This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9QD5q-NiIfxJo1lRmq5OKOHN_Q.roa File: I9QD5q-NiIfxJo1lRmq5OKOHN_Q.roa (raw, json) Hash identifier: Qi/hyzakZZcN60BC7q1PWSyKEfO3DZwisLoDVX9bMS8= Subject key identifier: 23:D4:03:E6:AF:8D:88:87:F1:26:8D:65:46:6A:B9:38:A3:87:37:F4 Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268 Certificate serial: 019B76EB1CE6F679F941479DCF1223A36F10 Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9QD5q-NiIfxJo1lRmq5OKOHN_Q.roa Signing time: Thu 01 Jan 2026 00:17:58 +0000 ROA not before: Thu 01 Jan 2026 00:17:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 17140 IP address blocks: 194.35.3.0/24 maxlen: 24 194.35.7.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:00:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:1c:e6:f6:79:f9:41:47:9d:cf:12:23:a3:6f:10 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268 Validity Not Before: Jan 1 00:17:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=23d403e6af8d8887f1268d65466ab938a38737f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:ae:3d:62:e6:cc:c4:32:81:0a:f7:d4:00:1a: 16:05:4e:2e:62:b7:22:cd:71:cb:0a:25:16:84:ea: fd:2a:b1:e8:97:7c:ad:91:ae:88:97:dd:a6:e4:23: 21:b7:65:af:c7:e2:ed:2b:dd:b3:3c:15:8b:9b:16: d3:44:7d:e5:b8:70:47:ad:d6:90:75:e6:73:ad:65: 84:4d:54:24:32:35:25:20:47:f8:e8:a0:1c:af:51: 07:28:a0:7c:c0:34:e6:d9:a5:a9:21:11:d4:98:23: 55:be:23:2f:0f:08:50:ce:bd:20:15:23:04:bc:ce: 2a:72:22:a1:ed:ad:fa:be:78:1b:5c:8d:3f:ec:84: dc:47:83:46:fc:38:17:da:7d:55:8c:dd:1e:a9:9a: 35:74:28:25:1c:94:fd:0f:5c:e1:78:35:1f:88:ac: cb:37:d1:2a:e0:20:68:eb:d9:f5:56:91:c6:15:b8: 88:de:dd:dd:c2:70:a8:1f:1e:55:95:f7:e6:2b:90: 68:d9:55:be:ba:ba:5d:b8:37:c4:be:a4:e7:59:5d: 2a:90:f9:15:33:59:f5:9a:de:5f:1e:e6:88:3f:02: b7:b1:31:d5:62:57:43:48:b9:b3:29:e9:df:10:67: d9:02:dc:c4:ac:ab:ae:31:bc:fe:87:c7:5a:7a:78: 41:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 23:D4:03:E6:AF:8D:88:87:F1:26:8D:65:46:6A:B9:38:A3:87:37:F4 X509v3 Authority Key Identifier: keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9QD5q-NiIfxJo1lRmq5OKOHN_Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.35.3.0/24 194.35.7.0/24 Signature Algorithm: sha256WithRSAEncryption 84:57:51:46:be:9a:63:95:e3:4b:c5:0c:46:04:ab:00:ce:26: 69:05:ab:6e:85:04:b2:0b:c0:50:72:60:24:ef:ff:30:8b:6f: e3:d0:d0:a4:87:77:9b:35:9c:f8:84:3a:39:8f:cb:98:40:54: b4:0c:9d:18:12:18:45:95:e5:c9:85:4f:3b:80:31:7c:90:fd: 5f:32:7f:f2:7d:8a:46:6a:d3:2d:54:39:ea:c2:60:6e:85:91: c8:f0:8c:ef:b4:a9:6f:57:8c:e3:79:0c:3f:6d:f8:9e:07:e2: 5d:b8:24:8a:4e:dc:93:b1:f3:e3:18:84:c8:83:41:fb:9f:52: 2d:49:d3:2d:a3:9f:39:cb:2f:90:66:ab:62:7d:2e:7a:29:c2: cd:55:ab:20:15:31:14:1c:66:c0:3e:93:28:2a:83:39:95:95: 39:e1:cc:ae:62:0e:6d:a2:8a:a0:fd:0c:50:c2:9b:56:83:cd: b9:3d:2f:c4:75:ea:f4:14:0e:20:78:f6:9a:a3:d7:57:02:dd: 4b:94:75:17:48:f7:76:e0:9e:20:6b:c1:fd:96:0e:b0:76:a0: 7b:34:16:20:65:31:04:94:de:7f:d6:09:a9:92:ee:6b:27:c5: 32:de:c5:b6:97:3b:ff:66:10:ca:71:c6:ef:bb:2d:49:32:e9: cd:f6:3d:82 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt26xzm9nn5QUedzxIjo28QMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5 NWIyNjgwHhcNMjYwMTAxMDAxNzU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygyM2Q0MDNlNmFmOGQ4ODg3ZjEyNjhkNjU0NjZhYjkzOGEzODczN2Y0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv649YubMxDKBCvfUABoWBU4uYrci zXHLCiUWhOr9KrHol3ytka6Il92m5CMht2Wvx+LtK92zPBWLmxbTRH3luHBHrdaQ deZzrWWETVQkMjUlIEf46KAcr1EHKKB8wDTm2aWpIRHUmCNVviMvDwhQzr0gFSME vM4qciKh7a36vngbXI0/7ITcR4NG/DgX2n1VjN0eqZo1dCglHJT9D1zheDUfiKzL N9Eq4CBo69n1VpHGFbiI3t3dwnCoHx5VlffmK5Bo2VW+urpduDfEvqTnWV0qkPkV M1n1mt5fHuaIPwK3sTHVYldDSLmzKenfEGfZAtzErKuuMbz+h8daenhB6wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFCPUA+avjYiH8SaNZUZquTijhzf0MB8GA1UdIwQY MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt YmNjZDMyYWY5N2ZlLzEvSTlRRDVxLU5pSWZ4Sm8xbFJtcTVPS09ITl9RLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwiMDAwQA wiMHMA0GCSqGSIb3DQEBCwUAA4IBAQCEV1FGvppjleNLxQxGBKsAziZpBatuhQSy C8BQcmAk7/8wi2/j0NCkh3ebNZz4hDo5j8uYQFS0DJ0YEhhFleXJhU87gDF8kP1f Mn/yfYpGatMtVDnqwmBuhZHI8IzvtKlvV4zjeQw/bfieB+JduCSKTtyTsfPjGITI g0H7n1ItSdMto585yy+QZqtifS56KcLNVasgFTEUHGbAPpMoKoM5lZU54cyuYg5t ooqg/QxQwptWg825PS/Eder0FA4gePaao9dXAt1LlHUXSPd24J4ga8H9lg6wdqB7 NBYgZTEElN5/1gmpku5rJ8Uy3sW2lzv/ZhDKccbvuy1JMunN9j2C -----END CERTIFICATE-----Generated at Sun Jan 25 19:18:42 2026 by rpki-client