This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa File: AS398704.roa (raw, json) Hash identifier: 5dXaijK2m7udPi1Jii8o8k2MhLeRVgWr9Kn+OvAlHcU= Subject key identifier: 61:9A:56:FA:B5:FF:99:3D:A1:DA:AB:72:C3:D6:50:D6:E6:75:62:FA Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Certificate serial: 3C376715A3303A45F8D6FB7A77BD064D7D973EE0 Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa Signing time: Sat 17 Jan 2026 00:56:00 +0000 ROA not before: Sat 17 Jan 2026 00:51:00 +0000 ROA not after: Sat 16 Jan 2027 00:56:00 +0000 asID: 398704 IP address blocks: 191.101.39.0/24 maxlen: 24 191.101.63.0/24 maxlen: 24 191.101.144.0/24 maxlen: 24 191.101.206.0/24 maxlen: 24 191.101.238.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3c:37:67:15:a3:30:3a:45:f8:d6:fb:7a:77:bd:06:4d:7d:97:3e:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a Validity Not Before: Jan 17 00:51:00 2026 GMT Not After : Jan 16 00:56:00 2027 GMT Subject: CN=619A56FAB5FF993DA1DAAB72C3D650D6E67562FA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:96:01:56:74:20:18:da:dc:73:04:2a:79:36: 56:98:36:34:cd:76:9e:f9:a8:50:00:5a:1c:48:9a: be:56:8c:c1:d6:b5:2b:0d:d7:a4:4f:a0:e0:a0:a6: e1:27:0c:86:17:6c:b3:01:15:7b:f3:76:5c:b3:05: 88:fb:e8:54:b1:ce:91:26:84:0e:9f:e4:db:8d:b3: 39:d1:16:26:91:50:e7:55:f2:b5:dd:3d:c9:f0:aa: 4c:19:a3:c0:55:e0:08:03:f9:fb:e1:8f:12:e8:06: c7:b0:48:e9:d1:7b:a1:0c:6d:14:c5:5f:f4:cb:c2: 44:aa:ee:43:91:c1:bd:5d:ca:d1:e6:30:45:f0:15: db:ba:67:b4:8e:0f:e8:26:38:00:0c:97:40:81:d5: 1e:48:2f:34:11:fa:76:88:b0:aa:2c:c6:97:51:b1: bb:30:e7:27:3f:d7:67:46:ce:f6:86:03:f3:aa:f7: 06:33:b0:3a:51:ec:5d:cf:4b:db:58:fb:69:47:2f: 82:dc:1e:ea:d5:6f:8a:51:01:53:72:d8:a1:4f:3d: 20:69:e9:ef:41:00:c7:52:ca:b5:5c:da:5d:f9:4d: a9:e1:78:8a:a4:47:bd:1c:ba:34:e2:17:fc:fb:24: 4b:e9:e1:f1:ce:59:b9:64:66:81:59:7b:a3:15:f6: 19:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:9A:56:FA:B5:FF:99:3D:A1:DA:AB:72:C3:D6:50:D6:E6:75:62:FA X509v3 Authority Key Identifier: keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS398704.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 191.101.39.0/24 191.101.63.0/24 191.101.144.0/24 191.101.206.0/24 191.101.238.0/24 Signature Algorithm: sha256WithRSAEncryption 67:8c:c3:27:94:a6:d1:09:04:37:14:ce:fc:6c:7b:ba:e9:76: 1b:27:7f:ce:d4:40:90:a0:40:af:aa:ce:f5:3f:c6:c2:99:66: e9:50:ad:8a:e5:51:6a:79:38:ba:8f:9a:1f:6d:26:ac:a2:da: a6:88:77:29:99:6d:12:c2:77:c9:99:65:8b:a8:8e:d4:80:a5: 4b:f9:dc:e8:09:af:4d:23:7a:79:3d:a2:b8:4c:7d:7e:cb:fc: d6:a3:77:19:a9:4d:a1:3c:09:3f:f0:b9:29:a2:bf:50:91:e1: a5:5b:1c:be:0d:98:6c:32:e6:df:8a:81:ae:fa:fd:92:e0:77: 37:e0:2d:a7:32:d9:51:33:04:fd:b4:f5:d5:f3:13:58:2a:03: 0b:dc:a5:d4:e3:46:ff:f6:e5:cf:2d:4a:61:bb:5a:a2:8a:67: 9b:1e:46:72:03:d8:5b:39:95:22:93:39:65:0e:72:56:1d:66: ea:f6:6d:c6:6b:13:16:14:53:8c:66:bd:0e:70:01:58:b8:75: 1d:46:06:7f:de:db:3d:ee:06:1b:b9:52:80:70:46:24:e1:83: ea:54:87:d1:23:f7:bf:b2:d6:71:c3:82:7c:32:52:68:04:b0: 9c:b3:10:19:15:1d:58:48:82:4f:7d:dd:6d:ff:7a:8e:70:0d: 3f:90:96:3f -----BEGIN CERTIFICATE----- MIIFGDCCBACgAwIBAgIUPDdnFaMwOkX41vt6d70GTX2XPuAwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh NDFiYmEwYTAeFw0yNjAxMTcwMDUxMDBaFw0yNzAxMTYwMDU2MDBaMDMxMTAvBgNV BAMTKDYxOUE1NkZBQjVGRjk5M0RBMURBQUI3MkMzRDY1MEQ2RTY3NTYyRkEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMlgFWdCAY2txzBCp5NlaYNjTN dp75qFAAWhxImr5WjMHWtSsN16RPoOCgpuEnDIYXbLMBFXvzdlyzBYj76FSxzpEm hA6f5NuNsznRFiaRUOdV8rXdPcnwqkwZo8BV4AgD+fvhjxLoBsewSOnRe6EMbRTF X/TLwkSq7kORwb1dytHmMEXwFdu6Z7SOD+gmOAAMl0CB1R5ILzQR+naIsKosxpdR sbsw5yc/12dGzvaGA/Oq9wYzsDpR7F3PS9tY+2lHL4LcHurVb4pRAVNy2KFPPSBp 6e9BAMdSyrVc2l35TanheIqkR70cujTiF/z7JEvp4fHOWblkZoFZe6MV9hkbAgMB AAGjggIiMIICHjAdBgNVHQ4EFgQUYZpW+rX/mT2h2qtyw9ZQ1uZ1YvowHwYDVR0j BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR YnVnby5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMzk4NzA0LnJvYTAYBgNVHSABAf8E DjAMMAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAv2Un AwQAv2U/AwQAv2WQAwQAv2XOAwQAv2XuMA0GCSqGSIb3DQEBCwUAA4IBAQBnjMMn lKbRCQQ3FM78bHu66XYbJ3/O1ECQoECvqs71P8bCmWbpUK2K5VFqeTi6j5ofbSas otqmiHcpmW0SwnfJmWWLqI7UgKVL+dzoCa9NI3p5PaK4TH1+y/zWo3cZqU2hPAk/ 8Lkpor9QkeGlWxy+DZhsMubfioGu+v2S4Hc34C2nMtlRMwT9tPXV8xNYKgML3KXU 40b/9uXPLUphu1qiimebHkZyA9hbOZUikzllDnJWHWbq9m3GaxMWFFOMZr0OcAFY uHUdRgZ/3ts97gYbuVKAcEYk4YPqVIfRI/e/stZxw4J8MlJoBLCcsxAZFR1YSIJP fd1t/3qOcA0/kJY/ -----END CERTIFICATE-----Generated at Sun Jan 25 08:54:42 2026 by rpki-client