This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/3_0WZ7tcEt9l7JCeqM_XLJKrQAI.roa File: 3_0WZ7tcEt9l7JCeqM_XLJKrQAI.roa (raw, json) Hash identifier: 7OfgraftH18MfCmboAvi66Dsa4X9nEMWe7jgzn7VuiE= Subject key identifier: DF:FD:16:67:BB:5C:12:DF:65:EC:90:9E:A8:CF:D7:2C:92:AB:40:02 Certificate issuer: /CN=02640bccb7171f199c43a0a974cab827ed18e750 Certificate serial: 019B7B35B4AFBEBFBCB30F012074DB493DDF Authority key identifier: 02:64:0B:CC:B7:17:1F:19:9C:43:A0:A9:74:CA:B8:27:ED:18:E7:50 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/3_0WZ7tcEt9l7JCeqM_XLJKrQAI.roa Signing time: Thu 01 Jan 2026 20:17:55 +0000 ROA not before: Thu 01 Jan 2026 20:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 15600 IP address blocks: 185.33.224.0/22 maxlen: 22 2a00:ce20::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.crl rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.mft rsync://rpki.ripe.net/repository/DEFAULT/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:01:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:b4:af:be:bf:bc:b3:0f:01:20:74:db:49:3d:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=02640bccb7171f199c43a0a974cab827ed18e750 Validity Not Before: Jan 1 20:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dffd1667bb5c12df65ec909ea8cfd72c92ab4002 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:fa:54:58:ba:2a:0a:51:c0:9a:92:0e:60:a7: 9a:e2:70:02:06:09:33:f3:ac:53:55:e4:58:6b:6d: 79:90:2e:a7:9a:1b:67:7b:89:39:2b:5d:48:2d:56: fe:a1:2d:42:64:25:30:91:e7:25:a2:1a:0c:06:1e: 82:26:a9:98:25:9c:1a:19:1a:93:45:cb:28:91:6c: 90:ee:ea:f4:af:29:b4:3e:c2:20:93:7a:2d:12:23: b0:86:28:ac:7d:53:06:c9:c4:d9:40:22:9f:a0:88: b0:14:fa:3d:66:45:c1:d0:c7:bd:2c:91:66:53:10: 97:3f:23:3f:42:47:a5:ee:a2:18:3b:5e:8a:60:7d: d1:51:f9:f4:2b:c7:89:52:47:55:52:f4:e3:af:79: a6:99:1f:98:20:0f:6c:d5:2d:81:05:71:de:32:f4: 62:88:08:08:df:b0:d8:0f:97:ee:e0:7d:c5:ea:8a: 56:b0:a5:03:f2:e5:52:33:21:28:00:88:a0:cd:e6: 0b:f5:73:ee:fa:02:e5:03:ad:1e:cb:40:a1:16:e2: a6:1c:8e:fc:17:a6:f2:04:b2:2b:cf:29:df:e8:80: 90:89:e4:a7:06:b0:a8:4c:38:99:e6:ff:66:91:74: 2c:64:5a:eb:80:72:8b:ec:4d:a9:16:1d:3d:ee:20: 55:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FD:16:67:BB:5C:12:DF:65:EC:90:9E:A8:CF:D7:2C:92:AB:40:02 X509v3 Authority Key Identifier: keyid:02:64:0B:CC:B7:17:1F:19:9C:43:A0:A9:74:CA:B8:27:ED:18:E7:50 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/3_0WZ7tcEt9l7JCeqM_XLJKrQAI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/36/424bd1-953b-4262-8396-c7bf95e5ab7b/1/AmQLzLcXHxmcQ6CpdMq4J-0Y51A.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.33.224.0/22 IPv6: 2a00:ce20::/29 Signature Algorithm: sha256WithRSAEncryption 36:f7:44:96:ca:4c:96:a8:33:ad:cc:ae:3b:e8:26:62:7e:a0: 80:ed:1d:f8:24:42:93:e5:58:f0:4f:5b:e7:8e:5a:38:35:4c: 28:50:93:ce:c2:be:e2:c7:ab:b6:86:a1:31:b1:91:28:3a:c7: 52:4c:57:55:5c:0b:f9:61:bc:4a:ab:68:4f:77:e2:1c:f5:79: 32:9b:1e:91:7d:cf:f2:3f:1b:ce:83:ac:51:b3:84:f2:f7:40: f9:8f:0e:20:e1:07:75:22:ea:7a:42:7e:ea:38:6d:c0:fc:80: 02:93:8e:80:2e:07:bb:4b:36:67:11:24:e0:db:d9:13:00:a4: d1:77:23:4e:56:25:ff:cc:e5:c4:54:12:a6:03:b0:dd:33:4d: a4:1b:34:8b:5b:b1:ad:e5:a3:f7:00:3d:8b:b0:15:5c:d6:d3: 3f:2b:5f:de:85:d2:f6:72:72:01:f1:48:fd:e2:04:4c:0d:de: e9:9d:98:95:64:90:66:88:10:52:ef:ec:d6:92:06:2e:b6:8a: dd:5e:ba:69:a0:ce:d8:8e:f2:1c:73:70:63:22:56:bc:5b:fe: 75:fc:d6:df:34:52:d2:23:2f:ae:b3:a5:87:cb:c4:e0:0b:3b: 16:ca:da:63:e4:a3:ad:1f:e3:d5:6e:90:9b:8b:d0:12:d4:8f: db:14:f3:52 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7NbSvvr+8sw8BIHTbST3fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAyNjQwYmNjYjcxNzFmMTk5YzQzYTBhOTc0Y2FiODI3ZWQx OGU3NTAwHhcNMjYwMTAxMjAxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmZkMTY2N2JiNWMxMmRmNjVlYzkwOWVhOGNmZDcyYzkyYWI0MDAyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PpUWLoqClHAmpIOYKea4nACBgkz 86xTVeRYa215kC6nmhtne4k5K11ILVb+oS1CZCUwkeclohoMBh6CJqmYJZwaGRqT RcsokWyQ7ur0rym0PsIgk3otEiOwhiisfVMGycTZQCKfoIiwFPo9ZkXB0Me9LJFm UxCXPyM/Qkel7qIYO16KYH3RUfn0K8eJUkdVUvTjr3mmmR+YIA9s1S2BBXHeMvRi iAgI37DYD5fu4H3F6opWsKUD8uVSMyEoAIigzeYL9XPu+gLlA60ey0ChFuKmHI78 F6byBLIrzynf6ICQieSnBrCoTDiZ5v9mkXQsZFrrgHKL7E2pFh097iBV2wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFN/9Fme7XBLfZeyQnqjP1yySq0ACMB8GA1UdIwQY MBaAFAJkC8y3Fx8ZnEOgqXTKuCftGOdQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQW1RTHpMY1hIeG1jUTZDcGRNcTRKLTBZNTFBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi80MjRiZDEtOTUzYi00MjYyLTgzOTYt YzdiZjk1ZTVhYjdiLzEvM18wV1o3dGNFdDlsN0pDZXFNX1hMSktyUUFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNi80MjRiZDEtOTUzYi00MjYyLTgzOTYtYzdiZjk1ZTVhYjdi LzEvQW1RTHpMY1hIeG1jUTZDcGRNcTRKLTBZNTFBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSHgMA0E AgACMAcDBQMqAM4gMA0GCSqGSIb3DQEBCwUAA4IBAQA290SWykyWqDOtzK476CZi fqCA7R34JEKT5VjwT1vnjlo4NUwoUJPOwr7ix6u2hqExsZEoOsdSTFdVXAv5YbxK q2hPd+Ic9Xkymx6Rfc/yPxvOg6xRs4Ty90D5jw4g4Qd1Iup6Qn7qOG3A/IACk46A Lge7SzZnESTg29kTAKTRdyNOViX/zOXEVBKmA7DdM02kGzSLW7Gt5aP3AD2LsBVc 1tM/K1/ehdL2cnIB8Uj94gRMDd7pnZiVZJBmiBBS7+zWkgYutordXrppoM7YjvIc c3BjIla8W/51/NbfNFLSIy+us6WHy8TgCzsWytpj5KOtH+PVbpCbi9AS1I/bFPNS -----END CERTIFICATE-----Generated at Mon Jan 26 20:42:27 2026 by rpki-client