This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232322e302f32342d3234203d3e20383334.roa File: 38352e3233372e3232322e302f32342d3234203d3e20383334.roa (raw, json) Hash identifier: gWWUEq01tbxbWATcai8VPq7nWfHWCzDG85fIeVx/Qvc= Subject key identifier: 91:E1:95:5A:0B:4B:17:5B:77:11:BD:96:8A:FE:B9:E5:EE:D2:7C:21 Certificate issuer: /CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Certificate serial: 0976958AB715512124A787B5F1A752152B619201 Authority key identifier: AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232322e302f32342d3234203d3e20383334.roa Signing time: Mon 15 Dec 2025 00:07:40 +0000 ROA not before: Mon 15 Dec 2025 00:02:40 +0000 ROA not after: Mon 14 Dec 2026 00:07:40 +0000 asID: 834 IP address blocks: 85.237.222.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.mft rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 01:18:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 09:76:95:8a:b7:15:51:21:24:a7:87:b5:f1:a7:52:15:2b:61:92:01 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=aff6f26ea1f10da4a16cad9c7a6510856fbabb8d Validity Not Before: Dec 15 00:02:40 2025 GMT Not After : Dec 14 00:07:40 2026 GMT Subject: CN=91E1955A0B4B175B7711BD968AFEB9E5EED27C21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:35:e6:ae:f9:df:12:fc:73:f7:78:f2:20:aa: fe:ba:bb:5d:b1:05:bc:66:b7:41:59:73:47:6b:c5: e1:1e:46:ce:94:ca:f3:61:f2:c4:b0:0e:36:aa:55: 11:5a:a3:d3:58:96:03:1c:e5:0a:d9:4b:fa:59:d1: 6a:44:13:2a:ad:61:d0:10:71:ee:36:66:95:e0:ac: 75:8d:72:63:29:a9:6d:db:2a:df:04:ed:ea:e4:cb: a2:e9:9b:37:11:79:db:9e:09:f0:60:1f:bb:fb:35: 69:c4:91:52:35:a6:9d:18:02:ba:a8:ec:52:4c:eb: a6:99:13:31:bf:4a:7e:38:1a:d1:45:fa:a0:8b:6f: ea:93:2d:23:93:d5:27:6a:cb:05:1f:2b:80:df:e2: 2c:3d:68:c0:cd:2a:9f:5a:ed:e0:94:54:a2:47:77: c7:a7:3f:6b:5f:db:53:6c:9b:b6:13:ff:d7:59:22: 21:ad:6c:e6:ba:d0:81:a2:2f:b4:24:18:ce:69:7c: 09:cc:70:27:1e:1c:11:df:2d:88:d4:db:8e:3e:ac: 93:3d:42:cb:e7:4e:1d:3e:5b:9f:8d:66:01:65:1a: 79:8b:14:df:c8:04:6a:1f:a5:1a:15:20:bd:42:21: af:1a:f8:1b:74:64:3e:7e:b2:d5:82:69:85:70:21: 6c:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:E1:95:5A:0B:4B:17:5B:77:11:BD:96:8A:FE:B9:E5:EE:D2:7C:21 X509v3 Authority Key Identifier: keyid:AF:F6:F2:6E:A1:F1:0D:A4:A1:6C:AD:9C:7A:65:10:85:6F:BA:BB:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/AFF6F26EA1F10DA4A16CAD9C7A6510856FBABB8D.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_bybqHxDaShbK2cemUQhW-6u40.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/ab9f5497-2b95-4a42-80d0-5c41f807b61f/0/38352e3233372e3232322e302f32342d3234203d3e20383334.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.237.222.0/24 Signature Algorithm: sha256WithRSAEncryption 5b:58:3f:e2:c6:67:67:38:5e:7c:b4:9b:33:06:75:66:df:b8: 8c:39:b9:08:f6:c7:7a:f5:d0:f0:4c:14:04:8a:d4:26:53:67: 1a:38:97:78:f5:44:22:e0:3c:10:e4:6e:03:24:9f:05:f1:fd: 74:3a:e2:ab:33:df:2f:4e:97:35:69:70:7b:fc:c8:02:cb:50: f0:9d:2a:b2:dc:01:7b:2c:7c:11:8a:da:63:31:5c:17:9e:01: 77:1f:17:f3:4d:9f:00:d6:1d:30:8b:d9:71:3c:49:25:c8:41: 1b:2e:9e:0b:3c:42:e8:52:87:d8:f3:08:34:9f:06:53:eb:14: 39:4b:70:ed:e8:7c:4e:bc:54:9f:73:2c:42:93:3c:30:bc:b0: 7f:01:14:1f:a5:19:3f:80:db:c8:5c:e2:4f:5f:7a:19:5f:b1: 06:5f:75:9f:15:3d:59:77:53:41:bd:80:7b:0b:85:5d:ea:0e: b0:30:e9:d1:63:c6:6a:54:83:42:1d:2b:6e:32:d0:f0:41:4e: bc:9d:a1:87:c1:95:7e:2d:7c:f3:9f:88:16:63:53:be:5e:ba: db:78:48:e7:8a:64:ad:0d:8e:51:16:de:aa:f5:1a:5c:3e:75: e9:ac:01:88:b4:15:2a:49:be:19:85:ec:6b:e6:c9:e4:60:09: 99:16:9d:f9 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUCXaVircVUSEkp4e18adSFSthkgEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWZmNmYyNmVhMWYxMGRhNGExNmNhZDljN2E2NTEwODU2 ZmJhYmI4ZDAeFw0yNTEyMTUwMDAyNDBaFw0yNjEyMTQwMDA3NDBaMDMxMTAvBgNV BAMTKDkxRTE5NTVBMEI0QjE3NUI3NzExQkQ5NjhBRkVCOUU1RUVEMjdDMjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJNeau+d8S/HP3ePIgqv66u12x Bbxmt0FZc0drxeEeRs6UyvNh8sSwDjaqVRFao9NYlgMc5QrZS/pZ0WpEEyqtYdAQ ce42ZpXgrHWNcmMpqW3bKt8E7erky6LpmzcRedueCfBgH7v7NWnEkVI1pp0YArqo 7FJM66aZEzG/Sn44GtFF+qCLb+qTLSOT1SdqywUfK4Df4iw9aMDNKp9a7eCUVKJH d8enP2tf21Nsm7YT/9dZIiGtbOa60IGiL7QkGM5pfAnMcCceHBHfLYjU244+rJM9 QsvnTh0+W5+NZgFlGnmLFN/IBGofpRoVIL1CIa8a+Bt0ZD5+stWCaYVwIWydAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUkeGVWgtLF1t3Eb2Wiv655e7SfCEwHwYDVR0j BBgwFoAUr/bybqHxDaShbK2cemUQhW+6u40wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTctMmI5NS00YTQyLTgwZDAtNWM0MWY4MDdi NjFmLzAvQUZGNkYyNkVBMUYxMERBNEExNkNBRDlDN0E2NTEwODU2RkJBQkI4RC5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3JfYnlicUh4RGFTaGJLMmNlbVVRaFct NnU0MC5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWI5ZjU0OTct MmI5NS00YTQyLTgwZDAtNWM0MWY4MDdiNjFmLzAvMzgzNTJlMzIzMzM3MmUzMjMy MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzODMzMzQucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABV7d4w DQYJKoZIhvcNAQELBQADggEBAFtYP+LGZ2c4Xny0mzMGdWbfuIw5uQj2x3r10PBM FASK1CZTZxo4l3j1RCLgPBDkbgMknwXx/XQ64qsz3y9OlzVpcHv8yALLUPCdKrLc AXssfBGK2mMxXBeeAXcfF/NNnwDWHTCL2XE8SSXIQRsungs8QuhSh9jzCDSfBlPr FDlLcO3ofE68VJ9zLEKTPDC8sH8BFB+lGT+A28hc4k9fehlfsQZfdZ8VPVl3U0G9 gHsLhV3qDrAw6dFjxmpUg0IdK24y0PBBTrydoYfBlX4tfPOfiBZjU75eutt4SOeK ZK0NjlEW3qr1Glw+demsAYi0FSpJvhmF7GvmyeRgCZkWnfk= -----END CERTIFICATE-----Generated at Mon Dec 15 17:21:38 2025 by rpki-client