This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/aPw_xOYICjNf3aaZPIRTue9BRuc.roa File: aPw_xOYICjNf3aaZPIRTue9BRuc.roa (raw, json) Hash identifier: s4JZg0s9OWR/nLmLjhrRO6N4bhKdWsXI6Y6hSgNtrT4= Subject key identifier: 68:FC:3F:C4:E6:08:0A:33:5F:DD:A6:99:3C:84:53:B9:EF:41:46:E7 Certificate issuer: /CN=31db847d1db1e0b2c2c25502210ff5a719967a19 Certificate serial: 019B7758CF498350ED382466907145E687F5 Authority key identifier: 31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/aPw_xOYICjNf3aaZPIRTue9BRuc.roa Signing time: Thu 01 Jan 2026 02:17:47 +0000 ROA not before: Thu 01 Jan 2026 02:17:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 63902 IP address blocks: 185.238.212.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.mft rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:cf:49:83:50:ed:38:24:66:90:71:45:e6:87:f5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=31db847d1db1e0b2c2c25502210ff5a719967a19 Validity Not Before: Jan 1 02:17:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=68fc3fc4e6080a335fdda6993c8453b9ef4146e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ba:21:fc:9e:96:5a:40:c7:ea:8a:11:3d:ab: 9a:f3:bf:e6:a3:94:76:1b:df:a7:a6:0c:51:58:88: ba:45:a8:fa:e6:48:1e:c3:f7:3d:6b:33:2c:16:b0: 1f:11:9d:62:c8:4b:e0:7e:ad:1a:6e:de:4e:8e:d4: 06:52:e9:3c:0f:9d:e5:83:28:4c:4f:b7:58:d4:f9: 8c:d4:29:1a:e6:7a:5a:cd:ea:ed:34:39:b4:34:cd: 73:c6:ea:3c:dc:04:0a:08:4a:9c:77:8d:15:d6:1e: 42:94:68:6f:14:ca:f4:b5:56:07:f7:5e:da:3f:c5: e0:39:91:e7:ae:0c:e8:77:79:43:81:75:d6:46:c4: 0c:b9:9a:27:5f:2d:4e:bd:f7:92:e1:36:55:cc:0f: b0:71:11:49:2f:90:5f:a2:1c:7a:1e:c7:a1:23:8c: f0:59:a0:3a:80:80:55:ee:38:fc:70:f3:a8:ca:a4: 2f:57:db:80:64:0d:c6:72:16:11:3e:e2:d5:f5:37: 43:f3:2a:8c:fa:74:0d:03:b8:45:5b:3b:14:cd:cf: 52:fe:58:99:9f:b1:9b:03:66:2f:64:f4:de:31:b2: 9d:a3:49:d7:00:c2:87:d2:96:5d:78:94:0d:be:50: a9:b6:90:37:3c:05:d9:ae:fe:69:d4:d1:c6:06:e9: 2a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:FC:3F:C4:E6:08:0A:33:5F:DD:A6:99:3C:84:53:B9:EF:41:46:E7 X509v3 Authority Key Identifier: keyid:31:DB:84:7D:1D:B1:E0:B2:C2:C2:55:02:21:0F:F5:A7:19:96:7A:19 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MduEfR2x4LLCwlUCIQ_1pxmWehk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/aPw_xOYICjNf3aaZPIRTue9BRuc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/3dbd39-5f9f-48fb-9c01-bd6e3b026c37/1/MduEfR2x4LLCwlUCIQ_1pxmWehk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.238.212.0/23 Signature Algorithm: sha256WithRSAEncryption 7e:df:49:e1:d1:4e:d3:8f:32:e0:53:38:12:d5:f6:74:ec:43: 78:c4:e6:b0:84:d4:c4:db:90:32:26:fa:1e:d4:03:58:e2:88: 24:30:0c:71:31:f4:8d:5c:60:e7:5d:88:f1:46:39:c4:af:8f: 48:13:50:ca:42:42:40:6d:4d:7f:d9:59:6d:09:35:c3:b8:2e: dc:0e:3f:dc:a1:d8:88:32:1d:54:e3:1d:b3:f5:b5:75:b5:66: be:52:5c:68:7f:7d:5d:c9:9e:cc:b2:2c:26:13:73:a4:55:9b: 9d:b3:ed:d0:55:44:2e:f7:0a:61:47:1c:0f:0d:fa:eb:0e:ff: 10:75:e9:c0:8f:df:57:28:95:f6:c9:fb:ee:cc:84:90:66:d0: 45:7c:11:d3:20:a2:df:7f:1d:20:3b:90:ac:78:8a:ad:fc:1d: d0:01:e5:78:2a:cd:ce:af:40:87:bd:69:5b:57:d2:f5:44:4e: 6c:dd:86:1c:94:79:d4:6d:a6:66:93:d2:7b:24:7f:ec:14:41: 38:b6:b7:63:81:03:73:fc:98:1c:2f:0f:87:c6:27:b3:4e:51: c3:09:d8:73:6c:ec:1c:15:a7:11:ee:d7:15:76:55:4f:6d:60: 59:cc:25:32:91:a0:37:24:c3:f7:8a:15:04:dc:c1:df:40:21: d6:50:8b:87 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3WM9Jg1DtOCRmkHFF5of1MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxZGI4NDdkMWRiMWUwYjJjMmMyNTUwMjIxMGZmNWE3MTk5 NjdhMTkwHhcNMjYwMTAxMDIxNzQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2OGZjM2ZjNGU2MDgwYTMzNWZkZGE2OTkzYzg0NTNiOWVmNDE0NmU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1boh/J6WWkDH6ooRPaua87/mo5R2 G9+npgxRWIi6Raj65kgew/c9azMsFrAfEZ1iyEvgfq0abt5OjtQGUuk8D53lgyhM T7dY1PmM1Cka5npazertNDm0NM1zxuo83AQKCEqcd40V1h5ClGhvFMr0tVYH917a P8XgOZHnrgzod3lDgXXWRsQMuZonXy1OvfeS4TZVzA+wcRFJL5Bfohx6HsehI4zw WaA6gIBV7jj8cPOoyqQvV9uAZA3GchYRPuLV9TdD8yqM+nQNA7hFWzsUzc9S/liZ n7GbA2YvZPTeMbKdo0nXAMKH0pZdeJQNvlCptpA3PAXZrv5p1NHGBukqvwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGj8P8TmCAozX92mmTyEU7nvQUbnMB8GA1UdIwQY MBaAFDHbhH0dseCywsJVAiEP9acZlnoZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEt YmQ2ZTNiMDI2YzM3LzEvYVB3X3hPWUlDak5mM2FhWlBJUlR1ZTlCUnVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYi8zZGJkMzktNWY5Zi00OGZiLTljMDEtYmQ2ZTNiMDI2YzM3 LzEvTWR1RWZSMng0TExDd2xVQ0lRXzFweG1XZWhrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBue7UMA0G CSqGSIb3DQEBCwUAA4IBAQB+30nh0U7TjzLgUzgS1fZ07EN4xOawhNTE25AyJvoe 1ANY4ogkMAxxMfSNXGDnXYjxRjnEr49IE1DKQkJAbU1/2VltCTXDuC7cDj/codiI Mh1U4x2z9bV1tWa+Ulxof31dyZ7MsiwmE3OkVZuds+3QVUQu9wphRxwPDfrrDv8Q denAj99XKJX2yfvuzISQZtBFfBHTIKLffx0gO5CseIqt/B3QAeV4Ks3Or0CHvWlb V9L1RE5s3YYclHnUbaZmk9J7JH/sFEE4trdjgQNz/JgcLw+HxiezTlHDCdhzbOwc FacR7tcVdlVPbWBZzCUykaA3JMP3ihUE3MHfQCHWUIuH -----END CERTIFICATE-----Generated at Mon Jan 19 17:04:01 2026 by rpki-client