This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e33382e302f32342d3234203d3e20313336373837.roa File: 322e35382e33382e302f32342d3234203d3e20313336373837.roa (raw, json) Hash identifier: vX3QkAW1TmwnoUMtRtC+f+bT5asXXfhWHioeLkhOFfM= Subject key identifier: 5D:42:A0:5C:D2:B2:45:FC:88:C6:27:AA:CD:AE:37:1E:4F:68:43:AE Certificate issuer: /CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Certificate serial: 23C161D9E0F5E57762B146E55E1107AA7DA33C03 Authority key identifier: 09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e33382e302f32342d3234203d3e20313336373837.roa Signing time: Fri 28 Nov 2025 11:49:15 +0000 ROA not before: Fri 28 Nov 2025 11:44:15 +0000 ROA not after: Fri 27 Nov 2026 11:49:15 +0000 asID: 136787 IP address blocks: 2.58.38.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.mft rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 08:24:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 23:c1:61:d9:e0:f5:e5:77:62:b1:46:e5:5e:11:07:aa:7d:a3:3c:03 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=097a28f77eb0a4ac354a8ac28754b2a3bbe3a959 Validity Not Before: Nov 28 11:44:15 2025 GMT Not After : Nov 27 11:49:15 2026 GMT Subject: CN=5D42A05CD2B245FC88C627AACDAE371E4F6843AE Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:b8:18:23:c4:dc:4b:4e:23:86:c6:87:59:b3: 45:b0:89:ae:b2:7f:de:ce:1b:3b:f8:8a:ba:4b:cc: f6:f5:24:13:a5:fc:47:8b:5f:ca:ea:53:b1:77:f7: 89:9e:fc:87:ff:69:72:3b:23:c6:92:9d:c1:76:84: a1:bb:ae:f1:35:5b:50:8c:2c:24:97:17:eb:52:bc: 33:0a:d4:0b:b4:cf:1f:b5:f6:d0:75:f5:2a:1a:6f: cb:7a:9b:05:b3:b6:2e:64:e2:4c:fa:a9:32:b3:f6: a4:14:81:28:41:12:7c:64:7b:9b:43:16:eb:60:2b: 2a:82:1d:3e:85:c6:97:78:59:73:9b:d7:e4:46:b3: eb:7d:da:45:bd:fb:b3:48:51:5f:67:53:d4:14:06: dc:ed:91:41:db:6c:c4:2d:a0:bc:df:b6:8f:e5:fc: 1e:9c:70:c9:0d:e8:7a:47:d7:6d:9d:01:0f:2c:a2: d7:81:6c:81:8a:3f:6b:aa:90:69:59:1c:3f:b3:54: a1:fd:bc:e8:47:47:1e:65:af:5e:3a:f9:f7:2b:ad: df:58:2e:92:5e:4c:4a:01:82:af:40:e8:ed:93:4e: f7:11:46:ef:a2:a0:3e:d1:00:90:c2:36:2a:e2:e9: a2:c9:aa:d0:27:c1:e5:68:44:1b:cb:69:3d:c1:13: 64:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:42:A0:5C:D2:B2:45:FC:88:C6:27:AA:CD:AE:37:1E:4F:68:43:AE X509v3 Authority Key Identifier: keyid:09:7A:28:F7:7E:B0:A4:AC:35:4A:8A:C2:87:54:B2:A3:BB:E3:A9:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/097A28F77EB0A4AC354A8AC28754B2A3BBE3A959.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXoo936wpKw1SorCh1Syo7vjqVk.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/177/322e35382e33382e302f32342d3234203d3e20313336373837.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 2.58.38.0/24 Signature Algorithm: sha256WithRSAEncryption ca:e7:90:75:22:a7:fa:28:a5:7b:eb:79:3a:4b:7e:ed:89:01: 77:f7:ac:5c:d1:34:18:8f:a6:f1:e6:e6:e9:0e:e6:f6:e3:08: cc:fd:c6:e1:36:67:86:8d:b4:65:53:94:96:4f:88:4f:8b:33: 8f:6c:56:ef:10:b2:4f:8b:37:0b:cf:a9:98:8d:9b:a9:5a:2a: b0:98:ac:24:31:3f:2a:b4:ac:03:2f:3d:2b:de:d8:dc:87:f1: 28:e7:68:fb:89:87:ec:32:a6:13:b1:4d:3d:94:65:c5:98:21: ea:f1:8c:7a:25:d5:4f:d6:3c:4c:42:98:de:19:3c:e1:4d:5f: a0:f5:30:07:f2:97:75:63:80:00:62:d9:2b:9a:93:77:f0:6a: 0c:ee:ed:33:0e:80:ae:b7:10:89:03:3c:ca:46:9f:4e:b1:1f: c5:6d:e0:6c:ae:80:08:71:14:c6:0e:45:8f:67:dc:e3:fc:87: 2c:fa:83:93:a1:e9:7c:ba:60:44:57:b2:c8:42:10:d9:ce:bb: 9d:2c:ff:23:a1:6a:2f:a5:9b:ff:02:5b:04:a9:53:99:5d:eb: 00:57:5b:f8:25:53:17:71:b0:8f:3d:68:2f:07:a4:72:16:40: c5:6b:64:3a:e0:1a:bb:fe:12:7a:f9:4c:aa:a3:24:b6:b7:f0: a5:d5:22:f6 -----BEGIN CERTIFICATE----- MIIFNDCCBBygAwIBAgIUI8Fh2eD15XdisUblXhEHqn2jPAMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoMDk3YTI4Zjc3ZWIwYTRhYzM1NGE4YWMyODc1NGIyYTNi YmUzYTk1OTAeFw0yNTExMjgxMTQ0MTVaFw0yNjExMjcxMTQ5MTVaMDMxMTAvBgNV BAMTKDVENDJBMDVDRDJCMjQ1RkM4OEM2MjdBQUNEQUUzNzFFNEY2ODQzQUUwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxuBgjxNxLTiOGxodZs0Wwia6y f97OGzv4irpLzPb1JBOl/EeLX8rqU7F394me/If/aXI7I8aSncF2hKG7rvE1W1CM LCSXF+tSvDMK1Au0zx+19tB19Soab8t6mwWzti5k4kz6qTKz9qQUgShBEnxke5tD FutgKyqCHT6Fxpd4WXOb1+RGs+t92kW9+7NIUV9nU9QUBtztkUHbbMQtoLzfto/l /B6ccMkN6HpH122dAQ8soteBbIGKP2uqkGlZHD+zVKH9vOhHRx5lr146+fcrrd9Y LpJeTEoBgq9A6O2TTvcRRu+ioD7RAJDCNiri6aLJqtAnweVoRBvLaT3BE2RtAgMB AAGjggI+MIICOjAdBgNVHQ4EFgQUXUKgXNKyRfyIxieqza43Hk9oQ64wHwYDVR0j BBgwFoAUCXoo936wpKw1SorCh1Syo7vjqVkwDgYDVR0PAQH/BAQDAgeAMIGYBgNV HR8EgZAwgY0wgYqggYeggYSGgYFyc3luYzovL3JzeW5jLnBhYXMucnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L2ZlMzcwOGEwLTY3ZDUtNGFjMi1hYmM0LWEzMzI1OTBi OTlhZi8xNzcvMDk3QTI4Rjc3RUIwQTRBQzM1NEE4QUMyODc1NEIyQTNCQkUzQTk1 OS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2ku cmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0NYb285MzZ3cEt3MVNvckNoMVN5 bzd2anFWay5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3Jz eW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4 YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzE3Ny8zMjJlMzUzODJlMzMz ODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYDVR0g AQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME AAI6JjANBgkqhkiG9w0BAQsFAAOCAQEAyueQdSKn+iile+t5Okt+7YkBd/esXNE0 GI+m8ebm6Q7m9uMIzP3G4TZnho20ZVOUlk+IT4szj2xW7xCyT4s3C8+pmI2bqVoq sJisJDE/KrSsAy89K97Y3IfxKOdo+4mH7DKmE7FNPZRlxZgh6vGMeiXVT9Y8TEKY 3hk84U1foPUwB/KXdWOAAGLZK5qTd/BqDO7tMw6ArrcQiQM8ykafTrEfxW3gbK6A CHEUxg5Fj2fc4/yHLPqDk6HpfLpgRFeyyEIQ2c67nSz/I6FqL6Wb/wJbBKlTmV3r AFdb+CVTF3Gwjz1oLwekchZAxWtkOuAau/4SevlMqqMktrfwpdUi9g== -----END CERTIFICATE-----Generated at Sat Dec 6 15:54:13 2025 by rpki-client