This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39312e3137362e302f32322d3234203d3e20323033303631.roa File: 34352e39312e3137362e302f32322d3234203d3e20323033303631.roa (raw, json) Hash identifier: LvDhjtO/ZzB7zQejlE0AdPRwSPrUW6F1lwC41xVVlaw= Subject key identifier: 72:71:F3:5C:52:E5:D9:5E:0C:F3:9C:50:B4:F3:9E:89:EE:8C:63:6A Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 0D8CCB3EDFDF41169CE8CCECE8B5542A167594C6 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39312e3137362e302f32322d3234203d3e20323033303631.roa Signing time: Mon 29 Dec 2025 09:50:28 +0000 ROA not before: Mon 29 Dec 2025 09:45:28 +0000 ROA not after: Mon 28 Dec 2026 09:50:28 +0000 asID: 203061 IP address blocks: 45.91.176.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0d:8c:cb:3e:df:df:41:16:9c:e8:cc:ec:e8:b5:54:2a:16:75:94:c6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:28 2025 GMT Not After : Dec 28 09:50:28 2026 GMT Subject: CN=7271F35C52E5D95E0CF39C50B4F39E89EE8C636A Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:23:92:bf:c6:48:0a:4e:01:88:92:11:3e:d2: 43:9a:a1:55:93:75:7f:95:a2:88:02:02:b0:81:da: e8:e4:49:31:b7:1c:71:f6:4c:6b:d8:9b:ca:b2:05: 01:39:15:23:0c:bf:d5:51:a6:2a:0c:9d:b9:56:97: dc:8b:7d:56:a1:da:b8:43:81:10:18:e2:c3:cf:af: 5a:2d:bb:71:c4:4a:5e:20:de:b9:b0:18:6a:ee:0d: 6f:62:35:8c:7b:e5:07:e0:f1:d2:f7:40:ae:1a:4e: d9:ac:7e:56:42:66:54:76:00:a8:3d:d8:3f:2c:bf: f2:ce:f6:99:02:fe:b8:4f:e1:b8:e5:0e:74:79:be: d6:12:06:da:9b:a8:91:af:4d:bc:9e:b2:a0:a2:48: 86:26:f3:e8:95:03:6f:ce:b2:df:83:f7:bc:94:22: 4d:1a:dc:93:36:bc:5a:95:3f:ae:0b:4f:28:c4:a4: a0:da:14:e6:65:4a:2c:f5:c0:fa:c6:fa:d8:9d:74: 35:01:3c:0c:cd:2c:e2:c5:a9:e5:74:89:8c:a0:6f: ec:9f:b4:a2:78:af:7d:7c:ea:39:af:2b:db:8a:f9: 74:99:61:1d:79:7e:41:f5:dc:fb:84:f7:5d:11:5b: 23:32:12:4c:5c:5c:94:c7:0b:5b:73:b5:75:49:62: c7:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:71:F3:5C:52:E5:D9:5E:0C:F3:9C:50:B4:F3:9E:89:EE:8C:63:6A X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/34352e39312e3137362e302f32322d3234203d3e20323033303631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.176.0/22 Signature Algorithm: sha256WithRSAEncryption ae:46:20:1f:57:7f:78:2f:53:a6:9a:f3:d1:70:26:c5:ba:e2: 42:0c:80:19:5f:5a:8a:a1:23:1a:18:68:a9:c0:eb:2b:16:55: 5c:55:17:44:9c:20:7c:96:5d:b6:81:ea:58:d5:3e:42:f4:81: ea:16:5c:6a:69:7b:e5:77:d8:e1:bc:22:2f:b0:c1:c3:71:68: 9d:e2:7d:0a:a5:d6:e7:19:79:34:d0:d5:46:e8:c5:93:ea:e8: 8d:50:8f:18:d2:09:b3:36:6b:a9:07:59:df:87:d4:a5:14:ff: 2a:58:eb:2a:07:05:2b:74:f6:a8:5f:79:b3:95:5d:dc:31:92: 06:a3:fc:2a:8f:4f:fd:c7:b9:32:3e:ba:a1:74:4f:89:f0:18: 08:00:0c:53:51:19:d6:98:25:82:9e:05:07:93:d5:a5:fa:65: 0f:81:0a:b1:ca:2b:e1:5f:a9:ea:43:ad:a0:ef:8a:f9:3a:0b: 87:80:88:55:28:63:15:8e:8c:fd:fe:9b:e5:4d:7a:d6:e9:c6: 56:4c:1f:fa:50:d0:80:b5:5e:0d:a8:26:7d:c6:63:89:de:98: 9e:e5:20:5b:a6:f5:4f:3a:7c:0f:9b:c7:d4:9d:1d:0f:9c:c6: 38:eb:47:ad:09:b2:a3:ff:64:30:2d:c6:a5:7d:54:6e:43:cd: c9:11:d1:16 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUDYzLPt/fQRac6Mzs6LVUKhZ1lMYwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjhaFw0yNjEyMjgwOTUwMjhaMDMxMTAvBgNV BAMTKDcyNzFGMzVDNTJFNUQ5NUUwQ0YzOUM1MEI0RjM5RTg5RUU4QzYzNkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRI5K/xkgKTgGIkhE+0kOaoVWT dX+VoogCArCB2ujkSTG3HHH2TGvYm8qyBQE5FSMMv9VRpioMnblWl9yLfVah2rhD gRAY4sPPr1otu3HESl4g3rmwGGruDW9iNYx75Qfg8dL3QK4aTtmsflZCZlR2AKg9 2D8sv/LO9pkC/rhP4bjlDnR5vtYSBtqbqJGvTbyesqCiSIYm8+iVA2/Ost+D97yU Ik0a3JM2vFqVP64LTyjEpKDaFOZlSiz1wPrG+tiddDUBPAzNLOLFqeV0iYygb+yf tKJ4r3186jmvK9uK+XSZYR15fkH13PuE910RWyMyEkxcXJTHC1tztXVJYsfNAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUcnHzXFLl2V4M85xQtPOeie6MY2owHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzQzNTJlMzkzMTJlMzEzNzM2 MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC LVuwMA0GCSqGSIb3DQEBCwUAA4IBAQCuRiAfV394L1OmmvPRcCbFuuJCDIAZX1qK oSMaGGipwOsrFlVcVRdEnCB8ll22gepY1T5C9IHqFlxqaXvld9jhvCIvsMHDcWid 4n0KpdbnGXk00NVG6MWT6uiNUI8Y0gmzNmupB1nfh9SlFP8qWOsqBwUrdPaoX3mz lV3cMZIGo/wqj0/9x7kyPrqhdE+J8BgIAAxTURnWmCWCngUHk9Wl+mUPgQqxyivh X6nqQ62g74r5OguHgIhVKGMVjoz9/pvlTXrW6cZWTB/6UNCAtV4NqCZ9xmOJ3pie 5SBbpvVPOnwPm8fUnR0PnMY460etCbKj/2QwLcalfVRuQ83JEdEW -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:53 2026 by rpki-client