This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa File: 3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa (raw, json) Hash identifier: s+83M5VhILXQL8GmCQm5OdLzWbyUGExKEdoE+nqefX4= Subject key identifier: 0D:77:0D:C6:E2:12:25:B1:44:9D:FA:53:17:E2:1E:D1:5B:2C:34:21 Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 4325AA2D826BD14883C84E01BC2E16763457F355 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa Signing time: Fri 28 Nov 2025 11:49:32 +0000 ROA not before: Fri 28 Nov 2025 11:44:32 +0000 ROA not after: Fri 27 Nov 2026 11:49:32 +0000 asID: 206283 IP address blocks: 185.245.152.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 05:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43:25:aa:2d:82:6b:d1:48:83:c8:4e:01:bc:2e:16:76:34:57:f3:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:32 2025 GMT Not After : Nov 27 11:49:32 2026 GMT Subject: CN=0D770DC6E21225B1449DFA5317E21ED15B2C3421 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:34:e0:72:4c:37:88:0a:2d:45:fd:72:95:66: 02:44:6f:42:2b:e5:6f:3a:30:3b:67:6a:95:ae:4b: c0:4f:e1:9d:65:b9:38:1b:09:04:02:72:4a:d3:dd: e4:31:98:33:1d:9e:48:62:a3:bc:63:3d:0a:8f:55: 55:5c:5f:b3:81:32:47:3a:28:59:e8:41:7c:88:44: 78:f1:17:71:6c:4d:9b:62:0b:15:d2:d5:b3:e5:9b: c6:29:3b:21:ff:b0:d2:3f:bf:d1:b4:b5:9c:b8:4b: 4f:ac:cd:b3:c1:60:71:05:48:3d:99:ad:b5:8a:aa: d0:56:d4:c7:c6:b7:72:18:a8:57:33:eb:34:7c:fa: 30:ef:00:d4:7c:e9:18:c3:45:fb:de:c5:5a:51:4c: 73:5f:a5:dd:22:b4:b6:d6:6b:27:ed:8a:ba:d0:43: 75:db:b3:ca:00:50:b0:65:95:84:9a:22:95:aa:e1: 4d:de:86:88:d1:a7:21:8b:7f:07:74:b9:e5:5b:15: 4b:37:9e:8b:32:18:53:9b:be:23:76:18:1f:ea:71: 4c:c6:ac:7c:b8:e2:14:47:87:2e:e9:f9:e0:a9:9e: fc:10:3b:46:ca:18:1b:c7:e8:38:c1:07:a7:63:50: fc:7b:f6:33:ff:c5:cf:a2:1b:3f:e6:87:54:34:15: ea:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:77:0D:C6:E2:12:25:B1:44:9D:FA:53:17:E2:1E:D1:5B:2C:34:21 X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135322e302f32342d3234203d3e20323036323833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.245.152.0/24 Signature Algorithm: sha256WithRSAEncryption 34:3a:00:9d:c4:a7:30:3f:b7:57:6b:d5:e1:f6:52:1e:33:e1: f6:9b:95:32:ba:78:92:65:0b:2c:50:3d:50:bd:77:da:49:d4: 1e:36:d4:06:0d:b6:4a:d9:42:13:f0:cf:6e:98:c2:7b:4f:56: 9a:8f:f8:e5:d6:c9:12:89:d7:85:f2:8d:0c:37:28:f8:57:d1: 4a:c9:63:c1:da:9f:f9:a7:c3:9b:31:8e:79:e6:90:6e:1e:07: 3d:1b:18:fa:a1:b1:65:ed:0f:3c:25:d9:db:d1:e5:4b:31:ba: 61:89:6c:54:7f:c1:a9:fe:67:a3:6e:c9:b9:4a:7f:b7:18:ee: b5:2b:3e:80:7c:df:40:c9:12:14:34:a8:cf:c1:90:46:41:9f: 11:28:ee:02:8d:b2:b3:40:95:f3:b2:ab:c7:dd:64:68:4f:ec: ca:73:37:59:75:44:c7:08:c3:97:75:8a:02:aa:0c:79:52:c3: 65:7e:cc:27:de:33:ac:eb:93:24:de:40:b5:5a:53:84:bd:b8: ed:bc:d6:3a:55:94:a8:ad:f1:b5:3d:58:fc:5d:e9:6d:94:88: b7:08:69:ba:dd:c8:39:a6:b7:a5:eb:54:bb:18:65:5c:8e:9a: ba:1c:b6:b2:08:6e:90:f8:d8:a9:11:0b:30:e0:d3:6f:b0:b6: c4:ee:be:5a -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUQyWqLYJr0UiDyE4BvC4WdjRX81UwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MzJaFw0yNjExMjcxMTQ5MzJaMDMxMTAvBgNV BAMTKDBENzcwREM2RTIxMjI1QjE0NDlERkE1MzE3RTIxRUQxNUIyQzM0MjEwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwNOByTDeICi1F/XKVZgJEb0Ir 5W86MDtnapWuS8BP4Z1luTgbCQQCckrT3eQxmDMdnkhio7xjPQqPVVVcX7OBMkc6 KFnoQXyIRHjxF3FsTZtiCxXS1bPlm8YpOyH/sNI/v9G0tZy4S0+szbPBYHEFSD2Z rbWKqtBW1MfGt3IYqFcz6zR8+jDvANR86RjDRfvexVpRTHNfpd0itLbWayftirrQ Q3Xbs8oAULBllYSaIpWq4U3ehojRpyGLfwd0ueVbFUs3nosyGFObviN2GB/qcUzG rHy44hRHhy7p+eCpnvwQO0bKGBvH6DjBB6djUPx79jP/xc+iGz/mh1Q0FeqrAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUDXcNxuISJbFEnfpTF+Ie0VssNCEwHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz NTJlMzEzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODMzLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAufWYMA0GCSqGSIb3DQEBCwUAA4IBAQA0OgCdxKcwP7dXa9Xh9lIe M+H2m5UyuniSZQssUD1QvXfaSdQeNtQGDbZK2UIT8M9umMJ7T1aaj/jl1skSideF 8o0MNyj4V9FKyWPB2p/5p8ObMY555pBuHgc9Gxj6obFl7Q88Jdnb0eVLMbphiWxU f8Gp/mejbsm5Sn+3GO61Kz6AfN9AyRIUNKjPwZBGQZ8RKO4CjbKzQJXzsqvH3WRo T+zKczdZdUTHCMOXdYoCqgx5UsNlfswn3jOs65Mk3kC1WlOEvbjtvNY6VZSorfG1 PVj8XeltlIi3CGm63cg5prel61S7GGVcjpq6HLayCG6Q+NipEQsw4NNvsLbE7r5a -----END CERTIFICATE-----Generated at Sat Dec 6 12:33:43 2025 by rpki-client