This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cfQFcg3cj61jcmRGEgCJ60KMerY.roa File: cfQFcg3cj61jcmRGEgCJ60KMerY.roa (raw, json) Hash identifier: qvkyFl5ux9Sowqsoj5qXNmbtYYh+x0FfmMPy0XVi7AM= Subject key identifier: 71:F4:05:72:0D:DC:8F:AD:63:72:64:46:12:00:89:EB:42:8C:7A:B6 Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Certificate serial: 019B7A5ADA7A6F69CD3DE35B2F7CF5CCA060 Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cfQFcg3cj61jcmRGEgCJ60KMerY.roa Signing time: Thu 01 Jan 2026 16:18:53 +0000 ROA not before: Thu 01 Jan 2026 16:18:53 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 214855 IP address blocks: 82.152.2.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:da:7a:6f:69:cd:3d:e3:5b:2f:7c:f5:cc:a0:60 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b Validity Not Before: Jan 1 16:18:53 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=71f405720ddc8fad63726446120089eb428c7ab6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:bd:98:89:0c:9f:4d:32:4c:18:f7:60:74:0a: e8:83:7a:77:63:e5:ad:ab:1c:ac:2d:7e:30:b2:6b: ee:41:fd:43:3e:f8:89:53:30:3f:a0:c0:e7:2d:29: b1:dc:26:21:da:ae:f6:be:14:28:e8:34:0c:44:6b: 92:a8:6c:a8:1c:6d:30:89:c3:6b:7a:46:af:9a:7e: 13:a6:9d:b8:5b:d6:64:a0:cd:a4:71:dd:a2:ce:1c: d9:dc:c3:41:90:62:77:e3:ab:4d:42:ed:2f:54:ce: c7:b9:07:75:78:5c:a8:35:33:7b:ba:09:56:f7:9e: 72:49:df:81:7f:7c:51:3d:e9:ad:cd:01:e3:9d:b5: 83:5a:96:27:6e:0d:aa:f2:24:40:59:5f:b7:cc:fa: df:9a:4f:0a:83:ac:8f:96:92:ff:a0:6b:fd:91:7c: d6:3a:83:f8:0e:a6:a5:de:17:55:dd:cb:05:6b:98: 84:57:3a:31:42:1c:9f:10:0d:d8:06:21:2d:f5:52: 77:c6:1f:76:9a:02:70:43:54:ab:45:03:a8:45:16: d8:70:ba:34:83:b1:a6:8e:06:2a:ce:09:b0:0a:6c: 59:ec:68:39:28:d7:a2:72:62:44:83:4a:74:e8:09: 9d:56:9c:76:66:75:3d:fc:ac:7f:ce:3e:67:4c:1c: a3:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:F4:05:72:0D:DC:8F:AD:63:72:64:46:12:00:89:EB:42:8C:7A:B6 X509v3 Authority Key Identifier: keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cfQFcg3cj61jcmRGEgCJ60KMerY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 82.152.2.0/24 Signature Algorithm: sha256WithRSAEncryption 23:45:5f:ff:de:32:3c:e4:36:bd:60:69:17:63:9a:3c:bf:23: dd:9d:0f:cd:ba:e7:77:6e:b8:98:92:32:39:95:dc:96:be:c1: f6:8d:c1:f0:75:e9:56:c6:c1:47:f5:bb:bd:18:13:6c:0e:4d: 1d:69:a9:92:f5:bb:5f:d0:89:02:a6:2f:31:83:b4:37:f4:0b: 62:69:3a:b3:b3:77:b1:a8:b0:75:45:06:c8:70:32:0f:c2:7f: 91:3a:27:92:61:a6:a3:01:8b:d5:71:8c:35:af:d1:57:0b:6d: 81:fe:a3:e8:70:25:77:eb:97:02:44:93:0d:fc:63:e9:72:b5: f1:7f:c9:61:ea:47:62:37:55:1d:33:36:8b:34:df:c7:b1:70: 2f:f6:a6:dd:58:4e:e1:bd:6f:48:77:ef:a6:d4:dd:e5:ab:8b: 14:d9:51:d7:4f:bb:4a:92:a1:f3:9b:49:8b:7f:e7:88:36:e4: 31:37:bc:eb:23:41:ba:3b:9f:16:d6:a3:9d:53:95:0e:ee:c7: cd:84:aa:fc:32:f4:56:4a:08:5e:54:e1:30:70:82:5d:fe:e8: bf:85:ed:66:51:74:a2:ad:b6:a3:46:97:54:4c:ea:9a:4b:34: 43:d2:84:11:b3:62:a3:27:b5:5d:56:8e:ab:1f:40:1c:08:60: 25:c2:b5:82 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6Wtp6b2nNPeNbL3z1zKBgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh NTNiOWIwHhcNMjYwMTAxMTYxODUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MWY0MDU3MjBkZGM4ZmFkNjM3MjY0NDYxMjAwODllYjQyOGM3YWI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwb2YiQyfTTJMGPdgdArog3p3Y+Wt qxysLX4wsmvuQf1DPviJUzA/oMDnLSmx3CYh2q72vhQo6DQMRGuSqGyoHG0wicNr ekavmn4Tpp24W9ZkoM2kcd2izhzZ3MNBkGJ346tNQu0vVM7HuQd1eFyoNTN7uglW 955ySd+Bf3xRPemtzQHjnbWDWpYnbg2q8iRAWV+3zPrfmk8Kg6yPlpL/oGv9kXzW OoP4Dqal3hdV3csFa5iEVzoxQhyfEA3YBiEt9VJ3xh92mgJwQ1SrRQOoRRbYcLo0 g7GmjgYqzgmwCmxZ7Gg5KNeicmJEg0p06AmdVpx2ZnU9/Kx/zj5nTByjDwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFHH0BXIN3I+tY3JkRhIAietCjHq2MB8GA1UdIwQY MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt NDEyMjhlMzlmZjdjLzEvY2ZRRmNnM2NqNjFqY21SR0VnQ0o2MEtNZXJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpgCMA0G CSqGSIb3DQEBCwUAA4IBAQAjRV//3jI85Da9YGkXY5o8vyPdnQ/Nuud3briYkjI5 ldyWvsH2jcHwdelWxsFH9bu9GBNsDk0daamS9btf0IkCpi8xg7Q39AtiaTqzs3ex qLB1RQbIcDIPwn+ROieSYaajAYvVcYw1r9FXC22B/qPocCV365cCRJMN/GPpcrXx f8lh6kdiN1UdMzaLNN/HsXAv9qbdWE7hvW9Id++m1N3lq4sU2VHXT7tKkqHzm0mL f+eINuQxN7zrI0G6O58W1qOdU5UO7sfNhKr8MvRWSgheVOEwcIJd/ui/he1mUXSi rbajRpdUTOqaSzRD0oQRs2KjJ7VdVo6rH0AcCGAlwrWC -----END CERTIFICATE-----Generated at Sun Jan 25 08:48:54 2026 by rpki-client