This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/C3pfKMQJQW-010A2V2GrYZcMHLQ.roa File: C3pfKMQJQW-010A2V2GrYZcMHLQ.roa (raw, json) Hash identifier: VPKEZMstZH4HBeMsv7PNI+XFDpbDiaB9jj0dzD39XgQ= Subject key identifier: 0B:7A:5F:28:C4:09:41:6F:B4:D7:40:36:57:61:AB:61:97:0C:1C:B4 Certificate issuer: /CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2 Certificate serial: 019B7E38094FB1B9AE7A50E56FE8239D86DA Authority key identifier: 00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/C3pfKMQJQW-010A2V2GrYZcMHLQ.roa Signing time: Fri 02 Jan 2026 10:19:20 +0000 ROA not before: Fri 02 Jan 2026 10:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24634 IP address blocks: 185.40.208.0/22 maxlen: 24 2a04:86c0::/29 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.mft rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:09:4f:b1:b9:ae:7a:50:e5:6f:e8:23:9d:86:da Signature Algorithm: sha256WithRSAEncryption Issuer: CN=00af9dda307cb525385ef90f506d0d57bb9d2bf2 Validity Not Before: Jan 2 10:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0b7a5f28c409416fb4d740365761ab61970c1cb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:0a:53:20:cd:22:0d:61:a8:d0:4a:e0:72:47: 91:0e:f9:6f:00:a8:0a:07:09:d6:dc:6b:ed:49:28: 91:e8:6d:9d:a2:55:78:2e:cd:59:1a:0a:3a:5f:45: 06:6d:ab:75:29:c8:fa:ac:51:df:3e:50:43:9c:a3: d3:f3:e9:82:f0:40:40:80:43:ff:94:16:a3:a4:56: 42:4b:5d:f9:7c:40:15:20:ff:97:61:7f:42:42:75: 30:df:f3:98:2e:10:a8:3a:e0:3c:6e:f3:89:10:80: bf:94:b8:6e:cc:a8:98:31:b1:af:b5:b6:5a:2b:d7: 86:83:4f:1d:fe:b4:60:ec:41:b6:57:98:ff:92:e2: f9:98:24:86:19:62:f3:70:a3:03:b1:fc:1f:ec:90: ba:c5:6c:93:c4:ed:41:77:e3:2a:08:dd:4e:14:3d: d6:f9:3d:64:0e:47:8d:fb:5a:42:04:f4:98:11:f3: 3c:d9:f0:ec:68:6c:91:43:8e:a6:48:cd:08:36:53: 6e:22:bb:19:ab:60:ca:d0:e3:98:db:82:4d:de:47: 3f:f4:9d:82:ab:55:06:a2:f2:8a:11:2a:03:20:f1: 1d:34:54:31:e8:c8:36:9a:9f:59:05:ad:d2:97:17: 66:3d:10:a6:6a:3b:fd:7f:80:b2:76:ce:1f:a2:de: 0e:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:7A:5F:28:C4:09:41:6F:B4:D7:40:36:57:61:AB:61:97:0C:1C:B4 X509v3 Authority Key Identifier: keyid:00:AF:9D:DA:30:7C:B5:25:38:5E:F9:0F:50:6D:0D:57:BB:9D:2B:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK-d2jB8tSU4XvkPUG0NV7udK_I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/C3pfKMQJQW-010A2V2GrYZcMHLQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/d0e2f4-b60a-40b2-92e9-90eace9e059e/1/AK-d2jB8tSU4XvkPUG0NV7udK_I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.208.0/22 IPv6: 2a04:86c0::/29 Signature Algorithm: sha256WithRSAEncryption 02:30:33:ac:da:e4:c8:74:8a:9e:d2:c8:d1:ae:07:44:71:1a: 96:a7:af:93:d8:5e:ef:94:b9:d2:0f:74:69:70:3b:33:3a:6b: 9f:f3:7d:84:17:60:a9:e3:38:9f:5d:c8:9e:70:4a:3f:58:12: 51:fd:f1:a3:a9:88:61:99:1f:d1:3b:e5:ec:4b:e8:2a:f8:ab: 05:f1:9e:7c:31:dc:4f:c7:62:79:a7:bb:aa:76:35:f9:5e:dc: 2c:3e:ca:95:1e:6a:77:a1:11:eb:af:65:c1:24:af:6e:22:68: 5f:36:98:a5:bc:ac:7b:f7:82:3d:38:45:e3:c9:7f:1f:b9:95: 9a:d3:f1:c4:82:53:82:c1:10:39:f7:83:f0:c8:08:f6:ef:64: 5d:85:8a:5d:77:f8:6f:d6:c3:71:8f:41:14:43:b7:3d:03:fb: 40:32:10:00:86:1a:e7:3b:e0:e0:2c:b8:1a:3a:42:d1:0a:e5: c5:33:49:ef:dc:e9:6d:9a:85:65:1c:5d:ab:8f:f8:7f:30:ac: c7:4a:b8:d3:90:1b:da:1e:02:2f:af:22:30:b2:32:3b:69:36: 1e:1a:85:3e:95:e6:3c:6a:3b:f9:18:23:37:16:c0:dc:75:5c: a4:4b:d8:8f:88:ea:31:8d:49:64:c1:30:22:d8:eb:6f:05:6b: c9:ff:71:50 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+OAlPsbmuelDlb+gjnYbaMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDAwYWY5ZGRhMzA3Y2I1MjUzODVlZjkwZjUwNmQwZDU3YmI5 ZDJiZjIwHhcNMjYwMTAyMTAxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwYjdhNWYyOGM0MDk0MTZmYjRkNzQwMzY1NzYxYWI2MTk3MGMxY2I0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wpTIM0iDWGo0ErgckeRDvlvAKgK BwnW3GvtSSiR6G2dolV4Ls1ZGgo6X0UGbat1Kcj6rFHfPlBDnKPT8+mC8EBAgEP/ lBajpFZCS135fEAVIP+XYX9CQnUw3/OYLhCoOuA8bvOJEIC/lLhuzKiYMbGvtbZa K9eGg08d/rRg7EG2V5j/kuL5mCSGGWLzcKMDsfwf7JC6xWyTxO1Bd+MqCN1OFD3W +T1kDkeN+1pCBPSYEfM82fDsaGyRQ46mSM0INlNuIrsZq2DK0OOY24JN3kc/9J2C q1UGovKKESoDIPEdNFQx6Mg2mp9ZBa3SlxdmPRCmajv9f4Cyds4fot4O6QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFAt6XyjECUFvtNdANldhq2GXDBy0MB8GA1UdIwQY MBaAFACvndowfLUlOF75D1BtDVe7nSvyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTkt OTBlYWNlOWUwNTllLzEvQzNwZktNUUpRVy0wMTBBMlYyR3JZWmNNSExRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82YS9kMGUyZjQtYjYwYS00MGIyLTkyZTktOTBlYWNlOWUwNTll LzEvQUstZDJqQjh0U1U0WHZrUFVHME5WN3VkS19JLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuSjQMA0E AgACMAcDBQMqBIbAMA0GCSqGSIb3DQEBCwUAA4IBAQACMDOs2uTIdIqe0sjRrgdE cRqWp6+T2F7vlLnSD3RpcDszOmuf832EF2Cp4zifXciecEo/WBJR/fGjqYhhmR/R O+XsS+gq+KsF8Z58MdxPx2J5p7uqdjX5XtwsPsqVHmp3oRHrr2XBJK9uImhfNpil vKx794I9OEXjyX8fuZWa0/HEglOCwRA594PwyAj272RdhYpdd/hv1sNxj0EUQ7c9 A/tAMhAAhhrnO+DgLLgaOkLRCuXFM0nv3OltmoVlHF2rj/h/MKzHSrjTkBvaHgIv ryIwsjI7aTYeGoU+leY8ajv5GCM3FsDcdVykS9iPiOoxjUlkwTAi2OtvBWvJ/3FQ -----END CERTIFICATE-----Generated at Mon Jan 26 04:38:46 2026 by rpki-client