This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33322e302f32342d3234203d3e20313431303339.roa File: 352e3138322e33322e302f32342d3234203d3e20313431303339.roa (raw, json) Hash identifier: 0nkBCbkyxeTAQP8PU5epIt3yqYIcK17JkLsuVEmCmjg= Subject key identifier: D0:C4:A3:AB:CF:8A:21:A5:44:4E:B9:B4:F3:45:2E:9A:5A:3D:44:7C Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 2A1B84CB9651F07198375E92C84EE6237E224C5A Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33322e302f32342d3234203d3e20313431303339.roa Signing time: Mon 29 Dec 2025 09:50:29 +0000 ROA not before: Mon 29 Dec 2025 09:45:29 +0000 ROA not after: Mon 28 Dec 2026 09:50:29 +0000 asID: 141039 IP address blocks: 5.182.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2a:1b:84:cb:96:51:f0:71:98:37:5e:92:c8:4e:e6:23:7e:22:4c:5a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:29 2025 GMT Not After : Dec 28 09:50:29 2026 GMT Subject: CN=D0C4A3ABCF8A21A5444EB9B4F3452E9A5A3D447C Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:e1:b2:8d:80:9b:90:68:41:17:3f:a8:12:ea: 01:b8:0c:2e:78:1b:e6:6d:9f:1d:96:93:d3:20:4e: c8:ea:97:ea:08:ba:a8:8c:a9:b4:a2:c3:d5:f9:02: b2:9f:d5:0f:c4:f1:29:b1:f0:95:fc:fb:24:1c:6b: e1:e2:cc:d1:c7:ca:1c:9c:38:d5:00:e4:16:06:7e: 10:46:9b:84:e8:d8:97:c3:78:3a:71:84:28:53:5f: 94:5a:a8:20:43:9d:6b:59:2f:1a:03:9e:31:22:db: d7:dc:c1:da:02:d9:c6:32:63:3e:e8:1a:b7:e5:84: 91:6e:23:52:8e:f4:8d:02:49:af:11:25:97:22:4c: b1:a8:12:b9:5b:da:d6:1d:25:b8:a6:f6:51:71:3a: ac:03:27:76:7a:db:77:c6:9a:3b:66:50:0b:2a:c9: 8e:21:c2:9e:6a:3c:fe:71:95:5c:4a:ed:00:31:8f: 68:20:ec:69:24:15:dd:cf:e8:40:02:33:40:a7:67: f5:4c:db:6c:f3:a9:ee:39:3c:4a:a0:ad:78:96:fa: 24:dc:a1:85:9b:78:7a:21:4e:37:59:41:09:28:77: 7c:96:3d:40:c6:32:d6:9c:63:18:15:a9:3f:9f:69: 18:16:33:01:cd:f4:43:1d:bd:a3:ba:36:ba:e0:b5: 6c:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:C4:A3:AB:CF:8A:21:A5:44:4E:B9:B4:F3:45:2E:9A:5A:3D:44:7C X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3138322e33322e302f32342d3234203d3e20313431303339.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.182.32.0/24 Signature Algorithm: sha256WithRSAEncryption 3a:1a:f4:1b:1f:86:81:7e:4d:18:61:aa:dd:8a:ac:e4:fa:26: ae:86:99:04:29:d3:78:4a:84:b9:fb:ba:3e:95:0e:da:fb:32: a9:72:73:58:00:f6:f2:fb:b9:9b:01:4b:3a:32:0b:77:bd:0a: 96:ff:4a:f1:24:10:ee:93:48:54:82:b9:8b:4c:09:dd:9c:ea: 99:96:75:66:41:fc:a8:7d:11:0a:0b:6d:af:14:93:4e:f8:0f: 6a:a2:a1:3f:ed:64:94:9e:ba:6b:28:73:bf:23:0c:02:bc:41: d4:1e:e1:23:25:c5:dc:07:3f:ef:19:3c:4e:e6:89:d3:1c:af: df:dd:ab:05:86:9f:34:3c:ae:b7:59:7f:d3:7c:40:df:65:53: 42:56:9e:fa:82:9f:73:97:90:43:11:ab:ba:69:05:a3:e3:4a: 7c:00:d3:b3:a4:a6:56:59:74:23:0e:95:e9:2b:9a:a8:58:a0: e8:43:c6:19:9e:c8:d4:02:04:53:f6:91:75:f6:c0:7a:0a:00: fb:2c:1c:15:ce:87:21:8b:9e:f0:b9:d8:b3:be:b8:83:a4:e0: 39:82:1b:08:4c:1a:a1:49:87:55:d4:06:76:51:f9:26:ed:62: d5:32:4a:90:4f:cd:a7:d0:1c:dd:4c:21:be:9c:68:8e:6c:b8: af:5b:64:6c -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUKhuEy5ZR8HGYN16SyE7mI34iTFowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjlaFw0yNjEyMjgwOTUwMjlaMDMxMTAvBgNV BAMTKEQwQzRBM0FCQ0Y4QTIxQTU0NDRFQjlCNEYzNDUyRTlBNUEzRDQ0N0MwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/4bKNgJuQaEEXP6gS6gG4DC54 G+Ztnx2Wk9MgTsjql+oIuqiMqbSiw9X5ArKf1Q/E8Smx8JX8+yQca+HizNHHyhyc ONUA5BYGfhBGm4To2JfDeDpxhChTX5RaqCBDnWtZLxoDnjEi29fcwdoC2cYyYz7o GrflhJFuI1KO9I0CSa8RJZciTLGoErlb2tYdJbim9lFxOqwDJ3Z623fGmjtmUAsq yY4hwp5qPP5xlVxK7QAxj2gg7GkkFd3P6EACM0CnZ/VM22zzqe45PEqgrXiW+iTc oYWbeHohTjdZQQkod3yWPUDGMtacYxgVqT+faRgWMwHN9EMdvaO6NrrgtWyJAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQU0MSjq8+KIaVETrm080Uumlo9RHwwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMxMzgzMjJlMzMzMjJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzMTMwMzMzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAAW2 IDANBgkqhkiG9w0BAQsFAAOCAQEAOhr0Gx+GgX5NGGGq3Yqs5PomroaZBCnTeEqE ufu6PpUO2vsyqXJzWAD28vu5mwFLOjILd70Klv9K8SQQ7pNIVIK5i0wJ3ZzqmZZ1 ZkH8qH0RCgttrxSTTvgPaqKhP+1klJ66ayhzvyMMArxB1B7hIyXF3Ac/7xk8TuaJ 0xyv392rBYafNDyut1l/03xA32VTQlae+oKfc5eQQxGrumkFo+NKfADTs6SmVll0 Iw6V6SuaqFig6EPGGZ7I1AIEU/aRdfbAegoA+ywcFc6HIYue8LnYs764g6TgOYIb CEwaoUmHVdQGdlH5Ju1i1TJKkE/Np9Ac3Uwhvpxojmy4r1tkbA== -----END CERTIFICATE-----Generated at Mon Jan 19 20:02:25 2026 by rpki-client