This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32392e302f32342d3234203d3e2039333034.roa File: 352e3139392e32392e302f32342d3234203d3e2039333034.roa (raw, json) Hash identifier: dVIp0oOniH24fYi80VBOjOK9O6B/NHI7Np6C6NeyiWs= Subject key identifier: 14:95:8A:03:81:77:F6:62:4F:92:B6:2D:CE:D7:6E:B3:34:3F:00:2D Certificate issuer: /CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Certificate serial: 214074C2FB23721E9E5E60F00636DCC5B016061F Authority key identifier: 4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32392e302f32342d3234203d3e2039333034.roa Signing time: Mon 08 Dec 2025 11:33:56 +0000 ROA not before: Mon 08 Dec 2025 11:28:56 +0000 ROA not after: Mon 07 Dec 2026 11:33:56 +0000 asID: 9304 IP address blocks: 5.199.29.0/24 maxlen: 24 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.mft rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 20 Dec 2025 13:27:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 21:40:74:c2:fb:23:72:1e:9e:5e:60:f0:06:36:dc:c5:b0:16:06:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4b3aca3a7c652a9faf8e4e119bd2f7bf54afde76 Validity Not Before: Dec 8 11:28:56 2025 GMT Not After : Dec 7 11:33:56 2026 GMT Subject: CN=14958A038177F6624F92B62DCED76EB3343F002D Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8c:d3:ec:e2:2f:03:bf:72:43:98:d6:6d:67:58: ed:70:51:9e:26:dd:36:fc:a3:4b:c1:8e:d3:13:23: 2b:6a:28:7c:31:0c:88:4d:dd:03:9e:f6:e5:04:bc: b2:17:c4:3f:ae:16:8b:81:99:16:80:07:f0:8c:a5: 2b:65:4c:67:4e:e9:7c:ac:83:f7:77:a6:75:07:87: 18:77:b3:33:b2:be:e3:fc:aa:e8:b6:fd:de:25:b3: c1:5a:19:16:89:07:60:8f:90:21:03:c7:35:92:99: 7e:6e:05:a0:75:f9:7b:89:55:3f:fa:9e:0f:43:44: 30:34:26:f7:33:52:58:ed:3e:cf:76:70:8a:a2:da: 46:a9:a7:e5:4f:3b:9f:08:4a:c4:6b:dc:43:b1:ed: b4:8e:b6:83:5e:4e:e8:2d:46:7a:dd:8f:19:14:82: 66:fd:9d:2d:b2:3b:19:61:5a:69:e0:96:2a:6c:3c: 8d:e6:f6:51:ae:ff:26:57:6c:b3:14:f9:e5:ac:5f: fd:14:a3:9d:e9:67:38:4b:16:4d:ac:0a:c7:ae:90: b4:47:b5:ec:93:7d:1d:dc:8d:4a:07:39:aa:2f:7f: e3:40:1e:2e:2f:13:1a:08:33:5e:6b:3d:6f:51:5a: 40:f3:1e:c3:96:b4:fa:10:74:c7:63:3e:c1:8c:6a: 54:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:95:8A:03:81:77:F6:62:4F:92:B6:2D:CE:D7:6E:B3:34:3F:00:2D X509v3 Authority Key Identifier: keyid:4B:3A:CA:3A:7C:65:2A:9F:AF:8E:4E:11:9B:D2:F7:BF:54:AF:DE:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/4B3ACA3A7C652A9FAF8E4E119BD2F7BF54AFDE76.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SzrKOnxlKp-vjk4Rm9L3v1Sv3nY.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/0d854c77-fd8b-425a-bd55-82e1d7faa782/0/352e3139392e32392e302f32342d3234203d3e2039333034.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.199.29.0/24 Signature Algorithm: sha256WithRSAEncryption 82:89:87:35:ac:a9:2b:fe:a5:00:af:fa:24:a3:cd:90:c4:75: ec:44:07:cf:f3:0d:fb:59:15:83:f8:ab:57:9a:3d:04:4d:26: 8c:c2:e4:b5:5f:c0:ec:a3:25:9c:1d:8d:69:d5:66:74:b2:e1: a6:a4:0a:04:59:31:df:c0:fe:5b:b3:99:4f:4a:ce:77:3e:e1: da:54:3f:7c:96:b5:2a:06:50:8e:98:84:06:0f:2d:70:ed:5a: a6:80:60:6f:bc:7b:b6:77:e8:4b:23:e1:bd:b9:fb:f2:ac:18: 9a:8b:41:ff:0a:41:81:a1:fc:29:cf:05:80:c2:d2:21:5a:e3: 71:6f:2b:45:d9:e4:2b:1c:80:b5:4e:0c:82:55:90:83:b5:5d: a2:42:48:13:3b:d2:cb:3b:ab:f1:a0:fe:03:0e:ae:a7:f3:44: 5e:04:da:69:9c:ae:d5:05:ff:75:55:ea:0d:11:01:0a:49:42: 14:ee:4b:c9:d7:03:08:fd:83:46:14:52:be:80:46:3f:c0:c5: 37:ca:11:c7:f7:e1:6e:41:9f:dd:82:85:73:a5:45:bd:e2:7a: 96:ad:37:08:4b:ef:11:48:3a:7c:be:b6:ec:c0:af:a8:b0:06: 01:ae:8c:a4:30:e2:e4:bc:69:f7:c8:26:2d:d9:5c:72:8d:08: 71:ad:48:28 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgIUIUB0wvsjch6eXmDwBjbcxbAWBh8wDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoNGIzYWNhM2E3YzY1MmE5ZmFmOGU0ZTExOWJkMmY3YmY1 NGFmZGU3NjAeFw0yNTEyMDgxMTI4NTZaFw0yNjEyMDcxMTMzNTZaMDMxMTAvBgNV BAMTKDE0OTU4QTAzODE3N0Y2NjI0RjkyQjYyRENFRDc2RUIzMzQzRjAwMkQwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCM0+ziLwO/ckOY1m1nWO1wUZ4m 3Tb8o0vBjtMTIytqKHwxDIhN3QOe9uUEvLIXxD+uFouBmRaAB/CMpStlTGdO6Xys g/d3pnUHhxh3szOyvuP8qui2/d4ls8FaGRaJB2CPkCEDxzWSmX5uBaB1+XuJVT/6 ng9DRDA0JvczUljtPs92cIqi2kapp+VPO58ISsRr3EOx7bSOtoNeTugtRnrdjxkU gmb9nS2yOxlhWmnglipsPI3m9lGu/yZXbLMU+eWsX/0Uo53pZzhLFk2sCseukLRH teyTfR3cjUoHOaovf+NAHi4vExoIM15rPW9RWkDzHsOWtPoQdMdjPsGMalSbAgMB AAGjggI3MIICMzAdBgNVHQ4EFgQUFJWKA4F39mJPkrYtztduszQ/AC0wHwYDVR0j BBgwFoAUSzrKOnxlKp+vjk4Rm9L3v1Sv3nYwDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzctZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFh NzgyLzAvNEIzQUNBM0E3QzY1MkE5RkFGOEU0RTExOUJEMkY3QkY1NEFGREU3Ni5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1N6cktPbnhsS3AtdmprNFJtOUwzdjFT djNuWS5jZXIwgacGCCsGAQUFBwELBIGaMIGXMIGUBggrBgEFBQcwC4aBh3JzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvMGQ4NTRjNzct ZmQ4Yi00MjVhLWJkNTUtODJlMWQ3ZmFhNzgyLzAvMzUyZTMxMzkzOTJlMzIzOTJl MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM5MzMzMDM0LnJvYTAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABccdMA0G CSqGSIb3DQEBCwUAA4IBAQCCiYc1rKkr/qUAr/oko82QxHXsRAfP8w37WRWD+KtX mj0ETSaMwuS1X8DsoyWcHY1p1WZ0suGmpAoEWTHfwP5bs5lPSs53PuHaVD98lrUq BlCOmIQGDy1w7VqmgGBvvHu2d+hLI+G9ufvyrBiai0H/CkGBofwpzwWAwtIhWuNx bytF2eQrHIC1TgyCVZCDtV2iQkgTO9LLO6vxoP4DDq6n80ReBNppnK7VBf91VeoN EQEKSUIU7kvJ1wMI/YNGFFK+gEY/wMU3yhHH9+FuQZ/dgoVzpUW94nqWrTcIS+8R SDp8vrbswK+osAYBroykMOLkvGn3yCYt2VxyjQhxrUgo -----END CERTIFICATE-----Generated at Sat Dec 20 04:20:12 2025 by rpki-client