This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/RAfopN6tdeJL1sjFRpqIy4imIeQ.roa File: RAfopN6tdeJL1sjFRpqIy4imIeQ.roa (raw, json) Hash identifier: 4hFaV9gs/RBpS6I2/H1rs69idfo3PhuX0d8XFhEvMeM= Subject key identifier: 44:07:E8:A4:DE:AD:75:E2:4B:D6:C8:C5:46:9A:88:CB:88:A6:21:E4 Certificate issuer: /CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b Certificate serial: 019B7F1485FFD4257AE861466ABC480D4E6E Authority key identifier: 70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/RAfopN6tdeJL1sjFRpqIy4imIeQ.roa Signing time: Fri 02 Jan 2026 14:20:10 +0000 ROA not before: Fri 02 Jan 2026 14:20:10 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211253 IP address blocks: 185.87.168.0/24 maxlen: 24 185.87.169.0/24 maxlen: 24 185.87.170.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.mft rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 23:01:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:85:ff:d4:25:7a:e8:61:46:6a:bc:48:0d:4e:6e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=706b7fea8ad35111ca687a9cd00a49f9a4f0459b Validity Not Before: Jan 2 14:20:10 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4407e8a4dead75e24bd6c8c5469a88cb88a621e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:df:cd:cf:a0:d6:94:f9:cf:26:fb:bb:f7:f2: c1:2e:34:78:f1:e9:44:4d:74:a1:81:6f:19:37:87: 21:28:66:4f:0e:b6:ad:b5:f1:3c:41:13:f1:66:fb: 23:5d:ca:9d:f1:5d:b7:e2:64:ab:7e:65:ec:e8:96: 5a:7c:47:8d:d6:0b:da:b5:9b:96:aa:fb:c2:ef:66: 65:ca:d2:34:04:f3:32:2c:ca:29:d8:55:18:9f:03: 30:87:78:1c:d1:d5:e2:95:ef:57:6e:65:54:f4:97: 28:44:bd:56:58:6e:62:b1:16:62:a7:3b:37:a5:9f: 86:29:6b:ef:ef:d4:b4:96:a4:e0:f5:b6:72:01:3d: 5b:47:b6:00:70:fa:cd:56:55:76:3b:a2:f5:7d:05: f4:02:2c:95:23:d4:99:3f:94:cb:51:5e:6f:69:49: 43:b4:9f:de:4e:d1:36:85:24:0c:12:43:6d:96:fb: a6:9d:3d:b2:4c:0b:0b:12:a8:21:d2:b6:e1:1f:2c: 6e:8e:45:02:12:b1:02:8b:d9:70:75:89:71:cf:00: ff:bc:7b:b7:66:61:b0:94:12:69:ac:b2:32:ff:03: 11:9f:32:16:47:4d:d4:db:ad:ed:45:44:81:6a:51: 07:bc:7e:23:53:03:57:d8:07:f6:b9:0d:b0:6d:ba: d5:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:07:E8:A4:DE:AD:75:E2:4B:D6:C8:C5:46:9A:88:CB:88:A6:21:E4 X509v3 Authority Key Identifier: keyid:70:6B:7F:EA:8A:D3:51:11:CA:68:7A:9C:D0:0A:49:F9:A4:F0:45:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cGt_6orTURHKaHqc0ApJ-aTwRZs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/RAfopN6tdeJL1sjFRpqIy4imIeQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/37/d2974f-7efa-4611-8827-260c377a314a/1/cGt_6orTURHKaHqc0ApJ-aTwRZs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.87.168.0-185.87.170.255 Signature Algorithm: sha256WithRSAEncryption 67:f0:cb:e5:6a:50:15:44:0e:b6:ff:b4:78:12:4a:3a:dc:69: a7:3a:32:6b:c5:26:bf:bf:5d:f2:73:2c:c4:ee:b9:5e:32:43: 7a:e6:63:28:c3:cf:83:a1:ac:43:bb:a9:54:f9:13:1e:ba:0e: 3f:77:cf:f4:9a:85:8c:2e:d9:61:e9:18:9e:9c:3d:3a:fd:6c: 87:f7:a3:c9:fc:20:68:c1:1e:ad:4d:25:5f:18:36:04:38:6b: 53:42:c0:f3:ed:c9:cb:a7:c4:da:34:23:6e:91:3e:39:bb:ba: 3c:b5:a6:6a:f9:d7:6b:e1:1d:57:18:75:45:6b:04:32:e6:58: 0d:36:ab:b5:2d:32:25:43:86:11:cb:ed:8d:4f:4f:ae:53:cc: a3:24:94:92:38:3c:4b:40:70:62:cb:1d:31:bc:f9:6c:c9:c2: 23:2a:17:3d:33:fe:ce:b0:d5:5f:33:ef:7e:4a:11:85:3f:0d: b7:bb:73:48:b1:90:43:d2:b4:28:6b:b6:25:10:e4:a5:29:58: 4f:0f:f0:1d:c4:67:ab:3f:e7:a2:77:3a:94:1f:9d:93:05:83: d1:b1:65:96:25:25:39:ea:63:39:02:84:21:f6:83:3a:a0:70: 17:48:c1:e1:f8:30:fe:bd:eb:c3:10:5d:10:11:ee:64:0d:22: 25:af:a5:c4 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/FIX/1CV66GFGarxIDU5uMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwNmI3ZmVhOGFkMzUxMTFjYTY4N2E5Y2QwMGE0OWY5YTRm MDQ1OWIwHhcNMjYwMTAyMTQyMDEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0NDA3ZThhNGRlYWQ3NWUyNGJkNmM4YzU0NjlhODhjYjg4YTYyMWU0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvd/Nz6DWlPnPJvu79/LBLjR48elE TXShgW8ZN4chKGZPDrattfE8QRPxZvsjXcqd8V234mSrfmXs6JZafEeN1gvatZuW qvvC72ZlytI0BPMyLMop2FUYnwMwh3gc0dXile9XbmVU9JcoRL1WWG5isRZipzs3 pZ+GKWvv79S0lqTg9bZyAT1bR7YAcPrNVlV2O6L1fQX0AiyVI9SZP5TLUV5vaUlD tJ/eTtE2hSQMEkNtlvumnT2yTAsLEqgh0rbhHyxujkUCErECi9lwdYlxzwD/vHu3 ZmGwlBJprLIy/wMRnzIWR03U263tRUSBalEHvH4jUwNX2Af2uQ2wbbrVuQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFEQH6KTerXXiS9bIxUaaiMuIpiHkMB8GA1UdIwQY MBaAFHBrf+qK01ERymh6nNAKSfmk8EWbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4Mjct MjYwYzM3N2EzMTRhLzEvUkFmb3BONnRkZUpMMXNqRlJwcUl5NGltSWVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNy9kMjk3NGYtN2VmYS00NjExLTg4MjctMjYwYzM3N2EzMTRh LzEvY0d0XzZvclRVUkhLYUhxYzBBcEotYVR3UlpzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5V6gD BAC5V6owDQYJKoZIhvcNAQELBQADggEBAGfwy+VqUBVEDrb/tHgSSjrcaac6MmvF Jr+/XfJzLMTuuV4yQ3rmYyjDz4OhrEO7qVT5Ex66Dj93z/SahYwu2WHpGJ6cPTr9 bIf3o8n8IGjBHq1NJV8YNgQ4a1NCwPPtycunxNo0I26RPjm7ujy1pmr512vhHVcY dUVrBDLmWA02q7UtMiVDhhHL7Y1PT65TzKMklJI4PEtAcGLLHTG8+WzJwiMqFz0z /s6w1V8z735KEYU/Dbe7c0ixkEPStChrtiUQ5KUpWE8P8B3EZ6s/56J3OpQfnZMF g9GxZZYlJTnqYzkChCH2gzqgcBdIweH4MP6968MQXRAR7mQNIiWvpcQ= -----END CERTIFICATE-----Generated at Tue Jan 27 08:48:24 2026 by rpki-client