This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa File: 34352e3134312e3132322e302f32342d3332203d3e203531313637.roa (raw, json) Hash identifier: onKEMP+dlUq9Vt2WJVkteSIMNdrZo4EanuD+8c3iCa8= Subject key identifier: 01:A0:D4:37:1B:5B:B3:A0:BE:4D:ED:81:63:9B:B8:FB:57:1A:49:31 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 0957DC18EBDC56CE24FABB9EC8E010B9536B1F1E Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:50:31 +0000 ROA not before: Mon 29 Dec 2025 09:45:31 +0000 ROA not after: Mon 28 Dec 2026 09:50:31 +0000 asID: 51167 IP address blocks: 45.141.122.0/24 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 17:47:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:57:dc:18:eb:dc:56:ce:24:fa:bb:9e:c8:e0:10:b9:53:6b:1f:1e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:31 2025 GMT Not After : Dec 28 09:50:31 2026 GMT Subject: CN=01A0D4371B5BB3A0BE4DED81639BB8FB571A4931 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:57:e9:62:c1:7d:cd:32:03:53:7f:41:48:1c: 37:7e:14:46:2b:0e:ef:3d:b6:9c:0b:2a:48:9a:09: 8f:f2:83:38:c1:21:0e:61:cf:ef:90:17:c2:21:d8: b5:73:3f:62:88:05:f8:5a:78:7c:a6:f6:98:e4:41: cf:d9:66:47:99:a0:90:d6:f2:3b:24:09:72:32:19: e4:10:d6:3c:f7:0e:5e:0b:78:fa:5c:c5:c6:be:15: f0:a5:47:72:72:ab:7e:84:d1:a1:9d:de:de:0c:64: ff:68:5a:07:6e:37:38:d6:3f:32:ef:4e:9e:c7:31: 64:ac:76:17:5b:9b:fd:a2:92:2c:10:13:80:4a:ba: 32:ad:71:87:26:59:53:a0:88:f5:73:46:6a:b1:45: 43:6c:c0:48:c4:8b:31:59:63:bd:b5:ad:5a:1d:cf: f0:97:b5:6f:63:59:f8:fb:5c:91:26:2f:c8:ae:0c: 7d:6d:34:2e:d5:de:65:66:6a:4d:73:1a:b3:26:f4: 08:ac:7c:9a:97:fc:4b:f3:49:57:f0:8a:59:06:02: 1d:90:91:9f:5b:58:8c:2e:25:63:be:4b:d9:92:1f: 3e:34:76:24:c5:b5:ad:e8:6f:97:73:ca:f7:91:af: 26:87:ec:a7:44:cf:24:82:8a:6e:26:1c:3f:7e:1c: 1e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:A0:D4:37:1B:5B:B3:A0:BE:4D:ED:81:63:9B:B8:FB:57:1A:49:31 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e3134312e3132322e302f32342d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.141.122.0/24 Signature Algorithm: sha256WithRSAEncryption a3:c3:f4:b3:dc:b7:4e:38:0f:ce:a0:7a:af:6c:42:2f:b7:e6: c6:44:9c:e2:5a:63:6c:3c:cf:e7:d2:3e:5e:ca:b4:bf:68:d1: 6d:47:f4:1d:47:5a:b2:c0:a0:4b:8b:10:f3:0d:80:ad:ae:5f: 9e:d8:4f:7c:bd:4c:0a:5a:c3:84:cf:b6:9c:30:83:63:cd:33: 8b:95:12:77:f5:5b:74:8e:12:19:84:89:6f:9f:35:69:2b:72: 01:32:74:a2:53:5d:6b:bc:00:c9:4e:b3:d8:f3:eb:d6:44:e2: ad:6c:74:09:c7:9a:2e:d1:d9:4d:43:56:d1:3c:46:35:fc:f1: 00:3c:81:e3:8e:e8:37:09:eb:14:d7:db:0a:5d:f5:78:e3:d4: 26:00:80:cb:3b:5a:d5:84:ed:4e:62:8e:e9:8a:a7:ad:c4:7b: b1:c8:4c:ae:ba:98:e1:41:f9:c5:3b:d5:e0:ed:cf:d7:54:09: 21:c2:9e:48:3a:04:f8:36:22:66:62:67:f4:b8:92:aa:9f:17: 47:b1:d8:f8:1a:47:bc:d2:6c:c0:8d:35:30:f3:be:ea:9b:2f: 0c:95:49:34:f6:3d:cc:65:a9:f4:91:67:4d:dc:a0:1c:c7:f6: 78:35:65:7c:53:0a:83:5b:4f:da:f3:9f:c6:96:ab:23:e9:59: bc:e3:e9:74 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUCVfcGOvcVs4k+rueyOAQuVNrHx4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MzFaFw0yNjEyMjgwOTUwMzFaMDMxMTAvBgNV BAMTKDAxQTBENDM3MUI1QkIzQTBCRTRERUQ4MTYzOUJCOEZCNTcxQTQ5MzEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwV+liwX3NMgNTf0FIHDd+FEYr Du89tpwLKkiaCY/ygzjBIQ5hz++QF8Ih2LVzP2KIBfhaeHym9pjkQc/ZZkeZoJDW 8jskCXIyGeQQ1jz3Dl4LePpcxca+FfClR3Jyq36E0aGd3t4MZP9oWgduNzjWPzLv Tp7HMWSsdhdbm/2ikiwQE4BKujKtcYcmWVOgiPVzRmqxRUNswEjEizFZY721rVod z/CXtW9jWfj7XJEmL8iuDH1tNC7V3mVmak1zGrMm9AisfJqX/EvzSVfwilkGAh2Q kZ9bWIwuJWO+S9mSHz40diTFta3ob5dzyveRryaH7KdEzySCim4mHD9+HB7bAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUAaDUNxtbs6C+Te2BY5u4+1caSTEwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzEzNDMxMmUzMTMy MzIyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA LY16MA0GCSqGSIb3DQEBCwUAA4IBAQCjw/Sz3LdOOA/OoHqvbEIvt+bGRJziWmNs PM/n0j5eyrS/aNFtR/QdR1qywKBLixDzDYCtrl+e2E98vUwKWsOEz7acMINjzTOL lRJ39Vt0jhIZhIlvnzVpK3IBMnSiU11rvADJTrPY8+vWROKtbHQJx5ou0dlNQ1bR PEY1/PEAPIHjjug3CesU19sKXfV449QmAIDLO1rVhO1OYo7piqetxHuxyEyuupjh QfnFO9Xg7c/XVAkhwp5IOgT4NiJmYmf0uJKqnxdHsdj4Gke80mzAjTUw877qmy8M lUk09j3MZan0kWdN3KAcx/Z4NWV8UwqDW0/a85/Glqsj6Vm84+l0 -----END CERTIFICATE-----Generated at Tue Feb 10 06:10:04 2026 by rpki-client