This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CA3XMZSRf-G3ODjblICPF-EIxj8.roa File: CA3XMZSRf-G3ODjblICPF-EIxj8.roa (raw, json) Hash identifier: VyF40sc+pRDppM7qNwDKdKVxboVcpPNc0TqHKAIYGnE= Subject key identifier: 08:0D:D7:31:94:91:7F:E1:B7:38:38:DB:94:80:8F:17:E1:08:C6:3F Certificate issuer: /CN=746365355b665564a210c358c68a0117b7fbeb9a Certificate serial: 019B7DCB45A83B0B9EA6E4ACF443ACC29C33 Authority key identifier: 74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CA3XMZSRf-G3ODjblICPF-EIxj8.roa Signing time: Fri 02 Jan 2026 08:20:32 +0000 ROA not before: Fri 02 Jan 2026 08:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 199820 IP address blocks: 194.124.38.0/24 maxlen: 24 212.22.78.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.mft rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:45:a8:3b:0b:9e:a6:e4:ac:f4:43:ac:c2:9c:33 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=746365355b665564a210c358c68a0117b7fbeb9a Validity Not Before: Jan 2 08:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=080dd73194917fe1b73838db94808f17e108c63f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:06:a4:5f:dc:2e:be:1f:52:08:0b:0a:74:85: a6:58:ab:4d:58:3d:31:4d:23:59:03:4a:0d:2e:c5: b5:8f:91:cf:8f:9a:21:95:73:14:76:51:3d:5b:c0: 6b:94:ed:c0:cf:4a:73:d1:2c:2c:fa:75:8a:02:e0: 27:90:71:dd:fe:cb:68:6c:34:79:8d:84:5f:02:d7: ea:5f:bf:d4:ca:9f:b2:86:ba:3c:25:e0:83:cc:22: 80:8a:d3:d5:0a:e2:ba:a1:4f:47:29:59:1b:68:fb: 12:71:15:9c:c8:27:e7:5f:05:37:9c:79:fe:b9:78: 81:01:bb:32:18:ab:91:97:b1:92:21:c7:11:29:19: 01:c6:f6:50:04:37:f6:8f:eb:f4:56:ef:f0:f4:bc: 07:34:60:31:67:8c:4d:33:47:96:5b:22:22:e4:ce: 92:a0:de:5f:20:22:7c:b8:bd:85:f5:84:bc:70:2c: 2e:bf:94:0c:d1:7b:8f:6e:30:f0:9f:45:c3:f5:35: 28:be:f1:08:e8:f1:bc:9d:9b:40:36:96:81:8e:28: 44:72:1f:5c:19:4e:a3:05:99:b7:18:15:63:c5:14: 90:fe:2b:40:dc:3b:46:ae:eb:9f:13:f2:83:58:c5: 45:17:aa:dd:30:ce:0c:e0:ad:a4:2c:d4:81:3d:f0: 14:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:0D:D7:31:94:91:7F:E1:B7:38:38:DB:94:80:8F:17:E1:08:C6:3F X509v3 Authority Key Identifier: keyid:74:63:65:35:5B:66:55:64:A2:10:C3:58:C6:8A:01:17:B7:FB:EB:9A X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dGNlNVtmVWSiEMNYxooBF7f765o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/CA3XMZSRf-G3ODjblICPF-EIxj8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/62/aea36d-babf-4474-a78b-6a4ecaf8b3b1/1/dGNlNVtmVWSiEMNYxooBF7f765o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 194.124.38.0/24 212.22.78.0/24 Signature Algorithm: sha256WithRSAEncryption 41:84:d5:02:63:61:63:d6:8a:37:a0:af:ac:b2:09:a0:80:2b: be:eb:fc:33:23:98:85:a9:b3:ef:5e:79:da:6a:4a:8a:b6:68: 73:38:60:8c:61:f9:aa:e1:8f:2a:c2:84:c9:2f:f1:ea:34:a8: b3:a4:db:ce:ea:ee:e4:c2:cf:d1:9e:47:8f:5e:6e:4e:02:d4: 73:97:81:eb:bd:34:80:bc:e1:66:73:e4:a9:84:75:48:a0:3d: 34:ac:fa:16:cc:8b:d0:6f:14:43:bb:e2:0f:91:b1:33:41:40: 27:da:c8:ec:17:c5:a7:33:9c:49:10:81:76:3e:a0:56:7f:0f: 49:cf:e9:34:be:4a:3b:72:d7:f1:62:10:62:4f:1a:5e:42:c9: 34:31:31:2b:71:54:b3:ca:61:61:36:34:ec:8c:10:99:05:5b: 2d:93:88:46:f3:43:56:bf:3f:b1:08:a7:e2:25:5e:6b:06:9a: 48:b9:76:cb:f3:b8:1f:d5:bf:17:42:39:63:46:c6:39:22:3d: 50:71:6e:03:f3:4a:c2:2e:5c:cd:7c:b1:1f:ad:06:a0:d3:57: 5f:da:ae:51:ec:e4:46:ee:53:5c:bb:f8:52:66:4b:cb:09:27: a9:4e:b4:4c:7c:92:19:35:1f:69:ea:36:11:25:09:c3:2c:a9: 32:55:ef:50 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt9y0WoOwuepuSs9EOswpwzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc0NjM2NTM1NWI2NjU1NjRhMjEwYzM1OGM2OGEwMTE3Yjdm YmViOWEwHhcNMjYwMTAyMDgyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwODBkZDczMTk0OTE3ZmUxYjczODM4ZGI5NDgwOGYxN2UxMDhjNjNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQakX9wuvh9SCAsKdIWmWKtNWD0x TSNZA0oNLsW1j5HPj5ohlXMUdlE9W8BrlO3Az0pz0Sws+nWKAuAnkHHd/stobDR5 jYRfAtfqX7/Uyp+yhro8JeCDzCKAitPVCuK6oU9HKVkbaPsScRWcyCfnXwU3nHn+ uXiBAbsyGKuRl7GSIccRKRkBxvZQBDf2j+v0Vu/w9LwHNGAxZ4xNM0eWWyIi5M6S oN5fICJ8uL2F9YS8cCwuv5QM0XuPbjDwn0XD9TUovvEI6PG8nZtANpaBjihEch9c GU6jBZm3GBVjxRSQ/itA3DtGruufE/KDWMVFF6rdMM4M4K2kLNSBPfAU0QIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAgN1zGUkX/htzg425SAjxfhCMY/MB8GA1UdIwQY MBaAFHRjZTVbZlVkohDDWMaKARe3++uaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGIt NmE0ZWNhZjhiM2IxLzEvQ0EzWE1aU1JmLUczT0RqYmxJQ1BGLUVJeGo4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82Mi9hZWEzNmQtYmFiZi00NDc0LWE3OGItNmE0ZWNhZjhiM2Ix LzEvZEdObE5WdG1WV1NpRU1OWXhvb0JGN2Y3NjVvLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwnwmAwQA 1BZOMA0GCSqGSIb3DQEBCwUAA4IBAQBBhNUCY2Fj1oo3oK+ssgmggCu+6/wzI5iF qbPvXnnaakqKtmhzOGCMYfmq4Y8qwoTJL/HqNKizpNvO6u7kws/RnkePXm5OAtRz l4HrvTSAvOFmc+SphHVIoD00rPoWzIvQbxRDu+IPkbEzQUAn2sjsF8WnM5xJEIF2 PqBWfw9Jz+k0vko7ctfxYhBiTxpeQsk0MTErcVSzymFhNjTsjBCZBVstk4hG80NW vz+xCKfiJV5rBppIuXbL87gf1b8XQjljRsY5Ij1QcW4D80rCLlzNfLEfrQag01df 2q5R7ORG7lNcu/hSZkvLCSepTrRMfJIZNR9p6jYRJQnDLKkyVe9Q -----END CERTIFICATE-----Generated at Sun Jan 25 07:17:54 2026 by rpki-client