This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/3xPRafeWx70gR7UkLCG5F9C2rHo.roa File: 3xPRafeWx70gR7UkLCG5F9C2rHo.roa (raw, json) Hash identifier: U7UkGJf+A9s/ynCa6+kyvE2RYV9ZJf+qvn3E4k0mve0= Subject key identifier: DF:13:D1:69:F7:96:C7:BD:20:47:B5:24:2C:21:B9:17:D0:B6:AC:7A Certificate issuer: /CN=836462c62c7f63d2f5d787a701d779ab696e2236 Certificate serial: 019B7DCA6B28102C9297337CD1699EB74FE9 Authority key identifier: 83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/3xPRafeWx70gR7UkLCG5F9C2rHo.roa Signing time: Fri 02 Jan 2026 08:19:36 +0000 ROA not before: Fri 02 Jan 2026 08:19:36 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209128 IP address blocks: 185.149.121.0/24 maxlen: 24 2a0d:5980:ebae::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.crl rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.mft rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 23:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:6b:28:10:2c:92:97:33:7c:d1:69:9e:b7:4f:e9 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=836462c62c7f63d2f5d787a701d779ab696e2236 Validity Not Before: Jan 2 08:19:36 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df13d169f796c7bd2047b5242c21b917d0b6ac7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:98:52:24:9f:a3:d7:82:d2:21:a7:af:e3:80: 1f:be:f9:39:09:80:db:99:44:dd:dc:88:a3:8d:70: d0:c4:4f:0a:f1:9a:fc:d4:dc:20:1b:f4:8f:76:ec: 8e:ba:ec:08:09:d7:18:4b:1c:08:ac:ba:6c:e1:34: c0:53:9c:ab:57:e9:64:bc:90:8f:f8:dc:26:47:c5: b1:12:fb:8d:df:64:1c:b5:f5:d9:26:26:ba:03:73: bd:6f:50:39:50:03:7b:6f:07:91:7a:11:64:ec:af: ef:7f:67:34:4b:5e:52:4b:8b:a2:49:70:ad:a5:87: 43:ab:7b:b3:cb:d4:51:43:0f:42:df:1b:cb:dd:c7: 2d:06:9a:b0:29:b7:f1:6e:28:96:e5:0b:1b:08:eb: 7c:3d:76:2f:e7:db:ad:36:8f:d4:92:fe:bd:71:8d: bd:ca:b1:b6:d0:6a:0a:fd:19:4b:78:65:58:f9:4b: 9b:7f:0d:55:92:77:58:23:77:2e:3f:fa:71:86:06: 32:ae:78:98:98:ab:e9:10:71:d9:17:3e:c9:8e:17: 16:8a:32:1d:99:14:99:8a:5f:df:9b:da:bf:f6:39: d7:3c:da:db:37:2c:3d:f0:38:5e:1d:06:2b:00:30: 3f:66:27:05:47:d8:07:f7:54:dc:1d:ec:0e:a9:f7: f1:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:13:D1:69:F7:96:C7:BD:20:47:B5:24:2C:21:B9:17:D0:B6:AC:7A X509v3 Authority Key Identifier: keyid:83:64:62:C6:2C:7F:63:D2:F5:D7:87:A7:01:D7:79:AB:69:6E:22:36 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g2Rixix_Y9L114enAdd5q2luIjY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/3xPRafeWx70gR7UkLCG5F9C2rHo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/46/3717cf-fa38-4e3e-aefc-f910e5176b5e/1/g2Rixix_Y9L114enAdd5q2luIjY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.149.121.0/24 IPv6: 2a0d:5980:ebae::/48 Signature Algorithm: sha256WithRSAEncryption 0c:5c:32:b9:0f:ca:6f:72:17:8d:d3:ef:11:58:77:f1:6b:e7: a0:02:9e:9e:64:b5:04:5f:56:f7:d3:c5:4f:8a:09:78:b7:77: f2:a4:d1:ac:94:ef:5f:53:b3:26:a5:d7:8f:80:dd:de:ce:6f: 4d:66:51:97:8d:ac:4f:7e:c0:e3:40:62:5a:42:41:80:cf:70: 0e:fd:15:9c:5a:e3:e8:f9:62:1e:fe:10:18:5c:87:fb:50:5c: ca:9c:ff:72:09:cc:b6:32:39:21:2f:c7:bd:f9:86:59:5b:d6: e4:d9:82:4d:1e:13:d4:09:1a:0a:6d:3b:06:f4:d6:ae:d3:08: 12:ed:c7:0c:d5:2e:77:ef:82:d5:48:ea:b2:f9:82:e6:6f:d8: a3:02:54:32:8c:a8:01:0a:47:4c:45:08:41:93:9d:fc:f3:90: 6d:8b:25:65:51:eb:67:d5:91:8d:75:98:e8:a2:da:59:3c:7a: b4:4b:86:db:2f:07:a0:40:a2:d7:61:d5:c1:9a:ee:07:ee:a4: 95:ad:a4:7c:98:d5:c8:21:ed:19:39:1c:71:2e:b8:06:b4:d4: dd:ec:13:5e:93:44:ee:94:d4:5f:37:82:c1:76:38:d7:02:7d: 6f:f4:50:ab:0e:cd:f9:6f:b0:5d:a8:16:43:5a:e5:83:62:81: 05:e8:77:2a -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt9ymsoECySlzN80Wmet0/pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDgzNjQ2MmM2MmM3ZjYzZDJmNWQ3ODdhNzAxZDc3OWFiNjk2 ZTIyMzYwHhcNMjYwMTAyMDgxOTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjEzZDE2OWY3OTZjN2JkMjA0N2I1MjQyYzIxYjkxN2QwYjZhYzdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxJhSJJ+j14LSIaev44Afvvk5CYDb mUTd3IijjXDQxE8K8Zr81NwgG/SPduyOuuwICdcYSxwIrLps4TTAU5yrV+lkvJCP +NwmR8WxEvuN32QctfXZJia6A3O9b1A5UAN7bweRehFk7K/vf2c0S15SS4uiSXCt pYdDq3uzy9RRQw9C3xvL3cctBpqwKbfxbiiW5QsbCOt8PXYv59utNo/Ukv69cY29 yrG20GoK/RlLeGVY+Uubfw1VkndYI3cuP/pxhgYyrniYmKvpEHHZFz7JjhcWijId mRSZil/fm9q/9jnXPNrbNyw98DheHQYrADA/ZicFR9gH91TcHewOqffxEwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFN8T0Wn3lse9IEe1JCwhuRfQtqx6MB8GA1UdIwQY MBaAFINkYsYsf2PS9deHpwHXeatpbiI2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMt ZjkxMGU1MTc2YjVlLzEvM3hQUmFmZVd4NzBnUjdVa0xDRzVGOUMyckhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Ni8zNzE3Y2YtZmEzOC00ZTNlLWFlZmMtZjkxMGU1MTc2YjVl LzEvZzJSaXhpeF9ZOUwxMTRlbkFkZDVxMmx1SWpZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuZV5MA8E AgACMAkDBwAqDVmA664wDQYJKoZIhvcNAQELBQADggEBAAxcMrkPym9yF43T7xFY d/Fr56ACnp5ktQRfVvfTxU+KCXi3d/Kk0ayU719Tsyal14+A3d7Ob01mUZeNrE9+ wONAYlpCQYDPcA79FZxa4+j5Yh7+EBhch/tQXMqc/3IJzLYyOSEvx735hllb1uTZ gk0eE9QJGgptOwb01q7TCBLtxwzVLnfvgtVI6rL5guZv2KMCVDKMqAEKR0xFCEGT nfzzkG2LJWVR62fVkY11mOii2lk8erRLhtsvB6BAotdh1cGa7gfupJWtpHyY1cgh 7Rk5HHEuuAa01N3sE16TRO6U1F83gsF2ONcCfW/0UKsOzflvsF2oFkNa5YNigQXo dyo= -----END CERTIFICATE-----Generated at Sat Jan 10 07:30:29 2026 by rpki-client