This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/WLGZfCZKmxfMTTmHvuZLK2OwTpM.roa File: WLGZfCZKmxfMTTmHvuZLK2OwTpM.roa (raw, json) Hash identifier: o/3DvFAKUtiQSitJNR+MpNrJR84HlaGWEw9iU7EJXWI= Subject key identifier: 58:B1:99:7C:26:4A:9B:17:CC:4D:39:87:BE:E6:4B:2B:63:B0:4E:93 Certificate issuer: /CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120 Certificate serial: 019B7758FF17723A22F928D69138DB4D4027 Authority key identifier: DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/WLGZfCZKmxfMTTmHvuZLK2OwTpM.roa Signing time: Thu 01 Jan 2026 02:17:59 +0000 ROA not before: Thu 01 Jan 2026 02:17:59 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6507 IP address blocks: 185.40.64.0/22 maxlen: 22 185.40.64.0/24 maxlen: 24 2a04:82c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.mft rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 14:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:ff:17:72:3a:22:f9:28:d6:91:38:db:4d:40:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc05df6e404ef920e6a5928d8963e6a5f8d61120 Validity Not Before: Jan 1 02:17:59 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=58b1997c264a9b17cc4d3987bee64b2b63b04e93 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:a0:c5:75:9a:97:2b:dc:27:2c:45:50:4e:17: eb:4f:24:f8:36:da:20:cc:ac:a1:c8:6e:12:ae:49: 17:16:bf:0e:33:ed:6d:bf:e4:57:8e:c0:9a:28:81: 3b:87:e7:a3:58:56:4d:e6:81:7d:d1:fd:30:82:72: bf:cf:55:d6:79:59:c1:e8:db:ad:80:f9:3a:1c:76: 2b:f3:b0:65:35:7f:73:65:ba:9e:e5:a3:b3:dc:6d: 00:9f:06:49:89:46:9e:dc:32:50:4a:46:91:6e:79: 5f:9b:93:e1:70:0a:ea:e1:c7:05:70:54:19:31:93: a8:6e:94:a9:ec:a8:9d:9e:12:e2:7d:86:8f:8f:a3: 5b:cd:a8:00:49:0c:a0:9c:b0:0d:0a:92:f5:b3:48: 14:be:a1:a5:29:62:bb:74:fa:f0:67:59:df:c6:bb: a0:8c:a3:d2:02:6f:46:d6:4a:d0:b3:56:3a:12:d2: 42:3e:cf:63:2e:6c:e5:d3:e8:11:f9:1a:44:ef:94: 4e:cc:64:18:7c:3a:5d:ae:c2:3a:f3:0a:7b:80:b3: 53:84:9f:85:bf:f3:c9:76:d3:2c:4e:3c:e9:0d:5b: e0:d3:56:49:66:9c:d5:98:e4:fc:fe:78:9e:fd:14: 03:9f:05:45:cf:36:ff:8a:cf:04:7e:01:41:01:e6: f9:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:B1:99:7C:26:4A:9B:17:CC:4D:39:87:BE:E6:4B:2B:63:B0:4E:93 X509v3 Authority Key Identifier: keyid:DC:05:DF:6E:40:4E:F9:20:E6:A5:92:8D:89:63:E6:A5:F8:D6:11:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AXfbkBO-SDmpZKNiWPmpfjWESA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/WLGZfCZKmxfMTTmHvuZLK2OwTpM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/0c3886-a32d-4435-ab74-bce934205ae8/1/3AXfbkBO-SDmpZKNiWPmpfjWESA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.64.0/22 IPv6: 2a04:82c0::/29 Signature Algorithm: sha256WithRSAEncryption 07:2c:56:5e:66:52:8b:67:3e:26:db:f3:27:98:e2:ac:c6:8a: 12:49:5b:43:5d:07:ae:d7:61:57:22:2c:51:6b:de:28:69:eb: 32:b1:a8:98:26:74:af:0e:0e:f9:c7:1f:d5:5d:bf:f9:3d:eb: 0c:82:f7:4b:82:eb:db:03:c9:2b:f4:d7:d9:4b:60:e9:0c:cb: 30:99:89:de:71:c2:f9:ce:26:7d:df:e4:a3:29:12:83:16:c8: a5:d0:b4:71:4d:a4:46:de:69:d6:78:21:c7:17:ca:68:cc:ff: 5a:9f:c8:87:80:25:c8:0d:c1:09:3f:e4:ad:09:11:a9:82:5e: 6d:ac:cb:e6:d6:5e:52:4c:31:08:92:93:e9:22:26:cc:e8:92: 59:3e:ec:e8:63:d4:ae:5f:cd:d4:41:6b:e0:ac:f5:db:d0:0c: a2:6a:b8:17:46:59:3a:17:12:7b:54:a7:05:18:2f:f2:91:49: fa:f9:98:65:cc:52:71:17:e5:71:ef:a8:1e:ff:de:8e:5b:07: fb:bd:a2:79:ce:ed:4c:5f:6f:73:e4:fa:10:7d:18:29:d2:17: 43:56:13:e8:a0:41:2c:aa:4b:af:9b:a9:30:0c:77:bf:8c:ea: b7:51:cc:d6:56:b8:d0:20:6b:3f:fe:b0:cd:f7:34:19:61:91: 13:62:c0:c1 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt3WP8Xcjoi+SjWkTjbTUAnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDVkZjZlNDA0ZWY5MjBlNmE1OTI4ZDg5NjNlNmE1Zjhk NjExMjAwHhcNMjYwMTAxMDIxNzU5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg1OGIxOTk3YzI2NGE5YjE3Y2M0ZDM5ODdiZWU2NGIyYjYzYjA0ZTkzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaDFdZqXK9wnLEVQThfrTyT4Ntog zKyhyG4SrkkXFr8OM+1tv+RXjsCaKIE7h+ejWFZN5oF90f0wgnK/z1XWeVnB6Nut gPk6HHYr87BlNX9zZbqe5aOz3G0AnwZJiUae3DJQSkaRbnlfm5PhcArq4ccFcFQZ MZOobpSp7KidnhLifYaPj6NbzagASQygnLANCpL1s0gUvqGlKWK7dPrwZ1nfxrug jKPSAm9G1krQs1Y6EtJCPs9jLmzl0+gR+RpE75ROzGQYfDpdrsI68wp7gLNThJ+F v/PJdtMsTjzpDVvg01ZJZpzVmOT8/nie/RQDnwVFzzb/is8EfgFBAeb5pwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFFixmXwmSpsXzE05h77mSytjsE6TMB8GA1UdIwQY MBaAFNwF325ATvkg5qWSjYlj5qX41hEgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQt YmNlOTM0MjA1YWU4LzEvV0xHWmZDWktteGZNVFRtSHZ1WkxLMk93VHBNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8wYzM4ODYtYTMyZC00NDM1LWFiNzQtYmNlOTM0MjA1YWU4 LzEvM0FYZmJrQk8tU0RtcFpLTmlXUG1wZmpXRVNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuShAMA0E AgACMAcDBQMqBILAMA0GCSqGSIb3DQEBCwUAA4IBAQAHLFZeZlKLZz4m2/MnmOKs xooSSVtDXQeu12FXIixRa94oaesysaiYJnSvDg75xx/VXb/5PesMgvdLguvbA8kr 9NfZS2DpDMswmYneccL5ziZ93+SjKRKDFsil0LRxTaRG3mnWeCHHF8pozP9an8iH gCXIDcEJP+StCRGpgl5trMvm1l5STDEIkpPpIibM6JJZPuzoY9SuX83UQWvgrPXb 0AyiargXRlk6FxJ7VKcFGC/ykUn6+ZhlzFJxF+Vx76ge/96OWwf7vaJ5zu1MX29z 5PoQfRgp0hdDVhPooEEsqkuvm6kwDHe/jOq3UczWVrjQIGs//rDN9zQZYZETYsDB -----END CERTIFICATE-----Generated at Fri Jan 23 20:28:36 2026 by rpki-client