This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/36VLbdU0YfHtOFhKlTvPhr-GKCY.roa File: 36VLbdU0YfHtOFhKlTvPhr-GKCY.roa (raw, json) Hash identifier: ah0Mz3pCFiIlopLEIS1Tng+y+TvEE5d1jtSiEFfa/Do= Subject key identifier: DF:A5:4B:6D:D5:34:61:F1:ED:38:58:4A:95:3B:CF:86:BF:86:28:26 Certificate issuer: /CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Certificate serial: 019B7D5B4E8B85958FBDACE2C39A76511F42 Authority key identifier: 62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/36VLbdU0YfHtOFhKlTvPhr-GKCY.roa Signing time: Fri 02 Jan 2026 06:18:14 +0000 ROA not before: Fri 02 Jan 2026 06:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214098 IP address blocks: 158.173.1.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.mft rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 08:31:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5b:4e:8b:85:95:8f:bd:ac:e2:c3:9a:76:51:1f:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=626a28b7c63ef6ab214a52cfa7c3e78db9a40823 Validity Not Before: Jan 2 06:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dfa54b6dd53461f1ed38584a953bcf86bf862826 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:56:95:85:4c:69:51:a9:1c:ca:43:89:70:5e: 67:2b:18:27:ed:36:27:f8:c3:1a:cb:c2:fc:f7:50: 33:d6:42:39:5b:60:fa:ff:22:ba:f2:2a:f3:f8:fe: ca:9d:ae:b6:35:c1:d1:90:0a:ca:0b:8c:7c:41:9a: 20:82:1c:8d:9a:a3:c6:ae:bc:ac:53:6b:87:e2:73: 0b:4e:4e:53:6a:7a:4e:8c:35:9d:0d:95:86:52:a3: 7d:cf:80:d1:6e:45:f0:41:16:6d:98:85:80:cd:45: bf:4c:b6:67:d8:e7:21:17:ff:d4:32:e4:64:ff:17: f5:3a:50:96:af:a4:b0:e4:92:ab:88:29:4c:9b:11: 07:c6:e6:d1:7e:e1:d6:95:6f:86:bc:c3:b6:2f:b3: a3:b2:01:a1:f7:8b:f5:06:e6:af:86:f2:08:2d:49: 33:0d:6d:4c:6b:e2:6f:c8:7f:fb:de:90:af:7d:ec: 3e:ec:03:86:2d:c4:ab:e3:aa:d5:c6:15:4d:2a:5d: f7:4c:a7:99:e8:23:5b:04:bb:79:25:fd:4e:19:f0: ef:e2:c6:9b:72:d3:9f:9f:ae:c0:6f:24:11:66:44: a0:e4:37:96:45:ef:81:c3:17:4b:18:f5:ad:38:39: cd:25:09:48:d6:c7:86:9f:76:9a:3d:60:b8:b0:7d: e7:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:A5:4B:6D:D5:34:61:F1:ED:38:58:4A:95:3B:CF:86:BF:86:28:26 X509v3 Authority Key Identifier: keyid:62:6A:28:B7:C6:3E:F6:AB:21:4A:52:CF:A7:C3:E7:8D:B9:A4:08:23 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ymoot8Y-9qshSlLPp8PnjbmkCCM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/36VLbdU0YfHtOFhKlTvPhr-GKCY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/3c0785-b273-4072-a635-d2cd26b69df1/1/Ymoot8Y-9qshSlLPp8PnjbmkCCM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 158.173.1.0/24 Signature Algorithm: sha256WithRSAEncryption 3c:9b:40:84:01:46:99:02:49:d4:c9:fd:e6:61:83:c0:2c:6b: bd:83:09:ed:11:ae:a6:4c:b7:36:db:98:61:78:7f:99:51:87: 77:cf:4b:f4:d4:d4:3b:f9:9e:77:03:b7:ef:7e:2e:1e:09:81: b8:a6:77:ca:79:3a:b7:32:81:af:60:9d:9d:22:9f:9e:6e:cf: 00:20:87:f1:c9:2c:c0:5d:b4:ab:8d:a2:98:fa:06:b8:85:b9: b3:9f:7d:98:93:71:e0:17:60:f9:08:0c:dc:a3:69:3c:1c:ed: 38:3e:83:86:b1:00:3a:52:35:df:3d:67:a6:28:14:df:b7:90: 93:24:90:e4:e9:14:52:9c:55:9e:0c:cb:8f:a0:08:01:b7:4d: b6:21:8a:b3:4c:cc:22:98:26:27:6b:19:d5:ad:98:ec:90:62: b6:9c:38:29:de:11:f7:e2:7b:a6:eb:d3:32:f2:df:62:85:be: 3f:0a:32:5a:d5:77:ab:7a:9e:48:e2:8c:8d:e3:d5:d4:3f:b1: fa:35:6e:91:8d:0e:b7:ff:a0:75:51:ac:e6:40:4f:3a:72:0a: 78:a2:22:70:e7:d3:9d:29:a8:10:25:44:79:b5:65:15:a5:34: cb:75:87:c1:d8:5a:bf:ec:3e:39:6a:9b:2b:09:d3:bd:a5:84: 3c:d6:d3:49 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9W06LhZWPvaziw5p2UR9CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYyNmEyOGI3YzYzZWY2YWIyMTRhNTJjZmE3YzNlNzhkYjlh NDA4MjMwHhcNMjYwMTAyMDYxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmE1NGI2ZGQ1MzQ2MWYxZWQzODU4NGE5NTNiY2Y4NmJmODYyODI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFaVhUxpUakcykOJcF5nKxgn7TYn +MMay8L891Az1kI5W2D6/yK68irz+P7Kna62NcHRkArKC4x8QZogghyNmqPGrrys U2uH4nMLTk5TanpOjDWdDZWGUqN9z4DRbkXwQRZtmIWAzUW/TLZn2OchF//UMuRk /xf1OlCWr6Sw5JKriClMmxEHxubRfuHWlW+GvMO2L7OjsgGh94v1BuavhvIILUkz DW1Ma+JvyH/73pCvfew+7AOGLcSr46rVxhVNKl33TKeZ6CNbBLt5Jf1OGfDv4sab ctOfn67AbyQRZkSg5DeWRe+BwxdLGPWtODnNJQlI1seGn3aaPWC4sH3nDQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN+lS23VNGHx7ThYSpU7z4a/higmMB8GA1UdIwQY MBaAFGJqKLfGPvarIUpSz6fD5425pAgjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUt ZDJjZDI2YjY5ZGYxLzEvMzZWTGJkVTBZZkh0T0ZoS2xUdlBoci1HS0NZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS8zYzA3ODUtYjI3My00MDcyLWE2MzUtZDJjZDI2YjY5ZGYx LzEvWW1vb3Q4WS05cXNoU2xMUHA4UG5qYm1rQ0NNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnq0BMA0G CSqGSIb3DQEBCwUAA4IBAQA8m0CEAUaZAknUyf3mYYPALGu9gwntEa6mTLc225hh eH+ZUYd3z0v01NQ7+Z53A7fvfi4eCYG4pnfKeTq3MoGvYJ2dIp+ebs8AIIfxySzA XbSrjaKY+ga4hbmzn32Yk3HgF2D5CAzco2k8HO04PoOGsQA6UjXfPWemKBTft5CT JJDk6RRSnFWeDMuPoAgBt022IYqzTMwimCYnaxnVrZjskGK2nDgp3hH34num69My 8t9ihb4/CjJa1Xerep5I4oyN49XUP7H6NW6RjQ63/6B1UazmQE86cgp4oiJw59Od KagQJUR5tWUVpTTLdYfB2Fq/7D45apsrCdO9pYQ81tNJ -----END CERTIFICATE-----Generated at Fri Jan 23 13:57:56 2026 by rpki-client