This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38312e31362e32382e302f32322d3234203d3e203437353833.roa File: 38312e31362e32382e302f32322d3234203d3e203437353833.roa (raw, json) Hash identifier: s1bPGyIfvwyboUNzFjw34+qmPs1c3UuGRd4LDmKnAGU= Subject key identifier: D3:EC:96:C6:6C:3F:4E:AA:DB:6B:3F:42:62:73:26:41:3C:F1:61:60 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 44BDE7C674C9297E1464BABF5F9C3B62D6965C24 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38312e31362e32382e302f32322d3234203d3e203437353833.roa Signing time: Mon 29 Dec 2025 09:50:29 +0000 ROA not before: Mon 29 Dec 2025 09:45:29 +0000 ROA not after: Mon 28 Dec 2026 09:50:29 +0000 asID: 47583 IP address blocks: 81.16.28.0/22 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 44:bd:e7:c6:74:c9:29:7e:14:64:ba:bf:5f:9c:3b:62:d6:96:5c:24 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:29 2025 GMT Not After : Dec 28 09:50:29 2026 GMT Subject: CN=D3EC96C66C3F4EAADB6B3F42627326413CF16160 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:3f:a6:94:b7:43:69:2b:0c:c8:91:0b:9c:4a: 45:5b:4c:1e:42:62:b5:0a:36:bf:9b:b4:9e:d9:11: f0:e3:2a:f0:bc:81:78:41:a9:74:71:f2:c2:c5:e2: fc:d0:7d:ac:ae:f2:ed:89:fd:3a:c7:ea:01:ff:12: a5:c4:80:e7:6f:f5:f4:e3:2d:87:96:0e:38:63:fa: 56:59:11:8a:9a:1f:1c:27:70:6c:88:b7:c2:e6:b4: c1:8b:a1:2f:46:7d:ab:6e:5d:2c:a3:7c:83:51:f7: 22:d0:ee:11:bd:59:54:76:75:71:5f:16:c7:47:e3: 29:33:32:6d:34:b8:97:0f:e6:66:89:04:e7:2d:20: 7a:a9:be:ce:b1:66:2a:21:10:a2:da:a9:2f:d5:f6: 01:f7:63:c3:e8:97:e8:3e:7e:ca:55:a9:dd:68:76: d8:53:f9:55:c8:1f:13:30:39:a7:a9:3d:6f:58:9d: 50:d6:37:fa:a3:5c:ee:9b:6c:98:b7:4d:c8:fe:b7: 72:13:90:1f:3b:9e:60:22:9c:52:90:df:c6:28:08: c2:b3:a3:1e:d5:dd:af:8f:52:77:22:ff:f4:11:fd: a0:ab:b6:9d:66:25:2e:c2:f7:19:62:f7:ab:6e:be: f3:5a:70:95:35:4e:65:ea:fd:a9:f0:03:e7:39:05: 74:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:EC:96:C6:6C:3F:4E:AA:DB:6B:3F:42:62:73:26:41:3C:F1:61:60 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38312e31362e32382e302f32322d3234203d3e203437353833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.16.28.0/22 Signature Algorithm: sha256WithRSAEncryption 85:4b:82:8f:be:b0:91:67:a8:f1:33:5c:c4:f1:19:8c:e8:62: 3e:da:b4:7d:09:51:1b:a2:5e:d0:61:62:ca:a9:a0:38:c9:ac: 4e:4f:be:03:d7:31:d1:e0:c4:4d:70:c1:17:76:63:11:12:75: 81:da:e4:7c:72:7a:2e:bf:63:66:73:c0:71:4c:35:da:50:b0: 9b:f4:f9:05:49:21:d8:d4:cd:4c:11:cc:00:cd:23:8b:a8:06: 74:7b:8c:6f:ff:ff:01:a9:d9:7b:f3:88:ac:20:04:b4:f7:2c: 25:7b:a1:99:e3:a0:2d:28:63:18:64:05:06:97:b4:cf:64:23: 07:f6:b8:7c:78:b8:77:53:2e:a0:86:e6:d5:4b:b5:00:8b:ca: ff:c3:b1:66:6d:fb:c4:64:64:60:76:7d:e2:1f:2c:56:37:da: 27:13:15:3c:19:e9:12:7a:b2:7c:44:32:9b:44:c9:c4:3a:73: 99:92:8d:79:db:4a:c4:1e:fe:55:66:1c:c7:5e:dd:70:8c:99: a2:ce:c5:ad:02:21:9d:5f:20:19:79:fb:07:f3:70:44:b8:70: f5:21:8f:b3:66:a6:a5:23:66:d1:99:3e:e0:4a:75:cc:a0:38: 0d:ff:51:57:28:3b:4d:53:9d:69:0d:0c:ab:a7:92:be:be:90: 52:e8:79:b5 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIURL3nxnTJKX4UZLq/X5w7YtaWXCQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjlaFw0yNjEyMjgwOTUwMjlaMDMxMTAvBgNV BAMTKEQzRUM5NkM2NkMzRjRFQUFEQjZCM0Y0MjYyNzMyNjQxM0NGMTYxNjAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrP6aUt0NpKwzIkQucSkVbTB5C YrUKNr+btJ7ZEfDjKvC8gXhBqXRx8sLF4vzQfayu8u2J/TrH6gH/EqXEgOdv9fTj LYeWDjhj+lZZEYqaHxwncGyIt8LmtMGLoS9GfatuXSyjfINR9yLQ7hG9WVR2dXFf FsdH4ykzMm00uJcP5maJBOctIHqpvs6xZiohEKLaqS/V9gH3Y8Pol+g+fspVqd1o dthT+VXIHxMwOaepPW9YnVDWN/qjXO6bbJi3Tcj+t3ITkB87nmAinFKQ38YoCMKz ox7V3a+PUnci//QR/aCrtp1mJS7C9xli96tuvvNacJU1TmXq/anwA+c5BXTPAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQU0+yWxmw/Tqrbaz9CYnMmQTzxYWAwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzgzMTJlMzEzNjJlMzIzODJl MzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM0MzczNTM4MzMucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJREBww DQYJKoZIhvcNAQELBQADggEBAIVLgo++sJFnqPEzXMTxGYzoYj7atH0JURuiXtBh YsqpoDjJrE5PvgPXMdHgxE1wwRd2YxESdYHa5Hxyei6/Y2ZzwHFMNdpQsJv0+QVJ IdjUzUwRzADNI4uoBnR7jG///wGp2XvziKwgBLT3LCV7oZnjoC0oYxhkBQaXtM9k Iwf2uHx4uHdTLqCG5tVLtQCLyv/DsWZt+8RkZGB2feIfLFY32icTFTwZ6RJ6snxE MptEycQ6c5mSjXnbSsQe/lVmHMde3XCMmaLOxa0CIZ1fIBl5+wfzcES4cPUhj7Nm pqUjZtGZPuBKdcygOA3/UVcoO01TnWkNDKunkr6+kFLoebU= -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:57 2026 by rpki-client