This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Fmg3wL_o3aopIsEQbXgCHXFam4E.roa File: Fmg3wL_o3aopIsEQbXgCHXFam4E.roa (raw, json) Hash identifier: OY+cWfR5jYsnEPm1uZa4VUsODu3TKMDkMdv4TNeG75Q= Subject key identifier: 16:68:37:C0:BF:E8:DD:AA:29:22:C1:10:6D:78:02:1D:71:5A:9B:81 Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Certificate serial: 019B78A2769071A035773E2D9597E657088A Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Fmg3wL_o3aopIsEQbXgCHXFam4E.roa Signing time: Thu 01 Jan 2026 08:17:51 +0000 ROA not before: Thu 01 Jan 2026 08:17:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20115 IP address blocks: 36.255.212.0/24 maxlen: 24 94.154.183.0/24 maxlen: 24 103.216.199.0/24 maxlen: 24 162.218.91.0/24 maxlen: 24 185.171.126.0/24 maxlen: 24 212.60.14.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 12:01:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:76:90:71:a0:35:77:3e:2d:95:97:e6:57:08:8a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07 Validity Not Before: Jan 1 08:17:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=166837c0bfe8ddaa2922c1106d78021d715a9b81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:1d:9e:14:15:84:a1:76:53:4a:21:22:25:2b: 28:e4:54:63:98:6a:6f:6b:6e:5b:7e:fd:7e:58:25: 27:7a:85:97:42:08:ba:a8:86:1b:76:d9:5f:31:94: 83:95:4b:b9:73:83:62:28:77:b1:ff:59:fc:5c:be: 03:59:87:f9:78:b5:60:3c:81:ba:5d:68:db:12:0b: d2:14:bd:50:02:72:6a:d4:ee:8a:b8:60:5b:12:38: b4:ad:25:45:b8:79:0e:33:7c:b1:90:e4:b6:fa:26: 34:eb:d2:02:b7:d7:38:20:33:78:8e:2f:1b:67:78: 2f:69:a1:e1:69:37:12:b6:b5:6f:bb:e9:1a:fe:7c: 1d:fa:41:c0:55:9e:cb:ba:c8:52:81:9e:46:ec:0b: 43:f7:1f:09:92:f7:cf:ae:95:ee:83:f2:22:45:e3: bd:99:dd:87:85:6b:89:b1:6a:0b:d0:9f:cf:ea:b7: d7:66:1c:3f:25:e3:b0:5b:d8:1f:b7:fa:a9:02:89: e2:2a:44:b8:7b:fe:b8:d8:a8:a7:0c:cd:00:ef:56: 1f:26:df:67:83:85:bd:72:c8:97:4f:da:bd:d1:12: 51:ab:0f:ac:30:fe:15:0a:b8:7c:ba:14:9f:c8:4d: 47:9e:1e:41:a7:a6:ef:69:d1:1a:7a:f9:fd:1c:dd: 2b:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:68:37:C0:BF:E8:DD:AA:29:22:C1:10:6D:78:02:1D:71:5A:9B:81 X509v3 Authority Key Identifier: keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Fmg3wL_o3aopIsEQbXgCHXFam4E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 36.255.212.0/24 94.154.183.0/24 103.216.199.0/24 162.218.91.0/24 185.171.126.0/24 212.60.14.0/24 Signature Algorithm: sha256WithRSAEncryption 67:89:9b:02:cd:29:e1:17:f0:db:b7:99:3c:d1:3b:46:73:73: 32:2d:d1:fd:a3:92:bf:89:eb:bc:85:ab:9b:b9:a5:4c:30:f7: 42:8b:5c:2c:9e:a6:d5:b2:b2:a3:12:57:c2:29:87:9a:86:2d: ac:d7:8d:ff:e2:d6:01:6a:82:7c:f4:5e:fd:a0:f2:53:c1:2f: 6c:b6:a7:d6:df:52:03:e5:f6:52:e7:f6:5c:2c:7b:6a:1e:9e: 50:b0:8b:e1:9f:b5:d7:01:5d:6d:b8:4c:31:2e:47:f2:6a:52: 37:9e:a0:98:46:f7:59:5f:f1:34:14:3c:b3:89:e6:95:67:f7: 44:5e:e1:72:5c:ef:2b:5c:6b:5e:bb:21:cc:f7:bb:fa:a9:98: 29:05:17:55:6e:2f:5d:79:02:f2:d6:ab:6e:8b:ca:65:bb:82: 4a:e4:52:bd:f8:88:23:63:d1:15:c5:fa:fb:1d:12:a7:8f:45: a8:d1:bc:c0:19:ff:76:d6:09:e9:02:45:63:1d:ee:28:f0:9c: 7e:f2:91:1a:f1:8d:c3:3e:c2:41:c8:57:2b:69:1c:eb:31:4b: 17:9b:41:92:13:29:89:3c:31:2e:9f:22:41:1e:d9:0d:45:1c: da:42:18:85:0d:50:4e:b4:f1:4e:34:66:06:84:e0:4f:e9:fe: aa:b8:8f:b5 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt4onaQcaA1dz4tlZfmVwiKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy ZGJmMDcwHhcNMjYwMTAxMDgxNzUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNjY4MzdjMGJmZThkZGFhMjkyMmMxMTA2ZDc4MDIxZDcxNWE5YjgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh2eFBWEoXZTSiEiJSso5FRjmGpv a25bfv1+WCUneoWXQgi6qIYbdtlfMZSDlUu5c4NiKHex/1n8XL4DWYf5eLVgPIG6 XWjbEgvSFL1QAnJq1O6KuGBbEji0rSVFuHkOM3yxkOS2+iY069ICt9c4IDN4ji8b Z3gvaaHhaTcStrVvu+ka/nwd+kHAVZ7LushSgZ5G7AtD9x8JkvfPrpXug/IiReO9 md2HhWuJsWoL0J/P6rfXZhw/JeOwW9gft/qpAoniKkS4e/642KinDM0A71YfJt9n g4W9csiXT9q90RJRqw+sMP4VCrh8uhSfyE1Hnh5Bp6bvadEaevn9HN0rpwIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFBZoN8C/6N2qKSLBEG14Ah1xWpuBMB8GA1UdIwQY MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt ZjNlNTA2YWVhYTAxLzEvRm1nM3dMX28zYW9wSXNFUWJYZ0NIWEZhbTRFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJP/UAwQA Xpq3AwQAZ9jHAwQAotpbAwQAuat+AwQA1DwOMA0GCSqGSIb3DQEBCwUAA4IBAQBn iZsCzSnhF/Dbt5k80TtGc3MyLdH9o5K/ieu8haubuaVMMPdCi1wsnqbVsrKjElfC KYeahi2s143/4tYBaoJ89F79oPJTwS9stqfW31ID5fZS5/ZcLHtqHp5QsIvhn7XX AV1tuEwxLkfyalI3nqCYRvdZX/E0FDyzieaVZ/dEXuFyXO8rXGteuyHM97v6qZgp BRdVbi9deQLy1qtui8plu4JK5FK9+IgjY9EVxfr7HRKnj0Wo0bzAGf921gnpAkVj He4o8Jx+8pEa8Y3DPsJByFcraRzrMUsXm0GSEymJPDEunyJBHtkNRRzaQhiFDVBO tPFONGYGhOBP6f6quI+1 -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:19 2026 by rpki-client