This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/PZ3DvBnBZEzRJV1pn3nJOWDaINo.roa File: PZ3DvBnBZEzRJV1pn3nJOWDaINo.roa (raw, json) Hash identifier: kJlVCfKZcI1/z1HhlgFzXn1hqpVcX/my4yK+JhAitIM= Subject key identifier: 3D:9D:C3:BC:19:C1:64:4C:D1:25:5D:69:9F:79:C9:39:60:DA:20:DA Certificate issuer: /CN=213e1d50d52288bee80eea435577018712409bbe Certificate serial: 019B7910F34CC892C103FE13F44C8B3E3E90 Authority key identifier: 21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/PZ3DvBnBZEzRJV1pn3nJOWDaINo.roa Signing time: Thu 01 Jan 2026 10:18:32 +0000 ROA not before: Thu 01 Jan 2026 10:18:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211496 IP address blocks: 185.130.90.0/24 maxlen: 24 185.195.252.0/24 maxlen: 24 193.22.12.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.mft rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:f3:4c:c8:92:c1:03:fe:13:f4:4c:8b:3e:3e:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=213e1d50d52288bee80eea435577018712409bbe Validity Not Before: Jan 1 10:18:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3d9dc3bc19c1644cd1255d699f79c93960da20da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0a:13:e3:80:65:1a:8d:36:29:c4:cd:c3:0f: c2:85:1c:cf:01:12:d7:a5:c7:5f:ae:4c:0e:20:d4: b0:e0:8d:b9:ab:9c:e3:64:e8:0d:3e:d6:7c:5f:f1: d2:e9:7e:06:2b:1e:65:9d:eb:30:a2:55:50:46:d8: 0a:0f:52:61:1f:0f:61:7b:f2:b8:8b:e9:d1:d4:1d: fc:a0:69:9a:07:c4:f0:d9:b2:9f:a7:bc:02:9f:3e: 67:dc:a8:f7:9c:c8:1c:7a:5b:7d:e3:b4:5e:78:c5: 20:d7:58:d4:9d:0e:52:9a:0d:ab:06:a7:40:cd:77: 2f:3b:73:f8:43:73:32:d7:9a:ca:01:a1:67:95:46: 3b:97:5d:54:92:cc:1c:f5:d6:c5:0f:a7:3f:29:54: 68:9b:bb:11:82:47:b1:e5:7c:36:e6:79:17:8d:51: 52:76:59:33:5a:07:61:72:3e:fc:f4:ba:c8:81:35: 3b:02:a5:71:79:cc:f6:f0:ff:7d:76:cc:32:17:4c: 88:52:fc:1a:6c:fa:1d:28:62:ab:10:6f:47:32:6b: de:57:19:88:6a:09:04:7e:ac:40:b2:83:80:79:2e: 81:9a:25:36:4d:69:8a:b5:8a:c0:0f:63:21:b0:57: 2d:cc:88:bf:f2:8a:44:20:be:60:ec:48:9a:58:5a: e5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:9D:C3:BC:19:C1:64:4C:D1:25:5D:69:9F:79:C9:39:60:DA:20:DA X509v3 Authority Key Identifier: keyid:21:3E:1D:50:D5:22:88:BE:E8:0E:EA:43:55:77:01:87:12:40:9B:BE X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IT4dUNUiiL7oDupDVXcBhxJAm74.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/PZ3DvBnBZEzRJV1pn3nJOWDaINo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/2a1ce9-fb4c-41ee-9ff6-316ef261f4a5/1/IT4dUNUiiL7oDupDVXcBhxJAm74.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.130.90.0/24 185.195.252.0/24 193.22.12.0/24 Signature Algorithm: sha256WithRSAEncryption 04:96:f5:f9:7a:fd:ab:9e:8a:ba:ab:f7:98:bb:ab:82:14:97: 64:4f:02:72:da:35:f2:bb:a8:94:c2:8e:d4:e0:87:eb:96:0a: 0c:bc:a5:f6:99:f9:2a:99:12:c6:49:87:64:42:29:78:83:a4: 51:61:e7:d4:1f:f2:15:3c:89:f3:bc:65:f9:d7:a8:fb:64:01: 9b:de:c7:ce:4c:2e:13:af:61:a8:1a:b6:70:66:c4:05:6a:57: d1:83:93:d6:59:66:80:b1:46:e6:1e:b3:71:4b:46:f1:c0:75: 99:84:07:39:c0:43:34:b9:6e:2f:f0:b6:8c:95:f0:84:08:9c: 4e:02:fc:80:b3:37:87:b8:92:07:b7:3b:48:8b:be:76:78:69: f6:9e:ed:24:0c:41:8e:09:5d:85:27:df:a3:f0:7a:67:ee:23: 11:5b:b9:99:e0:3e:fb:2b:d7:fe:13:65:2a:1e:40:da:65:db: 01:5e:d9:d7:d9:a9:60:1c:9a:16:80:f8:a0:ae:64:25:16:03: b0:c7:48:2d:bd:1d:fb:b8:67:f2:7b:1e:28:ce:93:0d:24:d1: 0c:29:b7:44:cc:01:87:92:cc:68:46:fa:cc:b8:8f:da:63:a5: 94:a0:07:6d:04:06:69:ed:2c:88:e0:fb:be:8f:6f:2d:85:02: 76:f7:6a:88 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt5EPNMyJLBA/4T9EyLPj6QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxM2UxZDUwZDUyMjg4YmVlODBlZWE0MzU1NzcwMTg3MTI0 MDliYmUwHhcNMjYwMTAxMTAxODMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZDlkYzNiYzE5YzE2NDRjZDEyNTVkNjk5Zjc5YzkzOTYwZGEyMGRhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQoT44BlGo02KcTNww/ChRzPARLX pcdfrkwOINSw4I25q5zjZOgNPtZ8X/HS6X4GKx5lneswolVQRtgKD1JhHw9he/K4 i+nR1B38oGmaB8Tw2bKfp7wCnz5n3Kj3nMgcelt947ReeMUg11jUnQ5Smg2rBqdA zXcvO3P4Q3My15rKAaFnlUY7l11Ukswc9dbFD6c/KVRom7sRgkex5Xw25nkXjVFS dlkzWgdhcj789LrIgTU7AqVxecz28P99dswyF0yIUvwabPodKGKrEG9HMmveVxmI agkEfqxAsoOAeS6BmiU2TWmKtYrAD2MhsFctzIi/8opEIL5g7EiaWFrluQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFD2dw7wZwWRM0SVdaZ95yTlg2iDaMB8GA1UdIwQY MBaAFCE+HVDVIoi+6A7qQ1V3AYcSQJu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYt MzE2ZWYyNjFmNGE1LzEvUFozRHZCbkJaRXpSSlYxcG4zbkpPV0RhSU5vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy8yYTFjZTktZmI0Yy00MWVlLTlmZjYtMzE2ZWYyNjFmNGE1 LzEvSVQ0ZFVOVWlpTDdvRHVwRFZYY0JoeEpBbTc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuYJaAwQA ucP8AwQAwRYMMA0GCSqGSIb3DQEBCwUAA4IBAQAElvX5ev2rnoq6q/eYu6uCFJdk TwJy2jXyu6iUwo7U4IfrlgoMvKX2mfkqmRLGSYdkQil4g6RRYefUH/IVPInzvGX5 16j7ZAGb3sfOTC4Tr2GoGrZwZsQFalfRg5PWWWaAsUbmHrNxS0bxwHWZhAc5wEM0 uW4v8LaMlfCECJxOAvyAszeHuJIHtztIi752eGn2nu0kDEGOCV2FJ9+j8Hpn7iMR W7mZ4D77K9f+E2UqHkDaZdsBXtnX2algHJoWgPigrmQlFgOwx0gtvR37uGfyex4o zpMNJNEMKbdEzAGHksxoRvrMuI/aY6WUoAdtBAZp7SyI4Pu+j28thQJ292qI -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:54 2026 by rpki-client