This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3DC3kA6UpmGM3vUF15dvR1WNU24.roa File: 3DC3kA6UpmGM3vUF15dvR1WNU24.roa (raw, json) Hash identifier: bjns9AS5EKsgQlEUmAtovJpzNvMiGaM8W70y83exwDI= Subject key identifier: DC:30:B7:90:0E:94:A6:61:8C:DE:F5:05:D7:97:6F:47:55:8D:53:6E Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Certificate serial: 019B7EA76125465DA8A161EEC40B58A49204 Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3DC3kA6UpmGM3vUF15dvR1WNU24.roa Signing time: Fri 02 Jan 2026 12:20:57 +0000 ROA not before: Fri 02 Jan 2026 12:20:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212609 IP address blocks: 185.239.245.0/24 maxlen: 24 185.254.19.0/24 maxlen: 24 194.15.151.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 04 Jan 2026 15:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:61:25:46:5d:a8:a1:61:ee:c4:0b:58:a4:92:04 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5 Validity Not Before: Jan 2 12:20:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc30b7900e94a6618cdef505d7976f47558d536e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:79:ce:8a:51:31:a4:fa:25:c3:48:6d:6e:e7: 8c:8a:26:d2:af:27:43:0d:a2:1f:6b:59:88:3f:a6: 21:6b:32:c9:43:7f:ba:dd:e0:ff:6b:75:26:c3:22: 7a:4f:7f:88:13:68:19:57:f6:ba:f6:98:73:e2:23: 73:d5:12:ba:4a:48:24:44:3a:f6:09:ce:11:17:72: 40:ea:43:6d:a8:97:ee:dc:89:04:fc:5b:cc:25:69: 29:7a:e8:e8:8f:75:3d:99:5f:6b:a2:31:30:fd:82: 23:26:dd:e7:ac:fc:e0:bb:bc:fa:a8:46:f9:4f:f9: e8:7b:02:c1:36:62:b2:62:30:df:9f:f5:15:14:0b: c7:9d:1f:01:d6:94:c6:c9:95:6a:4d:8c:dd:d4:22: 37:f0:e1:b1:f4:ee:c0:c3:07:22:85:4f:67:20:22: 09:61:5c:5c:11:6e:36:4d:94:67:be:bd:ee:51:e9: f8:2e:93:2f:6d:a2:63:36:a4:c6:74:c3:f8:8d:51: 3a:22:66:e1:8c:1c:e5:09:30:09:56:9d:7d:48:3e: c6:56:04:71:9e:89:f9:ac:30:cf:95:0a:01:f5:93: 2d:4c:a2:66:a0:54:df:45:02:fe:24:f3:a3:13:25: 57:13:b2:14:64:60:98:84:75:29:ae:62:a7:31:33: 90:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:30:B7:90:0E:94:A6:61:8C:DE:F5:05:D7:97:6F:47:55:8D:53:6E X509v3 Authority Key Identifier: keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/3DC3kA6UpmGM3vUF15dvR1WNU24.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.239.245.0/24 185.254.19.0/24 194.15.151.0/24 Signature Algorithm: sha256WithRSAEncryption 5c:d5:b1:60:86:7c:ff:fd:a3:98:77:6a:1a:bb:f0:eb:97:15: cd:6d:99:b4:9b:91:2f:1b:69:13:f3:5c:34:b0:4e:d6:05:5b: 3c:d6:d9:53:1b:4c:c4:97:0a:f2:27:b1:7e:f8:ff:43:9f:e0: 77:53:38:9d:b4:01:a3:54:d4:e2:28:b1:cc:b1:2a:eb:f8:17: 05:7d:aa:c7:63:39:b7:4c:70:7c:02:54:de:24:fc:b4:a5:c1: 11:a3:cd:88:7a:b5:eb:36:e0:ec:93:52:de:2d:18:8d:ce:0b: a5:cf:a0:b4:8b:de:a0:6a:a8:70:5e:36:22:b5:f1:be:59:a6: b8:20:70:c1:f6:50:55:fc:d9:4f:73:3a:f5:a6:f1:07:17:b0: 07:44:29:17:60:ff:15:39:27:14:80:0f:1f:0d:10:6b:a7:9a: 60:3b:b3:e8:fb:e5:13:64:ab:3b:30:ce:a0:c4:36:1c:6e:76: c9:d1:00:d5:72:b4:7f:b8:e7:0e:a9:17:78:3b:e8:29:a7:e6: d3:fd:29:3e:b7:89:63:c3:62:c4:eb:11:ef:2a:69:3b:f4:8e: cb:04:da:2b:1e:43:c3:e1:33:0d:74:c2:dc:4a:c6:9a:d5:3e: 3c:2c:e5:35:a0:b5:f6:41:71:a7:9b:80:78:29:5b:31:38:10: f7:4a:20:bb -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt+p2ElRl2ooWHuxAtYpJIEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0 ZGIwYTUwHhcNMjYwMTAyMTIyMDU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzMwYjc5MDBlOTRhNjYxOGNkZWY1MDVkNzk3NmY0NzU1OGQ1MzZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnnOilExpPolw0htbueMiibSrydD DaIfa1mIP6YhazLJQ3+63eD/a3UmwyJ6T3+IE2gZV/a69phz4iNz1RK6SkgkRDr2 Cc4RF3JA6kNtqJfu3IkE/FvMJWkpeujoj3U9mV9rojEw/YIjJt3nrPzgu7z6qEb5 T/noewLBNmKyYjDfn/UVFAvHnR8B1pTGyZVqTYzd1CI38OGx9O7AwwcihU9nICIJ YVxcEW42TZRnvr3uUen4LpMvbaJjNqTGdMP4jVE6ImbhjBzlCTAJVp19SD7GVgRx non5rDDPlQoB9ZMtTKJmoFTfRQL+JPOjEyVXE7IUZGCYhHUprmKnMTOQawIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFNwwt5AOlKZhjN71BdeXb0dVjVNuMB8GA1UdIwQY MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt YmFmYmRmYzgxMzJhLzEvM0RDM2tBNlVwbUdNM3ZVRjE1ZHZSMVdOVTI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAue/1AwQA uf4TAwQAwg+XMA0GCSqGSIb3DQEBCwUAA4IBAQBc1bFghnz//aOYd2oau/DrlxXN bZm0m5EvG2kT81w0sE7WBVs81tlTG0zElwryJ7F++P9Dn+B3UzidtAGjVNTiKLHM sSrr+BcFfarHYzm3THB8AlTeJPy0pcERo82IerXrNuDsk1LeLRiNzgulz6C0i96g aqhwXjYitfG+Waa4IHDB9lBV/NlPczr1pvEHF7AHRCkXYP8VOScUgA8fDRBrp5pg O7Po++UTZKs7MM6gxDYcbnbJ0QDVcrR/uOcOqRd4O+gpp+bT/Sk+t4ljw2LE6xHv Kmk79I7LBNorHkPD4TMNdMLcSsaa1T48LOU1oLX2QXGnm4B4KVsxOBD3SiC7 -----END CERTIFICATE-----Generated at Sat Jan 3 18:58:51 2026 by rpki-client