This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e392e302f32342d3234203d3e20313437303439.roa File: 3136392e34302e392e302f32342d3234203d3e20313437303439.roa (raw, json) Hash identifier: /Skm4zeojiOOQlpiOMSNsDqfxMoNEbPza/nb5dpQ+8U= Subject key identifier: 42:F2:AD:DA:4A:C7:35:F8:69:C6:D6:A0:46:89:92:DA:D1:BA:87:5D Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 4B9CBA820C5531D768B27BA09CDA5EE318ADD25E Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e392e302f32342d3234203d3e20313437303439.roa Signing time: Tue 20 Jan 2026 20:34:46 +0000 ROA not before: Tue 20 Jan 2026 20:29:46 +0000 ROA not after: Tue 19 Jan 2027 20:34:46 +0000 asID: 147049 IP address blocks: 169.40.9.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4b:9c:ba:82:0c:55:31:d7:68:b2:7b:a0:9c:da:5e:e3:18:ad:d2:5e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 20 20:29:46 2026 GMT Not After : Jan 19 20:34:46 2027 GMT Subject: CN=42F2ADDA4AC735F869C6D6A0468992DAD1BA875D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d4:2d:27:75:28:40:37:36:1d:df:68:c4:30: b5:bb:50:48:32:18:cd:4e:4c:c3:a7:87:c2:73:a8: f7:dd:34:4f:ec:aa:38:8e:0d:95:6b:47:32:47:ae: e5:38:c4:b5:f1:08:da:44:81:8e:a8:0d:1c:0a:3f: 2e:65:f4:a5:38:47:16:3e:98:94:ac:19:1e:48:13: eb:e6:e6:0a:d9:d9:6b:3b:7e:0b:f1:5b:f8:a2:70: 6d:98:33:f0:86:22:2c:44:54:41:0e:6f:18:81:df: 44:b1:74:ee:35:bf:43:07:c1:c1:aa:5f:72:fd:81: e2:40:e7:6b:af:f9:17:e4:48:a7:57:16:e1:ce:61: 56:d2:9c:fd:e9:67:66:0d:4e:60:d9:2c:6a:23:88: 5a:c1:0c:e7:f6:22:98:ba:a5:da:9c:c8:5c:66:44: 31:dc:f0:69:b2:6e:ae:45:43:44:2c:0f:e2:de:af: 8a:50:d8:c4:73:e6:27:ae:91:91:36:32:ca:f0:f4: a3:ea:ce:e4:d2:fa:29:85:bd:73:c5:8f:f2:da:38: 94:26:5c:29:a0:44:2a:be:0f:10:bb:24:69:1e:1c: e5:dc:ea:e7:3a:2c:88:18:84:e3:e5:cd:1a:da:69: e4:d0:bb:25:4c:4f:5d:c7:77:89:f8:38:3b:63:c1: a6:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 42:F2:AD:DA:4A:C7:35:F8:69:C6:D6:A0:46:89:92:DA:D1:BA:87:5D X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3136392e34302e392e302f32342d3234203d3e20313437303439.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 169.40.9.0/24 Signature Algorithm: sha256WithRSAEncryption 77:d3:36:6b:59:94:fa:72:6a:de:34:f8:c7:34:bc:48:70:77: 0e:b1:c5:b3:18:77:1e:d4:c0:d7:89:f9:ef:fc:68:10:24:99: 45:56:19:13:df:c8:a5:66:b2:95:cd:46:26:b8:e7:57:d9:a2: 27:60:0d:b0:af:0c:74:60:d8:ff:33:31:90:20:07:dc:92:da: 69:33:16:3a:fd:cb:1e:43:f2:ee:29:38:6c:1d:c4:16:10:94: 4a:9e:c0:1f:6d:2b:94:e0:b3:33:c8:1d:44:f0:b8:9b:2e:2e: d6:8f:2d:2c:f0:16:a7:20:c0:94:d7:59:89:40:1c:fc:17:00: 30:e2:23:e0:dc:47:2c:08:8b:cd:f3:84:ba:4e:66:33:35:d8: 60:79:2a:ac:92:21:d6:79:af:35:1b:ca:21:e5:bf:d7:b0:0e: d1:c5:6d:b7:50:bf:4f:33:57:07:64:80:94:19:02:c3:0e:d5: 66:5a:85:7f:11:b0:83:a8:4c:3a:08:71:7a:f2:55:a7:87:f4: 4f:30:fb:8f:74:f0:b0:98:b0:2c:2a:06:5b:d8:4b:c0:90:59: 22:6e:ff:df:76:a7:14:37:27:07:5a:cf:e3:a7:23:e5:15:eb: 23:c9:3d:7b:8a:5a:d8:18:20:08:b9:77:74:a6:2a:00:19:50: 14:7f:95:d4 -----BEGIN CERTIFICATE----- MIIFMTCCBBmgAwIBAgIUS5y6ggxVMddosnugnNpe4xit0l4wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMjAyMDI5NDZaFw0yNzAxMTkyMDM0NDZaMDMxMTAvBgNV BAMTKDQyRjJBRERBNEFDNzM1Rjg2OUM2RDZBMDQ2ODk5MkRBRDFCQTg3NUQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe1C0ndShANzYd32jEMLW7UEgy GM1OTMOnh8JzqPfdNE/sqjiODZVrRzJHruU4xLXxCNpEgY6oDRwKPy5l9KU4RxY+ mJSsGR5IE+vm5grZ2Ws7fgvxW/iicG2YM/CGIixEVEEObxiB30SxdO41v0MHwcGq X3L9geJA52uv+RfkSKdXFuHOYVbSnP3pZ2YNTmDZLGojiFrBDOf2Ipi6pdqcyFxm RDHc8Gmybq5FQ0QsD+Ler4pQ2MRz5ieukZE2Msrw9KPqzuTS+imFvXPFj/LaOJQm XCmgRCq+DxC7JGkeHOXc6uc6LIgYhOPlzRraaeTQuyVMT13Hd4n4ODtjwaZDAgMB AAGjggI7MIICNzAdBgNVHQ4EFgQUQvKt2krHNfhpxtagRomS2tG6h10wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNjM5MmUzNDMwMmUzOTJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzQzNzMwMzQzOS5yb2EwGAYDVR0gAQH/ BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAKko CTANBgkqhkiG9w0BAQsFAAOCAQEAd9M2a1mU+nJq3jT4xzS8SHB3DrHFsxh3HtTA 14n57/xoECSZRVYZE9/IpWaylc1GJrjnV9miJ2ANsK8MdGDY/zMxkCAH3JLaaTMW Ov3LHkPy7ik4bB3EFhCUSp7AH20rlOCzM8gdRPC4my4u1o8tLPAWpyDAlNdZiUAc /BcAMOIj4NxHLAiLzfOEuk5mMzXYYHkqrJIh1nmvNRvKIeW/17AO0cVtt1C/TzNX B2SAlBkCww7VZlqFfxGwg6hMOghxevJVp4f0TzD7j3TwsJiwLCoGW9hLwJBZIm7/ 33anFDcnB1rP46cj5RXrI8k9e4pa2BggCLl3dKYqABlQFH+V1A== -----END CERTIFICATE-----Generated at Sun Jan 25 11:43:08 2026 by rpki-client