This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/Cx3L6stT48ESFPU7dsSwev_71rM.roa File: Cx3L6stT48ESFPU7dsSwev_71rM.roa (raw, json) Hash identifier: qfJbE21IlMxNOU9ikBVG55ZmDtmkEW1ywFQa88RaFu0= Subject key identifier: 0B:1D:CB:EA:CB:53:E3:C1:12:14:F5:3B:76:C4:B0:7A:FF:FB:D6:B3 Certificate issuer: /CN=861c67bdb6d8c230fcdb427a9f71b80135872fc2 Certificate serial: 019B797E265A321FA2DCBA7695986A763EE8 Authority key identifier: 86:1C:67:BD:B6:D8:C2:30:FC:DB:42:7A:9F:71:B8:01:35:87:2F:C2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hhxnvbbYwjD820J6n3G4ATWHL8I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/Cx3L6stT48ESFPU7dsSwev_71rM.roa Signing time: Thu 01 Jan 2026 12:17:48 +0000 ROA not before: Thu 01 Jan 2026 12:17:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41960 IP address blocks: 185.17.60.0/22 maxlen: 24 185.238.52.0/22 maxlen: 24 185.241.76.0/22 maxlen: 24 193.221.114.0/24 maxlen: 24 195.140.240.0/22 maxlen: 24 2a03:e0c0::/32 maxlen: 48 2a0c:2680::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/hhxnvbbYwjD820J6n3G4ATWHL8I.crl rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/hhxnvbbYwjD820J6n3G4ATWHL8I.mft rsync://rpki.ripe.net/repository/DEFAULT/hhxnvbbYwjD820J6n3G4ATWHL8I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:26:5a:32:1f:a2:dc:ba:76:95:98:6a:76:3e:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=861c67bdb6d8c230fcdb427a9f71b80135872fc2 Validity Not Before: Jan 1 12:17:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b1dcbeacb53e3c11214f53b76c4b07afffbd6b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:e0:24:46:3f:f9:2a:fc:8f:77:a3:18:41:da: e1:5e:98:c0:e2:e2:5a:8a:3e:a8:85:90:78:de:8f: cc:48:3e:8a:4d:ef:47:8d:3e:cc:15:81:b6:63:82: 72:d2:2d:60:c1:9b:aa:b1:08:34:9d:b9:d9:ce:c6: 60:b0:4d:bf:f9:f8:48:44:ae:37:98:08:ad:c4:eb: 87:e0:17:79:52:d9:49:38:fe:59:7f:8e:ca:c4:93: c5:95:6a:01:00:a5:4f:81:87:20:10:b5:83:7c:fb: 84:2f:76:d5:49:12:33:89:9d:f4:a7:88:8f:f6:0c: 45:8c:fc:c3:72:c1:40:fe:b7:4c:f9:e5:f5:bc:60: c1:f8:60:8d:05:01:3a:ac:fa:72:20:49:35:3f:ca: 04:27:0c:9c:f0:7f:2b:0c:02:dc:ae:60:b4:61:34: b2:3c:8c:e5:d9:17:7b:8e:4a:f1:fe:e9:45:71:d7: 5e:aa:53:ac:94:27:1c:4c:5c:e2:a8:6e:1d:52:6b: f7:6f:d5:9b:ac:a3:74:3e:21:2c:d9:07:a6:95:67: 57:cc:7f:63:2a:ea:2b:ef:82:c1:0d:50:3c:54:a3: eb:30:6d:da:31:13:30:14:7b:74:d7:2c:8f:f9:29: 81:ec:2b:01:77:fd:22:3b:ce:8e:fd:b5:4c:7c:60: 2d:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:1D:CB:EA:CB:53:E3:C1:12:14:F5:3B:76:C4:B0:7A:FF:FB:D6:B3 X509v3 Authority Key Identifier: keyid:86:1C:67:BD:B6:D8:C2:30:FC:DB:42:7A:9F:71:B8:01:35:87:2F:C2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hhxnvbbYwjD820J6n3G4ATWHL8I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/Cx3L6stT48ESFPU7dsSwev_71rM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/8a115b-3859-4759-85ae-fb853c65334a/1/hhxnvbbYwjD820J6n3G4ATWHL8I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.17.60.0/22 185.238.52.0/22 185.241.76.0/22 193.221.114.0/24 195.140.240.0/22 IPv6: 2a03:e0c0::/32 2a0c:2680::/29 Signature Algorithm: sha256WithRSAEncryption 11:c1:2e:eb:73:fc:a3:8d:8b:51:f7:41:ab:d0:16:49:8a:b3: 20:64:a4:d6:cf:ba:fb:9c:0f:a6:72:2f:d1:c5:49:57:69:77: 5e:44:bb:cf:33:9c:45:d6:82:5d:79:6b:50:d1:e0:01:6b:cb: 52:10:bf:57:85:1d:ee:92:a0:19:cc:f9:40:21:dc:6d:f4:82: 41:d5:ab:da:3f:da:22:89:be:79:38:3a:80:13:ce:64:00:2c: 2d:b3:b0:9b:1f:3e:11:9f:b8:0c:ee:bb:e2:91:27:5d:ac:2c: 6b:35:8b:22:6a:b1:7d:0a:91:8d:cb:61:a4:25:8d:bd:0b:80: 77:db:dd:51:d0:01:52:7f:a5:2c:77:c0:29:7d:13:2d:25:df: 75:e8:39:d4:ab:e4:63:36:89:01:41:8e:7f:21:b5:d7:ad:3c: 66:58:57:8a:0f:1a:3e:88:a8:ce:88:c1:91:95:69:e3:e8:96: bc:76:b6:b1:08:50:87:ff:7d:e7:2d:37:06:c4:76:9d:08:29: 0d:de:46:d4:8a:25:c1:37:64:35:eb:48:5a:c0:a9:db:e0:97: 76:a9:ca:fc:48:23:ba:5f:07:2d:70:ab:58:81:04:19:c4:2a: 82:ef:c9:61:a4:fc:e6:aa:60:ee:ec:0c:a0:04:12:d4:a0:05: 23:8f:27:9f -----BEGIN CERTIFICATE----- MIIFKzCCBBOgAwIBAgISAZt5fiZaMh+i3Lp2lZhqdj7oMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg2MWM2N2JkYjZkOGMyMzBmY2RiNDI3YTlmNzFiODAxMzU4 NzJmYzIwHhcNMjYwMTAxMTIxNzQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjFkY2JlYWNiNTNlM2MxMTIxNGY1M2I3NmM0YjA3YWZmZmJkNmIzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuAkRj/5KvyPd6MYQdrhXpjA4uJa ij6ohZB43o/MSD6KTe9HjT7MFYG2Y4Jy0i1gwZuqsQg0nbnZzsZgsE2/+fhIRK43 mAitxOuH4Bd5UtlJOP5Zf47KxJPFlWoBAKVPgYcgELWDfPuEL3bVSRIziZ30p4iP 9gxFjPzDcsFA/rdM+eX1vGDB+GCNBQE6rPpyIEk1P8oEJwyc8H8rDALcrmC0YTSy PIzl2Rd7jkrx/ulFcddeqlOslCccTFziqG4dUmv3b9WbrKN0PiEs2QemlWdXzH9j Kuor74LBDVA8VKPrMG3aMRMwFHt01yyP+SmB7CsBd/0iO86O/bVMfGAtSQIDAQAB o4ICNzCCAjMwHQYDVR0OBBYEFAsdy+rLU+PBEhT1O3bEsHr/+9azMB8GA1UdIwQY MBaAFIYcZ7222MIw/NtCep9xuAE1hy/CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaGh4bnZiYll3akQ4MjBKNm4zRzRBVFdITDhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC84YTExNWItMzg1OS00NzU5LTg1YWUt ZmI4NTNjNjUzMzRhLzEvQ3gzTDZzdFQ0OEVTRlBVN2RzU3dldl83MXJNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZC84YTExNWItMzg1OS00NzU5LTg1YWUtZmI4NTNjNjUzMzRh LzEvaGh4bnZiYll3akQ4MjBKNm4zRzRBVFdITDhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCuRE8AwQC ue40AwQCufFMAwQAwd1yAwQCw4zwMBQEAgACMA4DBQAqA+DAAwUDKgwmgDANBgkq hkiG9w0BAQsFAAOCAQEAEcEu63P8o42LUfdBq9AWSYqzIGSk1s+6+5wPpnIv0cVJ V2l3XkS7zzOcRdaCXXlrUNHgAWvLUhC/V4Ud7pKgGcz5QCHcbfSCQdWr2j/aIom+ eTg6gBPOZAAsLbOwmx8+EZ+4DO674pEnXawsazWLImqxfQqRjcthpCWNvQuAd9vd UdABUn+lLHfAKX0TLSXfdeg51KvkYzaJAUGOfyG11608ZlhXig8aPoiozojBkZVp 4+iWvHa2sQhQh/995y03BsR2nQgpDd5G1IolwTdkNetIWsCp2+CXdqnK/Egjul8H LXCrWIEEGcQqgu/JYaT85qpg7uwMoAQS1KAFI48nnw== -----END CERTIFICATE-----Generated at Mon Jan 26 23:42:44 2026 by rpki-client