This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ryQMgFWZ3jNBbogxwI7g21J7R8Y.roa File: ryQMgFWZ3jNBbogxwI7g21J7R8Y.roa (raw, json) Hash identifier: I6znAGDxaUZ6tiOUv1X3x50QNtWRlxAeBxeiC8CikHg= Subject key identifier: AF:24:0C:80:55:99:DE:33:41:6E:88:31:C0:8E:E0:DB:52:7B:47:C6 Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321 Certificate serial: 019B7F1533582D10F52FE89DC7CD1BA02B8D Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ryQMgFWZ3jNBbogxwI7g21J7R8Y.roa Signing time: Fri 02 Jan 2026 14:20:54 +0000 ROA not before: Fri 02 Jan 2026 14:20:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 48678 IP address blocks: 185.7.241.0/24 maxlen: 24 185.7.242.0/24 maxlen: 24 2a14:db80:6::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:33:58:2d:10:f5:2f:e8:9d:c7:cd:1b:a0:2b:8d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321 Validity Not Before: Jan 2 14:20:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=af240c805599de33416e8831c08ee0db527b47c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:27:f3:c5:b5:c4:d5:ae:9b:00:a5:a1:aa:49: 9a:b2:83:35:b3:d2:56:98:a8:5d:dd:0c:bf:73:2b: 37:d4:a1:21:2f:1e:f9:99:1e:10:08:80:e4:57:45: 81:e4:3c:a1:be:ed:bc:ba:dc:1f:e1:a8:c9:8d:4e: 77:4c:45:fc:09:c7:ca:e6:49:76:68:fa:cf:d1:02: 34:82:8c:2e:41:11:62:15:07:29:2a:b7:6e:cc:00: 9c:85:ff:aa:fe:ba:ff:77:e7:1f:c2:74:6f:b0:f8: 08:34:ac:d1:24:87:18:94:af:97:55:30:b3:df:83: da:5f:b5:18:64:93:5a:58:ef:45:80:cd:be:33:4b: 50:ac:76:c9:25:75:8e:60:c5:72:9e:b5:2d:01:c3: 96:57:6e:51:d8:6b:13:35:30:91:82:44:55:37:bb: 01:b5:57:f7:24:22:42:ef:1b:86:f4:b7:90:1f:8f: c2:62:c0:3e:f0:65:8c:ff:6e:ba:e5:ae:63:7f:f0: cf:d7:9d:fa:2e:37:5b:d1:e8:30:c5:93:04:ed:cb: 46:71:82:a1:fb:dd:0a:e0:ca:b1:d4:c4:b4:bd:e6: cf:22:34:3f:fb:f7:3b:91:94:75:de:f9:65:e5:43: 98:70:33:54:cf:be:80:72:d5:3d:16:25:3b:c6:c3: 26:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:24:0C:80:55:99:DE:33:41:6E:88:31:C0:8E:E0:DB:52:7B:47:C6 X509v3 Authority Key Identifier: keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ryQMgFWZ3jNBbogxwI7g21J7R8Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.7.241.0-185.7.242.255 IPv6: 2a14:db80:6::/48 Signature Algorithm: sha256WithRSAEncryption 59:4f:ea:c9:8d:dd:10:d8:44:f6:59:30:04:c2:2c:d3:41:ec: 22:04:21:aa:fa:e7:2f:8e:e5:90:51:37:98:15:c2:9d:dc:99: ab:10:a2:b4:cd:32:45:59:3b:c6:ec:24:d6:b8:a3:8b:34:03: ff:d3:1e:26:61:6a:e8:00:82:53:17:22:f6:1e:36:24:f3:57: 50:f7:3a:c4:76:9d:06:6d:4d:75:b0:a8:0f:e7:ae:17:da:95: 42:e8:37:1d:eb:5a:b8:d7:25:53:f7:66:c6:11:06:cf:91:c5: 5c:c3:8a:3a:b1:24:07:53:f4:44:fe:0c:b8:0b:93:28:ac:40: af:09:ea:12:f6:74:6b:35:39:a4:4f:17:3b:1b:20:a7:b5:d0: 30:87:55:ae:a9:8a:c4:3c:65:06:ad:95:df:2e:1a:97:f7:e7: 5a:45:6d:82:9b:4e:7a:6e:09:d7:24:8d:16:12:db:1d:b2:50: 6b:15:5e:d0:25:57:2f:16:d1:49:17:0a:12:6d:96:81:60:72: 8c:74:a3:e6:f1:6c:03:6f:bf:75:78:05:f0:d2:ac:ab:bc:ea: 09:dd:e2:95:55:c5:54:97:b0:a9:26:dd:af:93:00:4d:6a:4d: ae:60:b8:bc:a2:ce:ed:98:9d:40:18:3f:ed:c3:75:34:3e:93: 72:c0:e4:76 -----BEGIN CERTIFICATE----- MIIFFjCCA/6gAwIBAgISAZt/FTNYLRD1L+idx80boCuNMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx ZDMzMjEwHhcNMjYwMTAyMTQyMDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhZjI0MGM4MDU1OTlkZTMzNDE2ZTg4MzFjMDhlZTBkYjUyN2I0N2M2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCfzxbXE1a6bAKWhqkmasoM1s9JW mKhd3Qy/cys31KEhLx75mR4QCIDkV0WB5Dyhvu28utwf4ajJjU53TEX8CcfK5kl2 aPrP0QI0gowuQRFiFQcpKrduzACchf+q/rr/d+cfwnRvsPgINKzRJIcYlK+XVTCz 34PaX7UYZJNaWO9FgM2+M0tQrHbJJXWOYMVynrUtAcOWV25R2GsTNTCRgkRVN7sB tVf3JCJC7xuG9LeQH4/CYsA+8GWM/2665a5jf/DP1536Ljdb0egwxZME7ctGcYKh +90K4Mqx1MS0vebPIjQ/+/c7kZR13vll5UOYcDNUz76ActU9FiU7xsMm/QIDAQAB o4ICIjCCAh4wHQYDVR0OBBYEFK8kDIBVmd4zQW6IMcCO4NtSe0fGMB8GA1UdIwQY MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt NDNkZjQ3ZDVhMWU3LzEvcnlRTWdGV1ozak5CYm9neHdJN2cyMUo3UjhZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3 LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC5B/ED BAC5B/IwDwQCAAIwCQMHACoU24AABjANBgkqhkiG9w0BAQsFAAOCAQEAWU/qyY3d ENhE9lkwBMIs00HsIgQhqvrnL47lkFE3mBXCndyZqxCitM0yRVk7xuwk1rijizQD /9MeJmFq6ACCUxci9h42JPNXUPc6xHadBm1NdbCoD+euF9qVQug3HetauNclU/dm xhEGz5HFXMOKOrEkB1P0RP4MuAuTKKxArwnqEvZ0azU5pE8XOxsgp7XQMIdVrqmK xDxlBq2V3y4al/fnWkVtgptOem4J1ySNFhLbHbJQaxVe0CVXLxbRSRcKEm2WgWBy jHSj5vFsA2+/dXgF8NKsq7zqCd3ilVXFVJewqSbdr5MATWpNrmC4vKLO7ZidQBg/ 7cN1ND6TcsDkdg== -----END CERTIFICATE-----Generated at Mon Jan 19 16:54:24 2026 by rpki-client