This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/41nL5ZV4qJFS5Q2xxQRuLMPoip0.roa File: 41nL5ZV4qJFS5Q2xxQRuLMPoip0.roa (raw, json) Hash identifier: BJiNQu65WQwhnTLfbv69MpyE5IwMrQPr3mJhDc7s1uM= Subject key identifier: E3:59:CB:E5:95:78:A8:91:52:E5:0D:B1:C5:04:6E:2C:C3:E8:8A:9D Certificate issuer: /CN=dd640339e59addc75fd978101b40082b5d2b8796 Certificate serial: 019B7A5AC1630D837C1B508202691EB3BCE8 Authority key identifier: DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/41nL5ZV4qJFS5Q2xxQRuLMPoip0.roa Signing time: Thu 01 Jan 2026 16:18:46 +0000 ROA not before: Thu 01 Jan 2026 16:18:46 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 834 IP address blocks: 185.191.144.0/24 maxlen: 24 185.191.145.0/24 maxlen: 24 185.191.146.0/24 maxlen: 24 185.191.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.mft rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:c1:63:0d:83:7c:1b:50:82:02:69:1e:b3:bc:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd640339e59addc75fd978101b40082b5d2b8796 Validity Not Before: Jan 1 16:18:46 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e359cbe59578a89152e50db1c5046e2cc3e88a9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:79:e0:b4:0c:89:02:e6:5c:3d:f1:f6:e6:86: 2d:50:3c:6f:02:25:e2:20:a7:94:b9:b7:c3:f0:d3: 3d:f9:65:69:19:01:51:eb:9a:a8:c9:d2:c7:57:cc: 03:fb:8c:63:3c:bf:8d:47:36:d8:55:cb:49:26:e7: c8:f0:bd:9d:82:74:6c:e0:cb:28:87:c0:42:29:83: a4:10:ae:14:46:a7:05:d6:d2:08:c0:a8:b3:16:47: 4e:6f:94:01:57:06:a3:f8:d6:8f:2c:26:23:dd:c8: 86:48:22:ac:e8:12:42:2e:ad:82:8e:42:81:c8:d1: 09:dc:48:a0:c2:64:09:84:c7:86:60:e4:0f:d8:f5: 1a:d1:f8:f1:74:5b:77:3e:9e:ef:1b:32:7d:25:2d: e6:1b:64:c3:a0:61:6c:42:c6:15:41:cc:09:e1:cd: 43:32:da:61:34:83:93:f1:1a:f8:75:46:f3:1e:3e: 7a:ed:3d:87:51:86:88:76:2c:d6:0b:48:c0:70:44: ff:92:bc:60:03:6c:31:da:9f:20:e1:28:fa:2c:3f: c9:23:5a:19:4e:34:2a:ee:e4:e8:75:eb:ab:94:a7: 84:ae:33:f8:76:a9:2d:83:be:53:57:63:00:df:6f: f7:ac:67:66:1c:e7:71:58:2c:79:72:fb:e2:fb:0c: f6:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:59:CB:E5:95:78:A8:91:52:E5:0D:B1:C5:04:6E:2C:C3:E8:8A:9D X509v3 Authority Key Identifier: keyid:DD:64:03:39:E5:9A:DD:C7:5F:D9:78:10:1B:40:08:2B:5D:2B:87:96 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQDOeWa3cdf2XgQG0AIK10rh5Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/41nL5ZV4qJFS5Q2xxQRuLMPoip0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/7616e5-a8cc-45d1-b3d0-61b73354abdb/1/3WQDOeWa3cdf2XgQG0AIK10rh5Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.191.144.0/22 Signature Algorithm: sha256WithRSAEncryption 1b:f8:86:43:42:ce:aa:95:95:8a:3d:f4:50:a3:d5:18:18:60: 0a:eb:a9:c0:a0:9d:c1:69:44:2c:8b:5f:8d:e0:d8:fe:20:35: ed:9f:f1:c7:3a:80:38:c5:6f:14:be:cd:05:d6:c1:e2:42:58: 46:8d:7e:4a:98:cd:3d:7e:c6:61:d6:14:aa:4f:30:57:fb:a3: 23:65:26:03:fc:32:c4:38:87:82:b3:fe:26:70:f4:5f:58:a4: 53:78:63:50:f8:c9:87:b6:32:2b:e4:e4:14:b7:53:37:b8:85: 0c:8f:29:09:36:d0:81:16:8b:48:96:a1:ec:80:f4:ed:c8:44: a7:79:9c:25:d3:a0:68:7e:14:ad:3c:0b:87:2e:08:c2:c9:8a: 22:27:1a:59:39:d0:58:1b:a6:df:0f:d4:ca:96:73:d4:09:cd: b5:bc:7a:27:c9:d9:bf:32:4b:d0:7c:7a:02:c8:e6:01:2f:b8: 3f:70:89:2f:ef:8b:f9:26:e7:03:e5:11:9e:0b:44:e1:87:9c: 31:c9:46:27:01:00:ac:71:2f:2d:76:01:b7:79:58:9f:25:f8: f1:fd:30:a5:03:5b:47:f6:43:88:4d:e9:1c:cf:a0:af:b1:96: b2:92:d7:3e:2e:a6:39:67:2d:6b:36:f3:87:fb:c7:47:9e:0b: 7b:70:42:72 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6WsFjDYN8G1CCAmkes7zoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkNjQwMzM5ZTU5YWRkYzc1ZmQ5NzgxMDFiNDAwODJiNWQy Yjg3OTYwHhcNMjYwMTAxMTYxODQ2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzU5Y2JlNTk1NzhhODkxNTJlNTBkYjFjNTA0NmUyY2MzZTg4YTlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXngtAyJAuZcPfH25oYtUDxvAiXi IKeUubfD8NM9+WVpGQFR65qoydLHV8wD+4xjPL+NRzbYVctJJufI8L2dgnRs4Mso h8BCKYOkEK4URqcF1tIIwKizFkdOb5QBVwaj+NaPLCYj3ciGSCKs6BJCLq2CjkKB yNEJ3EigwmQJhMeGYOQP2PUa0fjxdFt3Pp7vGzJ9JS3mG2TDoGFsQsYVQcwJ4c1D MtphNIOT8Rr4dUbzHj567T2HUYaIdizWC0jAcET/krxgA2wx2p8g4Sj6LD/JI1oZ TjQq7uTodeurlKeErjP4dqktg75TV2MA32/3rGdmHOdxWCx5cvvi+wz2JQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFONZy+WVeKiRUuUNscUEbizD6IqdMB8GA1UdIwQY MBaAFN1kAznlmt3HX9l4EBtACCtdK4eWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAt NjFiNzMzNTRhYmRiLzEvNDFuTDVaVjRxSkZTNVEyeHhRUnVMTVBvaXAwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMy83NjE2ZTUtYThjYy00NWQxLWIzZDAtNjFiNzMzNTRhYmRi LzEvM1dRRE9lV2EzY2RmMlhnUUcwQUlLMTByaDVZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub+QMA0G CSqGSIb3DQEBCwUAA4IBAQAb+IZDQs6qlZWKPfRQo9UYGGAK66nAoJ3BaUQsi1+N 4Nj+IDXtn/HHOoA4xW8Uvs0F1sHiQlhGjX5KmM09fsZh1hSqTzBX+6MjZSYD/DLE OIeCs/4mcPRfWKRTeGNQ+MmHtjIr5OQUt1M3uIUMjykJNtCBFotIlqHsgPTtyESn eZwl06BofhStPAuHLgjCyYoiJxpZOdBYG6bfD9TKlnPUCc21vHonydm/MkvQfHoC yOYBL7g/cIkv74v5JucD5RGeC0Thh5wxyUYnAQCscS8tdgG3eVifJfjx/TClA1tH 9kOITekcz6CvsZayktc+LqY5Zy1rNvOH+8dHngt7cEJy -----END CERTIFICATE-----Generated at Tue Feb 10 04:48:57 2026 by rpki-client