This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa File: 3139342e33312e3134382e302f32332d3234203d3e203631333137.roa (raw, json) Hash identifier: OmwQ7OUnkV6icH1WIOvyYzs8eDVP07E1CQ7KnHmvXoM= Subject key identifier: 15:F1:BA:80:F1:77:ED:A9:35:7A:A4:85:8E:A7:4F:F5:2E:DE:A8:61 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 349228E0457930648D371F022D41DD3234F95A60 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa Signing time: Mon 29 Dec 2025 09:50:30 +0000 ROA not before: Mon 29 Dec 2025 09:45:30 +0000 ROA not after: Mon 28 Dec 2026 09:50:30 +0000 asID: 61317 IP address blocks: 194.31.148.0/23 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 09:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34:92:28:e0:45:79:30:64:8d:37:1f:02:2d:41:dd:32:34:f9:5a:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:30 2025 GMT Not After : Dec 28 09:50:30 2026 GMT Subject: CN=15F1BA80F177EDA9357AA4858EA74FF52EDEA861 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:14:d1:f8:61:eb:5e:72:07:6b:97:60:4b:d7: b9:7c:4f:db:4e:01:f5:56:00:32:a1:c5:0c:0d:f5: 20:0d:25:27:50:d6:e1:78:a3:59:81:62:07:d7:cc: 5f:7f:3a:a1:a6:81:9c:fa:0e:48:97:e0:6b:a2:6b: e6:69:21:af:17:f2:3e:07:0a:d3:f7:66:cb:d1:0c: 24:c1:fc:08:72:e6:9e:1e:ec:bd:14:35:cb:ab:18: e8:97:74:d2:92:e0:aa:b4:39:e9:39:9a:b2:1c:0c: 0c:8d:4a:dd:f9:64:5d:73:2a:08:3d:c3:e9:4b:18: 27:2a:0c:3c:59:ca:be:e4:0d:e0:d8:ef:af:00:02: b9:2d:b9:9a:80:fc:8d:0b:b9:e2:0a:49:ec:33:f7: 2b:1f:68:c2:bc:29:6f:bc:3b:f2:68:50:a1:1a:9c: 2a:eb:f5:5e:dd:a2:fd:4f:67:42:ba:13:96:5c:70: 7c:57:71:33:81:a6:8b:15:92:d9:95:c8:1b:a6:5e: 36:82:5c:3c:56:35:0f:58:4b:9a:f9:6c:ff:8e:4d: d8:58:1c:80:08:62:a4:a3:ee:c1:2d:30:43:d4:5f: 23:44:b6:8e:a2:e6:06:16:82:d6:0b:7f:38:44:1e: 45:9b:34:f4:cd:58:cd:74:ff:09:c7:05:3d:b0:64: 62:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F1:BA:80:F1:77:ED:A9:35:7A:A4:85:8E:A7:4F:F5:2E:DE:A8:61 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/3139342e33312e3134382e302f32332d3234203d3e203631333137.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.31.148.0/23 Signature Algorithm: sha256WithRSAEncryption a1:ed:dc:52:e6:23:2f:db:ce:0f:9c:c4:c2:74:94:71:24:7c: cd:c9:3c:1d:a9:20:db:81:d1:41:ea:12:eb:02:ce:38:9c:e3: ab:20:55:61:3c:08:46:3a:b8:1d:28:58:2f:77:b5:0c:1e:cc: c4:3a:8e:67:03:c8:c4:0a:f1:5d:ff:b5:68:6d:d3:14:d4:e1: e1:a2:f6:f5:65:40:0a:2f:10:42:3b:ff:e1:46:56:68:b7:b4: 2f:99:94:a4:f2:1f:6b:58:f7:d4:a3:e4:e6:f5:93:c2:66:6d: c6:df:c5:5a:7a:3a:42:5a:a4:9f:3c:dc:02:df:2e:99:0b:9b: cc:31:fa:d9:a9:de:b9:08:1a:c4:07:6f:09:d2:b1:68:64:0f: 19:04:8a:e6:31:e6:bd:6c:1f:c7:55:3a:d0:f8:93:7f:b8:60: f4:51:d6:87:79:8d:e2:64:f7:98:e4:2a:66:c4:b9:28:e0:63: 36:d3:de:09:c8:a5:b7:0c:27:c4:de:bc:96:65:37:16:e7:81: fc:ec:fd:dd:3e:1d:c6:58:e4:b1:db:23:34:04:c8:aa:93:36: c0:13:39:30:9a:16:8e:01:cc:1c:c1:3d:4f:22:b5:d1:a2:a0: b5:21:84:94:28:04:82:43:f3:7e:84:d7:47:65:3a:c8:cb:43: c9:ef:aa:97 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUNJIo4EV5MGSNNx8CLUHdMjT5WmAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MzBaFw0yNjEyMjgwOTUwMzBaMDMxMTAvBgNV BAMTKDE1RjFCQTgwRjE3N0VEQTkzNTdBQTQ4NThFQTc0RkY1MkVERUE4NjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGFNH4Yetecgdrl2BL17l8T9tO AfVWADKhxQwN9SANJSdQ1uF4o1mBYgfXzF9/OqGmgZz6DkiX4Guia+ZpIa8X8j4H CtP3ZsvRDCTB/Ahy5p4e7L0UNcurGOiXdNKS4Kq0Oek5mrIcDAyNSt35ZF1zKgg9 w+lLGCcqDDxZyr7kDeDY768AArktuZqA/I0LueIKSewz9ysfaMK8KW+8O/JoUKEa nCrr9V7dov1PZ0K6E5ZccHxXcTOBposVktmVyBumXjaCXDxWNQ9YS5r5bP+OTdhY HIAIYqSj7sEtMEPUXyNEto6i5gYWgtYLfzhEHkWbNPTNWM10/wnHBT2wZGLpAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUFfG6gPF37ak1eqSFjqdP9S7eqGEwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzEzOTM0MmUzMzMxMmUzMTM0 MzgyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNjMxMzMzMTM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB wh+UMA0GCSqGSIb3DQEBCwUAA4IBAQCh7dxS5iMv284PnMTCdJRxJHzNyTwdqSDb gdFB6hLrAs44nOOrIFVhPAhGOrgdKFgvd7UMHszEOo5nA8jECvFd/7VobdMU1OHh ovb1ZUAKLxBCO//hRlZot7QvmZSk8h9rWPfUo+Tm9ZPCZm3G38VaejpCWqSfPNwC 3y6ZC5vMMfrZqd65CBrEB28J0rFoZA8ZBIrmMea9bB/HVTrQ+JN/uGD0UdaHeY3i ZPeY5CpmxLko4GM2094JyKW3DCfE3ryWZTcW54H87P3dPh3GWOSx2yM0BMiqkzbA EzkwmhaOAcwcwT1PIrXRoqC1IYSUKASCQ/N+hNdHZTrIy0PJ76qX -----END CERTIFICATE-----Generated at Thu Jan 8 12:58:52 2026 by rpki-client