This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa File: 38352e3135382e35392e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: OiqnDTSEZNlqI5M0u70UMgCRi6pfPnYWaH73fiUglSw= Subject key identifier: EA:A9:4D:10:B6:AA:B2:8F:AE:13:64:63:08:2C:1C:AE:11:64:B2:7E Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 456D5139A5E0076C6D3C3AF3175607866C230E58 Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa Signing time: Mon 15 Dec 2025 00:07:31 +0000 ROA not before: Mon 15 Dec 2025 00:02:31 +0000 ROA not after: Mon 14 Dec 2026 00:07:31 +0000 asID: 834 IP address blocks: 85.158.59.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 01:18:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 45:6d:51:39:a5:e0:07:6c:6d:3c:3a:f3:17:56:07:86:6c:23:0e:58 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 15 00:02:31 2025 GMT Not After : Dec 14 00:07:31 2026 GMT Subject: CN=EAA94D10B6AAB28FAE136463082C1CAE1164B27E Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:27:63:d8:37:d5:e9:f5:ea:22:4d:a9:b5:b5: 6a:1d:54:d4:c0:72:4f:55:51:e3:49:2d:61:5c:74: 85:78:89:34:97:04:a0:c3:1a:6e:b2:ff:3d:77:89: f1:d8:36:e8:75:49:55:9a:eb:2e:9d:76:6c:9a:19: 1a:ee:45:69:1b:fd:3e:e1:13:36:4e:e7:c7:7c:63: 86:4d:b6:26:14:df:10:ba:08:e8:ad:ab:f1:b7:7e: 76:06:b9:e5:4c:3f:0e:71:c4:30:2e:2c:0b:fc:d5: 7d:dd:f4:89:00:64:6a:d7:3e:74:aa:9c:da:f4:1f: ba:e0:e8:79:68:f0:ff:a4:05:a3:24:3f:23:22:87: 56:f8:a4:71:4b:fb:37:03:d3:1f:7d:b1:71:ce:64: ea:95:3d:63:3e:44:58:38:0b:02:48:2f:c2:51:c4: 1a:cb:ab:26:6f:88:32:16:9f:45:d9:55:8a:39:b9: 87:3a:f0:6f:e2:80:db:7b:85:21:a0:ec:29:43:ab: 93:05:e1:ff:06:a1:ec:4f:fb:f2:73:69:fb:28:ad: c1:d7:ff:8a:ee:0f:1e:ce:0b:4b:12:9b:7d:a7:a7: b4:d9:ee:e0:ee:24:c7:ef:70:56:e0:26:96:f8:49: 99:2f:3b:4f:5a:46:b6:a7:4b:b0:fd:e8:23:b1:f1: d7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:A9:4D:10:B6:AA:B2:8F:AE:13:64:63:08:2C:1C:AE:11:64:B2:7E X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3135382e35392e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.59.0/24 Signature Algorithm: sha256WithRSAEncryption 7d:7c:ee:94:47:ca:3b:7e:ed:24:4e:d3:4c:93:86:fd:1a:19: 06:9d:a1:93:42:dd:49:c3:12:e7:69:87:66:a1:a4:42:ef:e1: e4:b9:83:7f:c2:26:59:44:f8:0b:10:5a:25:80:d6:73:0e:01: d6:d7:4d:98:b1:8d:87:a4:e5:cf:b6:d8:70:0c:0c:88:64:f1: 50:6a:38:1e:18:11:45:88:87:2a:ad:68:ac:90:ac:55:b3:20: cb:21:e9:b2:77:a9:d8:91:2e:2a:95:7f:59:46:1c:16:53:67: e6:ea:74:40:82:45:07:b9:ce:c9:02:fc:ce:9f:1e:9e:f4:43: 13:f6:88:93:95:20:7d:1f:35:b2:6a:3a:75:a4:31:b4:b5:00: 7d:18:9e:d6:39:db:84:5c:6d:b4:57:16:b1:55:b7:66:1d:eb: d3:c0:ef:6d:b5:36:b2:21:8c:3d:35:74:72:8e:e7:00:3d:37: c8:8b:db:92:d2:f3:fe:f9:dd:b3:0e:96:f1:57:54:28:0c:83: bc:44:3b:18:48:e4:9d:b4:6e:b7:a0:09:81:f8:11:a9:50:d3: 7b:1f:25:aa:77:af:da:7f:34:39:9b:f5:f9:7d:96:12:85:4e: cb:cc:1d:67:54:cd:ff:91:ce:5d:cd:dd:7e:d1:33:06:4e:b4: 01:5d:6d:2b -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIURW1ROaXgB2xtPDrzF1YHhmwjDlgwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTUwMDAyMzFaFw0yNjEyMTQwMDA3MzFaMDMxMTAvBgNV BAMTKEVBQTk0RDEwQjZBQUIyOEZBRTEzNjQ2MzA4MkMxQ0FFMTE2NEIyN0UwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJJ2PYN9Xp9eoiTam1tWodVNTA ck9VUeNJLWFcdIV4iTSXBKDDGm6y/z13ifHYNuh1SVWa6y6ddmyaGRruRWkb/T7h EzZO58d8Y4ZNtiYU3xC6COitq/G3fnYGueVMPw5xxDAuLAv81X3d9IkAZGrXPnSq nNr0H7rg6Hlo8P+kBaMkPyMih1b4pHFL+zcD0x99sXHOZOqVPWM+RFg4CwJIL8JR xBrLqyZviDIWn0XZVYo5uYc68G/igNt7hSGg7ClDq5MF4f8GoexP+/JzafsorcHX /4ruDx7OC0sSm32np7TZ7uDuJMfvcFbgJpb4SZkvO09aRranS7D96COx8dc/AgMB AAGjggI3MIICMzAdBgNVHQ4EFgQU6qlNELaqso+uE2RjCCwcrhFksn4wHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzEzNTM4MmUzNTM5 MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzgzMzM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVZ47MA0G CSqGSIb3DQEBCwUAA4IBAQB9fO6UR8o7fu0kTtNMk4b9GhkGnaGTQt1JwxLnaYdm oaRC7+HkuYN/wiZZRPgLEFolgNZzDgHW102YsY2HpOXPtthwDAyIZPFQajgeGBFF iIcqrWiskKxVsyDLIemyd6nYkS4qlX9ZRhwWU2fm6nRAgkUHuc7JAvzOnx6e9EMT 9oiTlSB9HzWyajp1pDG0tQB9GJ7WOduEXG20VxaxVbdmHevTwO9ttTayIYw9NXRy jucAPTfIi9uS0vP++d2zDpbxV1QoDIO8RDsYSOSdtG63oAmB+BGpUNN7HyWqd6/a fzQ5m/X5fZYShU7LzB1nVM3/kc5dzd1+0TMGTrQBXW0r -----END CERTIFICATE-----Generated at Mon Dec 15 17:21:38 2025 by rpki-client