This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa File: 3139342e33312e3134382e302f32332d3233203d3e203631333137.roa (raw, json) Hash identifier: icwYnO6HvKbiPHCGhBSLbYYl4kGPDZYocgI7sXfiOHc= Subject key identifier: A4:71:E4:4B:77:67:EA:A6:CF:AF:58:AB:2C:9B:E7:1C:FF:F5:F9:20 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 0E94D584E19C0B4C99E3FDD623194859A63D23C0 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa Signing time: Mon 29 Dec 2025 09:50:25 +0000 ROA not before: Mon 29 Dec 2025 09:45:25 +0000 ROA not after: Mon 28 Dec 2026 09:50:25 +0000 asID: 61317 IP address blocks: 194.31.148.0/23 maxlen: 23 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0e:94:d5:84:e1:9c:0b:4c:99:e3:fd:d6:23:19:48:59:a6:3d:23:c0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:25 2025 GMT Not After : Dec 28 09:50:25 2026 GMT Subject: CN=A471E44B7767EAA6CFAF58AB2C9BE71CFFF5F920 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:eb:6b:b1:4e:17:6f:94:8b:a7:24:11:19:a5: 09:a9:46:c4:3b:ab:fb:8a:e1:5b:d3:93:66:9c:aa: bc:ca:75:35:a6:2f:da:57:03:16:dd:16:5c:8e:dd: c5:e1:83:5a:d2:fd:8f:1a:a3:38:33:86:e6:87:8a: 6a:4a:45:a5:bb:d9:b4:6a:84:2c:61:c7:e9:24:0a: 29:3f:77:16:27:6c:90:32:28:33:1e:c3:15:24:f9: 9c:ed:2a:40:3e:db:b7:b0:60:11:48:50:18:f7:86: be:ca:79:77:2e:e3:20:66:ef:f6:3b:01:0d:84:a4: 92:14:65:26:6b:90:d5:73:e0:7a:75:bd:de:9d:d7: a3:53:fa:98:95:d7:12:e2:e3:91:78:a3:e5:d0:1a: 85:59:dd:3d:7d:f9:4d:ff:59:a5:bb:8c:13:bd:9a: f6:5a:cf:83:8d:70:36:4f:01:3f:31:a7:42:a7:5b: 7c:95:30:fe:bd:8c:bd:30:36:99:6e:de:6c:71:98: d0:e3:cf:3e:f1:5e:ba:f0:70:e8:86:2e:78:f3:df: 57:f6:a5:fd:ff:61:9d:c8:ad:1a:45:6d:bb:28:c6: 2e:24:55:5a:0b:d5:9a:01:87:72:ca:6c:b1:1c:90: 2f:f0:6c:58:c3:a9:f4:04:47:83:b0:53:fc:67:df: 27:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:71:E4:4B:77:67:EA:A6:CF:AF:58:AB:2C:9B:E7:1C:FF:F5:F9:20 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3233203d3e203631333137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.31.148.0/23 Signature Algorithm: sha256WithRSAEncryption 62:70:fa:6b:a9:20:57:af:05:b8:01:5d:6c:22:59:f5:8b:7b: 49:7b:7d:37:3c:04:a4:da:20:50:a6:db:2c:47:e1:c5:7c:3a: db:4d:4b:f6:a6:b9:cf:83:e3:d9:e2:d4:29:be:0a:64:47:62: 77:9e:51:64:6c:07:ac:f0:75:0e:97:4b:d2:6d:39:28:ea:3d: 59:ef:ef:9b:3d:1f:3a:34:8b:f7:b2:56:c0:b7:72:16:96:0f: 42:97:4a:13:43:62:10:1b:66:d6:b7:4f:e8:d9:fd:2c:09:aa: 9f:a7:e4:8b:85:a9:e4:21:8d:70:bb:b1:69:88:59:b2:2e:3d: 5c:be:36:ca:fe:e7:06:9d:57:23:7e:e2:62:6a:e0:52:c2:a0: c6:2e:01:02:81:63:fe:3c:4c:bc:92:38:5f:f7:b1:3c:3b:57: d9:d6:46:cb:c5:5f:75:89:96:df:0c:53:a3:b9:ba:61:8e:e8: b5:a0:11:dc:63:4f:e3:4b:71:d2:e1:ec:32:99:4e:b2:9f:0e: e9:66:c2:9e:06:6d:ce:47:39:4c:77:a4:6b:79:6a:e1:d3:3a: 99:75:11:9a:4c:96:66:59:77:67:cd:b6:b6:86:46:a5:a4:b2: ef:a2:cb:89:76:d4:7f:ee:50:74:20:31:43:d2:a2:10:b8:c0: 6d:ae:22:52 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUDpTVhOGcC0yZ4/3WIxlIWaY9I8AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjVaFw0yNjEyMjgwOTUwMjVaMDMxMTAvBgNV BAMTKEE0NzFFNDRCNzc2N0VBQTZDRkFGNThBQjJDOUJFNzFDRkZGNUY5MjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr62uxThdvlIunJBEZpQmpRsQ7 q/uK4VvTk2acqrzKdTWmL9pXAxbdFlyO3cXhg1rS/Y8aozgzhuaHimpKRaW72bRq hCxhx+kkCik/dxYnbJAyKDMewxUk+ZztKkA+27ewYBFIUBj3hr7KeXcu4yBm7/Y7 AQ2EpJIUZSZrkNVz4Hp1vd6d16NT+piV1xLi45F4o+XQGoVZ3T19+U3/WaW7jBO9 mvZaz4ONcDZPAT8xp0KnW3yVMP69jL0wNplu3mxxmNDjzz7xXrrwcOiGLnjz31f2 pf3/YZ3IrRpFbbsoxi4kVVoL1ZoBh3LKbLEckC/wbFjDqfQER4OwU/xn3yenAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUpHHkS3dn6qbPr1irLJvnHP/1+SAwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0 MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB wh+UMA0GCSqGSIb3DQEBCwUAA4IBAQBicPprqSBXrwW4AV1sIln1i3tJe303PASk 2iBQptssR+HFfDrbTUv2prnPg+PZ4tQpvgpkR2J3nlFkbAes8HUOl0vSbTko6j1Z 7++bPR86NIv3slbAt3IWlg9Cl0oTQ2IQG2bWt0/o2f0sCaqfp+SLhankIY1wu7Fp iFmyLj1cvjbK/ucGnVcjfuJiauBSwqDGLgECgWP+PEy8kjhf97E8O1fZ1kbLxV91 iZbfDFOjubphjui1oBHcY0/jS3HS4ewymU6ynw7pZsKeBm3ORzlMd6RreWrh0zqZ dRGaTJZmWXdnzba2hkalpLLvosuJdtR/7lB0IDFD0qIQuMBtriJS -----END CERTIFICATE-----Generated at Thu Jan 8 12:56:06 2026 by rpki-client