This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/33c8wPPk4IqhYynLyu73Se9qFUk.roa File: 33c8wPPk4IqhYynLyu73Se9qFUk.roa (raw, json) Hash identifier: Wbj/39E/doWmUOgZqhAuudDtqXbvmhYxyd8kh6N55tc= Subject key identifier: DF:77:3C:C0:F3:E4:E0:8A:A1:63:29:CB:CA:EE:F7:49:EF:6A:15:49 Certificate issuer: /CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7 Certificate serial: 019B7C116CADA0E2DCCEA210D2D75B91EF29 Authority key identifier: BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/33c8wPPk4IqhYynLyu73Se9qFUk.roa Signing time: Fri 02 Jan 2026 00:17:55 +0000 ROA not before: Fri 02 Jan 2026 00:17:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3303 IP address blocks: 194.38.192.0/23 maxlen: 23 194.38.195.0/24 maxlen: 24 194.38.196.0/22 maxlen: 22 194.38.200.0/21 maxlen: 21 194.38.208.0/20 maxlen: 20 2a06:d581:3000::/36 maxlen: 36 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.mft rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 06:01:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:6c:ad:a0:e2:dc:ce:a2:10:d2:d7:5b:91:ef:29 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=baa7ed08b8e9e8eef5f83e3ccb26745f8b3885e7 Validity Not Before: Jan 2 00:17:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df773cc0f3e4e08aa16329cbcaeef749ef6a1549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:96:f9:e2:45:40:77:68:9e:fc:2e:2d:49:f6: dc:7d:ae:93:32:da:f3:2a:0e:fc:cb:92:ca:b3:3d: a9:0c:c6:f0:92:60:b4:ed:85:8b:9c:c1:19:1e:87: de:20:ea:00:db:fb:5f:c8:91:3c:94:80:6c:e5:91: d3:d5:3a:c5:fd:8a:0e:57:11:fc:f9:9c:2e:b5:61: f0:18:06:d9:ab:67:38:7d:50:6e:56:65:b4:0b:e4: 56:32:09:b3:fb:78:60:76:9c:2b:e6:bf:de:a3:3b: dd:96:61:e9:21:04:3d:33:dc:82:f0:05:c6:03:7b: 39:f0:e8:7d:8d:ad:3e:d8:f9:36:ae:62:19:e5:21: ec:f1:fe:e8:b0:dc:71:9a:53:a8:2b:dc:fe:d2:25: 0d:4a:44:76:9a:13:ac:8d:fb:32:0d:38:72:b6:7b: ca:73:8c:34:41:56:6d:67:0f:c0:62:25:24:0c:45: 8f:4c:f6:48:90:54:29:72:c4:d3:5f:35:78:a3:8d: 50:42:02:e2:47:ab:a4:9d:72:70:39:7d:c1:d9:ef: bf:ba:de:2c:86:bc:2a:38:b4:0a:c9:38:91:79:ac: b7:3f:a2:23:c4:80:71:a9:a5:d3:72:d0:34:85:3d: 56:e7:2d:1d:95:28:09:e9:01:64:eb:3c:6c:d5:b1: c6:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:77:3C:C0:F3:E4:E0:8A:A1:63:29:CB:CA:EE:F7:49:EF:6A:15:49 X509v3 Authority Key Identifier: keyid:BA:A7:ED:08:B8:E9:E8:EE:F5:F8:3E:3C:CB:26:74:5F:8B:38:85:E7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqftCLjp6O71-D48yyZ0X4s4hec.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/33c8wPPk4IqhYynLyu73Se9qFUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8331e0-e8ab-4a6e-92b7-8a96f03bc617/1/uqftCLjp6O71-D48yyZ0X4s4hec.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.38.192.0/23 194.38.195.0-194.38.223.255 IPv6: 2a06:d581:3000::/36 Signature Algorithm: sha256WithRSAEncryption 44:a6:8a:ea:05:07:f3:7e:b3:5c:92:ba:3f:c0:7c:de:80:1b: f1:a7:a3:4f:50:8c:16:21:04:7c:b6:cb:65:e8:c8:21:da:c2: bd:17:70:c5:1e:0f:9e:a6:18:d4:db:07:41:b6:52:3a:eb:10: 07:28:ec:3c:10:f3:b1:de:62:c5:7a:a2:dc:33:9d:b5:55:6f: 82:84:34:ec:a3:ae:01:01:21:b5:be:1b:5b:11:7e:42:c2:9f: 89:10:d9:8e:63:18:1c:ff:8e:95:fb:c0:6c:2e:f0:3e:18:65: 9d:24:d8:5b:c4:6c:c5:59:b1:94:6e:dd:19:6b:5c:34:19:d8: a1:43:45:90:65:85:04:5f:ed:f0:d2:83:b7:58:45:b0:cc:1e: 7e:4d:e0:91:31:cd:20:20:90:7c:7b:b0:85:6f:c6:4d:62:0e: 8c:5e:8d:a0:54:c9:a1:ab:b0:d7:5f:b6:bc:da:92:63:c1:08: 21:8e:97:9d:dc:b0:8d:6f:b5:cf:6a:b8:d0:df:f6:52:fe:47: cf:f6:38:de:ae:e3:89:80:e3:ff:45:3c:62:b1:39:78:b2:87: 85:ec:91:96:1c:fd:8d:df:d6:a7:23:e7:50:fa:0f:37:b7:7a: c6:40:65:2e:73:49:9f:41:b7:42:b7:66:31:5d:f9:88:04:16: 12:41:ae:d1 -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt8EWytoOLczqIQ0tdbke8pMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhYTdlZDA4YjhlOWU4ZWVmNWY4M2UzY2NiMjY3NDVmOGIz ODg1ZTcwHhcNMjYwMTAyMDAxNzU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjc3M2NjMGYzZTRlMDhhYTE2MzI5Y2JjYWVlZjc0OWVmNmExNTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zb54kVAd2ie/C4tSfbcfa6TMtrz Kg78y5LKsz2pDMbwkmC07YWLnMEZHofeIOoA2/tfyJE8lIBs5ZHT1TrF/YoOVxH8 +ZwutWHwGAbZq2c4fVBuVmW0C+RWMgmz+3hgdpwr5r/eozvdlmHpIQQ9M9yC8AXG A3s58Oh9ja0+2Pk2rmIZ5SHs8f7osNxxmlOoK9z+0iUNSkR2mhOsjfsyDThytnvK c4w0QVZtZw/AYiUkDEWPTPZIkFQpcsTTXzV4o41QQgLiR6uknXJwOX3B2e+/ut4s hrwqOLQKyTiReay3P6IjxIBxqaXTctA0hT1W5y0dlSgJ6QFk6zxs1bHGTQIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFN93PMDz5OCKoWMpy8ru90nvahVJMB8GA1UdIwQY MBaAFLqn7Qi46eju9fg+PMsmdF+LOIXnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjct OGE5NmYwM2JjNjE3LzEvMzNjOHdQUGs0SXFoWXluTHl1NzNTZTlxRlVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80MS84MzMxZTAtZThhYi00YTZlLTkyYjctOGE5NmYwM2JjNjE3 LzEvdXFmdENManA2TzcxLUQ0OHl5WjBYNHM0aGVjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUAwQBwibAMAwD BADCJsMDBAXCJsAwDgQCAAIwCAMGBCoG1YEwMA0GCSqGSIb3DQEBCwUAA4IBAQBE porqBQfzfrNckro/wHzegBvxp6NPUIwWIQR8tstl6Mgh2sK9F3DFHg+ephjU2wdB tlI66xAHKOw8EPOx3mLFeqLcM521VW+ChDTso64BASG1vhtbEX5Cwp+JENmOYxgc /46V+8BsLvA+GGWdJNhbxGzFWbGUbt0Za1w0GdihQ0WQZYUEX+3w0oO3WEWwzB5+ TeCRMc0gIJB8e7CFb8ZNYg6MXo2gVMmhq7DXX7a82pJjwQghjped3LCNb7XParjQ 3/ZS/kfP9jjeruOJgOP/RTxisTl4soeF7JGWHP2N39anI+dQ+g83t3rGQGUuc0mf QbdCt2YxXfmIBBYSQa7R -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:40 2026 by rpki-client