This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/36CB5eigCHYIuRmXqrnDW_-F3Xc.roa File: 36CB5eigCHYIuRmXqrnDW_-F3Xc.roa (raw, json) Hash identifier: KcH/S3GFg0T0gWVpA5XkZVyUjTJRMZNW3hzXP6Ng0zo= Subject key identifier: DF:A0:81:E5:E8:A0:08:76:08:B9:19:97:AA:B9:C3:5B:FF:85:DD:77 Certificate issuer: /CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e Certificate serial: 019B7EA5395F6B0C864762CC60E4FE1B3255 Authority key identifier: DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/36CB5eigCHYIuRmXqrnDW_-F3Xc.roa Signing time: Fri 02 Jan 2026 12:18:35 +0000 ROA not before: Fri 02 Jan 2026 12:18:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31317 IP address blocks: 31.220.112.0/21 maxlen: 32 37.251.224.0/21 maxlen: 32 37.251.232.0/21 maxlen: 32 45.119.124.0/22 maxlen: 32 185.95.112.0/22 maxlen: 32 185.114.140.0/22 maxlen: 32 185.156.28.0/22 maxlen: 32 185.178.56.0/22 maxlen: 32 195.192.192.0/21 maxlen: 32 195.192.200.0/21 maxlen: 32 2a05:fb80::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.mft rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:39:5f:6b:0c:86:47:62:cc:60:e4:fe:1b:32:55 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dc05970e650c2aaf1ab6a3a33a83732466a1512e Validity Not Before: Jan 2 12:18:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dfa081e5e8a0087608b91997aab9c35bff85dd77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:5c:83:22:4b:61:62:bb:23:1d:d9:b8:53:ec: 58:86:c9:c0:98:87:e1:99:14:fd:e5:bf:7f:11:33: 36:1e:03:f9:20:79:fc:e6:7c:04:5a:7c:60:aa:be: 6f:7b:35:21:d3:60:8b:f0:cb:df:48:fa:e4:78:34: bc:30:38:48:15:83:7d:14:65:93:37:be:06:80:80: 9b:8c:a9:f9:c1:8c:e9:21:cd:1f:05:e8:af:e4:00: b1:a7:a9:0d:ba:84:a1:1c:58:01:b2:79:e6:41:9b: 87:48:40:b4:dd:32:f8:44:3e:41:03:05:99:7f:3f: 79:c8:ac:41:11:c7:36:0a:bd:f6:9a:6b:b7:2f:07: bc:ec:7c:93:69:b9:f9:d3:f8:7d:dd:a3:96:2b:b2: 50:d7:f9:ff:2d:55:82:ab:41:dc:67:36:fa:7f:56: 5c:90:11:ec:b5:76:20:7f:67:d2:83:95:50:3f:ac: 81:4a:55:fc:97:46:67:b5:42:59:07:06:a0:e9:10: c3:0e:86:a6:30:94:55:2f:0f:a8:5f:55:64:1e:10: 3a:a0:54:73:02:e2:96:44:a2:b9:d8:f6:d0:3c:22: fb:0d:83:2f:48:1c:32:71:13:df:7a:6b:97:7b:0b: 68:e4:32:39:53:42:1f:a9:93:5b:58:21:c3:1f:76: 6e:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:A0:81:E5:E8:A0:08:76:08:B9:19:97:AA:B9:C3:5B:FF:85:DD:77 X509v3 Authority Key Identifier: keyid:DC:05:97:0E:65:0C:2A:AF:1A:B6:A3:A3:3A:83:73:24:66:A1:51:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3AWXDmUMKq8atqOjOoNzJGahUS4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/36CB5eigCHYIuRmXqrnDW_-F3Xc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3b9a48-8b63-4d3b-a3a9-67a540e297f0/1/3AWXDmUMKq8atqOjOoNzJGahUS4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.112.0/21 37.251.224.0/20 45.119.124.0/22 185.95.112.0/22 185.114.140.0/22 185.156.28.0/22 185.178.56.0/22 195.192.192.0/20 IPv6: 2a05:fb80::/29 Signature Algorithm: sha256WithRSAEncryption 4d:d4:da:0a:05:44:1d:40:26:61:c3:ff:18:b0:f7:ed:1b:3b: d9:92:09:da:0f:fc:98:a7:66:af:b4:7e:b0:4d:f9:74:b2:db: cb:d1:40:d6:53:40:7b:18:f6:d5:c7:0d:e5:24:38:62:a6:80: 81:54:a3:1e:2a:88:75:b0:94:6e:76:97:6d:6c:88:8e:5b:2d: 4e:50:1f:9f:cd:05:21:4a:84:ce:70:de:4f:2d:dd:7d:22:64: a2:e1:f4:4d:1e:6e:ed:87:b7:cb:08:ca:d3:bc:73:cb:96:01: ee:1e:9c:07:4f:1d:93:98:17:8c:f7:66:34:45:b7:b0:be:fb: de:e8:43:a6:d3:12:fb:90:28:db:db:03:cb:e5:63:4c:f0:d7: 41:29:6d:54:a1:6f:5f:e9:91:2e:7b:60:71:fe:13:7c:fc:33: 43:2b:0f:c1:b0:80:5c:45:df:dc:68:5d:43:9f:70:df:7e:c5: 66:33:bc:62:4b:f0:5c:3e:0e:5c:0e:88:42:2f:28:95:b2:d8: 03:fb:d8:59:2d:bf:1a:3f:55:6d:5b:03:cd:aa:7c:6a:08:cf: 37:7c:2f:30:b1:08:57:17:3e:24:5a:6f:34:dd:e7:ce:c8:ed: 65:59:b8:4d:02:a0:a3:61:ba:13:bb:19:84:b1:be:29:01:65: 7a:f1:df:5a -----BEGIN CERTIFICATE----- MIIFNjCCBB6gAwIBAgISAZt+pTlfawyGR2LMYOT+GzJVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjMDU5NzBlNjUwYzJhYWYxYWI2YTNhMzNhODM3MzI0NjZh MTUxMmUwHhcNMjYwMTAyMTIxODM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmEwODFlNWU4YTAwODc2MDhiOTE5OTdhYWI5YzM1YmZmODVkZDc3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1yDIkthYrsjHdm4U+xYhsnAmIfh mRT95b9/ETM2HgP5IHn85nwEWnxgqr5vezUh02CL8MvfSPrkeDS8MDhIFYN9FGWT N74GgICbjKn5wYzpIc0fBeiv5ACxp6kNuoShHFgBsnnmQZuHSEC03TL4RD5BAwWZ fz95yKxBEcc2Cr32mmu3Lwe87HyTabn50/h93aOWK7JQ1/n/LVWCq0HcZzb6f1Zc kBHstXYgf2fSg5VQP6yBSlX8l0ZntUJZBwag6RDDDoamMJRVLw+oX1VkHhA6oFRz AuKWRKK52PbQPCL7DYMvSBwycRPfemuXewto5DI5U0IfqZNbWCHDH3ZumQIDAQAB o4ICQjCCAj4wHQYDVR0OBBYEFN+ggeXooAh2CLkZl6q5w1v/hd13MB8GA1UdIwQY MBaAFNwFlw5lDCqvGrajozqDcyRmoVEuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTkt NjdhNTQwZTI5N2YwLzEvMzZDQjVlaWdDSFlJdVJtWHFybkRXXy1GM1hjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iZS8zYjlhNDgtOGI2My00ZDNiLWEzYTktNjdhNTQwZTI5N2Yw LzEvM0FXWERtVU1LcThhdHFPak9vTnpKR2FoVVM0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDH9xwAwQE JfvgAwQCLXd8AwQCuV9wAwQCuXKMAwQCuZwcAwQCubI4AwQEw8DAMA0EAgACMAcD BQMqBfuAMA0GCSqGSIb3DQEBCwUAA4IBAQBN1NoKBUQdQCZhw/8YsPftGzvZkgna D/yYp2avtH6wTfl0stvL0UDWU0B7GPbVxw3lJDhipoCBVKMeKoh1sJRudpdtbIiO Wy1OUB+fzQUhSoTOcN5PLd19ImSi4fRNHm7th7fLCMrTvHPLlgHuHpwHTx2TmBeM 92Y0Rbewvvve6EOm0xL7kCjb2wPL5WNM8NdBKW1UoW9f6ZEue2Bx/hN8/DNDKw/B sIBcRd/caF1Dn3DffsVmM7xiS/BcPg5cDohCLyiVstgD+9hZLb8aP1VtWwPNqnxq CM83fC8wsQhXFz4kWm803efOyO1lWbhNAqCjYboTuxmEsb4pAWV68d9a -----END CERTIFICATE-----Generated at Mon Feb 9 19:38:24 2026 by rpki-client