This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/F3X7MGphOVLy3qLOlM8u8925d-g.roa File: F3X7MGphOVLy3qLOlM8u8925d-g.roa (raw, json) Hash identifier: QuCdwiNh2aiJSqZcqO+4VQey4HHIeLMs+gxMOR2IHqc= Subject key identifier: 17:75:FB:30:6A:61:39:52:F2:DE:A2:CE:94:CF:2E:F3:DD:B9:77:E8 Certificate issuer: /CN=e9bfd0410c7bf3bb1d75b18acb1e96393ad21b26 Certificate serial: 019BD594DDD31A5F39F107143E84B78C31BC Authority key identifier: E9:BF:D0:41:0C:7B:F3:BB:1D:75:B1:8A:CB:1E:96:39:3A:D2:1B:26 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/F3X7MGphOVLy3qLOlM8u8925d-g.roa Signing time: Mon 19 Jan 2026 09:27:41 +0000 ROA not before: Mon 19 Jan 2026 09:27:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214494 IP address blocks: 185.196.4.0/22 maxlen: 24 2a0a:62c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.mft rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:d5:94:dd:d3:1a:5f:39:f1:07:14:3e:84:b7:8c:31:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e9bfd0410c7bf3bb1d75b18acb1e96393ad21b26 Validity Not Before: Jan 19 09:27:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=1775fb306a613952f2dea2ce94cf2ef3ddb977e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:25:44:ca:9c:37:ae:b7:51:f4:f0:c7:a6:10: 3d:c7:3f:bf:cc:3b:8b:66:6a:82:fb:9b:4f:cc:ad: 1d:1b:ac:dd:a9:e2:06:44:06:7c:b9:ac:a7:51:85: 90:3f:66:13:54:93:a7:c3:93:a4:e9:38:26:d4:27: 6a:16:f8:a1:3d:7d:ca:4b:95:21:6a:de:9d:0d:dc: 67:ed:ba:f0:52:32:5d:62:84:09:37:6a:d5:8c:ee: f9:5b:4e:a9:9f:d7:f5:82:64:e1:f1:60:71:99:cd: 15:68:80:16:27:47:eb:dc:ac:cf:61:fc:7b:80:bc: 74:d6:38:10:f8:f1:11:03:aa:9d:67:e7:dc:40:0f: 82:45:16:11:a3:a0:e7:86:90:f5:3e:f7:07:33:6a: 97:1d:9e:4e:42:5c:96:a0:6a:2c:d7:ef:09:8a:d8: a3:30:8c:2b:08:0a:d5:82:52:3b:ef:78:4e:bd:36: 4f:d2:88:a7:d8:33:a8:0d:ff:83:87:22:8a:5d:f8: bb:9e:78:d2:82:d2:05:4c:72:68:d1:d0:aa:d4:49: f7:b1:3f:8c:b3:c6:6a:da:7b:fb:3f:40:41:f4:86: fa:63:30:1d:bc:a1:14:cd:1c:fd:d4:fb:61:7d:09: 3a:0c:8f:40:d7:5c:c8:01:01:67:92:5a:a9:27:90: a7:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:75:FB:30:6A:61:39:52:F2:DE:A2:CE:94:CF:2E:F3:DD:B9:77:E8 X509v3 Authority Key Identifier: keyid:E9:BF:D0:41:0C:7B:F3:BB:1D:75:B1:8A:CB:1E:96:39:3A:D2:1B:26 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b_QQQx787sddbGKyx6WOTrSGyY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/F3X7MGphOVLy3qLOlM8u8925d-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/8d939f-9ef9-4076-a8f3-7a70b787d2ef/1/6b_QQQx787sddbGKyx6WOTrSGyY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.196.4.0/22 IPv6: 2a0a:62c0::/32 Signature Algorithm: sha256WithRSAEncryption 71:44:d8:fb:80:f2:e4:99:3e:e0:34:60:b7:56:6a:50:c7:72: 17:a2:47:3b:c0:ad:c2:bc:ed:02:12:63:7f:a5:a5:0f:00:64: 2f:5a:e6:59:d7:e9:61:36:07:2c:28:e2:a1:b2:21:f9:37:6c: 88:d5:5f:20:56:bc:9a:fa:45:17:4b:91:ac:dc:55:13:f2:9c: 24:cc:7b:49:14:29:c8:91:ef:08:b3:c1:05:43:0e:e9:85:ca: fc:bc:56:29:bd:36:05:df:94:8a:84:88:2c:d1:86:a9:ff:f9: d2:87:21:67:e3:c6:95:35:a5:c6:8a:6d:8a:14:43:7f:a3:6f: 18:4c:fb:36:f4:e2:ae:42:1d:46:8a:54:d2:b4:ec:44:9c:32: d4:9e:14:42:be:2a:f2:0b:6d:13:9d:ff:d8:1b:7b:e7:3d:37: f1:41:60:71:f6:12:c3:b2:e9:2f:23:ae:5f:91:08:90:db:9e: 34:e5:71:96:e5:be:10:6f:da:eb:c2:55:e1:6d:7c:08:d3:81: bb:bc:60:54:31:fc:4e:4c:d3:53:ee:ce:25:9e:9c:e2:c8:7c: 19:23:ce:e1:f3:4e:17:d7:e4:38:bb:d9:34:c5:8b:c6:f5:f1: 20:73:5c:03:b5:3b:f4:ec:0e:af:8e:ae:ee:ca:3e:e8:58:e7: 9f:79:17:63 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZvVlN3TGl858QcUPoS3jDG8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5YmZkMDQxMGM3YmYzYmIxZDc1YjE4YWNiMWU5NjM5M2Fk MjFiMjYwHhcNMjYwMTE5MDkyNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNzc1ZmIzMDZhNjEzOTUyZjJkZWEyY2U5NGNmMmVmM2RkYjk3N2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSVEypw3rrdR9PDHphA9xz+/zDuL ZmqC+5tPzK0dG6zdqeIGRAZ8uaynUYWQP2YTVJOnw5Ok6Tgm1CdqFvihPX3KS5Uh at6dDdxn7brwUjJdYoQJN2rVjO75W06pn9f1gmTh8WBxmc0VaIAWJ0fr3KzPYfx7 gLx01jgQ+PERA6qdZ+fcQA+CRRYRo6DnhpD1PvcHM2qXHZ5OQlyWoGos1+8Jitij MIwrCArVglI773hOvTZP0oin2DOoDf+DhyKKXfi7nnjSgtIFTHJo0dCq1En3sT+M s8Zq2nv7P0BB9Ib6YzAdvKEUzRz91PthfQk6DI9A11zIAQFnklqpJ5CnUQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFBd1+zBqYTlS8t6izpTPLvPduXfoMB8GA1UdIwQY MBaAFOm/0EEMe/O7HXWxisseljk60hsmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNmJfUVFReDc4N3NkZGJHS3l4NldPVHJTR3lZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi84ZDkzOWYtOWVmOS00MDc2LWE4ZjMt N2E3MGI3ODdkMmVmLzEvRjNYN01HcGhPVkx5M3FMT2xNOHU4OTI1ZC1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi84ZDkzOWYtOWVmOS00MDc2LWE4ZjMtN2E3MGI3ODdkMmVm LzEvNmJfUVFReDc4N3NkZGJHS3l4NldPVHJTR3lZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucQEMA0E AgACMAcDBQAqCmLAMA0GCSqGSIb3DQEBCwUAA4IBAQBxRNj7gPLkmT7gNGC3VmpQ x3IXokc7wK3CvO0CEmN/paUPAGQvWuZZ1+lhNgcsKOKhsiH5N2yI1V8gVrya+kUX S5Gs3FUT8pwkzHtJFCnIke8Is8EFQw7phcr8vFYpvTYF35SKhIgs0Yap//nShyFn 48aVNaXGim2KFEN/o28YTPs29OKuQh1GilTStOxEnDLUnhRCviryC20Tnf/YG3vn PTfxQWBx9hLDsukvI65fkQiQ25405XGW5b4Qb9rrwlXhbXwI04G7vGBUMfxOTNNT 7s4lnpziyHwZI87h804X1+Q4u9k0xYvG9fEgc1wDtTv07A6vjq7uyj7oWOefeRdj -----END CERTIFICATE-----Generated at Tue Jan 27 00:30:45 2026 by rpki-client