This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/3kj2IZUmhg4c3fn_vDNshjS1bYM.roa File: 3kj2IZUmhg4c3fn_vDNshjS1bYM.roa (raw, json) Hash identifier: F1j+Rw7AK0w/RfaxR+vC5zwL/WwgyQ05RgO+QAvekpY= Subject key identifier: DE:48:F6:21:95:26:86:0E:1C:DD:F9:FF:BC:33:6C:86:34:B5:6D:83 Certificate issuer: /CN=230d311fc19463fdd30adecc917b5f0298741b44 Certificate serial: 019B7EA720C9B351C88C2DD6C034204AF071 Authority key identifier: 23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/3kj2IZUmhg4c3fn_vDNshjS1bYM.roa Signing time: Fri 02 Jan 2026 12:20:40 +0000 ROA not before: Fri 02 Jan 2026 12:20:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49121 IP address blocks: 185.65.69.0/24 maxlen: 24 2a0d:3180:7::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.mft rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a7:20:c9:b3:51:c8:8c:2d:d6:c0:34:20:4a:f0:71 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=230d311fc19463fdd30adecc917b5f0298741b44 Validity Not Before: Jan 2 12:20:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de48f6219526860e1cddf9ffbc336c8634b56d83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:a2:dc:9d:de:8c:fd:4b:70:45:ed:22:12:d3: 81:55:39:2d:12:14:19:1c:83:18:4c:15:59:e6:28: d1:0d:db:97:2f:b5:24:29:86:d0:01:e9:3c:82:60: 45:23:ec:b7:c7:15:ae:4e:ef:3c:ac:66:09:07:9e: 48:3a:ce:6b:9b:36:82:36:f7:bc:b2:64:ee:cf:34: 9f:86:63:c3:a2:af:cb:b1:cd:34:eb:17:84:12:b8: 71:87:a4:61:9b:9f:ac:d5:50:21:ea:3c:f6:1a:d6: f2:9a:08:36:f4:a9:5a:9e:6e:ea:23:dc:3b:f3:b3: a7:b0:17:67:01:65:11:f8:8f:11:fa:69:6c:20:82: ac:b8:fc:72:07:69:73:ab:2c:ac:46:28:07:3f:32: 45:dd:47:bf:2b:d9:aa:e8:18:59:11:ec:8f:9a:f8: 57:81:60:5a:8d:d0:16:3b:51:e9:80:8d:e8:92:ce: 6b:cb:07:cd:b8:00:41:fc:f6:9c:92:1c:87:33:cd: e0:a2:b4:d6:5f:49:0d:51:37:22:9a:20:e2:f3:6c: 13:95:df:55:f4:32:b7:8f:f6:e1:ff:0e:4b:46:2c: f2:03:f2:68:2f:3a:79:7c:5a:94:8e:30:d0:40:c3: ae:f8:62:3f:e0:d0:89:ed:9e:7b:a8:b0:94:eb:5a: a4:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:48:F6:21:95:26:86:0E:1C:DD:F9:FF:BC:33:6C:86:34:B5:6D:83 X509v3 Authority Key Identifier: keyid:23:0D:31:1F:C1:94:63:FD:D3:0A:DE:CC:91:7B:5F:02:98:74:1B:44 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/3kj2IZUmhg4c3fn_vDNshjS1bYM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/281dfb-3293-4bab-ba22-1becb5dcd7aa/1/Iw0xH8GUY_3TCt7MkXtfAph0G0Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.65.69.0/24 IPv6: 2a0d:3180:7::/48 Signature Algorithm: sha256WithRSAEncryption 7e:82:5d:0d:b9:56:84:c4:29:50:53:76:a0:6d:24:0f:69:af: e8:f2:87:0f:27:14:62:9b:5a:43:7d:75:8d:a2:19:0c:db:c6: e3:38:f2:08:8d:64:40:ec:4b:a6:1d:02:63:23:57:5c:45:85: a6:f2:2b:76:76:a8:a2:16:88:55:aa:f3:c7:21:22:4a:58:33: 16:a2:cd:3b:fc:d8:a8:76:66:8a:1e:47:a4:b4:37:51:e2:f3: c1:8c:8a:e6:47:86:aa:b5:d2:0e:70:db:85:88:f0:99:1c:a6: f3:06:7d:8d:2b:b6:3c:6b:0b:47:ca:08:ba:05:05:f3:4d:a6: ba:62:79:f6:5d:dc:4f:18:3d:23:a0:b2:b3:85:5a:df:6e:d4: e4:93:06:97:07:7c:33:49:17:57:62:7d:41:6d:15:29:1e:04: 80:1f:92:a3:eb:a1:69:19:d1:2e:f5:ad:0e:98:6f:ba:c1:aa: d3:28:44:e3:a3:c2:34:4a:a1:bb:63:a7:6c:6c:db:04:e9:40: 5d:d3:38:17:f7:97:09:14:7c:e2:77:ab:51:ce:ad:66:e7:fe: 77:88:1e:9c:99:e4:83:e9:43:2d:27:26:74:b5:c2:73:e6:76: 28:a5:12:6a:35:fd:48:fb:34:0c:82:69:f9:ee:58:65:8c:5b: 90:9e:5b:67 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+pyDJs1HIjC3WwDQgSvBxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIzMGQzMTFmYzE5NDYzZmRkMzBhZGVjYzkxN2I1ZjAyOTg3 NDFiNDQwHhcNMjYwMTAyMTIyMDQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTQ4ZjYyMTk1MjY4NjBlMWNkZGY5ZmZiYzMzNmM4NjM0YjU2ZDgzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6Lcnd6M/UtwRe0iEtOBVTktEhQZ HIMYTBVZ5ijRDduXL7UkKYbQAek8gmBFI+y3xxWuTu88rGYJB55IOs5rmzaCNve8 smTuzzSfhmPDoq/Lsc006xeEErhxh6Rhm5+s1VAh6jz2Gtbymgg29Klanm7qI9w7 87OnsBdnAWUR+I8R+mlsIIKsuPxyB2lzqyysRigHPzJF3Ue/K9mq6BhZEeyPmvhX gWBajdAWO1HpgI3oks5rywfNuABB/PackhyHM83gorTWX0kNUTcimiDi82wTld9V 9DK3j/bh/w5LRizyA/JoLzp5fFqUjjDQQMOu+GI/4NCJ7Z57qLCU61qk3wIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFN5I9iGVJoYOHN35/7wzbIY0tW2DMB8GA1UdIwQY MBaAFCMNMR/BlGP90wrezJF7XwKYdBtEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjIt MWJlY2I1ZGNkN2FhLzEvM2tqMklaVW1oZzRjM2ZuX3ZETnNoalMxYllNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMi8yODFkZmItMzI5My00YmFiLWJhMjItMWJlY2I1ZGNkN2Fh LzEvSXcweEg4R1VZXzNUQ3Q3TWtYdGZBcGgwRzBRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuUFFMA8E AgACMAkDBwAqDTGAAAcwDQYJKoZIhvcNAQELBQADggEBAH6CXQ25VoTEKVBTdqBt JA9pr+jyhw8nFGKbWkN9dY2iGQzbxuM48giNZEDsS6YdAmMjV1xFhabyK3Z2qKIW iFWq88chIkpYMxaizTv82Kh2ZooeR6S0N1Hi88GMiuZHhqq10g5w24WI8JkcpvMG fY0rtjxrC0fKCLoFBfNNprpiefZd3E8YPSOgsrOFWt9u1OSTBpcHfDNJF1difUFt FSkeBIAfkqProWkZ0S71rQ6Yb7rBqtMoROOjwjRKobtjp2xs2wTpQF3TOBf3lwkU fOJ3q1HOrWbn/neIHpyZ5IPpQy0nJnS1wnPmdiilEmo1/Uj7NAyCafnuWGWMW5Ce W2c= -----END CERTIFICATE-----Generated at Mon Feb 9 22:16:29 2026 by rpki-client