This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/I3QKFov--NDtK49UPqV2RMA_ZSs.roa File: I3QKFov--NDtK49UPqV2RMA_ZSs.roa (raw, json) Hash identifier: 5bH+Qg+gTHLwp5S4Kx2BVafx6XVTZnjE39jOohvcHdQ= Subject key identifier: 23:74:0A:16:8B:FE:F8:D0:ED:2B:8F:54:3E:A5:76:44:C0:3F:65:2B Certificate issuer: /CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c Certificate serial: 019B7D5ABFF6FEFA7CDE685D28AD7D219231 Authority key identifier: 0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/I3QKFov--NDtK49UPqV2RMA_ZSs.roa Signing time: Fri 02 Jan 2026 06:17:37 +0000 ROA not before: Fri 02 Jan 2026 06:17:37 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198102 IP address blocks: 185.211.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.mft rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5a:bf:f6:fe:fa:7c:de:68:5d:28:ad:7d:21:92:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0a2a157f00515f95b6df5dc0d52eb1b5d43fde5c Validity Not Before: Jan 2 06:17:37 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23740a168bfef8d0ed2b8f543ea57644c03f652b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:eb:85:ce:c4:f8:ae:4b:2d:6b:11:34:48:90: 18:8c:1f:80:da:b6:87:6f:10:c6:5f:d8:48:c5:41: 6f:c5:e9:f8:92:5d:b9:e8:f1:cd:42:12:a7:79:6d: 00:49:a0:f2:ae:63:3e:10:3c:68:cd:25:71:7d:87: c8:db:94:0e:42:2a:a4:a1:7a:c9:70:69:2a:d2:4f: df:dd:29:10:b6:bc:84:40:32:10:b3:e2:02:30:c9: d9:b8:b5:ff:4c:4a:61:ca:c5:d4:8f:d9:2a:13:6b: 5f:30:da:46:b7:26:2e:77:7c:00:ec:94:d7:0b:59: 9f:56:d9:12:b3:2b:fe:fa:e0:e4:93:43:52:c1:c1: 10:d8:5d:33:d0:a4:f1:87:34:37:ca:a1:3d:a9:cc: f9:04:39:d2:71:46:b8:b0:8f:1e:93:18:d8:3e:46: 72:84:f5:1b:5d:9d:ad:d3:1b:39:c0:70:5b:27:dc: a5:79:65:ed:42:85:d6:9a:3d:dc:c3:1e:4e:62:e4: 34:79:39:e4:0c:27:8b:8a:a8:8d:4d:66:41:a7:24: db:3d:3f:56:52:16:2a:97:de:ae:59:8f:df:10:b7: 52:f6:56:f5:fd:79:52:8c:c4:1f:0f:4e:9e:3b:47: b3:17:a6:a5:9e:fe:c9:4f:8f:9b:0f:50:24:1a:d5: 4e:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:74:0A:16:8B:FE:F8:D0:ED:2B:8F:54:3E:A5:76:44:C0:3F:65:2B X509v3 Authority Key Identifier: keyid:0A:2A:15:7F:00:51:5F:95:B6:DF:5D:C0:D5:2E:B1:B5:D4:3F:DE:5C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CioVfwBRX5W2313A1S6xtdQ_3lw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/I3QKFov--NDtK49UPqV2RMA_ZSs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/3a39e9-3d40-46f8-bb0f-5ba43b118f75/1/CioVfwBRX5W2313A1S6xtdQ_3lw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.211.14.0/24 Signature Algorithm: sha256WithRSAEncryption 42:87:80:eb:24:c5:fb:b6:fe:17:c1:fd:d5:b8:c6:c9:af:45: c9:28:dd:2b:04:b0:f9:5d:1c:8d:33:75:16:71:d5:40:5a:f0: 11:43:46:69:bc:10:b0:30:a8:22:32:7b:93:80:5f:5f:12:08: ba:af:49:0a:83:4b:9e:7b:76:bc:8e:da:d5:e3:b0:c7:2e:46: 22:6a:48:00:28:a1:5d:28:5c:62:b3:ff:78:e2:aa:ac:c6:ba: a9:c5:aa:1b:cf:60:e1:49:6a:a6:93:a7:90:a2:77:8b:6f:18: 74:58:5f:08:c2:ca:59:b5:51:c3:62:c9:f6:d8:76:f7:c8:96: 79:52:8d:b4:93:7c:f3:e0:81:2f:bb:0a:23:eb:d0:9a:ec:90: 50:1e:84:52:2d:83:62:d6:e3:e8:89:66:90:d2:d1:82:d6:1c: a7:59:73:88:6b:90:86:b4:b6:54:89:b8:ae:fe:87:6a:ff:63: 18:0c:be:41:cc:90:d0:60:da:2d:74:de:b8:cc:e9:0b:b4:89: 92:a9:e6:3c:64:05:db:45:2b:3f:66:1a:60:b9:bf:87:b6:c1: 32:d9:f2:6b:1e:a7:57:b2:67:91:d9:a9:5c:e4:61:0d:72:4b: 26:bc:c3:e0:34:3a:c1:53:84:8b:7c:c9:65:cf:06:7c:25:48: 76:a0:33:1f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9Wr/2/vp83mhdKK19IZIxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBhMmExNTdmMDA1MTVmOTViNmRmNWRjMGQ1MmViMWI1ZDQz ZmRlNWMwHhcNMjYwMTAyMDYxNzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyMzc0MGExNjhiZmVmOGQwZWQyYjhmNTQzZWE1NzY0NGMwM2Y2NTJiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5euFzsT4rkstaxE0SJAYjB+A2raH bxDGX9hIxUFvxen4kl256PHNQhKneW0ASaDyrmM+EDxozSVxfYfI25QOQiqkoXrJ cGkq0k/f3SkQtryEQDIQs+ICMMnZuLX/TEphysXUj9kqE2tfMNpGtyYud3wA7JTX C1mfVtkSsyv++uDkk0NSwcEQ2F0z0KTxhzQ3yqE9qcz5BDnScUa4sI8ekxjYPkZy hPUbXZ2t0xs5wHBbJ9yleWXtQoXWmj3cwx5OYuQ0eTnkDCeLiqiNTWZBpyTbPT9W UhYql96uWY/fELdS9lb1/XlSjMQfD06eO0ezF6alnv7JT4+bD1AkGtVOkQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFCN0ChaL/vjQ7SuPVD6ldkTAP2UrMB8GA1UdIwQY MBaAFAoqFX8AUV+Vtt9dwNUusbXUP95cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYt NWJhNDNiMTE4Zjc1LzEvSTNRS0Zvdi0tTkR0SzQ5VVBxVjJSTUFfWlNzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zZS8zYTM5ZTktM2Q0MC00NmY4LWJiMGYtNWJhNDNiMTE4Zjc1 LzEvQ2lvVmZ3QlJYNVcyMzEzQTFTNnh0ZFFfM2x3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudMOMA0G CSqGSIb3DQEBCwUAA4IBAQBCh4DrJMX7tv4Xwf3VuMbJr0XJKN0rBLD5XRyNM3UW cdVAWvARQ0ZpvBCwMKgiMnuTgF9fEgi6r0kKg0uee3a8jtrV47DHLkYiakgAKKFd KFxis/944qqsxrqpxaobz2DhSWqmk6eQoneLbxh0WF8IwspZtVHDYsn22Hb3yJZ5 Uo20k3zz4IEvuwoj69Ca7JBQHoRSLYNi1uPoiWaQ0tGC1hynWXOIa5CGtLZUibiu /odq/2MYDL5BzJDQYNotdN64zOkLtImSqeY8ZAXbRSs/Zhpgub+HtsEy2fJrHqdX smeR2alc5GENcksmvMPgNDrBU4SLfMllzwZ8JUh2oDMf -----END CERTIFICATE-----Generated at Mon Feb 9 22:37:08 2026 by rpki-client