This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/3uUdC3qqQNH1_dT0n-HK8fBBniQ.roa File: 3uUdC3qqQNH1_dT0n-HK8fBBniQ.roa (raw, json) Hash identifier: UQYOsde53G7aaoc7Sep9TNvii9QGeiprFatc1ldKcwI= Subject key identifier: DE:E5:1D:0B:7A:AA:40:D1:F5:FD:D4:F4:9F:E1:CA:F1:F0:41:9E:24 Certificate issuer: /CN=1cfb6df93375a06c5682c057c0fd2a7306218a54 Certificate serial: 019B7F14735598A7906BE3174308A2C32D43 Authority key identifier: 1C:FB:6D:F9:33:75:A0:6C:56:82:C0:57:C0:FD:2A:73:06:21:8A:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPtt-TN1oGxWgsBXwP0qcwYhilQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/3uUdC3qqQNH1_dT0n-HK8fBBniQ.roa Signing time: Fri 02 Jan 2026 14:20:05 +0000 ROA not before: Fri 02 Jan 2026 14:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62138 IP address blocks: 185.45.20.0/22 maxlen: 22 2a01:79a0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/HPtt-TN1oGxWgsBXwP0qcwYhilQ.crl rsync://rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/HPtt-TN1oGxWgsBXwP0qcwYhilQ.mft rsync://rpki.ripe.net/repository/DEFAULT/HPtt-TN1oGxWgsBXwP0qcwYhilQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:01:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:73:55:98:a7:90:6b:e3:17:43:08:a2:c3:2d:43 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1cfb6df93375a06c5682c057c0fd2a7306218a54 Validity Not Before: Jan 2 14:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dee51d0b7aaa40d1f5fdd4f49fe1caf1f0419e24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:e2:79:89:57:e9:f6:5c:2f:32:ea:a6:b6:6a: 75:7c:74:5d:a7:26:e5:55:41:62:40:f3:55:0e:02: a4:f6:4e:89:a6:b0:e1:a4:b9:a4:d3:8d:1a:02:88: c4:68:42:07:5d:1e:98:11:5f:08:95:dc:0a:46:1e: 2a:d9:0c:73:b5:e1:a0:08:0f:2c:d7:5f:b3:e1:d6: 44:47:4e:09:05:06:a0:48:18:9f:ae:f1:ad:45:47: fc:2e:de:cd:69:b9:e1:10:cd:13:b6:6e:08:5b:8f: 95:53:9a:69:a5:a3:72:46:f0:96:a8:55:25:46:3d: df:46:91:a5:8b:65:39:9f:99:99:5a:5b:48:3d:3f: 95:41:ac:49:82:36:1c:61:e6:e7:8a:1a:49:3c:a5: 23:db:ef:96:a7:22:a5:be:ba:a2:2f:e7:97:54:52: 3b:f0:b2:2e:08:b8:11:3d:c3:40:d3:ca:a6:ab:d9: 74:99:ed:2f:e8:42:10:1a:53:04:0b:d5:ea:2f:cc: 8e:96:d2:b9:78:d8:f3:da:42:dd:a4:43:03:9a:18: 11:07:f7:a3:5b:d1:38:89:96:24:81:1a:39:a1:8d: 19:6e:68:7c:34:1e:de:82:cc:d5:27:de:51:b8:d3: 36:f8:06:ed:f8:36:4a:5c:c4:0e:39:70:34:ee:28: ad:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:E5:1D:0B:7A:AA:40:D1:F5:FD:D4:F4:9F:E1:CA:F1:F0:41:9E:24 X509v3 Authority Key Identifier: keyid:1C:FB:6D:F9:33:75:A0:6C:56:82:C0:57:C0:FD:2A:73:06:21:8A:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPtt-TN1oGxWgsBXwP0qcwYhilQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/3uUdC3qqQNH1_dT0n-HK8fBBniQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/fbadff-75d7-4cba-9735-66ec2eaf646f/1/HPtt-TN1oGxWgsBXwP0qcwYhilQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.45.20.0/22 IPv6: 2a01:79a0::/32 Signature Algorithm: sha256WithRSAEncryption 5a:bc:12:19:28:b0:bf:d2:49:a1:76:e2:71:50:e2:90:3c:50: d8:68:39:14:e0:25:0b:71:e1:4f:50:00:05:b0:cd:bd:3d:25: 87:bb:10:68:bd:a0:65:a4:56:7c:ee:0c:1f:1f:ac:38:69:46: c5:b1:34:1c:60:af:d7:43:9e:ec:eb:5b:ef:55:8b:86:ae:5d: 04:69:d6:00:1a:a7:cd:bf:7e:0a:29:ae:85:c0:49:25:50:6a: 7a:53:e1:61:9e:26:70:b8:a2:21:79:6a:2e:a8:72:5f:c1:fc: 3a:0b:f6:bf:06:9a:61:50:57:6c:c6:0d:20:44:79:57:d7:b4: 46:53:b6:d6:6e:52:13:33:c9:70:a6:69:be:d6:8e:0c:d4:1a: e0:7c:44:6f:99:00:2c:c4:ea:98:5c:16:4b:58:2b:76:c7:89: 11:5a:db:c5:5d:ea:4e:e2:4d:e4:f7:64:b6:43:21:56:77:dd: f8:0f:77:05:61:61:ac:9a:73:39:dd:43:5b:13:ee:24:87:1b: 65:45:9e:38:37:2e:06:b1:ba:4d:bd:b2:a9:fe:85:9c:7a:5e: 47:85:32:6b:d1:3a:a0:72:48:c0:9e:54:2c:20:b1:b2:b6:a0: 0c:91:3e:bb:41:1e:e0:a5:15:07:05:bb:e9:3c:15:6e:82:5b: 15:1e:1f:ba -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/FHNVmKeQa+MXQwiiwy1DMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFjZmI2ZGY5MzM3NWEwNmM1NjgyYzA1N2MwZmQyYTczMDYy MThhNTQwHhcNMjYwMTAyMTQyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWU1MWQwYjdhYWE0MGQxZjVmZGQ0ZjQ5ZmUxY2FmMWYwNDE5ZTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeJ5iVfp9lwvMuqmtmp1fHRdpybl VUFiQPNVDgKk9k6JprDhpLmk040aAojEaEIHXR6YEV8IldwKRh4q2QxzteGgCA8s 11+z4dZER04JBQagSBifrvGtRUf8Lt7NabnhEM0Ttm4IW4+VU5pppaNyRvCWqFUl Rj3fRpGli2U5n5mZWltIPT+VQaxJgjYcYebnihpJPKUj2++WpyKlvrqiL+eXVFI7 8LIuCLgRPcNA08qmq9l0me0v6EIQGlMEC9XqL8yOltK5eNjz2kLdpEMDmhgRB/ej W9E4iZYkgRo5oY0Zbmh8NB7egszVJ95RuNM2+Abt+DZKXMQOOXA07iitvQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFN7lHQt6qkDR9f3U9J/hyvHwQZ4kMB8GA1UdIwQY MBaAFBz7bfkzdaBsVoLAV8D9KnMGIYpUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSFB0dC1UTjFvR3hXZ3NCWHdQMHFjd1loaWxRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mYmFkZmYtNzVkNy00Y2JhLTk3MzUt NjZlYzJlYWY2NDZmLzEvM3VVZEMzcXFRTkgxX2RUMG4tSEs4ZkJCbmlRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi9mYmFkZmYtNzVkNy00Y2JhLTk3MzUtNjZlYzJlYWY2NDZm LzEvSFB0dC1UTjFvR3hXZ3NCWHdQMHFjd1loaWxRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuS0UMA0E AgACMAcDBQAqAXmgMA0GCSqGSIb3DQEBCwUAA4IBAQBavBIZKLC/0kmhduJxUOKQ PFDYaDkU4CULceFPUAAFsM29PSWHuxBovaBlpFZ87gwfH6w4aUbFsTQcYK/XQ57s 61vvVYuGrl0EadYAGqfNv34KKa6FwEklUGp6U+FhniZwuKIheWouqHJfwfw6C/a/ BpphUFdsxg0gRHlX17RGU7bWblITM8lwpmm+1o4M1BrgfERvmQAsxOqYXBZLWCt2 x4kRWtvFXepO4k3k92S2QyFWd934D3cFYWGsmnM53UNbE+4khxtlRZ44Ny4GsbpN vbKp/oWcel5HhTJr0TqgckjAnlQsILGytqAMkT67QR7gpRUHBbvpPBVuglsVHh+6 -----END CERTIFICATE-----Generated at Mon Feb 9 20:10:12 2026 by rpki-client