This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/1-gO4QgPPqp1Kak3_666d1-5pe9c.roa File: 1-gO4QgPPqp1Kak3_666d1-5pe9c.roa (raw, json) Hash identifier: qTzaIkVWn2wQ4/BhUvBh5PhVLGzlNE9Q4I9h2wouay8= Subject key identifier: FA:03:B8:42:03:CF:AA:9D:4A:6A:4D:FF:EB:AE:9D:D7:EE:69:7B:D7 Certificate issuer: /CN=3ad2f7cc2753309833031ba894649a80cffb13e8 Certificate serial: 019B7E37CD04D397BFE3B38838FE1AEBAF69 Authority key identifier: 3A:D2:F7:CC:27:53:30:98:33:03:1B:A8:94:64:9A:80:CF:FB:13:E8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtL3zCdTMJgzAxuolGSagM_7E-g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/1-gO4QgPPqp1Kak3_666d1-5pe9c.roa Signing time: Fri 02 Jan 2026 10:19:04 +0000 ROA not before: Fri 02 Jan 2026 10:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 9063 IP address blocks: 185.38.76.0/22 maxlen: 22 2a01:4060::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/OtL3zCdTMJgzAxuolGSagM_7E-g.crl rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/OtL3zCdTMJgzAxuolGSagM_7E-g.mft rsync://rpki.ripe.net/repository/DEFAULT/OtL3zCdTMJgzAxuolGSagM_7E-g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:37:cd:04:d3:97:bf:e3:b3:88:38:fe:1a:eb:af:69 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ad2f7cc2753309833031ba894649a80cffb13e8 Validity Not Before: Jan 2 10:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=fa03b84203cfaa9d4a6a4dffebae9dd7ee697bd7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:c5:38:12:09:c0:1f:86:a6:29:85:29:28:14: 6a:93:24:00:2e:48:54:92:86:17:4b:21:f8:74:1f: e8:44:7e:b1:64:7c:0e:06:90:ff:9b:bd:e0:ef:70: ed:ee:e6:a4:02:a4:c6:17:ab:65:72:b7:06:68:06: 92:36:38:ed:93:8a:d9:08:da:3f:34:83:38:06:eb: 7f:36:39:d1:e8:b7:df:45:3c:9a:fd:39:1b:6d:89: 23:c5:83:20:45:3f:0e:41:d4:e3:be:0b:5c:88:69: 57:76:c8:41:1f:d4:42:6e:c7:9f:fc:63:bc:c9:6f: fa:9e:b5:89:7a:a0:98:18:67:a2:fd:1f:13:c4:5c: 47:42:78:25:a4:0b:c4:0a:96:02:91:ca:e9:42:5e: d4:be:1b:03:7b:9b:9d:4d:34:8e:b6:09:05:94:b9: 88:08:62:1e:65:4e:20:f6:31:fb:5c:b7:e8:2f:07: e5:a8:f8:10:36:11:c0:cd:cc:5e:10:9e:c3:67:1d: 84:f9:77:e5:02:6b:c2:2a:e4:0b:bd:65:e5:8c:52: 6b:12:e5:b5:31:2f:cc:b2:05:ba:b7:9c:7d:87:ea: 95:e9:cf:4b:cc:bb:60:21:5e:bf:71:6e:95:82:04: 8c:9f:4f:27:d1:0e:4f:17:91:a4:1c:fb:e8:c7:dd: d2:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:03:B8:42:03:CF:AA:9D:4A:6A:4D:FF:EB:AE:9D:D7:EE:69:7B:D7 X509v3 Authority Key Identifier: keyid:3A:D2:F7:CC:27:53:30:98:33:03:1B:A8:94:64:9A:80:CF:FB:13:E8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtL3zCdTMJgzAxuolGSagM_7E-g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/1-gO4QgPPqp1Kak3_666d1-5pe9c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6ebc1c-42ab-4559-84b1-f6ad9330c4b0/1/OtL3zCdTMJgzAxuolGSagM_7E-g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.38.76.0/22 IPv6: 2a01:4060::/32 Signature Algorithm: sha256WithRSAEncryption ad:92:11:fb:88:e6:e4:c7:83:12:cd:c1:b8:82:ea:28:f6:28: 95:d2:9d:ff:2f:47:56:b7:26:d7:1e:44:72:2e:09:2e:86:80: a9:93:f7:28:ae:d2:23:fc:75:a7:3a:40:b3:66:9c:6f:54:d7: 98:c2:e7:6b:96:8f:cd:8d:7b:14:84:df:63:f3:0c:5c:7d:6d: 7c:af:6e:26:c0:09:3a:f4:cf:6a:19:5d:42:b5:f9:48:61:89: f8:1f:99:95:9a:4c:4f:00:f4:b6:e3:37:67:58:68:5f:16:e1: a0:43:99:44:d8:05:df:df:29:df:cd:de:03:02:64:d6:23:59: 77:38:2e:5c:6a:4d:a0:a9:d8:1e:3d:1e:2f:35:73:c2:bd:de: 88:3e:78:09:4a:4d:b2:01:6d:ce:59:aa:21:96:d0:bc:13:12: 16:cc:a1:92:05:42:a3:52:7d:17:aa:3b:3e:eb:4f:38:c2:53: af:24:18:c8:a2:02:f6:5e:bd:b3:0b:84:37:f7:b8:13:10:55: 3e:ed:6d:1e:06:85:b2:69:e8:6b:9d:da:58:e9:56:b7:ca:0a: 9f:13:97:7c:db:a1:e6:2b:ab:b0:53:18:67:de:21:e6:be:ef: da:2c:ac:f6:03:4e:98:90:05:b2:0c:24:61:85:16:cf:19:64: 2e:55:da:72 -----BEGIN CERTIFICATE----- MIIFDTCCA/WgAwIBAgISAZt+N80E05e/47OIOP4a669pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhZDJmN2NjMjc1MzMwOTgzMzAzMWJhODk0NjQ5YTgwY2Zm YjEzZTgwHhcNMjYwMTAyMTAxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmYTAzYjg0MjAzY2ZhYTlkNGE2YTRkZmZlYmFlOWRkN2VlNjk3YmQ3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8U4EgnAH4amKYUpKBRqkyQALkhU koYXSyH4dB/oRH6xZHwOBpD/m73g73Dt7uakAqTGF6tlcrcGaAaSNjjtk4rZCNo/ NIM4But/NjnR6LffRTya/TkbbYkjxYMgRT8OQdTjvgtciGlXdshBH9RCbsef/GO8 yW/6nrWJeqCYGGei/R8TxFxHQnglpAvECpYCkcrpQl7UvhsDe5udTTSOtgkFlLmI CGIeZU4g9jH7XLfoLwflqPgQNhHAzcxeEJ7DZx2E+XflAmvCKuQLvWXljFJrEuW1 MS/MsgW6t5x9h+qV6c9LzLtgIV6/cW6VggSMn08n0Q5PF5GkHPvox93SfQIDAQAB o4ICGTCCAhUwHQYDVR0OBBYEFPoDuEIDz6qdSmpN/+uundfuaXvXMB8GA1UdIwQY MBaAFDrS98wnUzCYMwMbqJRkmoDP+xPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT3RMM3pDZFRNSmd6QXh1b2xHU2FnTV83RS1nLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82ZWJjMWMtNDJhYi00NTU5LTg0YjEt ZjZhZDkzMzBjNGIwLzEvMS1nTzRRZ1BQcXAxS2FrM182NjZkMS01cGU5Yy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvMzEvNmViYzFjLTQyYWItNDU1OS04NGIxLWY2YWQ5MzMwYzRi MC8xL090TDN6Q2RUTUpnekF4dW9sR1NhZ01fN0UtZy5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkmTDAN BAIAAjAHAwUAKgFAYDANBgkqhkiG9w0BAQsFAAOCAQEArZIR+4jm5MeDEs3BuILq KPYoldKd/y9HVrcm1x5Eci4JLoaAqZP3KK7SI/x1pzpAs2acb1TXmMLna5aPzY17 FITfY/MMXH1tfK9uJsAJOvTPahldQrX5SGGJ+B+ZlZpMTwD0tuM3Z1hoXxbhoEOZ RNgF398p383eAwJk1iNZdzguXGpNoKnYHj0eLzVzwr3eiD54CUpNsgFtzlmqIZbQ vBMSFsyhkgVCo1J9F6o7PutPOMJTryQYyKIC9l69swuEN/e4ExBVPu1tHgaFsmno a53aWOlWt8oKnxOXfNuh5iursFMYZ94h5r7v2iys9gNOmJAFsgwkYYUWzxlkLlXa cg== -----END CERTIFICATE-----Generated at Sun Jan 25 21:28:15 2026 by rpki-client