This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa File: 38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa (raw, json) Hash identifier: yEc9zu3nnGGtPFzTvd3ItUV/wosM99Wr7KOwxg7gY8g= Subject key identifier: EA:7D:E4:DF:1D:EF:CD:AC:55:CC:99:F1:1D:AB:FE:DC:9C:85:48:C7 Certificate issuer: /CN=088469d1a33085ff88b3e599d223ca74c2313a3a Certificate serial: 5BD929D200060D5D0C73C855258F6C0F716F0602 Authority key identifier: 08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa Signing time: Mon 29 Dec 2025 09:50:28 +0000 ROA not before: Mon 29 Dec 2025 09:45:28 +0000 ROA not after: Mon 28 Dec 2026 09:50:28 +0000 asID: 203061 IP address blocks: 85.202.204.0/22 maxlen: 22 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.mft rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5b:d9:29:d2:00:06:0d:5d:0c:73:c8:55:25:8f:6c:0f:71:6f:06:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=088469d1a33085ff88b3e599d223ca74c2313a3a Validity Not Before: Dec 29 09:45:28 2025 GMT Not After : Dec 28 09:50:28 2026 GMT Subject: CN=EA7DE4DF1DEFCDAC55CC99F11DABFEDC9C8548C7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:34:44:21:a9:1c:b4:c4:2b:a6:98:6a:5f:f6: 7a:6b:8b:f1:4c:fc:b1:3f:1e:67:fc:16:10:d7:8e: a5:94:f9:03:9d:ba:f4:b3:42:7f:ab:bc:d0:a2:e6: 08:48:f5:98:b6:40:2a:f5:db:56:6c:4e:66:da:3f: 20:56:67:6b:f9:e5:da:d1:d4:05:d5:be:69:65:4c: b7:57:ad:10:3f:9b:3d:5d:48:be:1d:6f:89:bd:69: 59:8e:31:59:d2:f5:aa:67:bf:2d:bb:dd:4c:04:27: 94:e2:6f:2e:64:27:fc:61:a6:1f:ad:43:1d:7e:08: e4:d7:79:06:fc:70:48:54:59:9a:95:6f:b3:ce:c5: b3:d4:38:5d:78:2d:a0:73:46:8c:4b:7a:e3:75:f0: 41:f8:b7:cc:61:1c:19:01:fc:4b:56:97:2a:e9:92: 49:de:35:88:aa:c8:2f:9f:95:be:6a:aa:e9:ab:17: fe:83:07:6c:b1:44:4f:f0:a8:1b:1e:45:f3:d3:9d: 98:60:ae:1e:1c:fe:3b:86:28:5c:58:60:5e:35:cc: f9:0a:f6:ec:7f:aa:18:02:91:ce:ea:a7:c5:e3:04: af:64:67:d4:4e:f5:98:ea:e4:49:92:cd:df:9b:65: e6:0d:2b:64:f4:1a:82:2e:50:e9:3a:57:ec:f6:38: e5:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:7D:E4:DF:1D:EF:CD:AC:55:CC:99:F1:1D:AB:FE:DC:9C:85:48:C7 X509v3 Authority Key Identifier: keyid:08:84:69:D1:A3:30:85:FF:88:B3:E5:99:D2:23:CA:74:C2:31:3A:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/088469D1A33085FF88B3E599D223CA74C2313A3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CIRp0aMwhf-Is-WZ0iPKdMIxOjo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/5/38352e3230322e3230342e302f32322d3232203d3e20323033303631.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.202.204.0/22 Signature Algorithm: sha256WithRSAEncryption 56:69:70:7c:95:61:0e:cb:6b:7b:c0:64:28:d0:08:f3:ce:dc: 1a:e6:26:95:55:2e:4a:b0:26:aa:e9:eb:cf:f9:3a:36:87:3d: df:a9:b0:46:c8:11:49:8a:97:43:60:7f:73:e0:75:5d:67:35: 7a:bc:16:26:70:ea:b8:4f:66:1e:ac:64:1a:24:7c:8b:78:53: c0:6f:46:a1:2c:b1:c8:cf:c1:20:ce:bb:0f:d3:12:63:2b:76: 91:70:6f:e4:23:6a:d5:81:c5:59:a1:5c:ee:57:30:f8:a4:49: 29:37:f3:22:06:e1:1e:90:38:f8:71:b7:41:94:2f:0a:be:d7: b0:0c:6b:17:9d:f0:1d:77:24:8c:b8:e5:ea:0f:a2:69:af:ae: f5:9c:29:ef:f9:ff:e9:16:fc:81:b6:b3:42:3d:72:0d:36:9c: 8e:f1:1c:20:36:24:f5:56:7d:80:2e:fc:3f:32:ff:7d:5c:91: 09:b6:e8:1f:33:4f:1b:e4:4e:19:eb:c1:5b:21:e0:97:bf:8e: 0d:19:34:a0:53:f2:a6:9c:6d:f0:83:73:4d:71:ac:61:27:99: 47:50:18:fc:57:59:b3:e1:31:6c:67:39:ee:34:63:36:93:d8: 00:a2:29:9c:3f:cb:7d:9f:62:49:33:bd:d3:2f:c6:d1:b1:e4: 29:40:6f:05 -----BEGIN CERTIFICATE----- MIIFNTCCBB2gAwIBAgIUW9kp0gAGDV0Mc8hVJY9sD3FvBgIwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDg4NDY5ZDFhMzMwODVmZjg4YjNlNTk5ZDIyM2NhNzRj MjMxM2EzYTAeFw0yNTEyMjkwOTQ1MjhaFw0yNjEyMjgwOTUwMjhaMDMxMTAvBgNV BAMTKEVBN0RFNERGMURFRkNEQUM1NUNDOTlGMTFEQUJGRURDOUM4NTQ4QzcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgNEQhqRy0xCummGpf9npri/FM /LE/Hmf8FhDXjqWU+QOduvSzQn+rvNCi5ghI9Zi2QCr121ZsTmbaPyBWZ2v55drR 1AXVvmllTLdXrRA/mz1dSL4db4m9aVmOMVnS9apnvy273UwEJ5Tiby5kJ/xhph+t Qx1+COTXeQb8cEhUWZqVb7POxbPUOF14LaBzRoxLeuN18EH4t8xhHBkB/EtWlyrp kkneNYiqyC+flb5qqumrF/6DB2yxRE/wqBseRfPTnZhgrh4c/juGKFxYYF41zPkK 9ux/qhgCkc7qp8XjBK9kZ9RO9Zjq5EmSzd+bZeYNK2T0GoIuUOk6V+z2OOWDAgMB AAGjggI/MIICOzAdBgNVHQ4EFgQU6n3k3x3vzaxVzJnxHav+3JyFSMcwHwYDVR0j BBgwFoAUCIRp0aMwhf+Is+WZ0iPKdMIxOjowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzUvMDg4NDY5RDFBMzMwODVGRjg4QjNFNTk5RDIyM0NBNzRDMjMxM0EzQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NJUnAwYU13aGYtSXMtV1owaVBLZE1J eE9qby5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzUvMzgzNTJlMzIzMDMyMmUzMjMw MzQyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjMwMzMzMDM2MzEucm9hMBgGA1Ud IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD BAJVyswwDQYJKoZIhvcNAQELBQADggEBAFZpcHyVYQ7La3vAZCjQCPPO3BrmJpVV LkqwJqrp68/5OjaHPd+psEbIEUmKl0Ngf3PgdV1nNXq8FiZw6rhPZh6sZBokfIt4 U8BvRqEsscjPwSDOuw/TEmMrdpFwb+QjatWBxVmhXO5XMPikSSk38yIG4R6QOPhx t0GULwq+17AMaxed8B13JIy45eoPommvrvWcKe/5/+kW/IG2s0I9cg02nI7xHCA2 JPVWfYAu/D8y/31ckQm26B8zTxvkThnrwVsh4Je/jg0ZNKBT8qacbfCDc01xrGEn mUdQGPxXWbPhMWxnOe40YzaT2ACiKZw/y32fYkkzvdMvxtGx5ClAbwU= -----END CERTIFICATE-----Generated at Mon Jan 19 20:01:57 2026 by rpki-client