This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/323030313a3637383a313134633a3a2f34382d3438203d3e20323034353335.roa File: 323030313a3637383a313134633a3a2f34382d3438203d3e20323034353335.roa (raw, json) Hash identifier: 9p7lN4fPyJsdHWKsoNbq0ArF1KunMN6fkvMq7UIoE20= Subject key identifier: 20:1D:23:CE:90:A9:7A:EB:9B:4B:41:15:89:BF:27:2F:23:1F:2C:AC Certificate issuer: /CN=df083fc9c36ab37158ad80e5c84e76be97adc09f Certificate serial: 60ED1A30745823FBB04620ADC67B8AB8A91434EC Authority key identifier: DF:08:3F:C9:C3:6A:B3:71:58:AD:80:E5:C8:4E:76:BE:97:AD:C0:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3wg_ycNqs3FYrYDlyE52vpetwJ8.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/323030313a3637383a313134633a3a2f34382d3438203d3e20323034353335.roa Signing time: Fri 28 Nov 2025 03:06:17 +0000 ROA not before: Fri 28 Nov 2025 03:01:17 +0000 ROA not after: Fri 27 Nov 2026 03:06:17 +0000 asID: 204535 IP address blocks: 2001:678:114c::/48 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/DF083FC9C36AB37158AD80E5C84E76BE97ADC09F.crl rsync://rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/DF083FC9C36AB37158AD80E5C84E76BE97ADC09F.mft rsync://rpki.ripe.net/repository/DEFAULT/3wg_ycNqs3FYrYDlyE52vpetwJ8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60:ed:1a:30:74:58:23:fb:b0:46:20:ad:c6:7b:8a:b8:a9:14:34:ec Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df083fc9c36ab37158ad80e5c84e76be97adc09f Validity Not Before: Nov 28 03:01:17 2025 GMT Not After : Nov 27 03:06:17 2026 GMT Subject: CN=201D23CE90A97AEB9B4B411589BF272F231F2CAC Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:10:d1:e9:64:8e:7d:09:63:ad:77:f5:82:98: 81:d0:bb:e3:d2:83:fb:75:54:ba:ef:4e:4d:19:d4: ac:20:ed:bf:40:d9:7c:fe:c6:32:ea:a2:d3:cf:0d: 08:aa:c7:87:4c:ee:17:d9:5b:44:64:4c:f2:2b:3b: 0b:7a:8a:82:8d:e1:09:1b:1e:2f:6a:d6:b9:a2:04: d0:a8:a1:0c:4c:10:da:92:80:c3:2a:9f:9a:07:2e: 1b:f5:eb:a8:01:83:8e:ef:a5:dd:70:a5:ec:fb:27: 03:fb:49:68:3d:7f:a6:a0:0f:db:65:30:7e:89:21: fb:f8:4e:7f:e0:c3:79:53:35:4f:76:6b:08:e3:9d: 09:cb:f7:9c:28:10:fa:68:4c:d9:82:41:a8:c7:9a: fd:df:98:c4:65:1e:60:ca:0c:71:34:10:6c:00:8b: 50:10:30:98:79:f8:ea:23:2a:0f:54:74:47:08:d5: f3:cf:e9:96:a2:38:de:6d:ea:53:99:0e:e0:d9:fb: 47:fd:02:e2:31:61:54:fb:28:0f:91:17:33:f9:f5: ec:b8:c5:ab:29:13:7f:50:e2:c3:31:74:cf:55:d8: ea:5f:a0:8b:2b:05:7c:a0:d0:8d:4b:f1:30:4b:99: d8:c8:31:19:6d:e3:40:4f:97:16:24:f3:2d:ee:77: 7f:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:1D:23:CE:90:A9:7A:EB:9B:4B:41:15:89:BF:27:2F:23:1F:2C:AC X509v3 Authority Key Identifier: keyid:DF:08:3F:C9:C3:6A:B3:71:58:AD:80:E5:C8:4E:76:BE:97:AD:C0:9F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/DF083FC9C36AB37158AD80E5C84E76BE97ADC09F.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3wg_ycNqs3FYrYDlyE52vpetwJ8.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/9bb77c8a-2d69-4325-b4fa-603388c96bb3/0/323030313a3637383a313134633a3a2f34382d3438203d3e20323034353335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:114c::/48 Signature Algorithm: sha256WithRSAEncryption 07:07:77:38:51:c7:f3:a3:2e:56:46:20:d6:6c:2d:15:e9:cf: aa:bf:97:89:8d:e7:66:44:92:c2:89:4a:aa:36:32:2b:a8:d6: 7c:f5:79:7a:c0:f4:f1:65:77:98:ab:b1:7a:3a:86:c0:e3:21: ff:05:e8:e0:d9:e4:f6:89:68:32:59:78:11:78:bb:b0:6c:ae: 5f:48:45:99:6c:3b:c8:e4:77:ae:04:f3:b6:24:35:7a:a4:9d: 54:ec:e8:66:8c:e3:e2:40:06:52:60:5b:b6:62:e0:11:12:a4: 3d:7d:39:15:24:93:ac:81:0f:8c:fc:d1:db:e5:26:88:a3:02: ed:e1:06:f3:54:57:3e:0c:c7:aa:d9:13:78:23:7c:65:02:dd: c1:4a:c3:6b:8c:f8:df:38:df:eb:24:db:30:7c:5e:98:09:fb: b4:87:d9:fd:21:1a:9a:b9:b6:ef:1f:e6:0d:da:76:c1:52:71: 66:40:b7:b0:5b:cc:6b:31:9c:d1:e1:1c:0c:c1:24:63:65:50: 39:36:5a:91:ea:7d:50:22:9a:40:68:7e:e9:e1:08:2e:36:3f: 4b:ee:63:4e:fc:8a:a7:b9:a0:3e:3b:29:d9:0b:9c:31:3a:0a: ea:45:05:7b:59:12:cf:0a:d2:f9:03:39:50:78:af:ab:7a:65: f6:92:95:dd -----BEGIN CERTIFICATE----- MIIFPjCCBCagAwIBAgIUYO0aMHRYI/uwRiCtxnuKuKkUNOwwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZGYwODNmYzljMzZhYjM3MTU4YWQ4MGU1Yzg0ZTc2YmU5 N2FkYzA5ZjAeFw0yNTExMjgwMzAxMTdaFw0yNjExMjcwMzA2MTdaMDMxMTAvBgNV BAMTKDIwMUQyM0NFOTBBOTdBRUI5QjRCNDExNTg5QkYyNzJGMjMxRjJDQUMwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQENHpZI59CWOtd/WCmIHQu+PS g/t1VLrvTk0Z1Kwg7b9A2Xz+xjLqotPPDQiqx4dM7hfZW0RkTPIrOwt6ioKN4Qkb Hi9q1rmiBNCooQxMENqSgMMqn5oHLhv166gBg47vpd1wpez7JwP7SWg9f6agD9tl MH6JIfv4Tn/gw3lTNU92awjjnQnL95woEPpoTNmCQajHmv3fmMRlHmDKDHE0EGwA i1AQMJh5+OojKg9UdEcI1fPP6ZaiON5t6lOZDuDZ+0f9AuIxYVT7KA+RFzP59ey4 xaspE39Q4sMxdM9V2OpfoIsrBXyg0I1L8TBLmdjIMRlt40BPlxYk8y3ud39TAgMB AAGjggJIMIICRDAdBgNVHQ4EFgQUIB0jzpCpeuubS0EVib8nLyMfLKwwHwYDVR0j BBgwFoAU3wg/ycNqs3FYrYDlyE52vpetwJ8wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvOWJiNzdjOGEtMmQ2OS00MzI1LWI0ZmEtNjAzMzg4Yzk2 YmIzLzAvREYwODNGQzlDMzZBQjM3MTU4QUQ4MEU1Qzg0RTc2QkU5N0FEQzA5Ri5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzN3Z195Y05xczNGWXJZRGx5RTUydnBl dHdKOC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvOWJiNzdjOGEt MmQ2OS00MzI1LWI0ZmEtNjAzMzg4Yzk2YmIzLzAvMzIzMDMwMzEzYTM2MzczODNh MzEzMTM0NjMzYTNhMmYzNDM4MmQzNDM4MjAzZDNlMjAzMjMwMzQzNTMzMzUucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAgAQZ4EUwwDQYJKoZIhvcNAQELBQADggEBAAcHdzhRx/OjLlZGINZs LRXpz6q/l4mN52ZEksKJSqo2Miuo1nz1eXrA9PFld5irsXo6hsDjIf8F6ODZ5PaJ aDJZeBF4u7Bsrl9IRZlsO8jkd64E87YkNXqknVTs6GaM4+JABlJgW7Zi4BESpD19 ORUkk6yBD4z80dvlJoijAu3hBvNUVz4Mx6rZE3gjfGUC3cFKw2uM+N843+sk2zB8 XpgJ+7SH2f0hGpq5tu8f5g3adsFScWZAt7BbzGsxnNHhHAzBJGNlUDk2WpHqfVAi mkBofunhCC42P0vuY078iqe5oD47KdkLnDE6CupFBXtZEs8K0vkDOVB4r6t6ZfaS ld0= -----END CERTIFICATE-----Generated at Sat Dec 6 13:11:36 2025 by rpki-client