This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AD3Izx9syi-ZKItI966hXeAewCQ.roa File: AD3Izx9syi-ZKItI966hXeAewCQ.roa (raw, json) Hash identifier: OPlTiRDjuA7o7pQUDwnE++IT1NeKZ/nqXN4IraK9PPY= Subject key identifier: 00:3D:C8:CF:1F:6C:CA:2F:99:28:8B:48:F7:AE:A1:5D:E0:1E:C0:24 Certificate issuer: /CN=66feef09c450990af34779ce701be6cd54b3d924 Certificate serial: 019B7BA52848FEE82817671E0AD86640C9FC Authority key identifier: 66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AD3Izx9syi-ZKItI966hXeAewCQ.roa Signing time: Thu 01 Jan 2026 22:19:39 +0000 ROA not before: Thu 01 Jan 2026 22:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 61317 IP address blocks: 83.168.122.0/24 maxlen: 24 83.168.125.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.mft rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 09 Jan 2026 07:01:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:28:48:fe:e8:28:17:67:1e:0a:d8:66:40:c9:fc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=66feef09c450990af34779ce701be6cd54b3d924 Validity Not Before: Jan 1 22:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=003dc8cf1f6cca2f99288b48f7aea15de01ec024 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:89:2d:3a:bc:2e:62:26:7c:c5:3e:d5:fa:18: 45:aa:e5:02:bd:b1:c6:ae:0a:84:10:f8:57:49:85: 2b:7b:b5:ff:a1:af:ba:df:81:ed:33:59:45:b2:b1: 31:f8:e0:d4:5c:ca:96:7c:d0:4b:a7:ab:24:7d:a6: a0:1c:1a:d6:88:67:19:af:27:13:9a:7d:0c:00:9a: b9:7c:0c:84:f8:b1:fc:2e:46:5c:1c:42:ac:4f:ab: 0d:2b:74:05:74:7f:c2:b8:d4:c1:71:70:96:c5:b1: f1:1d:d2:ce:0b:e7:24:96:5b:36:00:0c:d9:e2:19: c5:56:36:14:33:d6:b8:dc:c1:43:53:b5:b6:1d:b3: a0:bd:11:11:f4:60:e7:37:6e:9a:56:b4:99:da:f6: c3:ab:32:b5:63:6d:40:87:00:4b:60:b8:07:c9:73: ad:60:bd:03:9f:11:95:2f:ed:d8:fe:81:0c:98:f4: 84:ee:a8:70:74:97:11:97:fd:75:64:02:58:20:0f: fe:b8:85:21:6a:03:48:28:a7:a3:60:9d:ee:f5:9c: c8:f0:30:c8:1e:6d:2d:c4:31:fc:12:75:d3:e4:59: 94:29:cb:0b:71:a4:2a:9a:53:e0:ce:bc:72:69:ec: fb:1a:c0:32:f0:b5:50:6a:bd:b2:24:6c:37:a6:65: c0:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:3D:C8:CF:1F:6C:CA:2F:99:28:8B:48:F7:AE:A1:5D:E0:1E:C0:24 X509v3 Authority Key Identifier: keyid:66:FE:EF:09:C4:50:99:0A:F3:47:79:CE:70:1B:E6:CD:54:B3:D9:24 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/AD3Izx9syi-ZKItI966hXeAewCQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/a1597b-6ef2-4430-aa56-82451f33f4ca/1/Zv7vCcRQmQrzR3nOcBvmzVSz2SQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 83.168.122.0/24 83.168.125.0/24 Signature Algorithm: sha256WithRSAEncryption 86:bf:a2:42:48:38:76:d1:bc:21:6e:ff:9a:1f:71:2e:d8:46: 7a:5b:b8:54:23:20:fd:7e:d6:6a:48:f8:c2:b2:2e:ed:31:1a: 51:b1:b5:05:38:d4:d5:34:53:36:63:29:94:a0:35:f7:58:97: bd:1b:1b:79:fa:0c:89:34:8b:f1:19:49:ff:3e:93:02:42:12: 62:ad:25:a6:72:b5:ed:29:8c:7a:52:6a:d7:e3:ec:38:ee:08: 1e:b8:52:13:a8:ad:4e:95:42:ad:0e:ba:e2:23:ac:e4:3e:7d: 59:47:bc:b0:49:be:ec:18:a0:f1:e0:7e:ba:d5:c2:d5:31:bd: f8:4a:82:1b:de:f2:b6:e1:c4:c6:48:ec:72:73:81:9d:b8:ff: bb:b1:e9:b2:24:f2:a3:dc:28:e9:63:d3:e9:4a:5c:39:56:02: 81:d6:b2:2f:11:44:e8:27:e5:13:9a:d7:00:74:d6:fb:5a:74: af:a8:7e:c1:1b:47:c0:09:f9:35:bc:d2:01:ff:d2:bf:bf:44: 92:4f:77:f1:42:47:26:09:0d:ba:b3:07:00:85:f4:05:70:5c: 1c:8b:00:56:9e:e6:12:ed:6e:8c:de:39:8c:f1:58:da:09:74: 17:b3:09:a5:52:07:1c:38:61:67:7c:78:11:34:49:7f:26:ba: 24:15:27:4c -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7pShI/ugoF2ceCthmQMn8MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2ZmVlZjA5YzQ1MDk5MGFmMzQ3NzljZTcwMWJlNmNkNTRi M2Q5MjQwHhcNMjYwMTAxMjIxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMDNkYzhjZjFmNmNjYTJmOTkyODhiNDhmN2FlYTE1ZGUwMWVjMDI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoktOrwuYiZ8xT7V+hhFquUCvbHG rgqEEPhXSYUre7X/oa+634HtM1lFsrEx+ODUXMqWfNBLp6skfaagHBrWiGcZrycT mn0MAJq5fAyE+LH8LkZcHEKsT6sNK3QFdH/CuNTBcXCWxbHxHdLOC+cklls2AAzZ 4hnFVjYUM9a43MFDU7W2HbOgvRER9GDnN26aVrSZ2vbDqzK1Y21AhwBLYLgHyXOt YL0DnxGVL+3Y/oEMmPSE7qhwdJcRl/11ZAJYIA/+uIUhagNIKKejYJ3u9ZzI8DDI Hm0txDH8EnXT5FmUKcsLcaQqmlPgzrxyaez7GsAy8LVQar2yJGw3pmXAcQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAA9yM8fbMovmSiLSPeuoV3gHsAkMB8GA1UdIwQY MBaAFGb+7wnEUJkK80d5znAb5s1Us9kkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYt ODI0NTFmMzNmNGNhLzEvQUQzSXp4OXN5aS1aS0l0STk2NmhYZUFld0NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84Yy9hMTU5N2ItNmVmMi00NDMwLWFhNTYtODI0NTFmMzNmNGNh LzEvWnY3dkNjUlFtUXJ6UjNuT2NCdm16VlN6MlNRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAU6h6AwQA U6h9MA0GCSqGSIb3DQEBCwUAA4IBAQCGv6JCSDh20bwhbv+aH3Eu2EZ6W7hUIyD9 ftZqSPjCsi7tMRpRsbUFONTVNFM2YymUoDX3WJe9Gxt5+gyJNIvxGUn/PpMCQhJi rSWmcrXtKYx6UmrX4+w47ggeuFITqK1OlUKtDrriI6zkPn1ZR7ywSb7sGKDx4H66 1cLVMb34SoIb3vK24cTGSOxyc4GduP+7semyJPKj3CjpY9PpSlw5VgKB1rIvEUTo J+UTmtcAdNb7WnSvqH7BG0fACfk1vNIB/9K/v0SST3fxQkcmCQ26swcAhfQFcFwc iwBWnuYS7W6M3jmM8VjaCXQXswmlUgccOGFnfHgRNEl/JrokFSdM -----END CERTIFICATE-----Generated at Thu Jan 8 12:58:25 2026 by rpki-client