This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/Pf7AhUnXaKprsBS53Iasbf8vKSQ.roa File: Pf7AhUnXaKprsBS53Iasbf8vKSQ.roa (raw, json) Hash identifier: EmnGUbW7DpEjL4TQ6sjZbo/JVLkBohhhsfWVRp/Hkx0= Subject key identifier: 3D:FE:C0:85:49:D7:68:AA:6B:B0:14:B9:DC:86:AC:6D:FF:2F:29:24 Certificate issuer: /CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc Certificate serial: 019B7DCAA5B5CBFF1FF5E3FBD086D2F934EE Authority key identifier: 75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/Pf7AhUnXaKprsBS53Iasbf8vKSQ.roa Signing time: Fri 02 Jan 2026 08:19:51 +0000 ROA not before: Fri 02 Jan 2026 08:19:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39384 IP address blocks: 45.154.64.0/22 maxlen: 24 185.118.112.0/22 maxlen: 24 185.240.248.0/22 maxlen: 24 2a03:6420::/32 maxlen: 32 2a0d:3b80::/29 maxlen: 32 2a0f:c700::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.crl rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.mft rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:a5:b5:cb:ff:1f:f5:e3:fb:d0:86:d2:f9:34:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=758e823cf274d3810ce05c1d1bf5eef95cb211dc Validity Not Before: Jan 2 08:19:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3dfec08549d768aa6bb014b9dc86ac6dff2f2924 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:40:01:f4:fa:05:66:0b:bd:41:3d:ea:8e:67: f1:f6:39:27:f4:3e:9d:2c:2a:92:ba:8a:32:f0:e1: 84:1a:3e:0d:9b:02:c2:ff:42:7b:ad:7d:fb:1d:36: e4:70:bc:54:82:5b:df:10:2b:f1:9f:c0:26:f4:ed: 96:8d:0b:d2:54:79:60:17:7b:9e:33:fb:87:ff:7a: 85:cd:1e:95:d5:7e:73:0b:34:a2:e8:1b:e4:b7:40: 26:14:31:a8:31:75:9e:94:27:0d:38:0c:2b:c3:fc: 3c:ae:61:06:15:c7:fe:87:02:52:f4:4a:2b:ab:b6: 28:d7:4a:cb:57:56:ad:1b:dc:68:c7:40:b2:f4:00: ce:23:3c:c5:75:40:4f:c4:75:4d:ce:6b:92:cc:01: 3c:cb:35:ac:2f:8e:74:72:81:0f:76:cb:20:af:04: 5c:fa:83:a5:d8:e9:da:9e:13:a9:bf:c2:5e:53:c5: e4:fe:d0:af:c8:c8:8c:38:26:e2:45:2c:af:6b:d0: 63:9d:05:9a:3e:aa:ae:e6:12:68:e4:de:25:93:25: d6:fe:83:7a:33:7c:e2:03:be:03:4a:a4:c9:fb:0b: e8:7d:d3:c7:d4:62:7f:5f:89:b8:bb:c6:e6:15:bf: d6:05:dc:19:18:d7:00:72:70:ce:cd:60:cd:ca:a3: cc:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:FE:C0:85:49:D7:68:AA:6B:B0:14:B9:DC:86:AC:6D:FF:2F:29:24 X509v3 Authority Key Identifier: keyid:75:8E:82:3C:F2:74:D3:81:0C:E0:5C:1D:1B:F5:EE:F9:5C:B2:11:DC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dY6CPPJ004EM4FwdG_Xu-VyyEdw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/Pf7AhUnXaKprsBS53Iasbf8vKSQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/43d69e-b68d-4149-8b29-03db8b36d319/1/dY6CPPJ004EM4FwdG_Xu-VyyEdw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.154.64.0/22 185.118.112.0/22 185.240.248.0/22 IPv6: 2a03:6420::/32 2a0d:3b80::/29 2a0f:c700::/29 Signature Algorithm: sha256WithRSAEncryption 95:db:d4:ff:fb:55:1f:1b:a8:19:2d:1a:ca:e9:4a:4c:92:5e: 3b:bb:00:83:e4:84:a9:99:84:ad:9c:5c:35:ad:ec:ec:c3:9c: 6e:bb:29:7b:56:c7:30:18:a6:8b:63:d0:57:13:9e:dd:db:41: 7d:76:e3:fe:31:e4:f1:f6:bb:6b:02:8c:7b:07:f0:4e:57:74: b8:df:e1:20:f3:6b:6b:d8:ba:ce:8b:02:5c:01:4c:e2:07:6e: 0a:6b:ce:10:fc:fa:33:f1:c3:2a:aa:24:a0:6c:57:81:31:2c: 6f:df:aa:40:e1:77:de:5f:f9:ce:2d:50:fe:7a:c0:6a:68:24: f8:d4:f6:61:8a:ab:be:3b:01:a7:5a:e0:d1:e5:03:33:f1:b4: 09:7c:f3:88:b9:05:95:e7:47:85:c0:3c:71:30:d0:c7:33:c0: b1:e6:58:f0:22:23:fc:be:87:10:0e:1e:3f:6e:b5:f5:84:49: ea:8c:65:18:c6:58:09:54:c2:af:39:f6:7f:14:8a:01:c8:48: d4:82:0b:fa:8f:b8:b0:c4:ee:74:69:18:9a:01:62:be:31:63: d6:99:92:c2:2d:a6:d4:83:7d:8d:50:78:58:df:0d:4e:4d:69: eb:c4:7e:b3:b6:b0:2d:05:fa:4c:05:58:40:71:73:e2:1c:d7: de:e4:22:31 -----BEGIN CERTIFICATE----- MIIFJjCCBA6gAwIBAgISAZt9yqW1y/8f9eP70IbS+TTuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1OGU4MjNjZjI3NGQzODEwY2UwNWMxZDFiZjVlZWY5NWNi MjExZGMwHhcNMjYwMTAyMDgxOTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZGZlYzA4NTQ5ZDc2OGFhNmJiMDE0YjlkYzg2YWM2ZGZmMmYyOTI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EAB9PoFZgu9QT3qjmfx9jkn9D6d LCqSuooy8OGEGj4NmwLC/0J7rX37HTbkcLxUglvfECvxn8Am9O2WjQvSVHlgF3ue M/uH/3qFzR6V1X5zCzSi6Bvkt0AmFDGoMXWelCcNOAwrw/w8rmEGFcf+hwJS9Eor q7Yo10rLV1atG9xox0Cy9ADOIzzFdUBPxHVNzmuSzAE8yzWsL450coEPdssgrwRc +oOl2OnanhOpv8JeU8Xk/tCvyMiMOCbiRSyva9BjnQWaPqqu5hJo5N4lkyXW/oN6 M3ziA74DSqTJ+wvofdPH1GJ/X4m4u8bmFb/WBdwZGNcAcnDOzWDNyqPM5QIDAQAB o4ICMjCCAi4wHQYDVR0OBBYEFD3+wIVJ12iqa7AUudyGrG3/LykkMB8GA1UdIwQY MBaAFHWOgjzydNOBDOBcHRv17vlcshHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjkt MDNkYjhiMzZkMzE5LzEvUGY3QWhVblhhS3Byc0JTNTNJYXNiZjh2S1NRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMy80M2Q2OWUtYjY4ZC00MTQ5LThiMjktMDNkYjhiMzZkMzE5 LzEvZFk2Q1BQSjAwNEVNNEZ3ZEdfWHUtVnl5RWR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQCLZpAAwQC uXZwAwQCufD4MBsEAgACMBUDBQAqA2QgAwUDKg07gAMFAyoPxwAwDQYJKoZIhvcN AQELBQADggEBAJXb1P/7VR8bqBktGsrpSkySXju7AIPkhKmZhK2cXDWt7OzDnG67 KXtWxzAYpotj0FcTnt3bQX124/4x5PH2u2sCjHsH8E5XdLjf4SDza2vYus6LAlwB TOIHbgprzhD8+jPxwyqqJKBsV4ExLG/fqkDhd95f+c4tUP56wGpoJPjU9mGKq747 Aada4NHlAzPxtAl884i5BZXnR4XAPHEw0MczwLHmWPAiI/y+hxAOHj9utfWESeqM ZRjGWAlUwq859n8UigHISNSCC/qPuLDE7nRpGJoBYr4xY9aZksItptSDfY1QeFjf DU5NaevEfrO2sC0F+kwFWEBxc+Ic197kIjE= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:15 2026 by rpki-client