This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/1iRbLYf4C0y3oJ3-4xIANjl72wA.roa File: 1iRbLYf4C0y3oJ3-4xIANjl72wA.roa (raw, json) Hash identifier: UG6S1kmkOsd5y0L7phKRaWuOG6F5o7BKD1/4AyWvM5A= Subject key identifier: D6:24:5B:2D:87:F8:0B:4C:B7:A0:9D:FE:E3:12:00:36:39:7B:DB:00 Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd Certificate serial: 019B78A2731269E309AEAAB88830410BA944 Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/1iRbLYf4C0y3oJ3-4xIANjl72wA.roa Signing time: Thu 01 Jan 2026 08:17:50 +0000 ROA not before: Thu 01 Jan 2026 08:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34347 IP address blocks: 80.92.112.0/20 maxlen: 20 152.89.72.0/22 maxlen: 22 156.67.192.0/21 maxlen: 21 185.35.180.0/22 maxlen: 22 185.88.200.0/23 maxlen: 23 185.176.156.0/23 maxlen: 23 185.203.212.0/22 maxlen: 22 195.149.216.0/21 maxlen: 21 2a02:28e8::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.mft rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:73:12:69:e3:09:ae:aa:b8:88:30:41:0b:a9:44 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd Validity Not Before: Jan 1 08:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d6245b2d87f80b4cb7a09dfee3120036397bdb00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:9b:68:5d:35:d8:3a:84:47:19:74:f5:3a:d0: e8:28:0c:e1:f3:7d:ea:51:5a:87:f5:0e:b9:da:b3: 77:07:2f:82:88:77:c2:a6:fe:8a:d6:f1:e5:86:6c: af:cb:19:dd:fc:9d:11:50:c1:ef:32:74:50:8a:37: 22:aa:08:96:06:cb:1f:90:90:ff:14:ac:8b:c3:5a: be:07:8b:7b:6a:e5:28:e7:16:bd:b4:f4:f3:f1:98: c4:66:d3:7c:de:90:7f:37:05:b6:16:3c:54:b4:c1: 50:f7:54:85:fd:bc:48:68:2e:50:4b:5c:2e:a7:f8: 11:f7:6e:f4:09:96:2d:59:46:ba:13:67:fc:ea:cb: c6:51:38:8e:0b:36:b4:f7:cb:42:82:e8:ac:35:95: 99:c8:db:7f:4f:73:f3:64:11:0a:41:0e:81:4a:9b: ce:93:19:d7:12:58:16:9c:98:7b:9d:cd:b6:22:6e: f6:7c:4f:b9:ea:7a:eb:29:ec:f4:be:92:e1:46:8b: fa:93:39:52:d1:f2:4c:0c:ca:ec:2b:e7:3c:75:9a: 85:f7:fb:41:d2:5e:02:ae:b3:8f:da:70:85:73:4e: d5:50:71:3b:69:e0:16:b7:c2:ef:c8:7f:30:eb:f4: 22:50:8d:6d:44:20:94:06:01:fa:6e:09:82:c1:02: 03:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:24:5B:2D:87:F8:0B:4C:B7:A0:9D:FE:E3:12:00:36:39:7B:DB:00 X509v3 Authority Key Identifier: keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/1iRbLYf4C0y3oJ3-4xIANjl72wA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.92.112.0/20 152.89.72.0/22 156.67.192.0/21 185.35.180.0/22 185.88.200.0/23 185.176.156.0/23 185.203.212.0/22 195.149.216.0/21 IPv6: 2a02:28e8::/32 Signature Algorithm: sha256WithRSAEncryption 15:c3:45:35:83:8b:35:40:0e:0c:a3:80:54:06:29:df:6c:84: 11:89:b3:00:23:64:02:a4:5a:d6:40:f0:e7:1f:32:cd:25:7a: ce:c1:97:16:aa:7b:e0:41:2c:2d:6a:59:0e:a5:83:7b:e3:71: c4:76:72:7c:e0:0c:75:83:2f:3c:de:b4:bd:d6:d5:d8:04:99: 8c:bd:9e:75:0a:2a:75:46:cc:c0:0d:58:1e:4c:a5:00:79:4a: bf:47:ad:87:1e:6f:4e:90:7c:7a:4f:3a:3d:a5:39:25:86:13: 55:46:69:b2:49:a9:f2:1f:44:8a:0a:e4:da:05:4d:68:4d:29: 0c:2a:40:c0:2a:ca:d8:de:42:22:20:34:3b:a5:bf:37:84:45: 5b:d2:18:a5:b7:12:2e:93:f1:70:c5:87:b3:ae:20:d0:2a:9f: 18:ec:11:63:90:6b:49:90:3c:58:6d:b2:99:69:c4:5c:31:83: a4:09:4c:c1:65:b3:ed:35:c6:79:00:16:5d:0e:c0:ee:7e:2b: a2:35:fa:79:0d:e1:c2:4f:c4:e2:5f:12:72:a3:0f:e2:7b:6f: f2:e3:09:8b:8d:bd:f1:23:d6:ed:66:2e:09:7c:88:98:83:12: 21:11:fa:3d:e1:a3:e7:83:2a:e8:0e:f9:c5:ca:f9:21:87:32: 87:86:d1:ab -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt4onMSaeMJrqq4iDBBC6lEMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx NDlhZmQwHhcNMjYwMTAxMDgxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNjI0NWIyZDg3ZjgwYjRjYjdhMDlkZmVlMzEyMDAzNjM5N2JkYjAwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2JtoXTXYOoRHGXT1OtDoKAzh833q UVqH9Q652rN3By+CiHfCpv6K1vHlhmyvyxnd/J0RUMHvMnRQijciqgiWBssfkJD/ FKyLw1q+B4t7auUo5xa9tPTz8ZjEZtN83pB/NwW2FjxUtMFQ91SF/bxIaC5QS1wu p/gR9270CZYtWUa6E2f86svGUTiOCza098tCguisNZWZyNt/T3PzZBEKQQ6BSpvO kxnXElgWnJh7nc22Im72fE+56nrrKez0vpLhRov6kzlS0fJMDMrsK+c8dZqF9/tB 0l4CrrOP2nCFc07VUHE7aeAWt8LvyH8w6/QiUI1tRCCUBgH6bgmCwQIDIwIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFNYkWy2H+AtMt6Cd/uMSADY5e9sAMB8GA1UdIwQY MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt MzRkNzE0ODVjNTQ3LzEvMWlSYkxZZjRDMHkzb0ozLTR4SUFOamw3MndBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3 LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEUFxwAwQC mFlIAwQDnEPAAwQCuSO0AwQBuVjIAwQBubCcAwQCucvUAwQDw5XYMA0EAgACMAcD BQAqAijoMA0GCSqGSIb3DQEBCwUAA4IBAQAVw0U1g4s1QA4Mo4BUBinfbIQRibMA I2QCpFrWQPDnHzLNJXrOwZcWqnvgQSwtalkOpYN743HEdnJ84Ax1gy883rS91tXY BJmMvZ51Cip1RszADVgeTKUAeUq/R62HHm9OkHx6Tzo9pTklhhNVRmmySanyH0SK CuTaBU1oTSkMKkDAKsrY3kIiIDQ7pb83hEVb0hiltxIuk/FwxYezriDQKp8Y7BFj kGtJkDxYbbKZacRcMYOkCUzBZbPtNcZ5ABZdDsDufiuiNfp5DeHCT8TiXxJyow/i e2/y4wmLjb3xI9btZi4JfIiYgxIhEfo94aPngyroDvnFyvkhhzKHhtGr -----END CERTIFICATE-----Generated at Mon Feb 9 19:56:02 2026 by rpki-client