This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/3yOJ06gfUKk-2XYdWHLIAlWgfEc.roa File: 3yOJ06gfUKk-2XYdWHLIAlWgfEc.roa (raw, json) Hash identifier: nXcj7d6dSu1swvQGzGjJKVLnGkefzXVXrhP3pXEGcwM= Subject key identifier: DF:23:89:D3:A8:1F:50:A9:3E:D9:76:1D:58:72:C8:02:55:A0:7C:47 Certificate issuer: /CN=215a409d27b9a69346324004694da11beae02dbb Certificate serial: 019B7F12FCDE4E1FF1A1F7658498E1F79AD6 Authority key identifier: 21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/3yOJ06gfUKk-2XYdWHLIAlWgfEc.roa Signing time: Fri 02 Jan 2026 14:18:29 +0000 ROA not before: Fri 02 Jan 2026 14:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50500 IP address blocks: 185.114.88.0/24 maxlen: 24 185.114.89.0/24 maxlen: 24 185.114.90.0/24 maxlen: 24 185.114.91.0/24 maxlen: 24 185.134.177.0/24 maxlen: 24 185.134.178.0/24 maxlen: 24 185.134.179.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.mft rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:12:fc:de:4e:1f:f1:a1:f7:65:84:98:e1:f7:9a:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=215a409d27b9a69346324004694da11beae02dbb Validity Not Before: Jan 2 14:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df2389d3a81f50a93ed9761d5872c80255a07c47 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f6:bc:f6:0e:c4:b7:06:b9:db:2f:1f:d0:4a:74: 8b:62:26:8a:37:84:46:86:90:1a:e3:dc:d7:d1:4f: 86:58:d3:53:6b:46:ae:d8:5d:aa:8e:17:11:29:05: 98:0c:fa:f8:ac:58:ad:34:08:6d:44:19:06:6d:08: 23:29:b9:17:d5:b9:c4:e3:b4:10:46:8b:66:21:df: 68:57:54:7f:19:fd:72:38:62:07:49:33:9c:03:d1: 46:3a:2e:dd:da:df:64:24:d4:f1:e6:bf:c0:db:40: 37:42:b7:5d:9e:71:3a:f7:44:49:19:66:8e:d6:69: 50:be:ca:15:46:8d:56:09:ac:e1:00:4f:d3:05:24: e8:4e:d3:99:e1:16:19:ab:86:5b:b8:25:73:df:20: a2:47:54:a2:76:b4:77:bd:f3:5b:77:af:2c:7e:3c: e1:55:69:b9:fe:56:6b:bd:f2:a5:a9:b6:ab:a6:c2: 5e:7b:f3:31:3d:2e:51:ad:6a:5f:96:b3:da:1a:b9: 77:21:74:b1:6f:01:f0:d2:eb:a1:9c:03:28:ea:fc: 42:a8:ec:69:13:6d:ca:07:be:04:9c:12:65:70:f1: 84:f6:95:0a:03:47:1a:68:3f:c4:f7:3b:39:a4:1d: ea:21:a4:8f:72:71:58:5a:e0:b9:c3:99:47:b4:76: f4:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:23:89:D3:A8:1F:50:A9:3E:D9:76:1D:58:72:C8:02:55:A0:7C:47 X509v3 Authority Key Identifier: keyid:21:5A:40:9D:27:B9:A6:93:46:32:40:04:69:4D:A1:1B:EA:E0:2D:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IVpAnSe5ppNGMkAEaU2hG-rgLbs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/3yOJ06gfUKk-2XYdWHLIAlWgfEc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/f0c9e3-1c40-4f33-95ce-98d2fee0f87a/1/IVpAnSe5ppNGMkAEaU2hG-rgLbs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.114.88.0/22 185.134.177.0-185.134.179.255 Signature Algorithm: sha256WithRSAEncryption 81:10:0f:81:b0:01:e0:4b:7b:ab:3c:67:89:d0:2a:a9:49:e2: e7:3f:77:3d:14:f2:18:06:7e:05:07:0d:9b:7d:a9:be:52:06: 81:f8:25:8d:9e:06:b7:b5:5d:d7:46:e5:8b:35:23:18:7d:e1: 45:da:a5:eb:17:63:4c:b0:bf:6c:4e:82:9d:9e:01:38:4e:58: f3:16:2e:8c:49:6f:fc:65:49:04:ab:97:01:90:f2:bf:84:b9: 2b:8e:dd:b0:24:93:72:64:b4:c9:00:6a:07:4d:b4:fd:6d:83: d7:42:56:13:5e:d6:d7:53:87:b6:bf:da:7a:6c:fe:20:ce:89: e3:54:20:f5:cf:53:18:c3:c7:05:b3:96:0d:60:8d:7b:f6:2f: 57:d6:82:67:ff:6a:1d:b3:4d:d9:4e:df:ff:90:a3:ee:41:d8: ee:79:b4:d9:c1:09:d4:fa:4c:7f:42:1f:44:8b:67:3b:7e:8c: 74:07:9d:e5:85:16:bf:9a:ba:ac:82:2c:78:9f:7b:7f:6e:9f: bc:e1:67:39:46:66:d5:10:18:ee:a3:08:36:a6:86:38:85:b5: b5:35:aa:1a:3b:f2:c7:8d:ca:4d:8f:c1:cf:83:2f:ff:5e:26: 61:e6:75:50:a4:46:fe:dd:2d:3d:23:46:3b:bd:c6:d1:65:2e: f3:d4:62:23 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt/EvzeTh/xofdlhJjh95rWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxNWE0MDlkMjdiOWE2OTM0NjMyNDAwNDY5NGRhMTFiZWFl MDJkYmIwHhcNMjYwMTAyMTQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjIzODlkM2E4MWY1MGE5M2VkOTc2MWQ1ODcyYzgwMjU1YTA3YzQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9rz2DsS3BrnbLx/QSnSLYiaKN4RG hpAa49zX0U+GWNNTa0au2F2qjhcRKQWYDPr4rFitNAhtRBkGbQgjKbkX1bnE47QQ RotmId9oV1R/Gf1yOGIHSTOcA9FGOi7d2t9kJNTx5r/A20A3QrddnnE690RJGWaO 1mlQvsoVRo1WCazhAE/TBSToTtOZ4RYZq4ZbuCVz3yCiR1SidrR3vfNbd68sfjzh VWm5/lZrvfKlqbarpsJee/MxPS5RrWpflrPaGrl3IXSxbwHw0uuhnAMo6vxCqOxp E23KB74EnBJlcPGE9pUKA0caaD/E9zs5pB3qIaSPcnFYWuC5w5lHtHb0uwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFN8jidOoH1CpPtl2HVhyyAJVoHxHMB8GA1UdIwQY MBaAFCFaQJ0nuaaTRjJABGlNoRvq4C27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2Ut OThkMmZlZTBmODdhLzEvM3lPSjA2Z2ZVS2stMlhZZFdITElBbFdnZkVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80ZS9mMGM5ZTMtMWM0MC00ZjMzLTk1Y2UtOThkMmZlZTBmODdh LzEvSVZwQW5TZTVwcE5HTWtBRWFVMmhHLXJnTGJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCuXJYMAwD BAC5hrEDBAK5hrAwDQYJKoZIhvcNAQELBQADggEBAIEQD4GwAeBLe6s8Z4nQKqlJ 4uc/dz0U8hgGfgUHDZt9qb5SBoH4JY2eBre1XddG5Ys1Ixh94UXapesXY0ywv2xO gp2eAThOWPMWLoxJb/xlSQSrlwGQ8r+EuSuO3bAkk3JktMkAagdNtP1tg9dCVhNe 1tdTh7a/2nps/iDOieNUIPXPUxjDxwWzlg1gjXv2L1fWgmf/ah2zTdlO3/+Qo+5B 2O55tNnBCdT6TH9CH0SLZzt+jHQHneWFFr+auqyCLHife39un7zhZzlGZtUQGO6j CDamhjiFtbU1qho78seNyk2Pwc+DL/9eJmHmdVCkRv7dLT0jRju9xtFlLvPUYiM= -----END CERTIFICATE-----Generated at Mon Feb 2 10:54:05 2026 by rpki-client