14:24:22 2026 by rpki-client