This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/pFus08PMDQCfPbxZAkSpS82Y4PY.roa File: pFus08PMDQCfPbxZAkSpS82Y4PY.roa (raw, json) Hash identifier: lAjRzwyi3k9OQRK/TA2meKEJxn+Uz1ODnyqv3gesdQc= Subject key identifier: A4:5B:AC:D3:C3:CC:0D:00:9F:3D:BC:59:02:44:A9:4B:CD:98:E0:F6 Certificate issuer: /CN=6d0c80318177bc16b72383f8e092d52a3ae133b4 Certificate serial: 019B77C6EE592860555D107A8371B6D41DB1 Authority key identifier: 6D:0C:80:31:81:77:BC:16:B7:23:83:F8:E0:92:D5:2A:3A:E1:33:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQyAMYF3vBa3I4P44JLVKjrhM7Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/pFus08PMDQCfPbxZAkSpS82Y4PY.roa Signing time: Thu 01 Jan 2026 04:18:04 +0000 ROA not before: Thu 01 Jan 2026 04:18:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205643 IP address blocks: 185.207.72.0/22 maxlen: 22 185.207.72.0/23 maxlen: 23 185.207.72.0/24 maxlen: 24 185.207.73.0/24 maxlen: 24 185.207.74.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/bQyAMYF3vBa3I4P44JLVKjrhM7Q.crl rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/bQyAMYF3vBa3I4P44JLVKjrhM7Q.mft rsync://rpki.ripe.net/repository/DEFAULT/bQyAMYF3vBa3I4P44JLVKjrhM7Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:01:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c6:ee:59:28:60:55:5d:10:7a:83:71:b6:d4:1d:b1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6d0c80318177bc16b72383f8e092d52a3ae133b4 Validity Not Before: Jan 1 04:18:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a45bacd3c3cc0d009f3dbc590244a94bcd98e0f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:1b:6d:f6:15:5d:28:37:27:a1:09:ec:fc:d8: d9:bb:aa:b5:06:a4:9f:c3:a6:7d:b4:46:24:ae:95: 45:40:4b:a0:9d:eb:6e:d5:63:82:b9:54:a5:73:56: 45:6e:ee:eb:a8:12:14:62:35:58:e8:2d:a0:66:59: 89:db:b8:41:97:b3:eb:a0:15:b3:a4:ca:89:90:02: f3:4b:2b:e2:3c:6a:a7:51:2a:be:3f:26:be:b0:3d: e9:1e:8a:d0:2e:6c:d3:5d:27:93:6e:b2:5d:89:18: 1a:9c:f6:b0:a4:80:47:75:b9:ab:71:a5:c6:69:9a: 00:e5:5b:11:15:1c:04:b4:c1:c2:10:c4:c7:9d:9b: 87:1d:43:eb:b6:26:b9:12:ea:46:d1:c4:c3:92:dc: 13:a8:07:e3:f7:9c:a1:82:1f:48:1e:de:3e:03:7f: b6:38:d8:b5:46:ca:01:93:a9:4c:dd:f8:a2:15:6f: a1:31:b6:1d:4d:4c:cf:32:95:eb:52:e9:40:0b:f7: be:b4:a7:e0:2c:9b:1a:1d:32:b0:a7:7a:50:28:8a: a0:e0:ed:3e:29:18:2c:10:89:12:ba:48:c5:0e:74: 1c:6b:4e:4d:58:19:30:df:d1:7b:80:c4:18:b2:60: cc:c3:b1:5b:56:91:69:c8:08:46:50:a7:98:f8:96: a1:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:5B:AC:D3:C3:CC:0D:00:9F:3D:BC:59:02:44:A9:4B:CD:98:E0:F6 X509v3 Authority Key Identifier: keyid:6D:0C:80:31:81:77:BC:16:B7:23:83:F8:E0:92:D5:2A:3A:E1:33:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQyAMYF3vBa3I4P44JLVKjrhM7Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/pFus08PMDQCfPbxZAkSpS82Y4PY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/31bd07-9a1f-4345-a66b-7942404016f3/1/bQyAMYF3vBa3I4P44JLVKjrhM7Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.207.72.0/22 Signature Algorithm: sha256WithRSAEncryption ae:1d:50:08:9c:64:b2:c8:89:73:4b:71:5e:3b:ad:df:90:6d: 53:9f:e1:43:e7:22:11:fa:9e:cc:43:c6:00:72:1f:72:23:c7: 4f:ba:bc:68:f3:a2:f6:8b:32:b7:38:2d:e8:30:d5:cc:36:e7: 8b:e7:98:69:c1:fd:03:c6:e9:33:b6:52:fb:91:26:e4:6b:51: aa:9a:f8:16:94:de:28:15:86:2a:1e:36:3f:c0:2d:d4:3c:50: a4:3e:36:55:69:a9:0d:4a:96:c6:bf:71:d0:1b:4f:58:2d:f7: a1:68:66:b2:29:97:3b:a9:91:2b:91:be:8b:75:ce:fc:b1:9f: ac:e3:c6:91:d6:1b:41:dc:39:04:07:79:18:2b:ab:24:19:32: c7:d6:e8:56:b0:dc:bb:4a:60:0c:e8:7d:e1:48:22:69:6f:9e: fd:49:e7:c1:fc:ca:34:53:3f:5f:ce:29:02:e6:64:f7:74:ee: 4e:36:84:53:87:3c:21:b4:4c:49:6a:e3:ef:74:b1:85:b9:8c: 76:fe:b2:a2:e5:4a:e0:b0:96:f8:91:41:8f:ba:14:39:b0:3c: b3:1c:a2:d2:a5:a2:a0:21:40:17:93:b5:1e:b4:ae:93:b5:6c: 33:3f:79:d2:30:97:5e:ec:a7:b8:61:15:65:70:d8:07:69:e3: 6d:5e:02:1e -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt3xu5ZKGBVXRB6g3G21B2xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZkMGM4MDMxODE3N2JjMTZiNzIzODNmOGUwOTJkNTJhM2Fl MTMzYjQwHhcNMjYwMTAxMDQxODA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhNDViYWNkM2MzY2MwZDAwOWYzZGJjNTkwMjQ0YTk0YmNkOThlMGY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Rtt9hVdKDcnoQns/NjZu6q1BqSf w6Z9tEYkrpVFQEugnetu1WOCuVSlc1ZFbu7rqBIUYjVY6C2gZlmJ27hBl7ProBWz pMqJkALzSyviPGqnUSq+Pya+sD3pHorQLmzTXSeTbrJdiRganPawpIBHdbmrcaXG aZoA5VsRFRwEtMHCEMTHnZuHHUPrtia5EupG0cTDktwTqAfj95yhgh9IHt4+A3+2 ONi1RsoBk6lM3fiiFW+hMbYdTUzPMpXrUulAC/e+tKfgLJsaHTKwp3pQKIqg4O0+ KRgsEIkSukjFDnQca05NWBkw39F7gMQYsmDMw7FbVpFpyAhGUKeY+JahJwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFKRbrNPDzA0Anz28WQJEqUvNmOD2MB8GA1UdIwQY MBaAFG0MgDGBd7wWtyOD+OCS1So64TO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYlF5QU1ZRjN2QmEzSTRQNDRKTFZLanJoTTdRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8zMWJkMDctOWExZi00MzQ1LWE2NmIt Nzk0MjQwNDAxNmYzLzEvcEZ1czA4UE1EUUNmUGJ4WkFrU3BTODJZNFBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMC8zMWJkMDctOWExZi00MzQ1LWE2NmItNzk0MjQwNDAxNmYz LzEvYlF5QU1ZRjN2QmEzSTRQNDRKTFZLanJoTTdRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc9IMA0G CSqGSIb3DQEBCwUAA4IBAQCuHVAInGSyyIlzS3FeO63fkG1Tn+FD5yIR+p7MQ8YA ch9yI8dPurxo86L2izK3OC3oMNXMNueL55hpwf0DxukztlL7kSbka1GqmvgWlN4o FYYqHjY/wC3UPFCkPjZVaakNSpbGv3HQG09YLfehaGayKZc7qZErkb6Ldc78sZ+s 48aR1htB3DkEB3kYK6skGTLH1uhWsNy7SmAM6H3hSCJpb579SefB/Mo0Uz9fzikC 5mT3dO5ONoRThzwhtExJauPvdLGFuYx2/rKi5UrgsJb4kUGPuhQ5sDyzHKLSpaKg IUAXk7UetK6TtWwzP3nSMJde7Ke4YRVlcNgHaeNtXgIe -----END CERTIFICATE-----Generated at Mon Feb 9 22:22:37 2026 by rpki-client