This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/M3DwLkdZ4U5SO6WeKhfSjchcFqQ.roa File: M3DwLkdZ4U5SO6WeKhfSjchcFqQ.roa (raw, json) Hash identifier: GytdW9ktv5N5mIUsOefVAFMWXbdLbqFMuWoFw+Cxm4Y= Subject key identifier: 33:70:F0:2E:47:59:E1:4E:52:3B:A5:9E:2A:17:D2:8D:C8:5C:16:A4 Certificate issuer: /CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647 Certificate serial: 019B7AC79EEB9D35DB80ABEAB54CE0C73D07 Authority key identifier: 09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/M3DwLkdZ4U5SO6WeKhfSjchcFqQ.roa Signing time: Thu 01 Jan 2026 18:17:41 +0000 ROA not before: Thu 01 Jan 2026 18:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 7 IP address blocks: 192.35.94.0/24 maxlen: 32 192.67.43.0/24 maxlen: 32 194.32.69.0/24 maxlen: 32 194.32.218.0/23 maxlen: 32 194.34.138.0/24 maxlen: 32 194.61.92.0/23 maxlen: 32 2a0b:3b40::/29 maxlen: 128 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.mft rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c7:9e:eb:9d:35:db:80:ab:ea:b5:4c:e0:c7:3d:07 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=096c3e8654fe87bdab4711d776e44b4f0cd1b647 Validity Not Before: Jan 1 18:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3370f02e4759e14e523ba59e2a17d28dc85c16a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:7e:eb:1a:4f:e5:48:82:34:a0:ce:8d:fb:8d: 86:83:fd:13:42:05:b3:50:e4:2f:fe:59:64:5c:f3: af:65:e5:9a:b7:b5:88:61:90:cb:4e:20:38:34:ed: e0:ec:ed:35:ab:39:61:d9:c7:c4:9b:28:91:12:45: 12:9a:9d:23:61:cc:dd:52:7c:d6:98:08:bd:3b:4c: e1:9a:26:9f:2a:06:51:14:1b:53:12:76:d4:82:57: a4:c6:11:e8:03:fc:a6:23:75:80:50:7a:9e:c6:7b: 4f:63:6a:0c:a9:3c:69:92:7a:ac:f2:b0:62:66:5f: 15:86:b8:32:4b:c9:9f:26:ac:f2:bf:79:ba:e9:4e: de:ce:f1:44:fd:f7:cc:eb:51:00:fc:2c:0c:cb:5f: 22:63:f4:e2:47:e5:81:49:9b:6b:82:ad:11:de:e7: 46:cf:03:6e:a7:75:a7:b2:7d:a4:1d:ae:6d:29:7c: 35:a8:27:f1:88:ab:7a:a7:8d:95:c7:b7:8b:79:79: 3c:69:2c:5a:fa:19:56:32:87:51:dd:99:18:cb:c4: fd:6f:e5:cb:fa:2c:99:cd:00:36:45:b8:f3:ec:88: 21:3f:cd:8f:4e:70:9b:2e:1f:d1:54:24:00:3a:c7: 8d:aa:ed:c3:4f:eb:77:36:36:09:e2:8b:fc:e2:93: 97:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:70:F0:2E:47:59:E1:4E:52:3B:A5:9E:2A:17:D2:8D:C8:5C:16:A4 X509v3 Authority Key Identifier: keyid:09:6C:3E:86:54:FE:87:BD:AB:47:11:D7:76:E4:4B:4F:0C:D1:B6:47 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWw-hlT-h72rRxHXduRLTwzRtkc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/M3DwLkdZ4U5SO6WeKhfSjchcFqQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/04/625e0e-eba8-4e88-a021-4e7d5848de00/1/CWw-hlT-h72rRxHXduRLTwzRtkc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.35.94.0/24 192.67.43.0/24 194.32.69.0/24 194.32.218.0/23 194.34.138.0/24 194.61.92.0/23 IPv6: 2a0b:3b40::/29 Signature Algorithm: sha256WithRSAEncryption 7a:16:48:37:c1:ed:9e:96:44:1c:c1:b9:a4:2c:a5:ed:94:46: b9:39:8b:7b:57:02:03:65:a2:c7:58:b9:1e:7e:cf:f5:31:18: de:dc:23:49:0e:c0:45:9c:8a:79:6c:0e:38:43:ad:64:41:09: 20:39:a6:25:09:1e:1d:05:6c:1b:38:9d:ee:2b:26:57:23:8d: db:2e:f9:df:df:27:41:91:01:c6:15:13:60:b3:8a:07:32:e7: 45:0f:95:cb:33:5e:a0:c8:2d:d3:b3:7e:e2:f8:42:91:c6:52: 30:3b:e7:46:78:63:b9:02:0b:c8:47:86:6f:f9:9d:8b:2f:31: e4:62:bb:52:7f:8c:7a:3e:7e:b6:59:47:d8:98:9e:47:10:f9: c1:7e:1d:26:9e:17:78:8c:9b:d5:bf:03:cb:cf:a1:e1:62:a9: 45:4e:f3:83:10:0d:c3:26:dd:07:6c:c4:fc:c3:dc:da:d8:82: 08:64:96:18:24:8b:75:b6:9f:5b:e4:0a:06:ec:69:80:98:f0: 8d:6c:01:ba:4c:c0:5a:ab:bc:c0:57:6f:ae:5e:8a:17:0b:70: 36:a1:d0:50:eb:23:84:4e:a0:30:a5:9d:28:53:80:27:d0:25: 24:8c:cc:d4:ff:b4:e6:db:a6:81:26:21:66:12:7b:24:c9:26: 78:7c:02:b5 -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt6x57rnTXbgKvqtUzgxz0HMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA5NmMzZTg2NTRmZTg3YmRhYjQ3MTFkNzc2ZTQ0YjRmMGNk MWI2NDcwHhcNMjYwMTAxMTgxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzMzcwZjAyZTQ3NTllMTRlNTIzYmE1OWUyYTE3ZDI4ZGM4NWMxNmE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo37rGk/lSII0oM6N+42Gg/0TQgWz UOQv/llkXPOvZeWat7WIYZDLTiA4NO3g7O01qzlh2cfEmyiREkUSmp0jYczdUnzW mAi9O0zhmiafKgZRFBtTEnbUglekxhHoA/ymI3WAUHqexntPY2oMqTxpknqs8rBi Zl8VhrgyS8mfJqzyv3m66U7ezvFE/ffM61EA/CwMy18iY/TiR+WBSZtrgq0R3udG zwNup3Wnsn2kHa5tKXw1qCfxiKt6p42Vx7eLeXk8aSxa+hlWModR3ZkYy8T9b+XL +iyZzQA2Rbjz7IghP82PTnCbLh/RVCQAOseNqu3DT+t3NjYJ4ov84pOX/QIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFDNw8C5HWeFOUjulnioX0o3IXBakMB8GA1UdIwQY MBaAFAlsPoZU/oe9q0cR13bkS08M0bZHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEt NGU3ZDU4NDhkZTAwLzEvTTNEd0xrZFo0VTVTTzZXZUtoZlNqY2hjRnFRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wNC82MjVlMGUtZWJhOC00ZTg4LWEwMjEtNGU3ZDU4NDhkZTAw LzEvQ1d3LWhsVC1oNzJyUnhIWGR1UkxUd3pSdGtjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAwCNeAwQA wEMrAwQAwiBFAwQBwiDaAwQAwiKKAwQBwj1cMA0EAgACMAcDBQMqCztAMA0GCSqG SIb3DQEBCwUAA4IBAQB6Fkg3we2elkQcwbmkLKXtlEa5OYt7VwIDZaLHWLkefs/1 MRje3CNJDsBFnIp5bA44Q61kQQkgOaYlCR4dBWwbOJ3uKyZXI43bLvnf3ydBkQHG FRNgs4oHMudFD5XLM16gyC3Ts37i+EKRxlIwO+dGeGO5AgvIR4Zv+Z2LLzHkYrtS f4x6Pn62WUfYmJ5HEPnBfh0mnhd4jJvVvwPLz6HhYqlFTvODEA3DJt0HbMT8w9za 2IIIZJYYJIt1tp9b5AoG7GmAmPCNbAG6TMBaq7zAV2+uXooXC3A2odBQ6yOETqAw pZ0oU4An0CUkjMzU/7Tm26aBJiFmEnskySZ4fAK1 -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:32 2026 by rpki-client