This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/0_bDufbDC749XM6FeQZedL-kk0k.roa File: 0_bDufbDC749XM6FeQZedL-kk0k.roa (raw, json) Hash identifier: g27LLjmMTEPKwmdpRxcxsvyxvSaT85tGJMHzBXS0Bvg= Subject key identifier: D3:F6:C3:B9:F6:C3:0B:BE:3D:5C:CE:85:79:06:5E:74:BF:A4:93:49 Certificate issuer: /CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e Certificate serial: 019B7C7FC50F132DFE5C568AC38931449377 Authority key identifier: B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/0_bDufbDC749XM6FeQZedL-kk0k.roa Signing time: Fri 02 Jan 2026 02:18:26 +0000 ROA not before: Fri 02 Jan 2026 02:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204634 IP address blocks: 185.248.130.0/24 maxlen: 24 185.248.131.0/24 maxlen: 24 194.31.171.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.mft rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c5:0f:13:2d:fe:5c:56:8a:c3:89:31:44:93:77 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b60d6ca95e2770f55340d909ec7c97eeca3fe20e Validity Not Before: Jan 2 02:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d3f6c3b9f6c30bbe3d5cce8579065e74bfa49349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ce:05:8a:ec:4a:f4:d8:56:23:2a:6b:18:04: 22:b6:11:3d:ff:47:4a:11:37:f2:6d:be:0f:e7:6a: 96:0d:43:e8:d7:c0:ec:2b:19:a1:90:59:02:1d:8d: 4f:7e:51:aa:15:4c:66:8d:5f:42:e5:0d:fd:54:f3: 7f:2d:b5:7f:e7:79:21:e3:af:4f:d7:bb:0b:31:02: f3:64:7e:d9:f6:33:a0:56:8f:ff:8c:66:8d:2a:93: 0c:0f:20:45:44:16:65:46:c5:2b:2f:bd:08:ec:29: ad:8f:b7:d7:71:b4:44:a0:af:94:f3:fa:3c:0d:15: 97:34:2e:27:eb:96:cd:02:55:89:e3:2d:c9:51:51: 6a:d3:9a:68:e8:f8:49:0c:fe:d4:f5:08:1c:95:a1: 15:ec:b0:bc:52:56:92:43:15:de:6d:12:59:8a:99: 71:52:cc:5d:88:b3:12:ad:65:6a:9f:40:85:26:38: 4b:40:c2:16:29:20:78:8a:93:ce:1c:a9:80:bf:60: b4:2a:7f:e9:1e:63:67:3e:73:40:0c:de:8c:00:21: ad:dc:96:1c:87:1b:50:50:8c:d0:67:50:ba:96:9f: cc:08:66:86:b8:d9:3a:9d:0b:63:b9:37:89:47:83: bd:a1:00:f0:43:33:7d:11:13:d1:cc:16:90:d8:f7: 58:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:F6:C3:B9:F6:C3:0B:BE:3D:5C:CE:85:79:06:5E:74:BF:A4:93:49 X509v3 Authority Key Identifier: keyid:B6:0D:6C:A9:5E:27:70:F5:53:40:D9:09:EC:7C:97:EE:CA:3F:E2:0E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tg1sqV4ncPVTQNkJ7HyX7so_4g4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/0_bDufbDC749XM6FeQZedL-kk0k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/033e8b-bde1-4f90-baf5-23847a40d9e4/1/tg1sqV4ncPVTQNkJ7HyX7so_4g4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.248.130.0/23 194.31.171.0/24 Signature Algorithm: sha256WithRSAEncryption 90:68:a7:b0:74:60:1c:ce:3b:f2:51:42:c8:9e:85:d0:a9:5d: 6e:f3:58:16:5c:85:30:36:ac:09:96:d7:ab:84:03:55:77:33: 24:cf:f6:b0:6a:bc:d5:35:98:7d:2a:ab:01:c4:e0:d8:b0:a8: c6:51:3d:21:a9:06:e1:d1:1e:2c:ca:bc:41:c2:5c:2f:12:a1: af:da:d2:b7:27:3e:e4:03:65:60:d1:a5:64:3a:34:0c:9c:71: 2b:03:19:87:09:1a:04:72:61:81:67:27:95:a6:23:33:57:d0: 81:1b:30:8a:a3:cd:97:17:ff:0c:d3:ed:d2:a4:dd:0b:ff:32: 4a:81:0f:7c:e7:83:06:34:ae:81:9e:39:91:e5:e1:61:e4:73: c5:8c:12:8a:0b:f5:27:8e:bd:6c:e9:48:a3:74:c3:52:78:78: 52:07:14:6c:42:c9:df:29:89:f0:69:a3:52:45:7f:d1:37:a2: 38:e0:54:b1:ea:54:b2:a6:a6:96:d8:ed:49:c2:ab:d6:1f:81: 63:b4:8c:d5:d2:f2:92:11:6d:75:92:fc:8f:98:c0:5d:8f:c9: 41:c7:04:eb:55:50:b9:db:16:cd:e0:51:0b:74:75:7b:b8:d6: c3:c8:b8:6f:fb:6f:56:43:82:cf:72:2e:1e:bc:2d:a8:2b:5b: b9:b0:78:13 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt8f8UPEy3+XFaKw4kxRJN3MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2MGQ2Y2E5NWUyNzcwZjU1MzQwZDkwOWVjN2M5N2VlY2Ez ZmUyMGUwHhcNMjYwMTAyMDIxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkM2Y2YzNiOWY2YzMwYmJlM2Q1Y2NlODU3OTA2NWU3NGJmYTQ5MzQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw84FiuxK9NhWIyprGAQithE9/0dK ETfybb4P52qWDUPo18DsKxmhkFkCHY1PflGqFUxmjV9C5Q39VPN/LbV/53kh469P 17sLMQLzZH7Z9jOgVo//jGaNKpMMDyBFRBZlRsUrL70I7Cmtj7fXcbREoK+U8/o8 DRWXNC4n65bNAlWJ4y3JUVFq05po6PhJDP7U9QgclaEV7LC8UlaSQxXebRJZiplx UsxdiLMSrWVqn0CFJjhLQMIWKSB4ipPOHKmAv2C0Kn/pHmNnPnNADN6MACGt3JYc hxtQUIzQZ1C6lp/MCGaGuNk6nQtjuTeJR4O9oQDwQzN9ERPRzBaQ2PdYdwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFNP2w7n2wwu+PVzOhXkGXnS/pJNJMB8GA1UdIwQY MBaAFLYNbKleJ3D1U0DZCex8l+7KP+IOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUt MjM4NDdhNDBkOWU0LzEvMF9iRHVmYkRDNzQ5WE02RmVRWmVkTC1razBrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy8wMzNlOGItYmRlMS00ZjkwLWJhZjUtMjM4NDdhNDBkOWU0 LzEvdGcxc3FWNG5jUFZUUU5rSjdIeVg3c29fNGc0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBufiCAwQA wh+rMA0GCSqGSIb3DQEBCwUAA4IBAQCQaKewdGAczjvyUULInoXQqV1u81gWXIUw NqwJlterhANVdzMkz/awarzVNZh9KqsBxODYsKjGUT0hqQbh0R4syrxBwlwvEqGv 2tK3Jz7kA2Vg0aVkOjQMnHErAxmHCRoEcmGBZyeVpiMzV9CBGzCKo82XF/8M0+3S pN0L/zJKgQ9854MGNK6BnjmR5eFh5HPFjBKKC/Unjr1s6UijdMNSeHhSBxRsQsnf KYnwaaNSRX/RN6I44FSx6lSypqaW2O1JwqvWH4FjtIzV0vKSEW11kvyPmMBdj8lB xwTrVVC52xbN4FELdHV7uNbDyLhv+29WQ4LPci4evC2oK1u5sHgT -----END CERTIFICATE-----Generated at Mon Feb 9 20:59:42 2026 by rpki-client