This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/o4G9chIzN7uCnwtKmumyR2sTH_I.roa File: o4G9chIzN7uCnwtKmumyR2sTH_I.roa (raw, json) Hash identifier: KfBs8CLUl46AX0/vUOMRNCDr9u0nNAN2TPcPPQgzWaA= Subject key identifier: A3:81:BD:72:12:33:37:BB:82:9F:0B:4A:9A:E9:B2:47:6B:13:1F:F2 Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Certificate serial: 019B7F1577C81DFC433FAC296940110E7F90 Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/o4G9chIzN7uCnwtKmumyR2sTH_I.roa Signing time: Fri 02 Jan 2026 14:21:11 +0000 ROA not before: Fri 02 Jan 2026 14:21:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199959 IP address blocks: 31.220.14.0/24 maxlen: 24 45.12.52.0/23 maxlen: 23 45.12.91.0/24 maxlen: 24 185.238.249.0/24 maxlen: 24 185.238.251.0/24 maxlen: 24 193.9.45.0/24 maxlen: 24 194.40.248.0/24 maxlen: 24 212.108.122.0/24 maxlen: 24 2a14:640:2::/48 maxlen: 48 2a14:640:3::/48 maxlen: 48 2a14:640:4::/48 maxlen: 48 2a14:640:5::/48 maxlen: 48 2a14:640:6::/48 maxlen: 48 2a14:640:7::/48 maxlen: 48 2a14:640:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:77:c8:1d:fc:43:3f:ac:29:69:40:11:0e:7f:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Validity Not Before: Jan 2 14:21:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a381bd72123337bb829f0b4a9ae9b2476b131ff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:12:6a:3a:ca:54:77:4e:2d:3c:b7:2a:a6:28: 40:d9:3a:c0:f7:ae:06:b7:d1:e7:a2:7a:49:b0:68: 50:75:4e:d0:c4:ae:94:e8:45:20:07:28:ba:b8:d4: 13:71:96:db:d6:a5:9e:a2:de:12:64:b0:9f:49:8d: 21:73:ec:df:36:d9:92:ea:a2:a0:15:8d:59:a8:73: 5a:4c:f3:26:73:11:cc:90:a0:61:10:f8:01:76:e2: db:f1:5f:04:fb:ba:f6:31:8e:e2:e0:1b:ca:bb:78: de:93:2f:08:c9:f5:c8:6a:09:77:ac:93:46:d3:2f: 21:05:50:ce:da:02:8a:0d:76:52:a4:5c:8e:39:0a: 5c:d7:9a:0f:e5:7c:8e:7d:9a:98:ea:4f:b4:92:7f: fb:9b:18:a1:ae:ff:2f:41:0e:d4:54:7f:81:fe:63: aa:ab:d0:5d:82:25:8f:ea:90:9f:80:b6:46:ef:7c: 5a:9f:0d:be:df:aa:8c:fc:f9:f1:43:80:19:4c:5b: df:fb:6d:38:d6:3d:0e:85:13:32:0b:95:90:0a:86: fa:93:62:75:bb:31:b7:b2:86:db:79:4d:cf:7d:74: 26:76:4a:3a:63:8b:d0:84:61:65:83:ff:1f:19:5c: c2:c4:3b:a9:fd:04:dc:af:90:d8:9a:c4:ec:c3:af: d0:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:81:BD:72:12:33:37:BB:82:9F:0B:4A:9A:E9:B2:47:6B:13:1F:F2 X509v3 Authority Key Identifier: keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/o4G9chIzN7uCnwtKmumyR2sTH_I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.220.14.0/24 45.12.52.0/23 45.12.91.0/24 185.238.249.0/24 185.238.251.0/24 193.9.45.0/24 194.40.248.0/24 212.108.122.0/24 IPv6: 2a14:640:2::-2a14:640:8:ffff:ffff:ffff:ffff:ffff Signature Algorithm: sha256WithRSAEncryption 5d:56:e0:4b:80:5b:5f:21:d5:f5:e2:f1:4a:52:39:4a:cd:e2: 79:f1:63:66:35:fb:a9:73:16:da:31:f1:c4:23:a2:ad:45:1c: 08:3d:5b:96:44:e9:74:ac:8f:de:bf:37:72:5a:8b:dd:55:13: 8c:11:a3:df:46:5a:b1:99:9a:ec:cd:1e:c6:02:01:64:1f:23: 79:f1:3d:6e:55:3e:fd:3c:08:04:3c:a0:2c:eb:af:8a:90:89: 26:c1:da:93:e5:de:ae:9e:ef:89:41:04:4b:76:d4:e5:49:7a: ee:57:57:30:3b:10:c2:e6:d4:81:91:4f:ce:5c:40:03:a1:05: cf:ec:60:45:6b:ed:42:5e:e5:61:ea:90:11:85:38:0a:ce:98: 38:98:d1:c9:f7:74:6e:e0:e8:09:d1:26:fe:9c:2f:33:a2:76: e5:c8:06:df:5f:c1:b2:e9:af:94:8d:11:01:cf:7d:1f:17:6c: fe:7f:3e:32:5e:3d:2a:32:08:d1:b4:e1:59:df:71:f6:36:d2: 91:34:c7:74:9c:5d:d1:8d:19:d9:cf:ce:68:1c:56:0d:b4:2d: 19:ca:e1:09:4b:78:76:a8:ab:1a:fe:20:3a:c0:11:b5:4b:ea: 61:21:a6:a8:52:81:54:fd:5c:07:21:9a:1c:6f:10:a6:82:37: 27:d6:b3:1d -----BEGIN CERTIFICATE----- MIIFQzCCBCugAwIBAgISAZt/FXfIHfxDP6wpaUARDn+QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1 YmVlZTMwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzgxYmQ3MjEyMzMzN2JiODI5ZjBiNGE5YWU5YjI0NzZiMTMxZmYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hJqOspUd04tPLcqpihA2TrA964G t9HnonpJsGhQdU7QxK6U6EUgByi6uNQTcZbb1qWeot4SZLCfSY0hc+zfNtmS6qKg FY1ZqHNaTPMmcxHMkKBhEPgBduLb8V8E+7r2MY7i4BvKu3jeky8IyfXIagl3rJNG 0y8hBVDO2gKKDXZSpFyOOQpc15oP5XyOfZqY6k+0kn/7mxihrv8vQQ7UVH+B/mOq q9BdgiWP6pCfgLZG73xanw2+36qM/PnxQ4AZTFvf+2041j0OhRMyC5WQCob6k2J1 uzG3sobbeU3PfXQmdko6Y4vQhGFlg/8fGVzCxDup/QTcr5DYmsTsw6/QBQIDAQAB o4ICTzCCAkswHQYDVR0OBBYEFKOBvXISMze7gp8LSprpskdrEx/yMB8GA1UdIwQY MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt YTQ3M2VjNTQxMGMzLzEvbzRHOWNoSXpON3VDbnd0S211bXlSMnNUSF9JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA2BAIAATAwAwQAH9wOAwQB LQw0AwQALQxbAwQAue75AwQAue77AwQAwQktAwQAwij4AwQA1Gx6MBoEAgACMBQw EgMHASoUBkAAAgMHACoUBkAACDANBgkqhkiG9w0BAQsFAAOCAQEAXVbgS4BbXyHV 9eLxSlI5Ss3iefFjZjX7qXMW2jHxxCOirUUcCD1blkTpdKyP3r83clqL3VUTjBGj 30ZasZma7M0exgIBZB8jefE9blU+/TwIBDygLOuvipCJJsHak+Xerp7viUEES3bU 5Ul67ldXMDsQwubUgZFPzlxAA6EFz+xgRWvtQl7lYeqQEYU4Cs6YOJjRyfd0buDo CdEm/pwvM6J25cgG31/BsumvlI0RAc99Hxds/n8+Ml49KjII0bThWd9x9jbSkTTH dJxd0Y0Z2c/OaBxWDbQtGcrhCUt4dqirGv4gOsARtUvqYSGmqFKBVP1cByGaHG8Q poI3J9azHQ== -----END CERTIFICATE-----Generated at Sun Jan 25 09:19:30 2026 by rpki-client