This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/hD3IqorNDrlwkzGUmybhJLv5L2k.roa File: hD3IqorNDrlwkzGUmybhJLv5L2k.roa (raw, json) Hash identifier: ZaWNL4A6CBZBDeNroOwIUO67tG+ZeiSsCvPL+QQ5od4= Subject key identifier: 84:3D:C8:AA:8A:CD:0E:B9:70:93:31:94:9B:26:E1:24:BB:F9:2F:69 Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83 Certificate serial: 019B7EA55B35F8249C5B9F4CF8A59171A115 Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/hD3IqorNDrlwkzGUmybhJLv5L2k.roa Signing time: Fri 02 Jan 2026 12:18:44 +0000 ROA not before: Fri 02 Jan 2026 12:18:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62563 IP address blocks: 176.126.222.0/24 maxlen: 24 188.212.39.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.mft rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:5b:35:f8:24:9c:5b:9f:4c:f8:a5:91:71:a1:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83 Validity Not Before: Jan 2 12:18:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=843dc8aa8acd0eb9709331949b26e124bbf92f69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:b7:0c:51:8a:9f:f1:8e:01:ae:62:8e:3f:83: bc:23:8d:1a:c2:77:e2:b8:31:e0:6c:1d:ce:3a:1c: 55:35:9f:d2:1d:d5:7a:c6:1a:05:4b:2f:9e:4f:83: 0a:26:2e:cb:1f:14:41:b8:64:27:f7:a7:17:cb:01: 1b:4d:71:3a:ee:16:56:c2:f1:93:82:bb:42:68:e9: 69:f7:7d:8d:1d:34:05:59:38:e0:f9:0d:0a:e2:e1: 64:9d:40:4d:d6:56:fa:8c:ab:30:ab:b2:64:53:35: 88:ae:4d:f5:c4:b0:fc:23:1f:be:11:60:44:95:9e: 51:70:ce:1f:4a:9e:9e:c3:b5:7f:7a:96:37:29:38: 71:a9:44:a0:ff:c8:1b:4d:bf:5c:d3:e3:86:a5:f1: ec:1e:38:42:af:c9:61:c0:3d:f6:69:ca:3b:39:a0: 00:da:f0:75:0d:bb:cc:3b:87:88:14:8c:2b:1a:34: 2f:6b:27:75:2b:c1:df:6d:c6:92:e8:c4:8f:4d:cb: 2f:25:f1:35:5e:93:f5:a0:c2:c5:33:d6:61:91:9e: 2b:0f:8c:13:85:d5:30:03:e6:b2:c3:77:cf:aa:bb: f1:81:7d:51:99:bc:fe:fd:1d:93:96:8d:e5:7e:99: b9:e0:d1:cf:df:35:21:5f:7e:cc:c7:9e:c0:f0:61: 54:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 84:3D:C8:AA:8A:CD:0E:B9:70:93:31:94:9B:26:E1:24:BB:F9:2F:69 X509v3 Authority Key Identifier: keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/hD3IqorNDrlwkzGUmybhJLv5L2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 176.126.222.0/24 188.212.39.0/24 Signature Algorithm: sha256WithRSAEncryption 48:9a:bb:a4:f5:dc:1c:90:34:0d:d8:0f:c1:e1:06:a1:e6:40: 8d:bd:b1:e3:83:94:cf:51:ee:8f:7d:87:2a:d7:8d:d0:69:cd: 99:a6:77:fb:35:03:30:d2:e3:35:6e:f3:76:49:83:94:c8:41: 9b:d4:fd:1f:39:3e:c0:07:e4:19:ff:04:e7:7c:cc:4b:a9:30: d4:65:f0:a3:e9:91:00:b0:54:2b:ab:31:b5:53:c1:7f:23:85: 10:b9:a4:d2:3b:f8:64:a5:60:42:89:70:38:41:ae:f2:16:62: d9:a6:5f:52:dd:29:c1:d9:da:e6:5d:35:a8:71:98:e6:5a:48: ed:c7:d7:4d:17:5d:d1:8c:33:3a:4a:0e:14:82:7c:fd:db:51: 79:74:1a:3a:6e:21:ac:ac:ec:3b:11:14:dc:b8:ac:cb:45:39: 79:40:4d:22:a8:b6:77:da:64:17:66:30:40:63:8e:01:de:5c: a1:92:b4:3a:a5:dc:88:fe:e9:d3:b4:26:5a:a0:7f:8a:d2:ca: 2e:52:24:8c:2b:f2:1c:92:e8:1d:fe:5b:e0:c8:5e:22:80:fa: c0:cd:e0:d3:61:55:74:6b:ab:f9:a9:8b:65:e2:a7:ac:eb:0a: f4:96:6c:9a:6c:26:38:bc:45:05:e9:c8:c6:da:c1:50:ce:c1: 08:94:75:3b -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pVs1+CScW59M+KWRcaEVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm Y2VmODMwHhcNMjYwMTAyMTIxODQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NDNkYzhhYThhY2QwZWI5NzA5MzMxOTQ5YjI2ZTEyNGJiZjkyZjY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbcMUYqf8Y4BrmKOP4O8I40awnfi uDHgbB3OOhxVNZ/SHdV6xhoFSy+eT4MKJi7LHxRBuGQn96cXywEbTXE67hZWwvGT grtCaOlp932NHTQFWTjg+Q0K4uFknUBN1lb6jKswq7JkUzWIrk31xLD8Ix++EWBE lZ5RcM4fSp6ew7V/epY3KThxqUSg/8gbTb9c0+OGpfHsHjhCr8lhwD32aco7OaAA 2vB1DbvMO4eIFIwrGjQvayd1K8HfbcaS6MSPTcsvJfE1XpP1oMLFM9ZhkZ4rD4wT hdUwA+ayw3fPqrvxgX1Rmbz+/R2Tlo3lfpm54NHP3zUhX37Mx57A8GFUBwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIQ9yKqKzQ65cJMxlJsm4SS7+S9pMB8GA1UdIwQY MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt YzY0N2E4YzFkZGZhLzEvaEQzSXFvck5Ecmx3a3pHVW15YmhKTHY1TDJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH7eAwQA vNQnMA0GCSqGSIb3DQEBCwUAA4IBAQBImruk9dwckDQN2A/B4Qah5kCNvbHjg5TP Ue6PfYcq143Qac2Zpnf7NQMw0uM1bvN2SYOUyEGb1P0fOT7AB+QZ/wTnfMxLqTDU ZfCj6ZEAsFQrqzG1U8F/I4UQuaTSO/hkpWBCiXA4Qa7yFmLZpl9S3SnB2drmXTWo cZjmWkjtx9dNF13RjDM6Sg4Ugnz921F5dBo6biGsrOw7ERTcuKzLRTl5QE0iqLZ3 2mQXZjBAY44B3lyhkrQ6pdyI/unTtCZaoH+K0souUiSMK/Ickugd/lvgyF4igPrA zeDTYVV0a6v5qYtl4qes6wr0lmyabCY4vEUF6cjG2sFQzsEIlHU7 -----END CERTIFICATE-----Generated at Sun Jan 25 16:17:17 2026 by rpki-client