This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa File: 352e3235332e3233362e302f32322d3232203d3e20323033303631.roa (raw, json) Hash identifier: I1ku1GftBUBFOgHb/nP7Zc0uS8YbCgh87VbX7oB6ZZA= Subject key identifier: 5B:61:35:18:AD:9A:AE:0C:E3:1E:BF:6E:61:61:DE:FA:B6:57:E2:81 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 4FE2F08A45B683523E54D328344CBB94DB440944 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa Signing time: Mon 29 Dec 2025 09:50:25 +0000 ROA not before: Mon 29 Dec 2025 09:45:25 +0000 ROA not after: Mon 28 Dec 2026 09:50:25 +0000 asID: 203061 IP address blocks: 5.253.236.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4f:e2:f0:8a:45:b6:83:52:3e:54:d3:28:34:4c:bb:94:db:44:09:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:25 2025 GMT Not After : Dec 28 09:50:25 2026 GMT Subject: CN=5B613518AD9AAE0CE31EBF6E6161DEFAB657E281 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:fb:d8:2b:b4:7b:31:a3:32:f1:4e:be:92:40: fc:e5:85:16:89:6c:f0:e4:b4:dc:3c:b3:44:82:70: e5:2d:49:42:2f:97:92:f0:b1:7f:46:d3:f0:c1:8e: 8f:40:aa:f5:68:e7:ad:0a:33:b3:3a:8a:b0:2e:a6: 93:0d:c8:8a:ca:01:8c:77:2d:d3:82:60:47:3c:4f: 51:1d:11:b1:4f:39:ec:cc:a4:3b:c3:d8:80:b1:16: fb:87:5c:1d:f2:93:df:ed:ea:52:0e:8b:ce:f4:77: 3a:c3:28:60:9e:ab:4e:61:62:47:a5:28:76:6c:99: 54:11:e0:d1:ac:a7:32:3e:d8:44:cb:e0:8f:99:89: 39:b5:14:14:ea:02:f0:56:65:94:3a:69:1d:8e:95: 4c:c8:97:13:1b:17:8a:ca:f8:4d:14:9c:c5:b9:b8: 8b:14:fa:79:32:d8:9c:4d:97:17:c6:20:2a:14:ef: a2:e4:36:6b:3c:82:c8:b8:b7:bf:15:6b:ae:73:de: b9:71:85:38:41:47:d3:ea:ee:af:4d:24:39:a6:a5: a9:dd:31:09:27:18:24:85:a1:89:fe:59:72:05:78: 41:bc:80:b6:64:bc:4b:b2:9b:74:d7:06:53:fe:40: b0:c8:45:7f:a1:cc:8d:2f:9a:aa:06:62:22:0a:dc: 8f:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:61:35:18:AD:9A:AE:0C:E3:1E:BF:6E:61:61:DE:FA:B6:57:E2:81 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/352e3235332e3233362e302f32322d3232203d3e20323033303631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.253.236.0/22 Signature Algorithm: sha256WithRSAEncryption 5a:14:09:4c:9d:57:35:b0:a0:09:62:14:31:c9:ce:ce:1f:8c: 5b:5f:29:d3:e4:8c:09:66:82:95:df:c2:27:e3:79:09:23:7d: ee:b1:20:e6:e6:4f:6e:c8:0b:4a:e9:a7:5b:e6:42:33:07:00: 4a:2e:76:9d:69:f7:2c:c6:14:27:e8:a9:2b:ba:e3:07:1d:b6: 51:ef:3a:a6:dc:89:b3:2e:b5:78:f3:f1:4d:f4:4e:f2:b0:18: a9:cf:99:ac:f4:71:62:c2:ae:ea:e8:a0:5f:4e:04:ee:d7:ec: 88:71:00:4a:0c:7f:55:50:3b:d4:ed:f2:c9:50:64:16:2a:1f: 75:7c:81:af:a9:c7:5a:f3:85:0c:9c:61:cf:a1:36:ce:21:4f: b2:bf:64:b4:71:56:07:81:50:40:f8:c4:3c:3a:ed:f0:2c:87: 65:f4:d9:84:cd:aa:bc:10:05:d4:08:e7:b6:7d:3a:8a:62:bb: d8:c9:c0:61:88:df:0c:b2:e9:46:9f:e9:9b:25:ce:83:ad:45: c7:2a:8b:8e:fd:c0:b1:4b:b3:72:2c:05:26:e8:b0:7b:5d:73: 5d:c7:58:0b:a5:86:bb:6b:3c:90:e5:84:68:53:58:94:13:16: 49:da:c8:ea:46:c8:84:14:74:fd:52:aa:ae:1e:ae:6d:f0:34: cb:9f:fc:b7 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUT+LwikW2g1I+VNMoNEy7lNtECUQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjVaFw0yNjEyMjgwOTUwMjVaMDMxMTAvBgNV BAMTKDVCNjEzNTE4QUQ5QUFFMENFMzFFQkY2RTYxNjFERUZBQjY1N0UyODEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCs+9grtHsxozLxTr6SQPzlhRaJ bPDktNw8s0SCcOUtSUIvl5LwsX9G0/DBjo9AqvVo560KM7M6irAuppMNyIrKAYx3 LdOCYEc8T1EdEbFPOezMpDvD2ICxFvuHXB3yk9/t6lIOi870dzrDKGCeq05hYkel KHZsmVQR4NGspzI+2ETL4I+ZiTm1FBTqAvBWZZQ6aR2OlUzIlxMbF4rK+E0UnMW5 uIsU+nky2JxNlxfGICoU76LkNms8gsi4t78Va65z3rlxhThBR9Pq7q9NJDmmpand MQknGCSFoYn+WXIFeEG8gLZkvEuym3TXBlP+QLDIRX+hzI0vmqoGYiIK3I95AgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUW2E1GK2argzjHr9uYWHe+rZX4oEwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzUyZTMyMzUzMzJlMzIzMzM2 MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzMDMzMzAzNjMxLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC Bf3sMA0GCSqGSIb3DQEBCwUAA4IBAQBaFAlMnVc1sKAJYhQxyc7OH4xbXynT5IwJ ZoKV38In43kJI33usSDm5k9uyAtK6adb5kIzBwBKLnadafcsxhQn6KkruuMHHbZR 7zqm3ImzLrV48/FN9E7ysBipz5ms9HFiwq7q6KBfTgTu1+yIcQBKDH9VUDvU7fLJ UGQWKh91fIGvqcda84UMnGHPoTbOIU+yv2S0cVYHgVBA+MQ8Ou3wLIdl9NmEzaq8 EAXUCOe2fTqKYrvYycBhiN8MsulGn+mbJc6DrUXHKouO/cCxS7NyLAUm6LB7XXNd x1gLpYa7azyQ5YRoU1iUExZJ2sjqRsiEFHT9UqquHq5t8DTLn/y3 -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:57 2026 by rpki-client