This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e302e3234382e302f32332d3332203d3e203531313637.roa File: 38312e302e3234382e302f32332d3332203d3e203531313637.roa (raw, json) Hash identifier: 5rWYi0LF6lNdcExkjcrAqb9rIvASHB2YZyRXFCiu+OQ= Subject key identifier: 91:CA:91:B5:A8:FF:BF:2D:73:8D:99:3F:C3:09:3B:C2:C6:B9:DF:6F Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 10EEE93B37D8DB9BBB50012EEF600AA968EE9941 Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e302e3234382e302f32332d3332203d3e203531313637.roa Signing time: Mon 29 Dec 2025 09:51:05 +0000 ROA not before: Mon 29 Dec 2025 09:46:05 +0000 ROA not after: Mon 28 Dec 2026 09:51:05 +0000 asID: 51167 IP address blocks: 81.0.248.0/23 maxlen: 32 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 15:51:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10:ee:e9:3b:37:d8:db:9b:bb:50:01:2e:ef:60:0a:a9:68:ee:99:41 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Dec 29 09:46:05 2025 GMT Not After : Dec 28 09:51:05 2026 GMT Subject: CN=91CA91B5A8FFBF2D738D993FC3093BC2C6B9DF6F Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:72:d9:52:59:d9:36:29:f6:bc:9f:49:da:f9: 91:23:59:1a:06:ab:18:fc:95:52:e8:e8:4e:6e:1a: 14:2a:ca:f0:cb:4a:39:e0:1e:79:02:ae:ed:a5:09: 4b:98:fd:71:f2:07:ae:46:e2:8f:91:66:cf:2e:27: 58:f4:be:6a:91:2a:fc:34:3e:ae:3b:de:39:85:c4: 1c:6f:88:f2:21:38:71:a1:d0:4d:c7:ec:ef:d0:6f: e9:1c:42:c9:68:b6:29:69:f2:13:71:15:1a:c0:ab: cd:5e:e5:20:de:f7:3a:20:cd:b8:06:c2:7c:03:cd: 23:34:51:cb:2d:e6:fe:da:56:75:18:83:0c:68:e3: 01:ca:0a:22:06:ae:25:a4:0b:f4:f7:44:99:6f:ae: 80:13:66:1c:0b:79:96:c5:e7:d3:93:fe:51:41:d0: 4c:23:28:f9:be:85:9c:96:80:2e:13:2d:be:5d:88: be:25:db:e4:f6:67:aa:6b:2f:98:0e:f5:e2:f2:3a: a0:33:d2:43:05:34:94:d3:6b:cf:fb:25:9c:07:56: cc:ce:33:b1:0d:01:e3:1c:49:cf:35:74:eb:9f:a1: 5e:2c:9e:4b:43:6b:b5:62:81:38:b6:cb:59:3a:1f: 68:cf:ed:80:fe:6d:d9:a4:7b:d3:75:bd:8f:76:6e: d8:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:CA:91:B5:A8:FF:BF:2D:73:8D:99:3F:C3:09:3B:C2:C6:B9:DF:6F X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38312e302e3234382e302f32332d3332203d3e203531313637.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.0.248.0/23 Signature Algorithm: sha256WithRSAEncryption 21:20:ea:5c:d7:e4:9a:f0:df:a3:82:9d:09:36:b3:69:3b:e1: 82:da:3c:89:ea:53:e6:d4:aa:df:ef:9f:fc:e9:95:e8:2b:ea: 7a:98:f5:0c:63:e0:fb:18:d5:0f:7f:be:57:87:65:fb:94:ba: 54:80:a7:bb:96:ce:c5:cc:47:df:29:6f:78:e6:62:2b:b0:8a: b5:21:a9:51:46:ae:95:4c:7b:2c:6f:de:c3:46:4a:9d:e7:66: 02:02:b3:91:b9:9c:2d:36:e8:f8:9c:e6:0a:fa:6f:37:18:a6: 48:ee:5a:ab:b8:a4:46:7e:91:77:22:0e:e2:89:60:83:d6:d7: eb:8a:b2:8a:ff:63:59:0a:90:0f:d2:76:c2:d5:c3:7a:3b:52: 35:a1:73:2d:44:8a:bd:76:02:10:1b:5f:14:5e:a8:1c:2b:8e: 6e:cc:b5:11:17:73:17:d5:e3:d2:de:18:a9:62:3a:3c:20:78: 8c:e6:1e:a4:7a:61:92:07:a1:71:56:04:06:ab:c4:4d:88:38: 19:45:73:7e:c2:ab:c7:36:f8:c3:93:fb:a3:2a:57:06:0f:00: 53:92:a0:ad:51:11:a7:83:e4:bf:aa:cd:95:22:a0:e4:bd:03: 44:12:67:47:f6:b9:02:68:5c:ed:c3:42:80:e9:43:bb:d7:64: 09:50:b2:60 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUEO7pOzfY25u7UAEu72AKqWjumUEwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNTEyMjkwOTQ2MDVaFw0yNjEyMjgwOTUxMDVaMDMxMTAvBgNV BAMTKDkxQ0E5MUI1QThGRkJGMkQ3MzhEOTkzRkMzMDkzQkMyQzZCOURGNkYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOctlSWdk2Kfa8n0na+ZEjWRoG qxj8lVLo6E5uGhQqyvDLSjngHnkCru2lCUuY/XHyB65G4o+RZs8uJ1j0vmqRKvw0 Pq473jmFxBxviPIhOHGh0E3H7O/Qb+kcQslotilp8hNxFRrAq81e5SDe9zogzbgG wnwDzSM0Ucst5v7aVnUYgwxo4wHKCiIGriWkC/T3RJlvroATZhwLeZbF59OT/lFB 0EwjKPm+hZyWgC4TLb5diL4l2+T2Z6prL5gO9eLyOqAz0kMFNJTTa8/7JZwHVszO M7ENAeMcSc81dOufoV4snktDa7VigTi2y1k6H2jP7YD+bdmke9N1vY92bth1AgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUkcqRtaj/vy1zjZk/wwk7wsa5328wHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMTJlMzAyZTMyMzQzODJl MzAyZjMyMzMyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFRAPgw DQYJKoZIhvcNAQELBQADggEBACEg6lzX5Jrw36OCnQk2s2k74YLaPInqU+bUqt/v n/zplegr6nqY9Qxj4PsY1Q9/vleHZfuUulSAp7uWzsXMR98pb3jmYiuwirUhqVFG rpVMeyxv3sNGSp3nZgICs5G5nC026Pic5gr6bzcYpkjuWqu4pEZ+kXciDuKJYIPW 1+uKsor/Y1kKkA/SdsLVw3o7UjWhcy1Eir12AhAbXxReqBwrjm7MtREXcxfV49Le GKliOjwgeIzmHqR6YZIHoXFWBAarxE2IOBlFc37Cq8c2+MOT+6MqVwYPAFOSoK1R EaeD5L+qzZUioOS9A0QSZ0f2uQJoXO3DQoDpQ7vXZAlQsmA= -----END CERTIFICATE-----Generated at Sun Jan 25 08:57:17 2026 by rpki-client