This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e20393834.roa File: 38322e3139382e3235332e302f32342d3234203d3e20393834.roa (raw, json) Hash identifier: DdD8KoOk2UBALZ8+iICdgCgb4YV190dvSAod0Uco2OM= Subject key identifier: A1:61:36:24:C1:18:97:FC:27:51:EB:DB:9D:7E:69:5B:30:88:8B:CA Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Certificate serial: 3ED97116A260D9E354009B4FE5E2ABBA41FA0B2A Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e20393834.roa Signing time: Thu 22 Jan 2026 11:22:17 +0000 ROA not before: Thu 22 Jan 2026 11:17:17 +0000 ROA not after: Thu 21 Jan 2027 11:22:17 +0000 asID: 984 IP address blocks: 82.198.253.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3e:d9:71:16:a2:60:d9:e3:54:00:9b:4f:e5:e2:ab:ba:41:fa:0b:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c Validity Not Before: Jan 22 11:17:17 2026 GMT Not After : Jan 21 11:22:17 2027 GMT Subject: CN=A1613624C11897FC2751EBDB9D7E695B30888BCA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:01:a6:61:55:1f:0a:7c:de:4c:70:b7:23:9e: 8c:d8:f3:eb:a4:a6:3a:19:1d:f0:13:41:f0:e9:51: f3:8b:0f:3a:5f:57:64:c9:76:ef:a4:ab:4d:35:aa: 9f:82:85:9f:15:0d:50:da:92:9b:69:fb:6c:5c:66: f8:79:15:59:27:76:39:a9:49:d7:0b:2a:5e:e8:5e: 21:0d:58:ec:68:cf:82:b6:11:a1:ec:f1:7c:65:8c: 0a:ac:60:3d:37:1d:74:2a:c5:b0:04:24:c5:6d:c9: be:0e:d3:16:08:55:f0:1a:b6:da:e8:67:dd:45:e8: de:ab:8f:2b:9f:4a:b5:0a:b0:41:c9:6d:00:26:24: cc:bd:48:31:db:bb:bd:60:c2:4d:58:75:9f:0f:46: 38:2c:98:ec:b7:d6:2b:f4:45:5d:d4:06:36:bb:21: c9:79:49:36:2d:97:c8:af:ba:3b:3c:85:d0:87:7c: f9:e8:65:1b:ff:19:47:e6:2e:e7:aa:c5:fa:91:46: 84:88:cb:14:11:e2:84:da:cf:7f:a8:a6:9f:9f:7d: bb:60:6a:1b:dc:80:b4:b4:ff:1d:95:b5:af:c6:95: fe:19:a2:ce:d2:00:80:88:8f:07:89:36:d8:54:7c: 43:0c:17:69:c8:1d:40:17:b3:f6:3a:53:50:2e:41: 4d:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:61:36:24:C1:18:97:FC:27:51:EB:DB:9D:7E:69:5B:30:88:8B:CA X509v3 Authority Key Identifier: keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/38322e3139382e3235332e302f32342d3234203d3e20393834.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.198.253.0/24 Signature Algorithm: sha256WithRSAEncryption 8d:3f:0a:36:0c:f2:0e:8e:17:c2:bd:cf:51:88:0e:77:3b:3e: 8c:08:c6:87:8d:a5:58:c5:7c:ee:0f:3a:53:28:35:6d:22:85: a7:93:ac:aa:bf:e7:5f:3b:10:36:1b:0b:91:eb:96:bb:c3:5c: 5c:9c:85:46:0c:dd:16:4d:1a:ea:e8:9e:24:f8:29:6d:c8:de: e0:ce:4a:d1:ae:8f:35:6e:ce:99:53:09:95:93:ec:16:e6:33: 4e:e1:7f:4f:4b:a8:68:2b:e7:d7:db:80:4f:60:e2:df:bd:18: 72:ad:89:b3:29:e6:37:b5:61:63:d0:ab:3d:fa:2f:4c:6e:77: 13:1b:26:a5:85:b3:70:cb:6a:f7:5e:0b:a6:e2:e4:55:12:fd: e6:d9:2f:4a:08:41:5b:82:5a:6f:3a:9f:f1:49:50:84:0e:8d: 86:83:e6:86:c4:3a:69:35:4b:54:10:81:38:e7:b9:e2:cb:53: 3d:e0:c8:3c:4e:69:66:20:ac:b9:ae:84:ed:c3:d1:c4:2d:02: 5c:af:a6:cc:c2:e1:96:2b:c4:29:4c:6d:98:85:f9:0b:db:d5: c7:29:51:e5:b1:95:2a:b0:ac:7d:cb:58:aa:54:9c:39:19:9b: 84:bc:75:f3:1f:d7:d8:23:9a:0e:ee:33:75:ef:63:ee:c4:02: 8a:c9:03:42 -----BEGIN CERTIFICATE----- MIIFLzCCBBegAwIBAgIUPtlxFqJg2eNUAJtP5eKrukH6CyowDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0 ZWE3Nzc5YzAeFw0yNjAxMjIxMTE3MTdaFw0yNzAxMjExMTIyMTdaMDMxMTAvBgNV BAMTKEExNjEzNjI0QzExODk3RkMyNzUxRUJEQjlEN0U2OTVCMzA4ODhCQ0EwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsAaZhVR8KfN5McLcjnozY8+uk pjoZHfATQfDpUfOLDzpfV2TJdu+kq001qp+ChZ8VDVDakptp+2xcZvh5FVkndjmp SdcLKl7oXiENWOxoz4K2EaHs8XxljAqsYD03HXQqxbAEJMVtyb4O0xYIVfAattro Z91F6N6rjyufSrUKsEHJbQAmJMy9SDHbu71gwk1YdZ8PRjgsmOy31iv0RV3UBja7 Icl5STYtl8ivujs8hdCHfPnoZRv/GUfmLueqxfqRRoSIyxQR4oTaz3+opp+ffbtg ahvcgLS0/x2Vta/Glf4Zos7SAICIjweJNthUfEMMF2nIHUAXs/Y6U1AuQU2bAgMB AAGjggI5MIICNTAdBgNVHQ4EFgQUoWE2JMEYl/wnUevbnX5pWzCIi8owHwYDVR0j BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5 OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2 bmQ1dy5jZXIwgakGCCsGAQUFBwELBIGcMIGZMIGWBggrBgEFBQcwC4aBiXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzgzMjJlMzEzOTM4MmUzMjM1 MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzOTM4MzQucm9hMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABSxv0w DQYJKoZIhvcNAQELBQADggEBAI0/CjYM8g6OF8K9z1GIDnc7PowIxoeNpVjFfO4P OlMoNW0ihaeTrKq/5187EDYbC5HrlrvDXFychUYM3RZNGuroniT4KW3I3uDOStGu jzVuzplTCZWT7BbmM07hf09LqGgr59fbgE9g4t+9GHKtibMp5je1YWPQqz36L0xu dxMbJqWFs3DLavdeC6bi5FUS/ebZL0oIQVuCWm86n/FJUIQOjYaD5obEOmk1S1QQ gTjnueLLUz3gyDxOaWYgrLmuhO3D0cQtAlyvpszC4ZYrxClMbZiF+Qvb1ccpUeWx lSqwrH3LWKpUnDkZm4S8dfMf19gjmg7uM3XvY+7EAorJA0I= -----END CERTIFICATE-----Generated at Sun Jan 25 11:43:18 2026 by rpki-client