This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c3UQkLaK622oNueWHIwY2pf0u50.roa File: c3UQkLaK622oNueWHIwY2pf0u50.roa (raw, json) Hash identifier: 68H5EYdpUem6VsrZDqSO1jCXZzTxv1in5+mPEJKKQkQ= Subject key identifier: 73:75:10:90:B6:8A:EB:6D:A8:36:E7:96:1C:8C:18:DA:97:F4:BB:9D Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a Certificate serial: 019B7FF16F8A559D1435D80A9DA2DFBD4489 Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c3UQkLaK622oNueWHIwY2pf0u50.roa Signing time: Fri 02 Jan 2026 18:21:27 +0000 ROA not before: Fri 02 Jan 2026 18:21:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214279 IP address blocks: 43.240.149.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:6f:8a:55:9d:14:35:d8:0a:9d:a2:df:bd:44:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a Validity Not Before: Jan 2 18:21:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=73751090b68aeb6da836e7961c8c18da97f4bb9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:ef:c4:c4:06:6b:2d:60:74:a7:79:cd:11:97: d7:e3:46:ed:28:6d:5c:dc:b5:b0:7b:75:2f:5b:c3: 1c:07:73:1c:10:6a:6a:cb:09:9a:2b:fa:14:f8:75: 1c:03:36:25:93:34:34:04:fa:58:f5:17:c8:ef:b0: 14:2a:4c:b0:3e:45:46:30:61:e8:37:63:9a:97:fc: 7c:8c:37:96:50:77:34:2f:06:b9:5f:a0:a3:e1:57: d7:38:88:70:04:09:fa:ee:30:88:46:1a:db:8e:a6: cf:bd:29:57:75:64:6f:37:f9:ef:d0:11:08:e7:dc: 34:1a:91:f5:c2:a6:72:3d:1d:44:44:f6:0a:bd:da: ad:c2:95:97:56:dd:10:6e:c9:47:fd:1b:0e:48:ac: 58:da:0e:9a:2d:2c:88:94:4e:e7:0e:a9:fc:4c:bd: 55:07:b1:ee:32:62:a6:8f:eb:8f:2f:68:8d:4d:9e: 14:c1:d3:61:fa:65:71:b8:b3:05:6e:ad:57:49:9f: e5:9b:fc:66:ec:a6:a6:f5:86:ca:bc:e9:cf:33:63: e8:79:af:fc:15:ed:7e:e7:c9:9a:5f:e6:3c:d0:55: bf:9f:f8:29:42:17:40:db:c4:63:69:db:6a:17:86: e1:d2:2c:01:7f:8e:03:32:49:3b:98:d5:64:f4:95: f8:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:75:10:90:B6:8A:EB:6D:A8:36:E7:96:1C:8C:18:DA:97:F4:BB:9D X509v3 Authority Key Identifier: keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/c3UQkLaK622oNueWHIwY2pf0u50.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 43.240.149.0/24 Signature Algorithm: sha256WithRSAEncryption 91:13:ca:d4:af:b2:e7:58:27:1f:8f:58:98:7f:f5:92:51:97: 2f:94:02:ac:52:c9:21:1e:c6:59:13:13:7a:79:14:ac:d7:94: ac:6b:9c:cb:32:82:27:69:0e:d4:60:61:0e:dd:fc:f9:b9:40: e7:50:1c:97:1d:28:81:bc:ba:79:9a:d1:78:78:a2:76:c1:a3: c5:45:d4:34:14:58:86:11:f9:32:fc:47:49:0d:d5:7b:04:ff: ef:b9:d1:7a:c9:dc:4a:82:ea:44:90:13:f1:b5:4f:11:c0:ba: ff:24:f7:e8:29:dd:81:77:16:f8:db:f8:1b:24:4a:de:cf:93: f8:42:f6:a9:10:3c:6c:d5:a4:f3:1a:9c:10:1d:dd:43:8c:0d: 8b:d5:65:03:e9:ac:71:52:b0:c1:de:86:9b:da:94:f2:88:fe: 3b:a6:5e:27:36:23:d2:1f:88:50:17:91:44:f7:37:fd:10:bc: 3a:2e:02:f1:e9:62:bd:10:33:ea:4f:af:82:b1:ff:4b:50:8d: 8d:36:9c:b1:35:16:6c:02:06:dc:8c:5f:ea:c8:3b:20:15:49: 8a:76:6b:d7:4e:2c:cb:f6:c6:16:89:61:a8:fa:05:0c:84:31: 37:f2:7b:f4:d6:c3:99:fa:13:30:b6:d9:69:12:84:8f:f8:f9: 13:9f:5a:e5 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8W+KVZ0UNdgKnaLfvUSJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk ZjM1NGEwHhcNMjYwMTAyMTgyMTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3Mzc1MTA5MGI2OGFlYjZkYTgzNmU3OTYxYzhjMThkYTk3ZjRiYjlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+/ExAZrLWB0p3nNEZfX40btKG1c 3LWwe3UvW8McB3McEGpqywmaK/oU+HUcAzYlkzQ0BPpY9RfI77AUKkywPkVGMGHo N2Oal/x8jDeWUHc0Lwa5X6Cj4VfXOIhwBAn67jCIRhrbjqbPvSlXdWRvN/nv0BEI 59w0GpH1wqZyPR1ERPYKvdqtwpWXVt0QbslH/RsOSKxY2g6aLSyIlE7nDqn8TL1V B7HuMmKmj+uPL2iNTZ4UwdNh+mVxuLMFbq1XSZ/lm/xm7Kam9YbKvOnPM2Poea/8 Fe1+58maX+Y80FW/n/gpQhdA28RjadtqF4bh0iwBf44DMkk7mNVk9JX4FwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHN1EJC2iuttqDbnlhyMGNqX9LudMB8GA1UdIwQY MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt MjBlMTk3ODBjYjJlLzEvYzNVUWtMYUs2MjJvTnVlV0hJd1kycGYwdTUwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAK/CVMA0G CSqGSIb3DQEBCwUAA4IBAQCRE8rUr7LnWCcfj1iYf/WSUZcvlAKsUskhHsZZExN6 eRSs15Ssa5zLMoInaQ7UYGEO3fz5uUDnUByXHSiBvLp5mtF4eKJ2waPFRdQ0FFiG Efky/EdJDdV7BP/vudF6ydxKgupEkBPxtU8RwLr/JPfoKd2Bdxb42/gbJErez5P4 QvapEDxs1aTzGpwQHd1DjA2L1WUD6axxUrDB3oab2pTyiP47pl4nNiPSH4hQF5FE 9zf9ELw6LgLx6WK9EDPqT6+Csf9LUI2NNpyxNRZsAgbcjF/qyDsgFUmKdmvXTizL 9sYWiWGo+gUMhDE38nv01sOZ+hMwttlpEoSP+PkTn1rl -----END CERTIFICATE-----Generated at Mon Jan 19 14:43:31 2026 by rpki-client