This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/3xmlsxTNDAPRt4_0q9JN37-J_fo.roa File: 3xmlsxTNDAPRt4_0q9JN37-J_fo.roa (raw, json) Hash identifier: hrh+PtmNTziEnO3zB1N3sBXi6xmDSdZWbvKSyvj1sho= Subject key identifier: DF:19:A5:B3:14:CD:0C:03:D1:B7:8F:F4:AB:D2:4D:DF:BF:89:FD:FA Certificate issuer: /CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d Certificate serial: 019B7F848E9E36F730F3697EE71EA3988B95 Authority key identifier: 20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/3xmlsxTNDAPRt4_0q9JN37-J_fo.roa Signing time: Fri 02 Jan 2026 16:22:32 +0000 ROA not before: Fri 02 Jan 2026 16:22:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62317 IP address blocks: 185.40.132.0/22 maxlen: 22 185.66.76.0/23 maxlen: 23 185.66.78.0/24 maxlen: 24 185.69.200.0/22 maxlen: 22 2a01:4b20::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/IJ2ng837PLbZvILBktbXKrtKM20.crl rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/IJ2ng837PLbZvILBktbXKrtKM20.mft rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:8e:9e:36:f7:30:f3:69:7e:e7:1e:a3:98:8b:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=209da783cdfb3cb6d9bc82c192d6d72abb4a336d Validity Not Before: Jan 2 16:22:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df19a5b314cd0c03d1b78ff4abd24ddfbf89fdfa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:34:25:9f:75:e6:c7:55:18:d6:97:50:72:78: 54:85:cd:b0:c7:3a:a5:44:d2:9b:ad:c7:c1:98:af: 2e:22:09:14:44:d5:76:b4:05:61:f5:b4:4d:59:84: e5:ab:cf:16:23:fa:18:87:e8:af:fa:45:a1:7b:f4: 73:90:b9:37:36:0b:5b:a6:83:30:e2:c8:f6:38:01: b8:21:f5:6c:eb:a9:96:fb:ff:77:25:16:5c:89:c0: fb:4a:d4:98:bd:af:e5:d0:51:d3:ff:10:14:bf:66: 07:36:e9:1c:88:0c:19:b3:50:b3:da:c2:6f:41:ba: e6:97:6e:8c:da:07:64:1d:a1:65:60:76:ba:09:42: 74:e4:a9:ce:6c:c7:88:19:4c:e6:17:d7:3b:59:37: f8:34:e9:b3:64:2f:d3:b5:56:bc:85:1c:24:20:d7: 86:a5:e0:f9:08:bd:4f:4e:47:91:34:45:1d:c5:00: 22:ba:23:40:a2:6d:1b:9d:8c:1a:28:97:a1:fe:a4: c6:d7:03:f8:94:a2:a7:da:54:af:bd:94:c8:45:3c: 65:a0:ff:0b:53:b6:02:88:d6:06:30:0b:87:4d:f7: bd:8d:c6:f7:c1:7e:b8:f8:00:28:1b:44:cb:50:9d: 3d:e2:6d:04:8d:e4:aa:0f:92:49:e1:f8:b4:64:e7: b2:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:19:A5:B3:14:CD:0C:03:D1:B7:8F:F4:AB:D2:4D:DF:BF:89:FD:FA X509v3 Authority Key Identifier: keyid:20:9D:A7:83:CD:FB:3C:B6:D9:BC:82:C1:92:D6:D7:2A:BB:4A:33:6D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IJ2ng837PLbZvILBktbXKrtKM20.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/3xmlsxTNDAPRt4_0q9JN37-J_fo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5d59c6-f089-4530-a097-28461be89740/1/IJ2ng837PLbZvILBktbXKrtKM20.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.132.0/22 185.66.76.0-185.66.78.255 185.69.200.0/22 IPv6: 2a01:4b20::/29 Signature Algorithm: sha256WithRSAEncryption 99:d0:8d:8a:00:a7:1d:96:3b:a7:ed:76:43:41:b5:bf:a4:3a: 90:a2:20:68:91:be:af:af:42:94:a4:27:c3:3d:91:6a:ba:94: de:ff:14:22:b4:cc:aa:a2:b5:03:94:7a:bc:9f:d5:d0:c4:38: da:b8:60:34:d3:1f:9d:c7:1a:02:06:3f:4f:c3:3f:17:ae:13: e8:d4:9e:f2:11:0a:4f:33:5f:3b:17:96:d2:91:7f:a6:45:b6: ea:a7:6f:c7:3b:d8:25:e9:75:d0:37:bb:4b:09:15:d8:2f:a2: f4:db:d2:71:f5:10:9c:c1:94:4d:1f:81:57:04:80:8e:6d:71: 9d:35:48:d4:3b:d5:24:67:f0:ef:d7:19:46:e9:32:03:9b:13: ef:40:c7:0c:5d:30:4f:40:54:33:99:0b:f2:e3:b6:da:c2:4d: 87:dd:87:26:c9:6f:62:c1:84:82:94:6d:a9:68:1f:8d:18:89: 3f:d6:2a:fd:d3:f9:d4:ad:fc:11:b6:44:ac:4c:58:ad:54:a4: 76:0f:86:4f:08:af:51:d9:a3:92:f3:5f:0b:bc:85:fe:0f:93: 62:77:76:d6:8f:fe:90:88:4c:1a:3e:03:28:d0:ee:84:11:db: 8a:0c:80:31:a8:a6:6c:cc:5e:c8:9b:2d:8f:4d:d8:42:b8:48: 95:22:15:64 -----BEGIN CERTIFICATE----- MIIFIDCCBAigAwIBAgISAZt/hI6eNvcw82l+5x6jmIuVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIwOWRhNzgzY2RmYjNjYjZkOWJjODJjMTkyZDZkNzJhYmI0 YTMzNmQwHhcNMjYwMTAyMTYyMjMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjE5YTViMzE0Y2QwYzAzZDFiNzhmZjRhYmQyNGRkZmJmODlmZGZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzQln3Xmx1UY1pdQcnhUhc2wxzql RNKbrcfBmK8uIgkURNV2tAVh9bRNWYTlq88WI/oYh+iv+kWhe/RzkLk3NgtbpoMw 4sj2OAG4IfVs66mW+/93JRZcicD7StSYva/l0FHT/xAUv2YHNukciAwZs1Cz2sJv Qbrml26M2gdkHaFlYHa6CUJ05KnObMeIGUzmF9c7WTf4NOmzZC/TtVa8hRwkINeG peD5CL1PTkeRNEUdxQAiuiNAom0bnYwaKJeh/qTG1wP4lKKn2lSvvZTIRTxloP8L U7YCiNYGMAuHTfe9jcb3wX64+AAoG0TLUJ094m0EjeSqD5JJ4fi0ZOeylwIDAQAB o4ICLDCCAigwHQYDVR0OBBYEFN8ZpbMUzQwD0beP9KvSTd+/if36MB8GA1UdIwQY MBaAFCCdp4PN+zy22byCwZLW1yq7SjNtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTct Mjg0NjFiZTg5NzQwLzEvM3htbHN4VE5EQVBSdDRfMHE5Sk4zNy1KX2ZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMS81ZDU5YzYtZjA4OS00NTMwLWEwOTctMjg0NjFiZTg5NzQw LzEvSUoybmc4MzdQTGJadklMQmt0YlhLcnRLTTIwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuSiEMAwD BAK5QkwDBAC5Qk4DBAK5RcgwDQQCAAIwBwMFAyoBSyAwDQYJKoZIhvcNAQELBQAD ggEBAJnQjYoApx2WO6ftdkNBtb+kOpCiIGiRvq+vQpSkJ8M9kWq6lN7/FCK0zKqi tQOUeryf1dDEONq4YDTTH53HGgIGP0/DPxeuE+jUnvIRCk8zXzsXltKRf6ZFtuqn b8c72CXpddA3u0sJFdgvovTb0nH1EJzBlE0fgVcEgI5tcZ01SNQ71SRn8O/XGUbp MgObE+9AxwxdME9AVDOZC/LjttrCTYfdhybJb2LBhIKUbaloH40YiT/WKv3T+dSt /BG2RKxMWK1UpHYPhk8Ir1HZo5LzXwu8hf4Pk2J3dtaP/pCITBo+AyjQ7oQR24oM gDGopmzMXsibLY9N2EK4SJUiFWQ= -----END CERTIFICATE-----Generated at Tue Feb 10 00:15:06 2026 by rpki-client