This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa File: 3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa (raw, json) Hash identifier: CY66RiZ5KYBDgoD0HbfJ95xwwftjHEmkqLQlXck1IR8= Subject key identifier: 21:42:9C:4D:6D:29:D3:DB:35:5F:C9:3A:DA:F7:75:17:0F:CE:9E:70 Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 4AE78AF6F311A1F87884E8C4E7809288FCD1BF40 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa Signing time: Fri 28 Nov 2025 11:49:36 +0000 ROA not before: Fri 28 Nov 2025 11:44:36 +0000 ROA not after: Fri 27 Nov 2026 11:49:36 +0000 asID: 206283 IP address blocks: 185.245.153.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4a:e7:8a:f6:f3:11:a1:f8:78:84:e8:c4:e7:80:92:88:fc:d1:bf:40 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:36 2025 GMT Not After : Nov 27 11:49:36 2026 GMT Subject: CN=21429C4D6D29D3DB355FC93ADAF775170FCE9E70 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:32:1e:90:22:b5:a8:1a:a9:92:f2:cb:79:2b: 88:61:81:4d:af:f5:d4:a7:8e:59:30:1e:84:2f:cf: 96:b3:53:b1:52:bf:30:5e:73:ab:43:25:e7:b9:df: c9:dd:1f:7e:08:be:4b:23:8b:33:50:7e:ea:f6:30: 5b:71:6c:7a:e2:0f:c6:b6:56:b2:0a:3d:61:82:ac: 00:f4:8b:33:4a:33:cd:72:e9:90:80:15:c8:ff:1b: d8:f1:1e:43:4b:71:f2:51:36:60:67:7c:54:bf:41: b9:dd:e5:9d:4a:65:8d:8d:c0:fd:47:6c:ba:74:d4: 9b:56:6f:60:21:97:37:d2:b8:50:cc:38:d6:9c:b0: 5f:60:63:ce:b2:ce:62:71:6f:46:bd:69:d1:6a:56: 47:a9:2e:ee:94:d4:95:44:b4:b0:4c:74:6c:07:c2: 62:38:54:b2:6e:bb:8d:03:72:2b:47:03:88:6c:b6: 19:f2:34:1b:14:4c:80:7d:95:9a:a6:9b:7c:7d:bb: dc:94:95:4c:8e:88:a5:41:25:df:7c:cd:06:4c:bd: 0f:3b:43:a0:e2:21:ce:bd:6e:c3:b9:cf:13:6e:58: fa:29:d4:d5:82:4a:c0:d5:3f:46:19:6e:ff:a7:05: e6:f2:01:fd:30:e2:08:bc:9d:7c:6e:9b:9d:c1:a4: 21:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:42:9C:4D:6D:29:D3:DB:35:5F:C9:3A:DA:F7:75:17:0F:CE:9E:70 X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/3138352e3234352e3135332e302f32342d3234203d3e20323036323833.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.245.153.0/24 Signature Algorithm: sha256WithRSAEncryption 16:3e:9a:00:79:8a:84:d3:d9:c3:ff:fb:5d:08:bb:3e:72:ce: 8f:24:01:e0:ed:9e:24:98:ab:48:d8:64:c9:78:ad:96:a0:47: a6:0b:7b:99:77:2b:6a:7d:e2:5f:ed:42:d7:fa:22:7e:b9:0d: 65:9c:68:ab:c1:80:01:7e:d6:5a:18:f5:e6:f0:7b:c2:3a:e7: 87:77:3e:f7:3e:46:ad:9c:55:88:d7:42:cb:d1:a2:6f:b5:a7: a2:a6:75:67:c9:fa:61:8b:b9:9f:5b:5e:aa:4e:67:7c:e6:9a: ba:e8:4c:13:0d:76:1f:75:80:7d:67:e3:2f:ae:59:7e:e3:6d: 8c:c3:b2:20:74:6d:8f:56:25:02:41:cb:11:3d:5f:09:45:ef: ef:17:b0:e8:39:76:ef:f3:8a:fd:54:30:ab:5c:b0:a0:94:d1: 1d:1d:6f:4b:a8:82:ac:e8:a0:8e:2e:23:14:17:8c:ac:c4:de: 4b:64:a5:f0:7d:c0:a4:ee:ba:7e:9f:8a:f0:cf:ca:d8:76:f0: a2:1a:2a:3f:1b:be:18:ed:62:3e:a6:26:2a:e2:b1:52:a4:21: 08:bb:e2:f9:b5:aa:04:00:d2:95:e9:91:25:50:6e:66:c9:0b: 83:08:41:82:21:ec:4d:ae:39:ac:25:4c:ae:ac:a6:9e:2e:d6: 32:6c:7e:72 -----BEGIN CERTIFICATE----- MIIFPDCCBCSgAwIBAgIUSueK9vMRofh4hOjE54CSiPzRv0AwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MzZaFw0yNjExMjcxMTQ5MzZaMDMxMTAvBgNV BAMTKDIxNDI5QzRENkQyOUQzREIzNTVGQzkzQURBRjc3NTE3MEZDRTlFNzAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXMh6QIrWoGqmS8st5K4hhgU2v 9dSnjlkwHoQvz5azU7FSvzBec6tDJee538ndH34IvksjizNQfur2MFtxbHriD8a2 VrIKPWGCrAD0izNKM81y6ZCAFcj/G9jxHkNLcfJRNmBnfFS/Qbnd5Z1KZY2NwP1H bLp01JtWb2AhlzfSuFDMONacsF9gY86yzmJxb0a9adFqVkepLu6U1JVEtLBMdGwH wmI4VLJuu40DcitHA4hsthnyNBsUTIB9lZqmm3x9u9yUlUyOiKVBJd98zQZMvQ87 Q6DiIc69bsO5zxNuWPop1NWCSsDVP0YZbv+nBebyAf0w4gi8nXxum53BpCGNAgMB AAGjggJGMIICQjAdBgNVHQ4EFgQUIUKcTW0p09s1X8k62vd1Fw/OnnAwHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgbMGCCsGAQUFBwELBIGmMIGjMIGgBggrBgEFBQcwC4aBk3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMTM4MzUyZTMyMzQz NTJlMzEzNTMzMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzMDM2MzIzODMzLnJv YTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM BAIAATAGAwQAufWZMA0GCSqGSIb3DQEBCwUAA4IBAQAWPpoAeYqE09nD//tdCLs+ cs6PJAHg7Z4kmKtI2GTJeK2WoEemC3uZdytqfeJf7ULX+iJ+uQ1lnGirwYABftZa GPXm8HvCOueHdz73PkatnFWI10LL0aJvtaeipnVnyfphi7mfW16qTmd85pq66EwT DXYfdYB9Z+Mvrll+422Mw7IgdG2PViUCQcsRPV8JRe/vF7DoOXbv84r9VDCrXLCg lNEdHW9LqIKs6KCOLiMUF4ysxN5LZKXwfcCk7rp+n4rwz8rYdvCiGio/G74Y7WI+ piYq4rFSpCEIu+L5taoEANKV6ZElUG5myQuDCEGCIexNrjmsJUyurKaeLtYybH5y -----END CERTIFICATE-----Generated at Sat Dec 6 16:45:36 2025 by rpki-client