This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa File: 3138352e3233352e33322e302f32342d3234203d3e203230343733.roa (raw, json) Hash identifier: r6jCJznmt6Z46RBe4algzpkt+z/nxQ11nEJhXbErnx0= Subject key identifier: 28:FB:19:8D:2C:40:22:65:82:54:91:29:4B:66:48:56:65:23:8A:30 Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 4222771F097276BD5A7BB9BF069CF3FDDAEFDC4A Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa Signing time: Sat 13 Dec 2025 09:11:32 +0000 ROA not before: Sat 13 Dec 2025 09:06:32 +0000 ROA not after: Sat 12 Dec 2026 09:11:32 +0000 asID: 20473 IP address blocks: 185.235.32.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 17:37:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42:22:77:1f:09:72:76:bd:5a:7b:b9:bf:06:9c:f3:fd:da:ef:dc:4a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 13 09:06:32 2025 GMT Not After : Dec 12 09:11:32 2026 GMT Subject: CN=28FB198D2C402265825491294B66485665238A30 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:4e:9a:73:84:d1:f6:5c:90:70:8b:92:80:2b: 77:b4:20:26:44:ae:1d:fa:9e:51:f7:76:7c:57:d6: 19:19:d8:7c:c5:05:55:43:6f:4a:26:29:2e:1c:01: f3:f3:d2:db:fe:d1:2e:0f:26:68:53:ef:b9:8f:ad: 8b:7f:87:93:6b:4c:c8:49:12:a6:df:db:d2:d3:56: 0f:0c:5c:39:3e:a9:56:80:da:30:95:e0:09:e9:dc: 4c:e4:31:54:e9:d7:c1:a6:d4:5a:02:fb:32:d4:ea: d9:b3:a0:3b:0d:ba:fc:83:93:be:29:30:2f:dd:9f: b1:0b:40:a0:f5:8b:86:68:93:61:e0:a1:f8:ab:24: 6d:af:7f:f4:e2:4e:a6:57:b4:e5:72:46:7e:30:ec: 04:67:70:d5:98:ad:9e:d3:b1:00:d0:57:61:83:f1: aa:7c:e8:ba:22:a0:94:c0:ac:94:9f:79:3c:2f:51: 0b:d7:d2:60:5c:a7:52:d0:27:2b:a2:e1:f3:8b:43: 90:89:46:df:54:06:9e:da:69:e8:cd:85:ee:42:e4: 80:c1:ad:d7:ba:d4:80:98:96:5c:08:1e:8f:e5:14: d7:a8:62:7f:d3:62:2e:c4:61:0d:71:ba:a7:ac:44: 81:0e:72:35:a4:6c:c1:ef:15:b6:1d:64:c1:a8:21: cd:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:FB:19:8D:2C:40:22:65:82:54:91:29:4B:66:48:56:65:23:8A:30 X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/3138352e3233352e33322e302f32342d3234203d3e203230343733.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.235.32.0/24 Signature Algorithm: sha256WithRSAEncryption 5d:10:c7:84:18:4f:fc:a1:f4:97:81:a1:bc:cf:21:c9:63:54: 02:c9:a5:aa:90:23:8e:79:04:be:42:2d:c5:f1:1b:5e:f0:c7: 04:ac:57:31:11:84:6e:d6:b1:b2:15:1e:34:77:00:63:25:e8: e0:11:29:82:3c:91:b5:f4:4e:9d:12:34:9a:80:e2:f1:e7:a2: db:23:a5:e6:3c:bb:17:27:aa:de:82:74:b3:35:07:13:85:83: a0:f8:0c:bf:14:88:6c:4e:ae:99:5e:32:99:c5:30:a7:de:ab: d6:ff:e5:f6:cf:e8:9a:cc:97:9d:f0:b3:c2:74:41:2b:a3:ff: 26:c2:0a:33:02:1e:75:a0:ac:3b:6e:4b:df:28:d8:04:1e:53: cc:3e:04:42:e5:55:4e:48:8f:a8:23:c6:46:2e:4c:99:41:3f: bd:58:d3:2a:fb:b4:69:a8:a4:0f:1f:4d:d3:d8:32:e4:bb:d5: 30:95:0a:74:e8:49:6d:0c:e7:d7:f8:b5:54:3c:39:b7:f5:3e: eb:7c:83:1d:27:a8:b2:05:6b:56:59:e2:40:20:00:6b:5b:2c: d8:1e:46:19:f2:ae:20:d8:04:0b:5f:36:72:b4:30:7b:f6:6f: 6e:39:25:f4:7a:fb:ca:58:a1:cc:13:97:56:d4:76:f4:d1:7c: 30:2d:68:28 -----BEGIN CERTIFICATE----- MIIFMzCCBBugAwIBAgIUQiJ3Hwlydr1ae7m/Bpzz/drv3EowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTMwOTA2MzJaFw0yNjEyMTIwOTExMzJaMDMxMTAvBgNV BAMTKDI4RkIxOThEMkM0MDIyNjU4MjU0OTEyOTRCNjY0ODU2NjUyMzhBMzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDiTppzhNH2XJBwi5KAK3e0ICZE rh36nlH3dnxX1hkZ2HzFBVVDb0omKS4cAfPz0tv+0S4PJmhT77mPrYt/h5NrTMhJ Eqbf29LTVg8MXDk+qVaA2jCV4Anp3EzkMVTp18Gm1FoC+zLU6tmzoDsNuvyDk74p MC/dn7ELQKD1i4Zok2HgofirJG2vf/TiTqZXtOVyRn4w7ARncNWYrZ7TsQDQV2GD 8ap86LoioJTArJSfeTwvUQvX0mBcp1LQJyui4fOLQ5CJRt9UBp7aaejNhe5C5IDB rde61ICYllwIHo/lFNeoYn/TYi7EYQ1xuqesRIEOcjWkbMHvFbYdZMGoIc3XAgMB AAGjggI9MIICOTAdBgNVHQ4EFgQUKPsZjSxAImWCVJEpS2ZIVmUjijAwHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzEzODM1MmUzMjMzMzUyZTMz MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzQzNzMzLnJvYTAYBgNVHSAB Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA uesgMA0GCSqGSIb3DQEBCwUAA4IBAQBdEMeEGE/8ofSXgaG8zyHJY1QCyaWqkCOO eQS+Qi3F8Rte8McErFcxEYRu1rGyFR40dwBjJejgESmCPJG19E6dEjSagOLx56Lb I6XmPLsXJ6regnSzNQcThYOg+Ay/FIhsTq6ZXjKZxTCn3qvW/+X2z+iazJed8LPC dEEro/8mwgozAh51oKw7bkvfKNgEHlPMPgRC5VVOSI+oI8ZGLkyZQT+9WNMq+7Rp qKQPH03T2DLku9UwlQp06EltDOfX+LVUPDm39T7rfIMdJ6iyBWtWWeJAIABrWyzY HkYZ8q4g2AQLXzZytDB79m9uOSX0evvKWKHME5dW1Hb00XwwLWgo -----END CERTIFICATE-----Generated at Tue Dec 16 05:18:38 2025 by rpki-client