This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/PPitSZuRvTIuYET2fTr2uybz-Tg.roa File: PPitSZuRvTIuYET2fTr2uybz-Tg.roa (raw, json) Hash identifier: 3kuiLKHDLxUf6+yboDVRpg9YOVajrkYmPy+E5r4q0G0= Subject key identifier: 3C:F8:AD:49:9B:91:BD:32:2E:60:44:F6:7D:3A:F6:BB:26:F3:F9:38 Certificate issuer: /CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7 Certificate serial: 019B775927C03DCBCAECBB9A279173FB2D04 Authority key identifier: 85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/PPitSZuRvTIuYET2fTr2uybz-Tg.roa Signing time: Thu 01 Jan 2026 02:18:10 +0000 ROA not before: Thu 01 Jan 2026 02:18:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 57789 IP address blocks: 31.135.192.0/20 maxlen: 20 185.23.7.0/24 maxlen: 24 2a0e:64c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.crl rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.mft rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:01:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:27:c0:3d:cb:ca:ec:bb:9a:27:91:73:fb:2d:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=85802fc1d0f3e3a4462562d2f06f2b3deff8f4e7 Validity Not Before: Jan 1 02:18:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3cf8ad499b91bd322e6044f67d3af6bb26f3f938 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:31:04:95:89:8e:eb:f8:70:7a:f6:b2:f5:ca: e3:51:43:36:61:76:df:9c:c4:bf:80:b9:22:17:ec: d8:f6:79:cb:0e:7a:86:c8:14:43:b0:f3:d5:58:21: f4:b9:d4:7d:42:57:dd:b3:2d:06:f7:e8:41:fc:07: 2a:98:45:6e:ec:64:62:79:6d:84:d2:56:09:7f:48: 86:77:1a:23:3a:74:59:a5:a1:b5:b9:cf:24:51:7d: 63:cc:ff:ea:a1:38:bb:69:0e:be:67:ae:65:db:88: 15:d6:9d:36:aa:f6:32:37:b5:c1:f1:eb:b8:9a:a2: 4e:b2:c6:a7:6c:5b:f5:c1:a6:f3:d8:cd:ee:80:db: a0:dd:66:36:69:56:df:74:5a:32:7b:29:61:5c:cd: 86:9f:c6:c5:d9:b3:91:2f:49:c7:13:96:ac:2d:07: da:5f:f5:5c:cf:e0:1c:07:a8:18:64:d0:40:4d:ef: e2:15:c8:bc:3c:64:31:af:b0:f1:d1:da:fd:0f:af: 28:6a:8b:8d:b3:83:a5:bc:4e:1a:18:ec:b2:3e:d6: 95:43:6c:0d:58:90:be:3a:f6:1c:36:d8:8e:eb:38: a1:36:9a:d3:77:10:c2:95:a0:64:e3:48:3b:f8:5b: 1e:86:85:38:8a:b8:6c:9a:db:dd:1a:ce:d6:50:f3: 61:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:F8:AD:49:9B:91:BD:32:2E:60:44:F6:7D:3A:F6:BB:26:F3:F9:38 X509v3 Authority Key Identifier: keyid:85:80:2F:C1:D0:F3:E3:A4:46:25:62:D2:F0:6F:2B:3D:EF:F8:F4:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hYAvwdDz46RGJWLS8G8rPe_49Oc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/PPitSZuRvTIuYET2fTr2uybz-Tg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/af8b29-b1af-4cf6-bf16-b05832bc6962/1/hYAvwdDz46RGJWLS8G8rPe_49Oc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.135.192.0/20 185.23.7.0/24 IPv6: 2a0e:64c0::/29 Signature Algorithm: sha256WithRSAEncryption 84:f7:6d:4e:d4:6b:64:dc:9c:80:41:2c:d5:02:9f:a6:d8:b5: 95:7d:0a:e3:ac:6d:f4:c7:a4:5a:2f:ca:7e:33:71:e9:1b:61: 53:6a:38:4f:6f:f8:d4:2c:48:ee:58:c1:cd:84:b5:39:60:0b: a7:7d:cb:f0:20:92:25:00:72:ae:c5:2f:f8:c2:4d:3d:d0:f2: 06:15:f4:cd:50:4e:22:eb:bf:00:87:e7:3e:ae:96:cf:74:0a: 3e:96:87:14:6c:83:d4:95:91:75:2c:b1:f1:a9:88:32:4d:26: f5:26:eb:98:d6:a7:45:a8:3b:04:ea:51:7c:b4:12:57:01:32: e3:6c:0f:a8:95:e3:46:49:c7:f5:21:2c:3f:f6:0d:6a:ee:a0: 35:e1:29:93:4b:1b:67:bc:22:28:2e:37:b4:2d:6c:67:f0:f4: 7d:db:d5:30:98:d8:45:89:b7:23:ab:7f:f2:35:64:09:0f:b1: 14:d4:af:c3:f3:30:de:98:8c:5e:73:fe:9b:79:ff:fc:9c:10: 86:11:e3:85:0b:98:43:73:96:bc:6c:65:8d:31:fe:30:8c:64: ea:77:00:fc:46:5a:55:33:f2:59:e1:13:f5:52:60:e7:66:e5: 15:fc:5d:5c:e4:44:b5:8f:7f:51:d3:e6:8c:14:e1:ee:67:80: e0:32:98:4f -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt3WSfAPcvK7LuaJ5Fz+y0EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1ODAyZmMxZDBmM2UzYTQ0NjI1NjJkMmYwNmYyYjNkZWZm OGY0ZTcwHhcNMjYwMTAxMDIxODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzY2Y4YWQ0OTliOTFiZDMyMmU2MDQ0ZjY3ZDNhZjZiYjI2ZjNmOTM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDEElYmO6/hwevay9crjUUM2YXbf nMS/gLkiF+zY9nnLDnqGyBRDsPPVWCH0udR9Qlfdsy0G9+hB/AcqmEVu7GRieW2E 0lYJf0iGdxojOnRZpaG1uc8kUX1jzP/qoTi7aQ6+Z65l24gV1p02qvYyN7XB8eu4 mqJOssanbFv1wabz2M3ugNug3WY2aVbfdFoyeylhXM2Gn8bF2bORL0nHE5asLQfa X/Vcz+AcB6gYZNBATe/iFci8PGQxr7Dx0dr9D68oaouNs4OlvE4aGOyyPtaVQ2wN WJC+OvYcNtiO6zihNprTdxDClaBk40g7+FsehoU4irhsmtvdGs7WUPNhvwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFDz4rUmbkb0yLmBE9n069rsm8/k4MB8GA1UdIwQY MBaAFIWAL8HQ8+OkRiVi0vBvKz3v+PTnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYt YjA1ODMyYmM2OTYyLzEvUFBpdFNadVJ2VEl1WUVUMmZUcjJ1eWJ6LVRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9hZjhiMjktYjFhZi00Y2Y2LWJmMTYtYjA1ODMyYmM2OTYy LzEvaFlBdndkRHo0NlJHSldMUzhHOHJQZV80OU9jLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEH4fAAwQA uRcHMA0EAgACMAcDBQMqDmTAMA0GCSqGSIb3DQEBCwUAA4IBAQCE921O1Gtk3JyA QSzVAp+m2LWVfQrjrG30x6RaL8p+M3HpG2FTajhPb/jULEjuWMHNhLU5YAunfcvw IJIlAHKuxS/4wk090PIGFfTNUE4i678Ah+c+rpbPdAo+locUbIPUlZF1LLHxqYgy TSb1JuuY1qdFqDsE6lF8tBJXATLjbA+oleNGScf1ISw/9g1q7qA14SmTSxtnvCIo Lje0LWxn8PR929UwmNhFibcjq3/yNWQJD7EU1K/D8zDemIxec/6bef/8nBCGEeOF C5hDc5a8bGWNMf4wjGTqdwD8RlpVM/JZ4RP1UmDnZuUV/F1c5ES1j39R0+aMFOHu Z4DgMphP -----END CERTIFICATE-----Generated at Tue Feb 10 01:44:17 2026 by rpki-client