This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa File: 34352e38392e3134382e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: ki/pcyuH2oQnNxGewu9O7dVDAycqc8JTHvcXH18lbXw= Subject key identifier: A9:EB:20:19:54:B8:D0:BE:50:4B:45:E8:83:53:87:1E:E3:27:21:47 Certificate issuer: /CN=830e06419fc46a2802f6f03b71368ac7baaf64ce Certificate serial: 0F4E04DF87B8CC6571E2D58A18A5AE971941F5D1 Authority key identifier: 83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa Signing time: Thu 20 Nov 2025 02:46:08 +0000 ROA not before: Thu 20 Nov 2025 02:41:08 +0000 ROA not after: Thu 19 Nov 2026 02:46:08 +0000 asID: 834 IP address blocks: 45.89.148.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.mft rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 0f:4e:04:df:87:b8:cc:65:71:e2:d5:8a:18:a5:ae:97:19:41:f5:d1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=830e06419fc46a2802f6f03b71368ac7baaf64ce Validity Not Before: Nov 20 02:41:08 2025 GMT Not After : Nov 19 02:46:08 2026 GMT Subject: CN=A9EB201954B8D0BE504B45E88353871EE3272147 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:e0:2d:28:7c:87:06:21:d7:d4:56:e5:3d:17: e5:35:80:15:d0:bd:f6:0b:05:1c:09:2a:80:94:01: f2:f9:4f:cb:d9:a6:1b:07:7e:9f:2b:81:46:2c:d1: 9e:75:5f:c4:ce:d2:6e:c2:b0:50:92:a3:d3:47:db: 3d:ff:e5:8e:53:ea:57:14:a7:57:13:82:01:58:eb: ee:d8:48:a6:dd:5f:8a:ed:ee:6a:2c:bd:a1:60:57: 76:d4:f8:30:74:32:d8:1b:7f:5c:64:c0:a9:03:db: c3:5c:58:fd:ff:5d:4c:2d:4c:42:3d:f6:e1:f4:7d: e2:65:58:1c:d0:ed:0e:ac:1b:d4:a0:95:8a:c7:3d: 57:c7:43:e9:9a:31:be:9e:b0:c2:4e:c5:11:13:60: 99:95:82:24:b1:1c:7b:b1:6a:ab:6e:cf:9e:10:f8: c6:ca:77:37:99:cb:29:c3:a1:ab:d0:5e:df:37:b6: 35:25:fc:85:23:f8:a8:39:94:38:31:7c:96:b6:88: aa:0d:63:92:7c:cd:6c:19:70:2d:07:93:33:dd:cd: a8:df:25:65:34:49:df:0d:7e:00:2a:0d:5e:43:8f: 9f:6d:b5:2a:b7:a5:e9:36:31:88:6e:e9:71:2b:de: d5:44:7e:c1:0c:18:ae:ef:ab:12:af:6e:cf:96:9e: 67:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A9:EB:20:19:54:B8:D0:BE:50:4B:45:E8:83:53:87:1E:E3:27:21:47 X509v3 Authority Key Identifier: keyid:83:0E:06:41:9F:C4:6A:28:02:F6:F0:3B:71:36:8A:C7:BA:AF:64:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/830E06419FC46A2802F6F03B71368AC7BAAF64CE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gw4GQZ_EaigC9vA7cTaKx7qvZM4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/8e0d6a4d-ba67-4979-8d12-0ed4748fc86e/0/34352e38392e3134382e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.89.148.0/24 Signature Algorithm: sha256WithRSAEncryption 6d:6f:e4:a2:af:8c:6a:0c:f5:e5:ad:26:b1:4e:0d:a1:bb:b6: 69:59:33:f3:6a:ae:bc:0c:76:69:01:10:48:55:02:37:09:e4: a5:bc:32:0f:a9:d0:42:29:07:a6:df:f1:9f:9d:a2:ce:4b:73: b8:89:2c:bf:7a:83:3b:5f:1f:7e:a0:42:ef:8c:bb:21:a6:d2: bd:bd:d2:a0:f2:d2:49:72:f9:9a:7d:26:cc:36:7f:c5:f9:1b: 85:57:ad:ba:17:04:62:17:19:77:b2:98:01:cf:95:4e:04:a0: 9b:68:0c:af:ec:30:e8:d3:5a:44:fc:f9:83:47:31:42:ef:11: 83:85:ff:59:6c:47:5e:c5:5a:60:27:2f:72:05:b7:13:c7:a4: 06:47:2e:ed:4d:8e:28:2d:0f:5b:78:cb:88:f6:fc:38:5d:2f: 65:77:e4:b7:18:32:f3:b7:3c:11:07:d3:88:4b:2c:a9:5b:1a: e2:33:da:54:8f:74:7e:83:2f:ef:b9:9e:8d:b7:33:d1:00:f1: 1f:a6:0e:29:34:52:e0:d2:1b:ae:33:58:9c:da:a1:3e:8c:a4: 60:d5:4c:90:5f:63:77:c0:08:5c:62:87:a0:ef:f1:57:a6:40: 87:45:93:ce:f6:8a:d2:d7:f9:d8:6d:bf:e9:7c:5b:75:23:53: d3:e2:94:68 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUD04E34e4zGVx4tWKGKWulxlB9dEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoODMwZTA2NDE5ZmM0NmEyODAyZjZmMDNiNzEzNjhhYzdi YWFmNjRjZTAeFw0yNTExMjAwMjQxMDhaFw0yNjExMTkwMjQ2MDhaMDMxMTAvBgNV BAMTKEE5RUIyMDE5NTRCOEQwQkU1MDRCNDVFODgzNTM4NzFFRTMyNzIxNDcwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCL4C0ofIcGIdfUVuU9F+U1gBXQ vfYLBRwJKoCUAfL5T8vZphsHfp8rgUYs0Z51X8TO0m7CsFCSo9NH2z3/5Y5T6lcU p1cTggFY6+7YSKbdX4rt7mosvaFgV3bU+DB0Mtgbf1xkwKkD28NcWP3/XUwtTEI9 9uH0feJlWBzQ7Q6sG9SglYrHPVfHQ+maMb6esMJOxRETYJmVgiSxHHuxaqtuz54Q +MbKdzeZyynDoavQXt83tjUl/IUj+Kg5lDgxfJa2iKoNY5J8zWwZcC0HkzPdzajf JWU0Sd8NfgAqDV5Dj59ttSq3pek2MYhu6XEr3tVEfsEMGK7vqxKvbs+WnmdNAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUqesgGVS40L5QS0Xog1OHHuMnIUcwHwYDVR0j BBgwFoAUgw4GQZ/EaigC9vA7cTaKx7qvZM4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQtYmE2Ny00OTc5LThkMTItMGVkNDc0OGZj ODZlLzAvODMwRTA2NDE5RkM0NkEyODAyRjZGMDNCNzEzNjhBQzdCQUFGNjRDRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2d3NEdRWl9FYWlnQzl2QTdjVGFLeDdx dlpNNC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOGUwZDZhNGQt YmE2Ny00OTc5LThkMTItMGVkNDc0OGZjODZlLzAvMzQzNTJlMzgzOTJlMzEzNDM4 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVmUMA0G CSqGSIb3DQEBCwUAA4IBAQBtb+Sir4xqDPXlrSaxTg2hu7ZpWTPzaq68DHZpARBI VQI3CeSlvDIPqdBCKQem3/GfnaLOS3O4iSy/eoM7Xx9+oELvjLshptK9vdKg8tJJ cvmafSbMNn/F+RuFV626FwRiFxl3spgBz5VOBKCbaAyv7DDo01pE/PmDRzFC7xGD hf9ZbEdexVpgJy9yBbcTx6QGRy7tTY4oLQ9beMuI9vw4XS9ld+S3GDLztzwRB9OI SyypWxriM9pUj3R+gy/vuZ6NtzPRAPEfpg4pNFLg0huuM1ic2qE+jKRg1UyQX2N3 wAhcYoeg7/FXpkCHRZPO9orS1/nYbb/pfFt1I1PT4pRo -----END CERTIFICATE-----Generated at Sun Dec 7 01:30:43 2025 by rpki-client