This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa File: 3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa (raw, json) Hash identifier: f4cdEqxklf9nWEMN1JdPAtcxU/3OJdc+ZC5dhSxUQio= Subject key identifier: 4F:C0:09:2D:2B:44:64:CD:2E:ED:D1:FF:96:82:56:28:EB:08:8E:B6 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 22EC9D3E7E6052727CDA8DDAFA0E8F6B95BFC908 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa Signing time: Mon 01 Dec 2025 15:50:08 +0000 ROA not before: Mon 01 Dec 2025 15:45:08 +0000 ROA not after: Mon 30 Nov 2026 15:50:08 +0000 asID: 136787 IP address blocks: 185.220.21.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 06 Dec 2025 05:02:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 22:ec:9d:3e:7e:60:52:72:7c:da:8d:da:fa:0e:8f:6b:95:bf:c9:08 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 1 15:45:08 2025 GMT Not After : Nov 30 15:50:08 2026 GMT Subject: CN=4FC0092D2B4464CD2EEDD1FF96825628EB088EB6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:87:1f:e6:80:dc:41:61:26:87:6a:6e:e6:11: 9d:16:40:f1:66:07:15:9c:9f:0c:09:81:bc:02:21: ee:6c:a7:14:99:e7:c1:3a:1a:62:74:ce:76:7b:33: 6d:42:53:5c:0b:79:87:28:cb:a3:09:d2:1a:61:a3: 47:34:4a:71:92:5c:d2:2c:de:0c:97:35:6e:4d:5a: 3f:18:32:45:e3:cb:a6:b6:92:5d:38:1e:26:46:91: 17:12:4b:52:40:67:0b:72:94:f7:d0:34:2b:00:61: ca:6b:da:aa:fe:df:2e:ee:de:50:d7:5f:bd:d4:38: 52:7e:32:6a:53:03:d3:e2:ec:3f:a9:2e:c9:2c:eb: 30:d7:77:ed:f5:65:c2:6b:1e:1b:cf:8e:f9:63:a3: 35:95:b0:f7:d3:04:21:cb:1f:92:e9:e7:33:ca:35: 8c:46:1a:58:db:29:96:25:a4:d8:8b:8e:ca:8b:a1: c5:a2:4d:85:98:4f:8a:df:6b:3d:88:b1:65:6f:d9: 3d:41:bc:f4:96:1d:54:5a:4d:46:2d:fe:cd:cf:1f: d7:1d:e7:d6:6d:7d:52:0a:1d:62:b2:68:3c:94:5b: 64:15:13:c8:07:e5:ed:6f:5c:75:41:84:a4:2d:3c: 8e:57:7f:7f:f8:36:21:d9:8d:85:f0:68:d1:16:d9: 21:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:C0:09:2D:2B:44:64:CD:2E:ED:D1:FF:96:82:56:28:EB:08:8E:B6 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3138352e3232302e32312e302f32342d3332203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.220.21.0/24 Signature Algorithm: sha256WithRSAEncryption 3f:ba:68:42:ca:91:16:7e:5e:7f:10:d4:29:bb:38:54:1c:bf: 21:32:85:8b:6e:d5:18:c5:b6:fa:cc:d0:c9:74:95:f4:7d:f2: 58:a8:80:ca:77:2c:cd:e3:08:10:e8:85:03:79:46:65:7e:6d: 1d:d7:de:1b:82:d1:ef:0c:56:b9:ab:58:43:58:d4:80:b5:b2: 8d:2c:ab:4c:97:de:68:18:e9:88:d1:a8:3e:03:48:42:b9:37: 8a:8b:3a:d6:dd:c4:f0:80:52:9e:ab:fd:98:59:66:c8:4a:e1: b2:1f:ba:cf:01:da:ce:75:a2:52:3b:71:67:c2:d9:27:3f:26: 81:23:a9:f5:09:de:b8:9f:f9:1e:f8:22:8f:6e:d6:e3:09:b2: 3d:f2:36:07:42:6c:9d:9b:87:94:7c:c5:cc:73:7b:19:69:3f: 72:aa:fb:fa:93:ee:f6:ce:ba:cd:93:d5:8e:48:84:dd:9d:64: 53:f8:1f:0f:83:d8:4a:28:28:21:46:ff:9a:3a:0a:c5:64:59: b2:18:2c:e8:2f:66:09:f5:0b:59:93:14:d0:e6:71:1e:b8:fa: 39:29:4b:b6:e5:23:e0:db:07:52:de:9e:e2:4c:89:70:3a:f1: 0d:59:0d:5c:ec:26:70:d3:28:74:b2:b5:39:6f:da:47:4d:7b: ae:f4:44:9a -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUIuydPn5gUnJ82o3a+g6Pa5W/yQgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMDExNTQ1MDhaFw0yNjExMzAxNTUwMDhaMDMxMTAvBgNV BAMTKDRGQzAwOTJEMkI0NDY0Q0QyRUVERDFGRjk2ODI1NjI4RUIwODhFQjYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDThx/mgNxBYSaHam7mEZ0WQPFm BxWcnwwJgbwCIe5spxSZ58E6GmJ0znZ7M21CU1wLeYcoy6MJ0hpho0c0SnGSXNIs 3gyXNW5NWj8YMkXjy6a2kl04HiZGkRcSS1JAZwtylPfQNCsAYcpr2qr+3y7u3lDX X73UOFJ+MmpTA9Pi7D+pLsks6zDXd+31ZcJrHhvPjvljozWVsPfTBCHLH5Lp5zPK NYxGGljbKZYlpNiLjsqLocWiTYWYT4rfaz2IsWVv2T1BvPSWHVRaTUYt/s3PH9cd 59ZtfVIKHWKyaDyUW2QVE8gH5e1vXHVBhKQtPI5Xf3/4NiHZjYXwaNEW2SHRAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQUT8AJLStEZM0u7dH/loJWKOsIjrYwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzODM1MmUzMjMyMzAyZTMy MzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAC53BUwDQYJKoZIhvcNAQELBQADggEBAD+6aELKkRZ+Xn8Q1Cm7OFQcvyEyhYtu 1RjFtvrM0Ml0lfR98liogMp3LM3jCBDohQN5RmV+bR3X3huC0e8MVrmrWENY1IC1 so0sq0yX3mgY6YjRqD4DSEK5N4qLOtbdxPCAUp6r/ZhZZshK4bIfus8B2s51olI7 cWfC2Sc/JoEjqfUJ3rif+R74Io9u1uMJsj3yNgdCbJ2bh5R8xcxzexlpP3Kq+/qT 7vbOus2T1Y5IhN2dZFP4Hw+D2EooKCFG/5o6CsVkWbIYLOgvZgn1C1mTFNDmcR64 +jkpS7blI+DbB1LenuJMiXA68Q1ZDVzsJnDTKHSytTlv2kdNe670RJo= -----END CERTIFICATE-----Generated at Fri Dec 5 13:09:16 2025 by rpki-client