This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/PJf1Yws8p6oR_mrdRHX4LnOh1Z8.roa File: PJf1Yws8p6oR_mrdRHX4LnOh1Z8.roa (raw, json) Hash identifier: ceWACnB+ERuEfKRbsAjVw1PIFxKKxglKGhcLEOukNs0= Subject key identifier: 3C:97:F5:63:0B:3C:A7:AA:11:FE:6A:DD:44:75:F8:2E:73:A1:D5:9F Certificate issuer: /CN=356ac9c769976f6e2e82aaccfe239b6aa1922378 Certificate serial: 019B7B35AD781AE0D136AF6EA98C88D1EF02 Authority key identifier: 35:6A:C9:C7:69:97:6F:6E:2E:82:AA:CC:FE:23:9B:6A:A1:92:23:78 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWrJx2mXb24ugqrM_iObaqGSI3g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/PJf1Yws8p6oR_mrdRHX4LnOh1Z8.roa Signing time: Thu 01 Jan 2026 20:17:54 +0000 ROA not before: Thu 01 Jan 2026 20:17:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60164 IP address blocks: 185.54.148.0/22 maxlen: 24 2a04:d280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/NWrJx2mXb24ugqrM_iObaqGSI3g.crl rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/NWrJx2mXb24ugqrM_iObaqGSI3g.mft rsync://rpki.ripe.net/repository/DEFAULT/NWrJx2mXb24ugqrM_iObaqGSI3g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 18:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:ad:78:1a:e0:d1:36:af:6e:a9:8c:88:d1:ef:02 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=356ac9c769976f6e2e82aaccfe239b6aa1922378 Validity Not Before: Jan 1 20:17:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3c97f5630b3ca7aa11fe6add4475f82e73a1d59f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:c6:72:14:1e:34:91:68:9c:85:dd:58:fc:db: 81:9b:eb:ba:2e:8b:13:e4:40:4f:8a:a7:72:c9:91: a2:9c:65:c2:35:04:24:cf:7d:9b:02:01:c9:31:f9: e9:31:1b:1d:f1:80:8f:8a:b2:99:d1:e6:b9:b7:c4: 73:91:84:57:9d:36:37:1a:d7:ec:4e:a9:5e:8c:c9: d0:b5:72:0b:e3:39:27:dd:17:10:ea:65:d9:bd:3b: d5:6d:a7:79:c4:33:59:ac:6f:5b:c7:f0:07:e6:a1: 48:4b:9e:11:c6:32:f0:15:16:61:b6:57:03:28:9b: 20:38:fe:b6:9c:ec:73:e9:5f:11:5c:5c:bd:35:80: f7:14:5a:2b:21:29:ef:bd:49:b4:d8:6f:f3:96:bd: f1:a2:36:2b:a9:ec:fe:a5:81:bb:ce:fa:26:da:d4: 79:25:a8:e7:4f:3d:f3:65:03:8c:8b:a8:08:03:46: 9e:9b:e5:c5:e1:68:bd:a2:f7:b1:d3:8c:dd:73:7f: 62:65:72:c9:b1:53:0a:37:b4:31:82:20:88:4b:05: c8:be:78:c1:3b:64:dd:28:7b:a2:29:73:df:44:70: 44:df:f2:69:e9:1f:c2:03:13:e9:77:50:e5:05:0b: 59:a0:32:63:1f:04:9a:39:69:7a:76:d9:28:52:77: 0c:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:97:F5:63:0B:3C:A7:AA:11:FE:6A:DD:44:75:F8:2E:73:A1:D5:9F X509v3 Authority Key Identifier: keyid:35:6A:C9:C7:69:97:6F:6E:2E:82:AA:CC:FE:23:9B:6A:A1:92:23:78 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWrJx2mXb24ugqrM_iObaqGSI3g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/PJf1Yws8p6oR_mrdRHX4LnOh1Z8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/eefe67-3ebd-46cb-bcc8-6c61a9023139/1/NWrJx2mXb24ugqrM_iObaqGSI3g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.54.148.0/22 IPv6: 2a04:d280::/29 Signature Algorithm: sha256WithRSAEncryption 27:09:cd:d8:21:0b:48:1a:22:2f:2c:00:fb:13:8b:83:d9:c9: bc:fd:bd:65:ee:54:e3:b3:85:d3:e8:b0:44:45:d0:74:47:fe: d1:87:bf:5d:98:45:a6:36:23:1d:fc:15:fc:6e:b5:ad:a5:38: 76:af:7b:06:4a:b4:b3:ea:01:85:9d:49:26:3b:76:60:95:22: 84:e1:28:f4:2e:1f:8b:3e:ee:aa:9c:b1:62:30:a3:34:b3:21: 28:9d:30:ce:b4:2f:e1:b6:bb:3d:77:53:01:bd:3c:f8:2a:a7: 65:4f:b8:6f:3f:ab:ef:a8:71:03:62:52:62:4e:6b:e1:ab:5e: b0:11:a8:54:2d:eb:dd:aa:e7:1b:16:a3:1a:a7:cb:08:c1:dc: 33:3d:1f:aa:6c:3a:32:b2:4b:d0:61:f6:5f:10:09:3a:11:ef: ad:d3:b5:80:37:a9:f7:11:d7:0e:11:32:ef:0e:83:3b:72:eb: 0b:8c:9c:56:25:ba:16:fd:f9:35:88:9a:5b:3e:8c:a4:7c:5e: f3:fc:72:06:39:a3:82:5d:03:05:69:31:6f:55:48:8d:29:1e: fe:ad:d6:bc:02:15:70:ba:47:1a:96:1c:fc:4d:6a:bf:a0:63: 81:96:a2:16:43:9a:d9:20:c3:99:11:f9:59:bc:75:cd:2f:3d: b7:7c:f6:73 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7Na14GuDRNq9uqYyI0e8CMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM1NmFjOWM3Njk5NzZmNmUyZTgyYWFjY2ZlMjM5YjZhYTE5 MjIzNzgwHhcNMjYwMTAxMjAxNzU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYzk3ZjU2MzBiM2NhN2FhMTFmZTZhZGQ0NDc1ZjgyZTczYTFkNTlmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8ZyFB40kWichd1Y/NuBm+u6LosT 5EBPiqdyyZGinGXCNQQkz32bAgHJMfnpMRsd8YCPirKZ0ea5t8RzkYRXnTY3Gtfs TqlejMnQtXIL4zkn3RcQ6mXZvTvVbad5xDNZrG9bx/AH5qFIS54RxjLwFRZhtlcD KJsgOP62nOxz6V8RXFy9NYD3FForISnvvUm02G/zlr3xojYrqez+pYG7zvom2tR5 JajnTz3zZQOMi6gIA0aem+XF4Wi9ovex04zdc39iZXLJsVMKN7QxgiCISwXIvnjB O2TdKHuiKXPfRHBE3/Jp6R/CAxPpd1DlBQtZoDJjHwSaOWl6dtkoUncMrQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFDyX9WMLPKeqEf5q3UR1+C5zodWfMB8GA1UdIwQY MBaAFDVqycdpl29uLoKqzP4jm2qhkiN4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTldySngybVhiMjR1Z3FyTV9pT2JhcUdTSTNnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9lZWZlNjctM2ViZC00NmNiLWJjYzgt NmM2MWE5MDIzMTM5LzEvUEpmMVl3czhwNm9SX21yZFJIWDRMbk9oMVo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Zi9lZWZlNjctM2ViZC00NmNiLWJjYzgtNmM2MWE5MDIzMTM5 LzEvTldySngybVhiMjR1Z3FyTV9pT2JhcUdTSTNnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTaUMA0E AgACMAcDBQMqBNKAMA0GCSqGSIb3DQEBCwUAA4IBAQAnCc3YIQtIGiIvLAD7E4uD 2cm8/b1l7lTjs4XT6LBERdB0R/7Rh79dmEWmNiMd/BX8brWtpTh2r3sGSrSz6gGF nUkmO3ZglSKE4Sj0Lh+LPu6qnLFiMKM0syEonTDOtC/htrs9d1MBvTz4KqdlT7hv P6vvqHEDYlJiTmvhq16wEahULevdqucbFqMap8sIwdwzPR+qbDoyskvQYfZfEAk6 Ee+t07WAN6n3EdcOETLvDoM7cusLjJxWJboW/fk1iJpbPoykfF7z/HIGOaOCXQMF aTFvVUiNKR7+rda8AhVwukcalhz8TWq/oGOBlqIWQ5rZIMOZEflZvHXNLz23fPZz -----END CERTIFICATE-----Generated at Mon Jan 12 02:17:12 2026 by rpki-client