This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/vQ3Onh8zAP8fN-K_wTaZqAaUruI.roa File: vQ3Onh8zAP8fN-K_wTaZqAaUruI.roa (raw, json) Hash identifier: ycldYOHAUvLotQf8PVaaFzvXxeLDOJ2gpiZO/0/3jvE= Subject key identifier: BD:0D:CE:9E:1F:33:00:FF:1F:37:E2:BF:C1:36:99:A8:06:94:AE:E2 Certificate issuer: /CN=d2eda4f8d9e482952a112b2ef5a4f239b7f62551 Certificate serial: 019B79ED3BC70776C1C7774DAD05F7E0163C Authority key identifier: D2:ED:A4:F8:D9:E4:82:95:2A:11:2B:2E:F5:A4:F2:39:B7:F6:25:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0u2k-NnkgpUqESsu9aTyObf2JVE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/vQ3Onh8zAP8fN-K_wTaZqAaUruI.roa Signing time: Thu 01 Jan 2026 14:19:08 +0000 ROA not before: Thu 01 Jan 2026 14:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47237 IP address blocks: 95.87.64.0/21 maxlen: 24 185.117.148.0/22 maxlen: 24 194.152.36.0/23 maxlen: 24 195.216.237.0/24 maxlen: 24 2a0b:d7c0::/30 maxlen: 31 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/0u2k-NnkgpUqESsu9aTyObf2JVE.crl rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/0u2k-NnkgpUqESsu9aTyObf2JVE.mft rsync://rpki.ripe.net/repository/DEFAULT/0u2k-NnkgpUqESsu9aTyObf2JVE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ed:3b:c7:07:76:c1:c7:77:4d:ad:05:f7:e0:16:3c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d2eda4f8d9e482952a112b2ef5a4f239b7f62551 Validity Not Before: Jan 1 14:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd0dce9e1f3300ff1f37e2bfc13699a80694aee2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ab:a7:17:bc:94:6b:89:ae:38:08:fd:39:30: e0:ee:03:84:e9:10:9b:2d:df:dd:0d:09:7b:00:c3: 8c:fb:bf:b9:e1:7e:ec:4a:0c:f3:92:2b:6d:89:2a: 6c:df:a5:a7:38:bb:26:1c:2f:4e:25:5f:ee:82:7c: 8a:4e:d4:8c:4c:de:b7:0b:aa:2a:42:3a:1f:09:dd: c5:95:a4:de:d6:f9:22:85:85:e8:a5:ee:92:1b:92: f8:d8:0d:48:48:1f:fd:76:c0:90:33:35:83:1c:7b: ba:3a:06:9e:a8:b0:be:00:88:65:43:06:61:c3:21: b0:d3:38:3f:ea:4c:74:6c:d5:22:f7:29:53:c2:82: 3a:47:03:b7:c9:e6:6b:0e:5d:c4:88:7c:4a:9b:58: 7d:a9:f5:ff:24:8a:45:60:aa:7e:7a:ec:dd:f2:b7: 9f:f4:7d:f4:21:5a:36:c3:7c:70:29:25:93:e5:d6: 88:34:f8:50:70:4c:8f:43:bd:9c:59:12:a0:5a:65: 36:e8:1e:7a:9e:78:fb:1a:46:15:50:6e:36:b0:7c: 26:8a:39:b8:7e:7d:fb:14:e9:3e:32:61:42:4d:5f: 70:7a:da:f5:50:be:f4:63:9d:30:22:5d:c4:36:2e: 85:7a:41:65:79:6b:65:75:c6:fa:30:dc:9b:f5:64: 24:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:0D:CE:9E:1F:33:00:FF:1F:37:E2:BF:C1:36:99:A8:06:94:AE:E2 X509v3 Authority Key Identifier: keyid:D2:ED:A4:F8:D9:E4:82:95:2A:11:2B:2E:F5:A4:F2:39:B7:F6:25:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0u2k-NnkgpUqESsu9aTyObf2JVE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/vQ3Onh8zAP8fN-K_wTaZqAaUruI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/85/de34b5-0320-4cd9-9ee3-c4ce3e8073db/1/0u2k-NnkgpUqESsu9aTyObf2JVE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 95.87.64.0/21 185.117.148.0/22 194.152.36.0/23 195.216.237.0/24 IPv6: 2a0b:d7c0::/30 Signature Algorithm: sha256WithRSAEncryption 6a:94:ea:44:55:59:77:b4:6d:f3:8f:71:ec:f9:e6:76:44:db: b6:b1:76:b9:8f:6b:ea:94:02:57:b6:9f:0f:7c:09:db:36:d4: 21:45:96:9f:0c:5a:40:73:28:a4:9b:03:43:02:69:21:71:de: 18:8b:7b:ee:d2:63:bd:ef:84:fe:30:ab:6c:03:d7:56:f1:de: f7:51:95:2e:87:3f:9a:8e:71:9a:0e:8c:95:ea:0f:86:3b:3d: f4:24:e0:db:8c:39:34:ce:ce:0a:9b:08:19:cb:b8:77:36:03: ca:f7:02:37:aa:8b:bd:ae:ce:1e:ee:f4:ae:71:58:b5:72:c0: 86:15:de:df:0f:5c:d7:89:a6:b1:65:5b:87:0f:c4:75:9f:56: 67:d3:40:c2:82:c6:ba:98:14:9c:e0:7a:e6:08:d3:c2:56:fb: 4e:53:2d:05:ea:ce:10:55:6d:34:fe:d5:de:ba:a9:4b:31:6e: bc:4d:6e:de:1f:db:5f:30:88:af:59:bf:71:37:a2:2c:23:85: 9b:ac:a8:a7:2a:f5:a7:1d:1d:b8:74:7f:39:c3:f4:19:28:ca: ef:fa:64:ef:30:03:96:1b:9e:02:b0:5c:3a:8e:0f:41:0e:39: 22:1e:0a:9c:e6:54:4c:a4:cc:b7:6f:52:a5:37:27:fc:ee:cd: 8d:ff:8f:d3 -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt57TvHB3bBx3dNrQX34BY8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQyZWRhNGY4ZDllNDgyOTUyYTExMmIyZWY1YTRmMjM5Yjdm NjI1NTEwHhcNMjYwMTAxMTQxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDBkY2U5ZTFmMzMwMGZmMWYzN2UyYmZjMTM2OTlhODA2OTRhZWUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKunF7yUa4muOAj9OTDg7gOE6RCb Ld/dDQl7AMOM+7+54X7sSgzzkittiSps36WnOLsmHC9OJV/ugnyKTtSMTN63C6oq QjofCd3FlaTe1vkihYXope6SG5L42A1ISB/9dsCQMzWDHHu6OgaeqLC+AIhlQwZh wyGw0zg/6kx0bNUi9ylTwoI6RwO3yeZrDl3EiHxKm1h9qfX/JIpFYKp+euzd8ref 9H30IVo2w3xwKSWT5daINPhQcEyPQ72cWRKgWmU26B56nnj7GkYVUG42sHwmijm4 fn37FOk+MmFCTV9wetr1UL70Y50wIl3ENi6FekFleWtldcb6MNyb9WQkGQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFL0Nzp4fMwD/Hzfiv8E2magGlK7iMB8GA1UdIwQY MBaAFNLtpPjZ5IKVKhErLvWk8jm39iVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHUyay1ObmtncFVxRVNzdTlhVHlPYmYySlZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9kZTM0YjUtMDMyMC00Y2Q5LTllZTMt YzRjZTNlODA3M2RiLzEvdlEzT25oOHpBUDhmTi1LX3dUYVpxQWFVcnVJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84NS9kZTM0YjUtMDMyMC00Y2Q5LTllZTMtYzRjZTNlODA3M2Ri LzEvMHUyay1ObmtncFVxRVNzdTlhVHlPYmYySlZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDX1dAAwQC uXWUAwQBwpgkAwQAw9jtMA0EAgACMAcDBQIqC9fAMA0GCSqGSIb3DQEBCwUAA4IB AQBqlOpEVVl3tG3zj3Hs+eZ2RNu2sXa5j2vqlAJXtp8PfAnbNtQhRZafDFpAcyik mwNDAmkhcd4Yi3vu0mO974T+MKtsA9dW8d73UZUuhz+ajnGaDoyV6g+GOz30JODb jDk0zs4KmwgZy7h3NgPK9wI3qou9rs4e7vSucVi1csCGFd7fD1zXiaaxZVuHD8R1 n1Zn00DCgsa6mBSc4HrmCNPCVvtOUy0F6s4QVW00/tXeuqlLMW68TW7eH9tfMIiv Wb9xN6IsI4WbrKinKvWnHR24dH85w/QZKMrv+mTvMAOWG54CsFw6jg9BDjkiHgqc 5lRMpMy3b1KlNyf87s2N/4/T -----END CERTIFICATE-----Generated at Tue Feb 10 04:14:35 2026 by rpki-client