This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/A8PNklH6_RdGA5SXBmz7CmQ2ejc.roa File: A8PNklH6_RdGA5SXBmz7CmQ2ejc.roa (raw, json) Hash identifier: G32ue8AWHzovX9yZjIgUF6MN72sXNFz9nWr+gwmW9lo= Subject key identifier: 03:C3:CD:92:51:FA:FD:17:46:03:94:97:06:6C:FB:0A:64:36:7A:37 Certificate issuer: /CN=bf8d8547342e2fc9ecfadfcef00cf273ef9d6e90 Certificate serial: 019BEB69FCCE44A0C36FF80D54BC96DD88D5 Authority key identifier: BF:8D:85:47:34:2E:2F:C9:EC:FA:DF:CE:F0:0C:F2:73:EF:9D:6E:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v42FRzQuL8ns-t_O8Azyc--dbpA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/A8PNklH6_RdGA5SXBmz7CmQ2ejc.roa Signing time: Fri 23 Jan 2026 15:12:30 +0000 ROA not before: Fri 23 Jan 2026 15:12:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 212.32.45.0/24 maxlen: 24 2a01:fe00::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/v42FRzQuL8ns-t_O8Azyc--dbpA.crl rsync://rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/v42FRzQuL8ns-t_O8Azyc--dbpA.mft rsync://rpki.ripe.net/repository/DEFAULT/v42FRzQuL8ns-t_O8Azyc--dbpA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 20:39:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:eb:69:fc:ce:44:a0:c3:6f:f8:0d:54:bc:96:dd:88:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf8d8547342e2fc9ecfadfcef00cf273ef9d6e90 Validity Not Before: Jan 23 15:12:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=03c3cd9251fafd1746039497066cfb0a64367a37 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:1f:55:c7:85:3a:55:a4:48:fa:5d:7b:fb:da: 14:ff:ab:88:7b:cd:ef:f7:05:11:19:e3:b1:ce:d2: c4:0c:6c:52:63:84:26:ac:75:35:80:ed:ca:b2:40: 18:c6:c1:bf:3b:41:c0:a6:d1:a9:14:88:bf:1e:ce: 33:13:c6:47:46:bb:ce:8a:8c:51:15:52:4b:3d:9a: 4c:e1:f8:fc:d5:cf:15:4e:65:1e:24:96:f6:87:73: 61:8c:df:ce:a8:97:dc:68:b0:84:c6:93:2b:9f:92: 4e:2e:c5:16:86:dd:20:3c:23:94:ff:bb:e4:fb:65: 89:b9:08:83:97:1b:e0:a6:b9:d4:29:8e:77:7f:9d: e8:f8:5f:84:48:fe:8c:7e:ea:bc:cb:18:f6:4c:bf: 38:6d:45:51:89:55:12:15:14:04:e3:ff:f0:ee:2d: a2:9f:10:ff:ac:c8:b5:06:b0:eb:c0:97:1a:cd:17: 25:3f:b1:6e:be:dd:b9:7c:0d:ad:5e:86:43:c5:88: e2:00:d8:f1:4f:2e:3d:ea:46:62:3f:7f:a7:e5:31: 45:6a:2d:dc:18:0d:76:d9:4b:5c:68:1e:dc:5c:d6: b6:bf:cf:e8:ac:bb:1f:e4:9a:ce:01:bb:ff:5a:a5: 38:5e:c9:de:29:d1:ef:8d:06:a6:55:f8:d5:ed:77: c2:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:C3:CD:92:51:FA:FD:17:46:03:94:97:06:6C:FB:0A:64:36:7A:37 X509v3 Authority Key Identifier: keyid:BF:8D:85:47:34:2E:2F:C9:EC:FA:DF:CE:F0:0C:F2:73:EF:9D:6E:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v42FRzQuL8ns-t_O8Azyc--dbpA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/A8PNklH6_RdGA5SXBmz7CmQ2ejc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/b6f734-c655-43a1-9934-1e71930fcc0f/1/v42FRzQuL8ns-t_O8Azyc--dbpA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.32.45.0/24 IPv6: 2a01:fe00::/48 Signature Algorithm: sha256WithRSAEncryption bf:c6:cc:52:b6:b8:49:b2:ab:c3:ec:15:bd:f9:3a:75:b5:c3: 75:7f:0d:79:47:1c:da:83:54:c4:e2:43:8c:33:93:92:94:e0: 6c:df:b6:2d:29:67:d8:59:72:c4:17:5b:3a:a3:fd:b3:d0:79: 8b:43:45:ce:11:a1:50:4f:88:6f:01:11:f0:5c:b8:58:d5:1c: de:fb:88:51:0b:96:69:11:32:90:f2:d6:ec:cc:88:c4:73:09: 8c:eb:b6:28:5d:a8:fb:58:e7:d6:f3:69:18:a1:bb:19:15:80: e9:86:2f:2f:39:4a:d3:11:b0:d7:41:05:94:dd:46:ac:86:a5: 5b:da:8c:f9:2c:65:78:ba:23:f1:70:e9:83:87:e9:ae:9a:d0: 1f:18:cc:aa:35:90:e4:f0:d3:33:9b:05:c2:c4:06:42:e1:7a: e5:0c:a7:44:95:c0:39:8e:06:f0:4e:a6:81:33:f5:8f:8d:10: a8:11:00:45:12:1c:ee:d7:64:15:de:eb:9f:c8:47:76:8d:5e: a2:f3:19:01:d5:05:ae:1e:06:99:26:b8:80:2d:98:28:23:6d: a3:d3:45:e8:80:d3:75:22:75:3e:c4:29:31:fa:66:6f:4b:31: c0:f6:43:cb:29:c7:d9:cf:cb:a7:7a:de:56:c1:cc:21:41:22: 41:3c:d6:b9 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZvrafzORKDDb/gNVLyW3YjVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmOGQ4NTQ3MzQyZTJmYzllY2ZhZGZjZWYwMGNmMjczZWY5 ZDZlOTAwHhcNMjYwMTIzMTUxMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwM2MzY2Q5MjUxZmFmZDE3NDYwMzk0OTcwNjZjZmIwYTY0MzY3YTM3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2x9Vx4U6VaRI+l17+9oU/6uIe83v 9wURGeOxztLEDGxSY4QmrHU1gO3KskAYxsG/O0HAptGpFIi/Hs4zE8ZHRrvOioxR FVJLPZpM4fj81c8VTmUeJJb2h3NhjN/OqJfcaLCExpMrn5JOLsUWht0gPCOU/7vk +2WJuQiDlxvgprnUKY53f53o+F+ESP6Mfuq8yxj2TL84bUVRiVUSFRQE4//w7i2i nxD/rMi1BrDrwJcazRclP7Fuvt25fA2tXoZDxYjiANjxTy496kZiP3+n5TFFai3c GA122UtcaB7cXNa2v8/orLsf5JrOAbv/WqU4XsneKdHvjQamVfjV7XfCGwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFAPDzZJR+v0XRgOUlwZs+wpkNno3MB8GA1UdIwQY MBaAFL+NhUc0Li/J7PrfzvAM8nPvnW6QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjQyRlJ6UXVMOG5zLXRfTzhBenljLS1kYnBBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS9iNmY3MzQtYzY1NS00M2ExLTk5MzQt MWU3MTkzMGZjYzBmLzEvQThQTmtsSDZfUmRHQTVTWEJtejdDbVEyZWpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZS9iNmY3MzQtYzY1NS00M2ExLTk5MzQtMWU3MTkzMGZjYzBm LzEvdjQyRlJ6UXVMOG5zLXRfTzhBenljLS1kYnBBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1CAtMA8E AgACMAkDBwAqAf4AAAAwDQYJKoZIhvcNAQELBQADggEBAL/GzFK2uEmyq8PsFb35 OnW1w3V/DXlHHNqDVMTiQ4wzk5KU4Gzfti0pZ9hZcsQXWzqj/bPQeYtDRc4RoVBP iG8BEfBcuFjVHN77iFELlmkRMpDy1uzMiMRzCYzrtihdqPtY59bzaRihuxkVgOmG Ly85StMRsNdBBZTdRqyGpVvajPksZXi6I/Fw6YOH6a6a0B8YzKo1kOTw0zObBcLE BkLheuUMp0SVwDmOBvBOpoEz9Y+NEKgRAEUSHO7XZBXe65/IR3aNXqLzGQHVBa4e BpkmuIAtmCgjbaPTReiA03UidT7EKTH6Zm9LMcD2Q8spx9nPy6d63lbBzCFBIkE8 1rk= -----END CERTIFICATE-----Generated at Tue Jan 27 02:50:28 2026 by rpki-client