This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/40a6M8tU6s4tn1NCA5ZdC5_m5gQ.roa File: 40a6M8tU6s4tn1NCA5ZdC5_m5gQ.roa (raw, json) Hash identifier: CaFW3lfKILssomy79H34gG68DVwJTZhuMZ4iATT6r/U= Subject key identifier: E3:46:BA:33:CB:54:EA:CE:2D:9F:53:42:03:96:5D:0B:9F:E6:E6:04 Certificate issuer: /CN=df2c15cf72fcdb8596b7c6489b15a6b720c14eb5 Certificate serial: 019B7FF1E2BD956587E3D9AE1BFEC8D648B6 Authority key identifier: DF:2C:15:CF:72:FC:DB:85:96:B7:C6:48:9B:15:A6:B7:20:C1:4E:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/40a6M8tU6s4tn1NCA5ZdC5_m5gQ.roa Signing time: Fri 02 Jan 2026 18:21:57 +0000 ROA not before: Fri 02 Jan 2026 18:21:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44294 IP address blocks: 185.239.25.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.crl rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.mft rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 09:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f1:e2:bd:95:65:87:e3:d9:ae:1b:fe:c8:d6:48:b6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df2c15cf72fcdb8596b7c6489b15a6b720c14eb5 Validity Not Before: Jan 2 18:21:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e346ba33cb54eace2d9f534203965d0b9fe6e604 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:67:11:8a:14:30:07:7c:0d:8c:36:ce:9c:f3: fb:d7:a5:dd:2a:21:30:80:50:63:1a:01:a2:97:9c: 1e:2b:c0:5b:54:56:3b:7c:21:1e:7d:89:40:20:7b: bd:a8:8b:c8:5d:56:64:e7:41:96:09:89:74:5b:69: cc:68:e5:6e:98:86:72:6e:b9:ac:95:18:cc:c4:bd: c0:4c:2d:8d:c5:d8:09:fb:87:98:42:06:07:68:8b: bb:c4:81:91:a3:13:9a:d3:ec:29:e9:0d:2b:26:08: 2c:9f:b7:6a:72:d7:53:12:32:a5:84:14:0c:80:d9: 19:a3:8b:da:ed:fc:0d:d3:23:b5:19:b8:a1:e8:ca: 9d:3b:e8:6b:78:8d:b6:35:21:0a:4c:d0:49:a6:f4: ce:92:a1:16:fb:64:b9:e5:d7:b1:c1:96:25:c9:4a: 01:07:aa:a1:d9:da:3f:20:3e:4d:72:f9:6b:9c:6d: 77:1d:34:92:b2:56:f1:80:78:cd:ae:18:6f:3a:a2: 47:5c:4e:87:3c:15:3c:29:c3:3b:de:1e:97:6c:2b: f9:21:39:c9:5a:64:a5:86:88:0c:ee:c6:ca:5b:43: 9f:48:4d:18:02:08:ce:c0:8e:c6:ac:d0:67:ef:ee: c0:b2:2b:10:67:18:9a:58:10:70:db:53:e2:1f:9d: 6f:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:46:BA:33:CB:54:EA:CE:2D:9F:53:42:03:96:5D:0B:9F:E6:E6:04 X509v3 Authority Key Identifier: keyid:DF:2C:15:CF:72:FC:DB:85:96:B7:C6:48:9B:15:A6:B7:20:C1:4E:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ywVz3L824WWt8ZImxWmtyDBTrU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/40a6M8tU6s4tn1NCA5ZdC5_m5gQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/9cfea1-d82a-4755-810e-f1853d10e610/1/3ywVz3L824WWt8ZImxWmtyDBTrU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.239.25.0/24 Signature Algorithm: sha256WithRSAEncryption 4c:22:dc:94:dc:5c:d9:24:54:60:7d:e3:ce:81:9d:c4:87:22: a5:6d:36:34:ef:b1:6c:67:3c:a1:ca:af:49:f6:9b:4a:bf:e1: 63:67:8d:98:bb:40:2c:59:4b:e1:fb:1e:37:07:81:c6:59:24: f4:78:61:5b:76:4e:a0:26:15:54:c6:a9:42:ba:4d:44:4d:f7: 4d:c6:99:93:6b:b6:be:14:38:7a:97:32:53:66:6d:ca:c5:90: 20:fa:df:b6:d6:a0:ca:36:de:54:36:ae:2d:92:16:d4:74:aa: 74:ec:17:99:2c:89:12:f0:65:3c:33:1a:c6:bc:28:a5:d6:b4: 1b:a0:62:65:54:8e:07:9e:0c:95:1e:8f:f9:a7:14:3b:23:a9: 6e:f0:22:4f:71:fb:07:6d:18:ac:80:9e:ba:c8:cf:d8:97:3e: b6:44:fd:ee:0e:a0:93:d7:51:5e:55:44:00:aa:4e:23:c7:f8: 8d:a8:21:d9:5b:3d:4b:c6:da:d2:33:7c:33:d7:e5:f4:37:39: 9e:72:05:7c:40:71:ee:8f:69:14:1a:ab:87:23:e5:dc:a2:07: b6:de:16:a1:0b:cf:ae:07:86:1e:12:fb:16:a5:70:4f:87:73: 26:37:cc:0b:28:b4:0f:51:f4:26:b8:38:5c:58:87:f4:bb:f9: fe:3a:d7:a4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8eK9lWWH49muG/7I1ki2MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmMmMxNWNmNzJmY2RiODU5NmI3YzY0ODliMTVhNmI3MjBj MTRlYjUwHhcNMjYwMTAyMTgyMTU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMzQ2YmEzM2NiNTRlYWNlMmQ5ZjUzNDIwMzk2NWQwYjlmZTZlNjA0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2cRihQwB3wNjDbOnPP716XdKiEw gFBjGgGil5weK8BbVFY7fCEefYlAIHu9qIvIXVZk50GWCYl0W2nMaOVumIZybrms lRjMxL3ATC2NxdgJ+4eYQgYHaIu7xIGRoxOa0+wp6Q0rJggsn7dqctdTEjKlhBQM gNkZo4va7fwN0yO1Gbih6MqdO+hreI22NSEKTNBJpvTOkqEW+2S55dexwZYlyUoB B6qh2do/ID5NcvlrnG13HTSSslbxgHjNrhhvOqJHXE6HPBU8KcM73h6XbCv5ITnJ WmSlhogM7sbKW0OfSE0YAgjOwI7GrNBn7+7AsisQZxiaWBBw21PiH51v6QIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFONGujPLVOrOLZ9TQgOWXQuf5uYEMB8GA1UdIwQY MBaAFN8sFc9y/NuFlrfGSJsVprcgwU61MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3l3VnozTDgyNFdXdDhaSW14V210eURCVHJVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS85Y2ZlYTEtZDgyYS00NzU1LTgxMGUt ZjE4NTNkMTBlNjEwLzEvNDBhNk04dFU2czR0bjFOQ0E1WmRDNV9tNWdRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS85Y2ZlYTEtZDgyYS00NzU1LTgxMGUtZjE4NTNkMTBlNjEw LzEvM3l3VnozTDgyNFdXdDhaSW14V210eURCVHJVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAue8ZMA0G CSqGSIb3DQEBCwUAA4IBAQBMItyU3FzZJFRgfePOgZ3EhyKlbTY077FsZzyhyq9J 9ptKv+FjZ42Yu0AsWUvh+x43B4HGWST0eGFbdk6gJhVUxqlCuk1ETfdNxpmTa7a+ FDh6lzJTZm3KxZAg+t+21qDKNt5UNq4tkhbUdKp07BeZLIkS8GU8MxrGvCil1rQb oGJlVI4HngyVHo/5pxQ7I6lu8CJPcfsHbRisgJ66yM/Ylz62RP3uDqCT11FeVUQA qk4jx/iNqCHZWz1LxtrSM3wz1+X0NzmecgV8QHHuj2kUGquHI+Xcoge23hahC8+u B4YeEvsWpXBPh3MmN8wLKLQPUfQmuDhcWIf0u/n+Otek -----END CERTIFICATE-----Generated at Mon Jan 26 11:44:57 2026 by rpki-client