This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Z3lvH4I5-97Ow06XMqsLwVqp0Ec.roa File: Z3lvH4I5-97Ow06XMqsLwVqp0Ec.roa (raw, json) Hash identifier: iI/LC1PR16tGdeoQsiXBq2WLWRw9EPLyIdDe0SseMUc= Subject key identifier: 67:79:6F:1F:82:39:FB:DE:CE:C3:4E:97:32:AB:0B:C1:5A:A9:D0:47 Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46 Certificate serial: 019B76EB9D7AB3C7A64A20433A99327F7596 Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Z3lvH4I5-97Ow06XMqsLwVqp0Ec.roa Signing time: Thu 01 Jan 2026 00:18:31 +0000 ROA not before: Thu 01 Jan 2026 00:18:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34373 IP address blocks: 37.143.36.0/23 maxlen: 23 37.143.36.0/24 maxlen: 24 37.143.37.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.mft rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:9d:7a:b3:c7:a6:4a:20:43:3a:99:32:7f:75:96 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46 Validity Not Before: Jan 1 00:18:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=67796f1f8239fbdecec34e9732ab0bc15aa9d047 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:70:47:07:4c:47:24:6d:0e:38:1d:83:2a:1c: 8d:03:38:dd:e0:3a:b1:30:71:e6:89:f0:a8:94:f8: c1:f6:3e:9c:80:75:ec:90:e3:64:bd:c4:c7:a1:a3: 52:03:8f:61:80:9d:45:d5:45:35:ab:a6:48:4a:a2: 35:ac:0c:5f:ea:2a:e6:ba:9b:ca:7f:71:2d:4d:e5: cc:af:60:55:62:ee:31:ae:c1:26:e4:2c:e0:50:e2: c9:9f:a2:1c:60:f8:03:9a:4f:34:3b:7b:72:be:1e: 0e:90:7b:d0:4e:58:f7:06:b5:3f:ca:ce:2a:4e:d2: 36:27:27:2a:d0:d1:bc:53:86:79:fd:2c:46:a8:4d: a2:d5:1c:0d:9c:aa:f9:2a:a9:54:09:dd:bc:78:6d: f2:91:9b:cc:f5:76:7f:be:e7:2a:3e:e3:ab:bb:97: 88:95:5d:9a:7b:5c:fd:2d:d9:30:3d:f0:1a:b2:47: 2a:ef:94:a1:ed:45:f5:b5:09:3f:9d:9b:18:2d:c5: 1d:7f:8a:f7:88:26:55:5b:2d:9a:78:94:3b:9f:61: 9d:c1:71:dd:56:29:c5:2c:7c:92:7d:42:df:83:65: 8b:d8:0e:6c:8f:4a:f7:41:55:bb:b5:8f:08:be:dc: 73:e0:e5:86:90:88:f7:ad:64:22:29:32:ec:1f:26: af:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:79:6F:1F:82:39:FB:DE:CE:C3:4E:97:32:AB:0B:C1:5A:A9:D0:47 X509v3 Authority Key Identifier: keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/Z3lvH4I5-97Ow06XMqsLwVqp0Ec.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 37.143.36.0/23 Signature Algorithm: sha256WithRSAEncryption a8:36:14:e5:e4:59:5f:cc:94:ac:3d:ea:a1:52:d3:71:b3:ff: 94:b3:08:c6:33:78:d5:e3:69:7e:45:3e:8f:f0:3d:18:2e:78: de:d5:16:56:8c:78:ae:f5:ee:14:d8:3c:d1:cf:fd:24:2b:21: 09:2d:af:88:7c:04:d0:6f:a6:a0:29:89:e0:3f:f9:72:4e:ec: ba:97:8a:ea:54:b2:e0:f5:16:77:93:72:70:85:f6:f0:79:53: ee:f3:4b:24:7e:66:74:23:6b:53:66:8c:1b:02:e0:ac:21:ca: 61:33:b7:bd:fe:02:79:7b:c0:6c:0f:23:2f:cd:7d:93:1b:fa: 16:2f:44:4e:7d:14:87:68:e8:f6:ae:02:42:bd:7a:46:11:5d: 84:33:e4:60:76:53:af:35:02:a8:72:65:b7:12:f4:d7:37:3c: cc:28:1e:ec:81:d7:a1:cc:59:3a:48:b5:5e:4a:a3:30:25:dd: e8:31:65:4e:a7:24:06:d9:95:8f:a8:cb:a9:1c:12:0e:04:77: ec:7a:b1:33:fc:09:d3:ed:25:20:fd:3a:db:b8:ca:9a:aa:c4: 39:f5:b8:84:f4:21:09:95:31:88:63:4d:23:37:46:c5:1b:7e: 85:7d:70:74:31:c9:dc:dd:71:41:27:8f:09:9f:1a:86:8d:a9: c6:55:a0:f3 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt26516s8emSiBDOpkyf3WWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz ZDNmNDYwHhcNMjYwMTAxMDAxODMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg2Nzc5NmYxZjgyMzlmYmRlY2VjMzRlOTczMmFiMGJjMTVhYTlkMDQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnBHB0xHJG0OOB2DKhyNAzjd4Dqx MHHmifColPjB9j6cgHXskONkvcTHoaNSA49hgJ1F1UU1q6ZISqI1rAxf6irmupvK f3EtTeXMr2BVYu4xrsEm5CzgUOLJn6IcYPgDmk80O3tyvh4OkHvQTlj3BrU/ys4q TtI2Jycq0NG8U4Z5/SxGqE2i1RwNnKr5KqlUCd28eG3ykZvM9XZ/vucqPuOru5eI lV2ae1z9LdkwPfAaskcq75Sh7UX1tQk/nZsYLcUdf4r3iCZVWy2aeJQ7n2GdwXHd VinFLHySfULfg2WL2A5sj0r3QVW7tY8Ivtxz4OWGkIj3rWQiKTLsHyavpQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFGd5bx+COfvezsNOlzKrC8FaqdBHMB8GA1UdIwQY MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt Njc4NWNkNDU2ODcxLzEvWjNsdkg0STUtOTdPdzA2WE1xc0x3VnFwMEVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJY8kMA0G CSqGSIb3DQEBCwUAA4IBAQCoNhTl5FlfzJSsPeqhUtNxs/+UswjGM3jV42l+RT6P 8D0YLnje1RZWjHiu9e4U2DzRz/0kKyEJLa+IfATQb6agKYngP/lyTuy6l4rqVLLg 9RZ3k3JwhfbweVPu80skfmZ0I2tTZowbAuCsIcphM7e9/gJ5e8BsDyMvzX2TG/oW L0ROfRSHaOj2rgJCvXpGEV2EM+RgdlOvNQKocmW3EvTXNzzMKB7sgdehzFk6SLVe SqMwJd3oMWVOpyQG2ZWPqMupHBIOBHfserEz/AnT7SUg/TrbuMqaqsQ59biE9CEJ lTGIY00jN0bFG36FfXB0Mcnc3XFBJ48JnxqGjanGVaDz -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:22 2026 by rpki-client