This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa File: 34352e3133332e34302e302f32322d3234203d3e20323033303631.roa (raw, json) Hash identifier: UkSbWPjhHiM60wNVFmKSFlj39YqYfb0gTO4rMRdX6uQ= Subject key identifier: 4A:8E:B0:91:BB:07:32:73:5B:D6:46:1C:92:B1:7E:6B:AA:C1:B4:8A Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 1F1ACD2DCD96067EE6733EBB5197570D3EA0CF6E Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa Signing time: Mon 29 Dec 2025 09:50:26 +0000 ROA not before: Mon 29 Dec 2025 09:45:26 +0000 ROA not after: Mon 28 Dec 2026 09:50:26 +0000 asID: 203061 IP address blocks: 45.133.40.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1f:1a:cd:2d:cd:96:06:7e:e6:73:3e:bb:51:97:57:0d:3e:a0:cf:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:26 2025 GMT Not After : Dec 28 09:50:26 2026 GMT Subject: CN=4A8EB091BB0732735BD6461C92B17E6BAAC1B48A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:e9:68:9e:96:ab:12:b2:66:34:a3:f3:68:b3: 97:22:24:8b:3b:4f:92:e3:b2:c4:7b:a9:fa:eb:c1: 14:f0:b1:fe:5c:fa:4a:c9:86:44:13:72:ac:04:01: e5:c7:69:b6:f3:ba:a2:5a:fb:b4:c9:6d:85:17:90: 43:66:aa:01:6f:68:87:e1:78:49:de:46:a0:dd:b3: c6:d5:d3:78:d1:ca:45:e5:4d:c1:99:56:06:52:f1: b5:45:96:5b:a5:30:81:f1:d3:35:72:48:3e:e5:7c: c9:e0:7c:9b:49:54:9c:38:f7:cd:c9:5e:ae:42:f0: 65:cc:21:a6:4e:e9:e5:89:aa:40:66:d0:ba:79:74: 66:eb:c4:0d:58:29:79:ac:11:37:69:86:ec:d6:44: 7f:6a:97:dd:e0:1f:88:ec:bc:e6:88:fe:52:5d:3c: 84:3b:81:99:a1:10:29:5e:54:e0:00:88:d8:ea:e5: 71:a2:b1:51:d5:26:6b:1a:d2:02:a8:cf:c7:f2:5a: fd:0a:d9:f4:7e:f5:bb:37:51:20:e4:51:bd:7b:63: d5:2f:39:5f:df:8a:39:6b:1b:d6:bd:e1:46:27:76: 70:ca:6e:d2:ec:7b:61:02:5a:9b:3f:5f:36:6f:dd: 38:be:55:94:66:3d:7d:46:4b:f6:83:ff:f7:78:5d: 28:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:8E:B0:91:BB:07:32:73:5B:D6:46:1C:92:B1:7E:6B:AA:C1:B4:8A X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3133332e34302e302f32322d3234203d3e20323033303631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.133.40.0/22 Signature Algorithm: sha256WithRSAEncryption a1:0c:8a:aa:1e:12:9c:84:bc:24:5e:0f:7e:0f:ec:1e:90:03: a5:c1:74:48:65:56:9b:7c:e6:82:f4:99:c6:2e:ab:9c:44:ca: fe:09:6b:43:ea:f3:56:a6:59:95:67:40:23:5e:f3:dd:a5:96: e6:14:01:77:3a:96:14:4a:ea:f5:b8:a0:f6:a0:b7:22:d6:2c: 57:99:93:f7:16:d3:43:6e:6a:1e:b9:cc:ea:66:e6:9f:18:c4: 42:d0:36:55:88:96:d0:e9:55:31:aa:49:29:74:dc:09:fd:c1: 29:46:99:91:fc:3c:6b:2c:cf:82:c7:22:30:75:3c:b3:a5:9a: 43:d7:8b:69:63:45:d4:9e:7a:6d:cb:9e:a4:59:d1:17:25:a9: ad:b8:35:e1:50:98:0e:42:f6:38:94:c1:0d:8d:90:0a:8e:8e: f1:04:42:0f:27:cf:5c:15:32:eb:a3:8c:b6:2b:79:0e:b3:eb: 5b:c3:44:fb:d9:21:0f:d7:40:98:83:7d:69:f0:b8:c5:7c:1e: 5a:ae:20:40:ee:b8:52:7e:5d:09:2b:2e:b7:a5:ca:74:e9:b0: b6:ac:c0:5d:ed:6c:27:93:47:8d:6c:1c:7a:c5:5e:d8:6c:0a: a2:a8:31:44:32:53:7f:b1:1b:58:e4:ab:a0:6e:33:9d:71:73: 66:35:96:d4 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUHxrNLc2WBn7mcz67UZdXDT6gz24wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjZaFw0yNjEyMjgwOTUwMjZaMDMxMTAvBgNV BAMTKDRBOEVCMDkxQkIwNzMyNzM1QkQ2NDYxQzkyQjE3RTZCQUFDMUI0OEEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDE6WielqsSsmY0o/Nos5ciJIs7 T5LjssR7qfrrwRTwsf5c+krJhkQTcqwEAeXHabbzuqJa+7TJbYUXkENmqgFvaIfh eEneRqDds8bV03jRykXlTcGZVgZS8bVFllulMIHx0zVySD7lfMngfJtJVJw4983J Xq5C8GXMIaZO6eWJqkBm0Lp5dGbrxA1YKXmsETdphuzWRH9ql93gH4jsvOaI/lJd PIQ7gZmhECleVOAAiNjq5XGisVHVJmsa0gKoz8fyWv0K2fR+9bs3USDkUb17Y9Uv OV/fijlrG9a94UYndnDKbtLse2ECWps/XzZv3Ti+VZRmPX1GS/aD//d4XSihAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUSo6wkbsHMnNb1kYckrF+a6rBtIowHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzMzMzMmUzNDMw MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC LYUoMA0GCSqGSIb3DQEBCwUAA4IBAQChDIqqHhKchLwkXg9+D+wekAOlwXRIZVab fOaC9JnGLqucRMr+CWtD6vNWplmVZ0AjXvPdpZbmFAF3OpYUSur1uKD2oLci1ixX mZP3FtNDbmoeuczqZuafGMRC0DZViJbQ6VUxqkkpdNwJ/cEpRpmR/DxrLM+CxyIw dTyzpZpD14tpY0XUnnpty56kWdEXJamtuDXhUJgOQvY4lMENjZAKjo7xBEIPJ89c FTLro4y2K3kOs+tbw0T72SEP10CYg31p8LjFfB5ariBA7rhSfl0JKy63pcp06bC2 rMBd7Wwnk0eNbBx6xV7YbAqiqDFEMlN/sRtY5KugbjOdcXNmNZbU -----END CERTIFICATE-----Generated at Mon Jan 19 20:02:24 2026 by rpki-client