This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa File: 326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa (raw, json) Hash identifier: HvvXHcb+W+5HBFJKf1QLCy/60NSa6ZDrL0Z//tXBT34= Subject key identifier: B4:5F:50:B4:D0:D0:BD:C4:1A:D6:21:15:E3:7C:F4:9E:81:63:9D:A0 Certificate issuer: /CN=f1d0572fe72991bd32854bac716676ebdad22ace Certificate serial: 70B5ADD03B8F842694D3CFE6D7AF3B5C2A6226E3 Authority key identifier: F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa Signing time: Mon 03 Nov 2025 19:08:57 +0000 ROA not before: Mon 03 Nov 2025 19:03:57 +0000 ROA not after: Mon 02 Nov 2026 19:08:57 +0000 asID: 13335 IP address blocks: 2a13:9644:4000::/40 maxlen: 48 Validation: OK Signature path: rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.mft rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 22 Dec 2025 04:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 70:b5:ad:d0:3b:8f:84:26:94:d3:cf:e6:d7:af:3b:5c:2a:62:26:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f1d0572fe72991bd32854bac716676ebdad22ace Validity Not Before: Nov 3 19:03:57 2025 GMT Not After : Nov 2 19:08:57 2026 GMT Subject: CN=B45F50B4D0D0BDC41AD62115E37CF49E81639DA0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:89:56:ff:73:b6:b0:bd:04:cd:e4:30:06:64: 8c:47:d0:31:c9:ed:19:99:5f:71:3e:4f:1d:97:5c: 56:01:d0:94:69:e3:79:cb:a8:9a:d4:33:bb:02:50: 94:37:41:c3:0f:e2:47:c7:4d:bb:ca:1f:a8:27:06: 9a:c3:6d:64:ed:98:49:ab:6f:6d:90:8e:dc:d6:0c: 13:ac:b4:89:fe:df:63:c3:ee:fb:4d:25:48:5b:de: 50:c4:95:52:24:75:e4:43:f0:d1:28:db:ee:28:8d: 1a:52:7c:e7:68:39:9a:b0:d8:61:72:1c:88:5a:ff: 07:2c:b0:bc:00:eb:67:bd:0c:ef:8e:dd:e5:b7:04: 3f:bd:b9:79:a5:f9:3c:6d:8d:71:77:3c:33:21:70: 09:84:93:c8:d2:e1:26:16:d7:47:a0:a1:d1:00:30: 97:53:00:eb:ba:7f:d0:41:12:81:a5:9d:c1:61:df: 1f:39:48:01:34:77:d6:df:af:b8:d4:f7:76:bb:aa: 4b:05:b9:49:fa:70:e6:8c:35:df:12:cc:da:56:de: d3:d3:b0:7d:69:f7:1f:0b:6e:83:e6:e3:4e:f8:c4: e3:de:79:97:b4:3b:67:ea:e9:6e:0c:6f:22:20:05: 36:73:f9:4a:9e:33:bd:d3:50:11:1d:aa:15:02:26: 5c:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B4:5F:50:B4:D0:D0:BD:C4:1A:D6:21:15:E3:7C:F4:9E:81:63:9D:A0 X509v3 Authority Key Identifier: keyid:F1:D0:57:2F:E7:29:91:BD:32:85:4B:AC:71:66:76:EB:DA:D2:2A:CE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/F1D0572FE72991BD32854BAC716676EBDAD22ACE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dBXL-cpkb0yhUuscWZ269rSKs4.cer Subject Information Access: Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/e30de84b-400a-4fd1-ab8a-e7616e245b49/0/326131333a393634343a343030303a3a2f34302d3438203d3e203133333335.roa X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:9644:4000::/40 Signature Algorithm: sha256WithRSAEncryption cb:1b:41:f4:85:07:3e:6f:4d:cf:60:66:0e:ff:4a:9e:9d:c5: ed:ef:86:bb:b2:ce:99:e5:44:83:e3:fc:34:66:66:99:04:76: 7c:fb:77:af:4b:59:1b:d9:f3:1f:c4:8c:d9:e3:53:a7:e2:ee: c3:52:68:6f:f9:39:90:1f:db:e8:53:f0:49:89:cf:31:f5:27: 5d:3e:4d:7a:67:5e:70:65:9e:74:7b:e3:1b:2f:93:15:32:4a: 98:21:4a:b2:7c:87:96:9a:b5:32:5b:a4:30:06:12:a0:62:16: 1e:0a:57:58:64:06:1f:81:bc:58:59:2f:b4:e6:56:b1:c2:b1: 70:a7:06:14:86:5f:90:ef:a5:88:fb:f0:c8:12:58:1e:42:ce: 9b:6b:b8:d0:1f:65:52:28:0c:de:cf:07:69:ad:95:89:95:53: 8b:84:0d:96:9c:3b:c4:1d:8b:14:ff:44:8f:2a:cb:71:3f:92: 87:d9:57:fa:00:e1:99:fd:c5:67:43:65:e3:95:c2:36:fd:01: 68:0f:e3:7d:7b:37:02:37:58:ac:ca:28:2a:64:55:28:12:20: 19:98:2e:47:26:9a:c7:72:58:07:04:85:c8:d4:af:e6:3a:11: dc:10:b5:de:c8:41:73:d3:7a:75:66:e6:b1:9d:76:1c:9e:66: 9f:ad:56:ec -----BEGIN CERTIFICATE----- MIIFPTCCBCWgAwIBAgIUcLWt0DuPhCaU08/m1687XCpiJuMwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoZjFkMDU3MmZlNzI5OTFiZDMyODU0YmFjNzE2Njc2ZWJk YWQyMmFjZTAeFw0yNTExMDMxOTAzNTdaFw0yNjExMDIxOTA4NTdaMDMxMTAvBgNV BAMTKEI0NUY1MEI0RDBEMEJEQzQxQUQ2MjExNUUzN0NGNDlFODE2MzlEQTAwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRiVb/c7awvQTN5DAGZIxH0DHJ 7RmZX3E+Tx2XXFYB0JRp43nLqJrUM7sCUJQ3QcMP4kfHTbvKH6gnBprDbWTtmEmr b22QjtzWDBOstIn+32PD7vtNJUhb3lDElVIkdeRD8NEo2+4ojRpSfOdoOZqw2GFy HIha/wcssLwA62e9DO+O3eW3BD+9uXml+TxtjXF3PDMhcAmEk8jS4SYW10egodEA MJdTAOu6f9BBEoGlncFh3x85SAE0d9bfr7jU93a7qksFuUn6cOaMNd8SzNpW3tPT sH1p9x8LboPm4074xOPeeZe0O2fq6W4MbyIgBTZz+UqeM73TUBEdqhUCJlzDAgMB AAGjggJHMIICQzAdBgNVHQ4EFgQUtF9QtNDQvcQa1iEV43z0noFjnaAwHwYDVR0j BBgwFoAU8dBXL+cpkb0yhUuscWZ269rSKs4wDgYDVR0PAQH/BAQDAgeAMIGVBgNV HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvZTMwZGU4NGItNDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1 YjQ5LzAvRjFEMDU3MkZFNzI5OTFCRDMyODU0QkFDNzE2Njc2RUJEQUQyMkFDRS5j cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzhkQlhMLWNwa2IweWhVdXNjV1oyNjly U0tzNC5jZXIwgbUGCCsGAQUFBwELBIGoMIGlMIGiBggrBgEFBQcwC4aBlXJzeW5j Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZTMwZGU4NGIt NDAwYS00ZmQxLWFiOGEtZTc2MTZlMjQ1YjQ5LzAvMzI2MTMxMzMzYTM5MzYzNDM0 M2EzNDMwMzAzMDNhM2EyZjM0MzAyZDM0MzgyMDNkM2UyMDMxMzMzMzMzMzUucm9h MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E AgACMAgDBgAqE5ZEQDANBgkqhkiG9w0BAQsFAAOCAQEAyxtB9IUHPm9Nz2BmDv9K np3F7e+Gu7LOmeVEg+P8NGZmmQR2fPt3r0tZG9nzH8SM2eNTp+Luw1Job/k5kB/b 6FPwSYnPMfUnXT5NemdecGWedHvjGy+TFTJKmCFKsnyHlpq1MlukMAYSoGIWHgpX WGQGH4G8WFkvtOZWscKxcKcGFIZfkO+liPvwyBJYHkLOm2u40B9lUigM3s8Haa2V iZVTi4QNlpw7xB2LFP9EjyrLcT+Sh9lX+gDhmf3FZ0Nl45XCNv0BaA/jfXs3AjdY rMooKmRVKBIgGZguRyaax3JYBwSFyNSv5joR3BC13shBc9N6dWbmsZ12HJ5mn61W 7A== -----END CERTIFICATE-----Generated at Sun Dec 21 13:37:55 2025 by rpki-client