This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/Fd0my4VD8yFhFNY23xVFQ5bNE7o.roa File: Fd0my4VD8yFhFNY23xVFQ5bNE7o.roa (raw, json) Hash identifier: Xq0TLzzFqkURQ7QOU8lzKIy+PNOHeKXumeKowKwhe0E= Subject key identifier: 15:DD:26:CB:85:43:F3:21:61:14:D6:36:DF:15:45:43:96:CD:13:BA Certificate issuer: /CN=3e20c700d98d76a9c640173889f9367da9de8997 Certificate serial: 019B7F852130920B8897726A86C198D2F174 Authority key identifier: 3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/Fd0my4VD8yFhFNY23xVFQ5bNE7o.roa Signing time: Fri 02 Jan 2026 16:23:09 +0000 ROA not before: Fri 02 Jan 2026 16:23:09 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 41095 IP address blocks: 87.239.184.0/21 maxlen: 24 91.194.116.0/23 maxlen: 24 176.56.160.0/19 maxlen: 24 185.65.172.0/22 maxlen: 24 193.33.70.0/23 maxlen: 24 195.189.120.0/22 maxlen: 24 2a03:9d40::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.mft rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:85:21:30:92:0b:88:97:72:6a:86:c1:98:d2:f1:74 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3e20c700d98d76a9c640173889f9367da9de8997 Validity Not Before: Jan 2 16:23:09 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=15dd26cb8543f3216114d636df15454396cd13ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:e7:d2:43:75:93:79:b8:f5:9e:7d:31:1e:a2: 90:4a:e7:1c:61:74:08:9a:06:03:dc:f3:a4:2a:25: 53:9d:e7:4e:f0:1b:18:6a:60:09:99:ae:f5:a4:eb: d2:31:f2:14:3c:69:f4:45:ea:71:9f:39:5c:d3:35: f9:0d:3d:c7:25:b0:3b:4c:74:f9:e1:34:fe:4b:d7: f1:cb:71:5e:e7:dc:29:75:cd:15:75:f3:e3:e1:58: 29:25:07:30:d6:78:48:51:ef:b4:8c:a8:09:51:c6: 93:53:14:53:f5:98:7e:67:a3:a3:80:14:e6:f9:16: c0:c8:fb:b9:01:00:fc:d3:ba:7d:e5:11:20:de:bc: ad:d5:b1:5c:9e:c0:74:1d:07:93:ff:00:bc:f1:c4: d8:87:cd:26:57:c3:58:77:e5:48:4a:15:df:03:73: ea:16:de:19:f3:21:96:32:12:bc:f2:3b:31:f4:dc: f1:88:2a:d7:4d:1e:0f:e4:42:65:95:66:87:2e:0b: b5:30:4b:2e:c7:f9:4f:19:7a:36:67:14:87:65:d6: 50:dd:cb:ab:28:05:07:4e:91:36:ef:91:18:be:83: 3d:86:43:a6:37:16:66:94:93:7e:ce:0a:6b:2e:ba: ce:30:47:63:7a:48:47:c3:12:99:ac:00:92:fe:6b: 9e:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:DD:26:CB:85:43:F3:21:61:14:D6:36:DF:15:45:43:96:CD:13:BA X509v3 Authority Key Identifier: keyid:3E:20:C7:00:D9:8D:76:A9:C6:40:17:38:89:F9:36:7D:A9:DE:89:97 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PiDHANmNdqnGQBc4ifk2faneiZc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/Fd0my4VD8yFhFNY23xVFQ5bNE7o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ac6c7b-d059-4014-a968-e46d8d16a15f/1/PiDHANmNdqnGQBc4ifk2faneiZc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 87.239.184.0/21 91.194.116.0/23 176.56.160.0/19 185.65.172.0/22 193.33.70.0/23 195.189.120.0/22 IPv6: 2a03:9d40::/32 Signature Algorithm: sha256WithRSAEncryption 62:f7:83:7e:fd:8f:88:17:ec:2f:ab:47:7f:78:22:84:3b:02: 2c:2b:0f:cc:ea:12:69:b4:46:ec:31:d6:29:3e:fd:07:70:21: a4:60:64:ca:4a:87:8e:37:78:34:0f:47:e6:7a:29:e1:d5:0c: a9:74:d1:70:c6:3c:14:e5:77:0a:89:db:7d:57:fe:32:2b:f9: 9f:33:41:34:49:97:98:89:0b:85:af:e8:71:48:4b:1e:c4:b3: 45:e0:b1:41:e9:e8:1e:b3:57:72:f4:fc:25:7d:d9:9e:f1:18: 86:46:bd:56:cb:ce:26:be:03:9f:d9:5f:48:34:2a:7d:d7:a2: 2b:dd:34:7e:25:82:75:ce:ec:53:47:25:1d:00:b0:e6:f0:93: e1:b9:d1:75:42:0e:9c:e7:c0:25:5a:c8:78:69:8f:43:04:16: 85:6a:35:b3:68:4e:4d:a8:8c:f0:7c:b1:77:fa:28:02:a8:5d: 57:ee:ad:eb:6b:8d:2f:9a:d5:32:20:e5:3e:72:83:e7:94:06: 38:d7:9e:08:fb:03:cb:7c:92:ef:32:47:d6:5e:c2:95:56:9c: f7:1a:f7:52:27:98:48:6d:8f:2b:68:00:e3:c5:d8:c0:10:c4: ca:9a:b5:43:da:b7:8a:64:c1:69:bc:3a:86:17:62:5c:40:0f: 56:64:06:2d -----BEGIN CERTIFICATE----- MIIFKjCCBBKgAwIBAgISAZt/hSEwkguIl3JqhsGY0vF0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNlMjBjNzAwZDk4ZDc2YTljNjQwMTczODg5ZjkzNjdkYTlk ZTg5OTcwHhcNMjYwMTAyMTYyMzA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNWRkMjZjYjg1NDNmMzIxNjExNGQ2MzZkZjE1NDU0Mzk2Y2QxM2JhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+fSQ3WTebj1nn0xHqKQSuccYXQI mgYD3POkKiVTnedO8BsYamAJma71pOvSMfIUPGn0Repxnzlc0zX5DT3HJbA7THT5 4TT+S9fxy3Fe59wpdc0VdfPj4VgpJQcw1nhIUe+0jKgJUcaTUxRT9Zh+Z6OjgBTm +RbAyPu5AQD807p95REg3ryt1bFcnsB0HQeT/wC88cTYh80mV8NYd+VIShXfA3Pq Ft4Z8yGWMhK88jsx9NzxiCrXTR4P5EJllWaHLgu1MEsux/lPGXo2ZxSHZdZQ3cur KAUHTpE275EYvoM9hkOmNxZmlJN+zgprLrrOMEdjekhHwxKZrACS/muePwIDAQAB o4ICNjCCAjIwHQYDVR0OBBYEFBXdJsuFQ/MhYRTWNt8VRUOWzRO6MB8GA1UdIwQY MBaAFD4gxwDZjXapxkAXOIn5Nn2p3omXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5Njgt ZTQ2ZDhkMTZhMTVmLzEvRmQwbXk0VkQ4eUZoRk5ZMjN4VkZRNWJORTdvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMy9hYzZjN2ItZDA1OS00MDE0LWE5NjgtZTQ2ZDhkMTZhMTVm LzEvUGlESEFObU5kcW5HUUJjNGlmazJmYW5laVpjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDV++4AwQB W8J0AwQFsDigAwQCuUGsAwQBwSFGAwQCw714MA0EAgACMAcDBQAqA51AMA0GCSqG SIb3DQEBCwUAA4IBAQBi94N+/Y+IF+wvq0d/eCKEOwIsKw/M6hJptEbsMdYpPv0H cCGkYGTKSoeON3g0D0fmeinh1QypdNFwxjwU5XcKidt9V/4yK/mfM0E0SZeYiQuF r+hxSEsexLNF4LFB6eges1dy9Pwlfdme8RiGRr1Wy84mvgOf2V9INCp916Ir3TR+ JYJ1zuxTRyUdALDm8JPhudF1Qg6c58AlWsh4aY9DBBaFajWzaE5NqIzwfLF3+igC qF1X7q3ra40vmtUyIOU+coPnlAY4154I+wPLfJLvMkfWXsKVVpz3GvdSJ5hIbY8r aADjxdjAEMTKmrVD2reKZMFpvDqGF2JcQA9WZAYt -----END CERTIFICATE-----Generated at Mon Jan 19 16:51:59 2026 by rpki-client