This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/3dbS8smJeXr53W5r6BKkhghgmVA.roa File: 3dbS8smJeXr53W5r6BKkhghgmVA.roa (raw, json) Hash identifier: NwzZDsWqf9Bvz7l6x4U3TUe9LXVQFlbNiLk7V4n0q2g= Subject key identifier: DD:D6:D2:F2:C9:89:79:7A:F9:DD:6E:6B:E8:12:A4:86:08:60:99:50 Certificate issuer: /CN=466496a4dba04d7ef522700061743c6c5d0ae590 Certificate serial: 019B797EECE1309AD7787858B7027EF9A6FE Authority key identifier: 46:64:96:A4:DB:A0:4D:7E:F5:22:70:00:61:74:3C:6C:5D:0A:E5:90 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RmSWpNugTX71InAAYXQ8bF0K5ZA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/3dbS8smJeXr53W5r6BKkhghgmVA.roa Signing time: Thu 01 Jan 2026 12:18:39 +0000 ROA not before: Thu 01 Jan 2026 12:18:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5627 IP address blocks: 185.123.68.0/22 maxlen: 22 185.123.68.0/24 maxlen: 24 185.123.69.0/24 maxlen: 24 185.123.70.0/24 maxlen: 24 185.123.71.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/RmSWpNugTX71InAAYXQ8bF0K5ZA.crl rsync://rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/RmSWpNugTX71InAAYXQ8bF0K5ZA.mft rsync://rpki.ripe.net/repository/DEFAULT/RmSWpNugTX71InAAYXQ8bF0K5ZA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:ec:e1:30:9a:d7:78:78:58:b7:02:7e:f9:a6:fe Signature Algorithm: sha256WithRSAEncryption Issuer: CN=466496a4dba04d7ef522700061743c6c5d0ae590 Validity Not Before: Jan 1 12:18:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddd6d2f2c989797af9dd6e6be812a48608609950 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:bc:8a:e9:4b:2c:9c:f9:6f:33:47:40:a8:36: 5e:81:4b:86:24:ff:2f:44:2e:36:f6:52:3f:bf:b5: ff:f0:8d:9e:9d:20:aa:14:bf:5e:a4:39:08:d6:ae: a0:00:c7:4c:5b:53:2f:82:95:fa:d3:37:35:56:14: 13:1a:67:9b:fe:3a:3d:0a:66:c5:2d:14:b9:e0:88: 3e:09:af:2f:73:cb:a9:29:91:1b:e9:28:4d:3d:6d: 16:eb:cb:fa:aa:71:d6:7e:07:3a:dd:84:74:0a:00: 36:00:4f:9c:b5:c6:9f:5b:f4:64:33:a6:33:f1:4b: 8d:3b:c5:e7:7c:8b:0f:5a:1c:0c:18:e3:3d:63:43: a6:4b:ee:ec:f1:f4:13:13:04:59:33:4f:6b:33:69: 75:3a:82:89:8e:80:67:5d:7a:f8:49:7a:fc:14:df: 72:77:79:4e:e5:89:3c:67:bf:1c:7c:a8:bb:e3:7f: ed:ed:cc:03:76:93:07:2a:8b:15:b9:78:88:01:3e: 6c:3b:51:09:a1:fe:70:3a:cd:41:3d:c4:6a:72:5f: 7f:4c:65:93:8c:bc:68:a1:81:9f:07:79:0d:a7:dc: ab:2f:7b:aa:48:ac:39:87:bb:ec:cc:26:c3:6e:d6: 46:b5:86:3e:78:84:08:87:7e:26:33:c7:b1:b0:b6: 9f:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D6:D2:F2:C9:89:79:7A:F9:DD:6E:6B:E8:12:A4:86:08:60:99:50 X509v3 Authority Key Identifier: keyid:46:64:96:A4:DB:A0:4D:7E:F5:22:70:00:61:74:3C:6C:5D:0A:E5:90 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RmSWpNugTX71InAAYXQ8bF0K5ZA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/3dbS8smJeXr53W5r6BKkhghgmVA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/73/a60fe9-858d-4662-80cc-e89e02659100/1/RmSWpNugTX71InAAYXQ8bF0K5ZA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.123.68.0/22 Signature Algorithm: sha256WithRSAEncryption 60:5b:af:b4:c1:eb:14:72:33:7a:38:0f:b4:46:8a:5b:b7:a2: 19:39:29:e3:ef:1c:e8:6b:ff:d6:ba:57:9f:4c:15:43:ce:0e: 64:d6:b3:6f:87:4d:64:0e:01:f4:d6:c0:24:f3:3a:3d:fa:09: 77:95:a1:71:5d:45:b2:37:4c:54:11:eb:59:c2:e1:8c:97:dc: 4c:a2:b5:6e:1a:44:87:5d:9e:2a:0c:7e:33:65:d1:68:cb:70: 05:9b:77:bb:84:ff:aa:0e:55:55:08:df:a7:e1:80:37:0b:58: 25:93:f7:1d:e1:6c:59:98:9f:95:85:39:f4:7c:76:8b:5f:55: ac:d2:39:ba:76:c3:70:47:d9:c1:72:17:fe:fa:36:77:89:5c: 58:63:50:55:e6:ac:06:cf:06:1c:61:3d:88:0a:51:d2:1d:69: 4e:72:1f:14:31:f8:b1:4b:12:9f:09:56:ac:ca:5b:e1:2b:58: 40:27:75:b7:21:08:b5:7a:71:9a:aa:d8:7b:02:fe:32:b0:eb: f3:98:49:46:9a:9f:0a:0a:92:4a:99:89:d8:26:d7:ab:60:71: df:00:45:27:12:3e:c7:a5:a8:44:f5:c4:15:f2:c3:c5:ef:69: 57:c4:08:38:e6:b9:7f:11:1e:39:42:22:b7:20:ac:6d:a9:1a: 73:77:51:b2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt5fuzhMJrXeHhYtwJ++ab+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ2NjQ5NmE0ZGJhMDRkN2VmNTIyNzAwMDYxNzQzYzZjNWQw YWU1OTAwHhcNMjYwMTAxMTIxODM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGQ2ZDJmMmM5ODk3OTdhZjlkZDZlNmJlODEyYTQ4NjA4NjA5OTUwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLyK6UssnPlvM0dAqDZegUuGJP8v RC429lI/v7X/8I2enSCqFL9epDkI1q6gAMdMW1MvgpX60zc1VhQTGmeb/jo9CmbF LRS54Ig+Ca8vc8upKZEb6ShNPW0W68v6qnHWfgc63YR0CgA2AE+ctcafW/RkM6Yz 8UuNO8XnfIsPWhwMGOM9Y0OmS+7s8fQTEwRZM09rM2l1OoKJjoBnXXr4SXr8FN9y d3lO5Yk8Z78cfKi743/t7cwDdpMHKosVuXiIAT5sO1EJof5wOs1BPcRqcl9/TGWT jLxooYGfB3kNp9yrL3uqSKw5h7vszCbDbtZGtYY+eIQIh34mM8exsLaflwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN3W0vLJiXl6+d1ua+gSpIYIYJlQMB8GA1UdIwQY MBaAFEZklqTboE1+9SJwAGF0PGxdCuWQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUm1TV3BOdWdUWDcxSW5BQVlYUThiRjBLNVpBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9hNjBmZTktODU4ZC00NjYyLTgwY2Mt ZTg5ZTAyNjU5MTAwLzEvM2RiUzhzbUplWHI1M1c1cjZCS2toZ2hnbVZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83My9hNjBmZTktODU4ZC00NjYyLTgwY2MtZTg5ZTAyNjU5MTAw LzEvUm1TV3BOdWdUWDcxSW5BQVlYUThiRjBLNVpBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXtEMA0G CSqGSIb3DQEBCwUAA4IBAQBgW6+0wesUcjN6OA+0Ropbt6IZOSnj7xzoa//Wulef TBVDzg5k1rNvh01kDgH01sAk8zo9+gl3laFxXUWyN0xUEetZwuGMl9xMorVuGkSH XZ4qDH4zZdFoy3AFm3e7hP+qDlVVCN+n4YA3C1glk/cd4WxZmJ+VhTn0fHaLX1Ws 0jm6dsNwR9nBchf++jZ3iVxYY1BV5qwGzwYcYT2IClHSHWlOch8UMfixSxKfCVas ylvhK1hAJ3W3IQi1enGaqth7Av4ysOvzmElGmp8KCpJKmYnYJterYHHfAEUnEj7H pahE9cQV8sPF72lXxAg45rl/ER45QiK3IKxtqRpzd1Gy -----END CERTIFICATE-----Generated at Mon Feb 9 22:31:59 2026 by rpki-client