This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/3pfKAfOgCjCuMnTS6UNkSvzgdXg.roa File: 3pfKAfOgCjCuMnTS6UNkSvzgdXg.roa (raw, json) Hash identifier: fX97IURxx4aVv6kLYDjuvYCpszHdrjfoIHpuOJ1G1Q8= Subject key identifier: DE:97:CA:01:F3:A0:0A:30:AE:32:74:D2:E9:43:64:4A:FC:E0:75:78 Certificate issuer: /CN=12e28039646dcc32eceb58428f97cc994b998577 Certificate serial: 019B78A2EEFAB8B8B83DE96113B5246DDBBA Authority key identifier: 12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/3pfKAfOgCjCuMnTS6UNkSvzgdXg.roa Signing time: Thu 01 Jan 2026 08:18:22 +0000 ROA not before: Thu 01 Jan 2026 08:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204282 IP address blocks: 217.117.96.0/24 maxlen: 24 217.117.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.mft rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:ee:fa:b8:b8:b8:3d:e9:61:13:b5:24:6d:db:ba Signature Algorithm: sha256WithRSAEncryption Issuer: CN=12e28039646dcc32eceb58428f97cc994b998577 Validity Not Before: Jan 1 08:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de97ca01f3a00a30ae3274d2e943644afce07578 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:5c:79:cf:fd:2a:9f:72:f1:de:d9:f3:2a:7e: 3e:cd:72:d0:1f:08:9b:4c:e1:c3:75:c5:33:d5:c8: 85:3c:9c:d0:2c:17:91:5b:e1:b5:5e:dc:49:41:fb: 27:c1:b4:47:59:64:1b:6a:f6:76:1a:70:66:89:b5: 83:ac:45:f8:6c:18:34:62:f9:db:57:3d:e7:d9:c9: 50:b0:01:11:9f:c6:fd:41:7c:13:51:b9:e6:eb:3c: 41:c1:6b:04:06:f2:bb:e9:95:76:50:09:28:9a:e8: 97:75:dd:1e:af:20:f6:9c:da:de:c4:80:d6:9d:75: 43:94:68:ec:12:4c:e0:89:f9:4c:12:c5:71:19:57: 25:36:7e:55:eb:02:ea:2c:50:fa:b2:d3:58:46:a1: e1:f8:64:26:09:40:12:95:4f:b0:04:65:e0:02:df: 41:d0:ad:4c:91:91:03:aa:27:f9:05:af:86:bb:49: 33:65:d5:01:4e:b0:d2:f7:9a:ec:2f:e2:6b:5c:af: ca:c6:5c:29:34:7f:8a:ec:0a:0c:35:0b:f8:46:ae: 13:01:28:cb:3c:cb:bb:42:d3:1a:88:d3:c4:9e:12: 0d:1a:40:dd:e3:2d:b0:af:99:1e:af:a9:8c:e0:ab: 66:d6:07:20:4f:0d:19:0b:77:d6:af:b6:a8:6f:bb: 24:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:97:CA:01:F3:A0:0A:30:AE:32:74:D2:E9:43:64:4A:FC:E0:75:78 X509v3 Authority Key Identifier: keyid:12:E2:80:39:64:6D:CC:32:EC:EB:58:42:8F:97:CC:99:4B:99:85:77 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EuKAOWRtzDLs61hCj5fMmUuZhXc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/3pfKAfOgCjCuMnTS6UNkSvzgdXg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4ab1e0-6d7d-44fd-8d20-36d91dbcfc41/1/EuKAOWRtzDLs61hCj5fMmUuZhXc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 217.117.96.0/24 217.117.99.0/24 Signature Algorithm: sha256WithRSAEncryption 51:b7:cb:48:70:91:ac:94:cb:0c:8e:b4:4b:06:db:71:4c:c7: 2c:f7:50:95:f9:54:5e:bb:1e:1c:e4:d6:ce:cc:0d:f9:ab:8c: cc:2e:a5:7b:b0:36:2a:4c:6e:48:de:3e:d1:4d:ed:68:5c:31: 63:7e:cb:5d:40:7b:7d:29:4c:3a:dc:44:46:53:8a:21:a4:b7: a8:76:fd:1a:f1:5f:d1:28:93:08:6b:58:a0:69:3a:fe:c3:b6: 68:5c:5a:55:67:22:da:c1:b6:d9:cf:e3:f7:0f:b6:45:c4:91: b5:ad:b2:36:ab:c6:85:e2:2d:fa:bd:52:a6:29:91:93:8f:09: 6d:4c:15:1e:2d:0c:46:98:03:4b:d0:33:fa:09:7a:25:9a:cd: 28:4c:19:55:e2:42:b0:aa:2d:12:c3:7f:43:a1:49:36:31:8d: ec:33:88:53:3d:7e:03:30:95:bd:1d:30:3a:f1:5c:df:a1:d7: 22:fa:6b:9b:fb:bd:c2:dd:4d:8b:d7:c3:3d:be:f8:ac:32:76: 68:d5:7d:22:74:64:de:fb:af:8d:76:84:b6:c7:b5:12:e2:e3: 4d:05:c5:e0:4e:d7:c4:6a:b3:95:ba:8d:d2:8c:b3:49:49:44: 1b:1b:4f:b8:03:8d:97:b1:66:3c:03:2c:29:44:43:72:52:d3: b6:5a:e3:a3 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt4ou76uLi4PelhE7Ukbdu6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDEyZTI4MDM5NjQ2ZGNjMzJlY2ViNTg0MjhmOTdjYzk5NGI5 OTg1NzcwHhcNMjYwMTAxMDgxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTk3Y2EwMWYzYTAwYTMwYWUzMjc0ZDJlOTQzNjQ0YWZjZTA3NTc4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlx5z/0qn3Lx3tnzKn4+zXLQHwib TOHDdcUz1ciFPJzQLBeRW+G1XtxJQfsnwbRHWWQbavZ2GnBmibWDrEX4bBg0Yvnb Vz3n2clQsAERn8b9QXwTUbnm6zxBwWsEBvK76ZV2UAkomuiXdd0eryD2nNrexIDW nXVDlGjsEkzgiflMEsVxGVclNn5V6wLqLFD6stNYRqHh+GQmCUASlU+wBGXgAt9B 0K1MkZEDqif5Ba+Gu0kzZdUBTrDS95rsL+JrXK/KxlwpNH+K7AoMNQv4Rq4TASjL PMu7QtMaiNPEnhINGkDd4y2wr5ker6mM4Ktm1gcgTw0ZC3fWr7aob7skGwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN6XygHzoAowrjJ00ulDZEr84HV4MB8GA1UdIwQY MBaAFBLigDlkbcwy7OtYQo+XzJlLmYV3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAt MzZkOTFkYmNmYzQxLzEvM3BmS0FmT2dDakN1TW5UUzZVTmtTdnpnZFhnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC80YWIxZTAtNmQ3ZC00NGZkLThkMjAtMzZkOTFkYmNmYzQx LzEvRXVLQU9XUnR6RExzNjFoQ2o1Zk1tVXVaaFhjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA2XVgAwQA 2XVjMA0GCSqGSIb3DQEBCwUAA4IBAQBRt8tIcJGslMsMjrRLBttxTMcs91CV+VRe ux4c5NbOzA35q4zMLqV7sDYqTG5I3j7RTe1oXDFjfstdQHt9KUw63ERGU4ohpLeo dv0a8V/RKJMIa1igaTr+w7ZoXFpVZyLawbbZz+P3D7ZFxJG1rbI2q8aF4i36vVKm KZGTjwltTBUeLQxGmANL0DP6CXolms0oTBlV4kKwqi0Sw39DoUk2MY3sM4hTPX4D MJW9HTA68Vzfodci+mub+73C3U2L18M9vvisMnZo1X0idGTe+6+NdoS2x7US4uNN BcXgTtfEarOVuo3SjLNJSUQbG0+4A42XsWY8AywpRENyUtO2WuOj -----END CERTIFICATE-----Generated at Mon Jan 26 08:38:57 2026 by rpki-client