This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/aHre3p3mljnQo6pgr_PAHWNasWI.roa File: aHre3p3mljnQo6pgr_PAHWNasWI.roa (raw, json) Hash identifier: jfHBeKOKc5HfS6IdGbqjCGEVckZ/9KBZc/hoke7dPEY= Subject key identifier: 68:7A:DE:DE:9D:E6:96:39:D0:A3:AA:60:AF:F3:C0:1D:63:5A:B1:62 Certificate issuer: /CN=e76210e38b16909a7ee8fe3b8d06647f0665292b Certificate serial: 019B7B362C343519B143C3DC109AE6F3436A Authority key identifier: E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/aHre3p3mljnQo6pgr_PAHWNasWI.roa Signing time: Thu 01 Jan 2026 20:18:26 +0000 ROA not before: Thu 01 Jan 2026 20:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15726 IP address blocks: 37.60.200.0/21 maxlen: 24 46.231.232.0/21 maxlen: 24 193.39.192.0/24 maxlen: 24 213.149.64.0/20 maxlen: 24 217.14.160.0/20 maxlen: 24 2a00:f88::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.mft rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 20:00:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:2c:34:35:19:b1:43:c3:dc:10:9a:e6:f3:43:6a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e76210e38b16909a7ee8fe3b8d06647f0665292b Validity Not Before: Jan 1 20:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=687adede9de69639d0a3aa60aff3c01d635ab162 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6c:46:e2:86:aa:5a:e6:fa:47:0f:e4:82:f3: fc:13:c7:ff:e0:34:0c:bd:3c:ea:db:bc:90:7a:52: b9:ca:ed:fc:26:c0:4c:f5:02:d0:b4:98:76:cb:4e: 09:72:26:4a:29:03:2d:22:11:a4:8e:9a:02:ac:2a: 9f:9a:ed:60:61:aa:22:f9:03:ac:9d:11:a9:a8:94: 12:d7:c4:55:31:50:8e:ef:2a:cd:1e:8e:1d:c5:ce: 4a:09:a2:9e:08:6a:6a:73:68:6d:35:87:2e:96:a5: 9e:d9:59:96:fe:ba:c6:0b:2e:50:26:b2:7b:79:1e: f4:2b:b2:46:db:23:25:80:2a:e7:53:28:04:d3:e7: 7e:8a:ed:23:01:8d:ae:d5:7f:09:39:c3:aa:d8:53: c1:d1:5c:74:c5:09:67:ac:f6:1d:96:1c:d4:bd:c4: 42:67:87:c1:88:cc:1f:9c:0e:dc:da:c8:7f:e6:75: bb:2a:6c:2c:4a:bf:27:ef:85:e0:2d:cc:75:c5:88: 94:8e:1c:9d:9c:45:59:84:a4:44:79:a6:56:b4:53: 6b:1f:d7:bd:f1:db:28:93:74:20:16:61:7f:cb:a3: 0f:47:a2:94:63:2a:ea:2b:c6:7b:94:dd:d2:fa:e1: 73:63:57:ce:6e:f7:c6:81:9a:17:db:b3:1e:7e:0d: e0:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:7A:DE:DE:9D:E6:96:39:D0:A3:AA:60:AF:F3:C0:1D:63:5A:B1:62 X509v3 Authority Key Identifier: keyid:E7:62:10:E3:8B:16:90:9A:7E:E8:FE:3B:8D:06:64:7F:06:65:29:2B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/52IQ44sWkJp-6P47jQZkfwZlKSs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/aHre3p3mljnQo6pgr_PAHWNasWI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6d6b76-b4b7-4f7e-8628-cf794658f5be/1/52IQ44sWkJp-6P47jQZkfwZlKSs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.60.200.0/21 46.231.232.0/21 193.39.192.0/24 213.149.64.0/20 217.14.160.0/20 IPv6: 2a00:f88::/32 Signature Algorithm: sha256WithRSAEncryption 95:ec:57:42:34:42:00:06:3d:9f:a7:b8:af:ab:66:d7:64:b0: 26:94:f6:af:e9:70:74:ae:2b:83:90:57:4f:42:58:51:99:9e: fa:34:f8:79:eb:40:17:35:4c:55:84:f5:81:e9:8a:85:5e:1b: e5:32:88:cc:ba:c2:d9:8e:d9:a6:b2:28:b9:03:90:ee:3a:5d: 00:76:c3:72:d2:82:1b:9b:b7:08:c6:f0:d2:f9:6f:b6:4e:3b: 91:68:e6:ec:8a:ba:2a:1d:f5:97:8a:a6:6d:7b:60:24:49:84: 7c:b1:d9:64:f8:ac:4d:75:7c:5b:15:fa:56:58:68:bc:25:3e: a7:e3:3b:bd:30:88:1b:10:26:ad:50:fa:c1:dc:92:f6:2a:c6: 24:69:78:28:cd:35:95:f7:4d:7e:97:00:02:d0:9a:d3:8c:73: a2:70:6b:1d:9c:3e:be:4d:db:e0:c8:9b:99:f7:29:83:6f:43: 2e:1e:ad:26:ad:63:06:ae:10:3e:ac:07:10:e2:de:0f:c4:b6: 5d:8d:e6:02:6b:79:9c:aa:99:ce:2f:7f:79:81:21:7e:af:8c: 6f:bf:8d:b2:96:32:26:c0:ca:a3:2d:3e:8a:d5:a1:19:0e:66: 22:52:3e:4d:3c:e4:70:72:ea:b8:9e:bf:ee:1a:05:63:14:07: 9f:aa:95:59 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt7Niw0NRmxQ8PcEJrm80NqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU3NjIxMGUzOGIxNjkwOWE3ZWU4ZmUzYjhkMDY2NDdmMDY2 NTI5MmIwHhcNMjYwMTAxMjAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2ODdhZGVkZTlkZTY5NjM5ZDBhM2FhNjBhZmYzYzAxZDYzNWFiMTYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGxG4oaqWub6Rw/kgvP8E8f/4DQM vTzq27yQelK5yu38JsBM9QLQtJh2y04JciZKKQMtIhGkjpoCrCqfmu1gYaoi+QOs nRGpqJQS18RVMVCO7yrNHo4dxc5KCaKeCGpqc2htNYculqWe2VmW/rrGCy5QJrJ7 eR70K7JG2yMlgCrnUygE0+d+iu0jAY2u1X8JOcOq2FPB0Vx0xQlnrPYdlhzUvcRC Z4fBiMwfnA7c2sh/5nW7KmwsSr8n74XgLcx1xYiUjhydnEVZhKREeaZWtFNrH9e9 8dsok3QgFmF/y6MPR6KUYyrqK8Z7lN3S+uFzY1fObvfGgZoX27Mefg3geQIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFGh63t6d5pY50KOqYK/zwB1jWrFiMB8GA1UdIwQY MBaAFOdiEOOLFpCafuj+O40GZH8GZSkrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2Mjgt Y2Y3OTQ2NThmNWJlLzEvYUhyZTNwM21sam5RbzZwZ3JfUEFIV05hc1dJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMS82ZDZiNzYtYjRiNy00ZjdlLTg2MjgtY2Y3OTQ2NThmNWJl LzEvNTJJUTQ0c1drSnAtNlA0N2pRWmtmd1psS1NzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJTzIAwQD LufoAwQAwSfAAwQE1ZVAAwQE2Q6gMA0EAgACMAcDBQAqAA+IMA0GCSqGSIb3DQEB CwUAA4IBAQCV7FdCNEIABj2fp7ivq2bXZLAmlPav6XB0riuDkFdPQlhRmZ76NPh5 60AXNUxVhPWB6YqFXhvlMojMusLZjtmmsii5A5DuOl0AdsNy0oIbm7cIxvDS+W+2 TjuRaObsiroqHfWXiqZte2AkSYR8sdlk+KxNdXxbFfpWWGi8JT6n4zu9MIgbECat UPrB3JL2KsYkaXgozTWV901+lwAC0JrTjHOicGsdnD6+TdvgyJuZ9ymDb0MuHq0m rWMGrhA+rAcQ4t4PxLZdjeYCa3mcqpnOL395gSF+r4xvv42yljImwMqjLT6K1aEZ DmYiUj5NPORwcuq4nr/uGgVjFAefqpVZ -----END CERTIFICATE-----Generated at Tue Feb 10 01:29:09 2026 by rpki-client