This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/kFJJEyTKADp1baTJnM1zkurd-AY.roa File: kFJJEyTKADp1baTJnM1zkurd-AY.roa (raw, json) Hash identifier: 6YWt+74Liha4YiPIKXVwr09uzTbyh63tPVdg3eh1Ecw= Subject key identifier: 90:52:49:13:24:CA:00:3A:75:6D:A4:C9:9C:CD:73:92:EA:DD:F8:06 Certificate issuer: /CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4 Certificate serial: 019B7EA65008B2A2862B0C48B882B4D5A2B3 Authority key identifier: 3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/kFJJEyTKADp1baTJnM1zkurd-AY.roa Signing time: Fri 02 Jan 2026 12:19:47 +0000 ROA not before: Fri 02 Jan 2026 12:19:47 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 24990 IP address blocks: 185.3.24.0/22 maxlen: 22 217.69.16.0/20 maxlen: 20 2a03:6c80::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.mft rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:50:08:b2:a2:86:2b:0c:48:b8:82:b4:d5:a2:b3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3c350ba82f3feb5aee28938fbf1b09c1e2fd19b4 Validity Not Before: Jan 2 12:19:47 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9052491324ca003a756da4c99ccd7392eaddf806 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:64:c7:9a:2f:ee:48:9d:8b:83:27:cd:bc:20: b9:43:64:dc:da:68:d2:75:d4:6c:18:7f:ee:0e:92: 04:ed:b8:0d:e4:f1:3f:05:12:e7:a0:4a:7f:66:f6: 4f:63:b7:9e:46:d9:6f:55:71:d4:ca:e0:b2:aa:5f: d5:12:0f:28:07:51:60:21:fe:63:ba:52:22:37:2f: fa:d7:2b:a4:c9:18:71:ee:21:2f:0b:58:45:8e:21: bb:5d:2a:c2:24:d0:18:a5:a0:b1:4a:73:04:73:72: 9b:0c:b1:dd:4b:22:a1:af:56:5f:ce:22:9a:f6:6e: 70:57:a6:e1:f3:9e:1a:9c:09:fa:e0:66:d7:60:f3: 42:d9:51:54:19:4f:59:cf:86:ba:6d:13:3b:82:c8: c6:b1:52:eb:6d:6c:fb:a6:5a:6c:18:b0:90:77:27: 65:9e:74:b8:6c:f7:6d:8f:30:c0:95:4b:dc:08:93: 13:85:34:9c:0c:ec:f6:9b:8e:c8:17:6d:46:ad:19: 52:52:22:ca:c9:92:a4:99:9d:13:65:f0:a0:ab:29: 4b:44:7b:c0:15:e0:69:c6:4e:31:94:3b:fe:d5:79: 24:3a:ea:66:61:cc:fd:87:78:80:9b:fb:41:a5:b3: dc:5c:a1:90:43:5f:b4:fe:c8:7c:7a:b9:1a:91:78: 7d:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:52:49:13:24:CA:00:3A:75:6D:A4:C9:9C:CD:73:92:EA:DD:F8:06 X509v3 Authority Key Identifier: keyid:3C:35:0B:A8:2F:3F:EB:5A:EE:28:93:8F:BF:1B:09:C1:E2:FD:19:B4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PDULqC8_61ruKJOPvxsJweL9GbQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/kFJJEyTKADp1baTJnM1zkurd-AY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/64d7a9-cac3-4549-a7aa-61b7902ee204/1/PDULqC8_61ruKJOPvxsJweL9GbQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.3.24.0/22 217.69.16.0/20 IPv6: 2a03:6c80::/32 Signature Algorithm: sha256WithRSAEncryption 5b:34:f0:69:88:a5:ed:d6:5c:33:de:d7:f6:f4:06:33:bc:c5: fe:ec:7e:e4:a5:3c:bf:8c:bf:53:a6:61:aa:1d:77:50:e6:b5: 8a:d3:e8:4c:e1:db:34:83:71:11:86:bb:ad:5e:69:80:d2:32: 21:1f:8b:f3:b2:fd:f0:16:22:6a:f3:c1:f2:c2:60:ef:45:f0: fe:ed:58:b0:23:99:27:a0:00:d4:f3:80:16:e9:ed:45:89:cf: d9:e8:e1:00:a2:93:d7:9d:73:40:b1:73:77:fa:c0:5c:da:b6: 5d:cc:7e:9c:98:fd:9e:86:32:a4:59:50:df:2d:a1:ff:65:4c: 2d:29:82:14:03:25:a8:9c:d7:dd:28:2d:41:4a:f6:a2:23:2a: 28:55:74:a4:84:ac:a5:db:cb:19:cb:bf:e2:de:fd:fb:08:78: 18:12:71:c9:9d:af:bd:f6:a6:df:5a:be:fc:84:37:03:03:53: 3d:0d:b3:30:c5:2e:45:13:c8:62:24:84:a8:2c:5c:b6:57:cf: de:fa:e2:8b:a4:a6:b5:09:34:50:fc:f2:55:77:9a:6e:d6:ae: ac:c1:01:fd:84:c6:79:da:38:98:8d:02:ca:2a:9b:66:8e:82: 08:dc:0c:0e:17:42:a9:25:6c:1b:68:6c:9e:ad:9f:f9:ac:c5: 4d:8b:22:da -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt+plAIsqKGKwxIuIK01aKzMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjMzUwYmE4MmYzZmViNWFlZTI4OTM4ZmJmMWIwOWMxZTJm ZDE5YjQwHhcNMjYwMTAyMTIxOTQ3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5MDUyNDkxMzI0Y2EwMDNhNzU2ZGE0Yzk5Y2NkNzM5MmVhZGRmODA2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2THmi/uSJ2LgyfNvCC5Q2Tc2mjS ddRsGH/uDpIE7bgN5PE/BRLnoEp/ZvZPY7eeRtlvVXHUyuCyql/VEg8oB1FgIf5j ulIiNy/61yukyRhx7iEvC1hFjiG7XSrCJNAYpaCxSnMEc3KbDLHdSyKhr1ZfziKa 9m5wV6bh854anAn64GbXYPNC2VFUGU9Zz4a6bRM7gsjGsVLrbWz7plpsGLCQdydl nnS4bPdtjzDAlUvcCJMThTScDOz2m47IF21GrRlSUiLKyZKkmZ0TZfCgqylLRHvA FeBpxk4xlDv+1XkkOupmYcz9h3iAm/tBpbPcXKGQQ1+0/sh8erkakXh9NwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFJBSSRMkygA6dW2kyZzNc5Lq3fgGMB8GA1UdIwQY MBaAFDw1C6gvP+ta7iiTj78bCcHi/Rm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEt NjFiNzkwMmVlMjA0LzEva0ZKSkV5VEtBRHAxYmFUSm5NMXprdXJkLUFZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOS82NGQ3YTktY2FjMy00NTQ5LWE3YWEtNjFiNzkwMmVlMjA0 LzEvUERVTHFDOF82MXJ1S0pPUHZ4c0p3ZUw5R2JRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuQMYAwQE 2UUQMA0EAgACMAcDBQAqA2yAMA0GCSqGSIb3DQEBCwUAA4IBAQBbNPBpiKXt1lwz 3tf29AYzvMX+7H7kpTy/jL9TpmGqHXdQ5rWK0+hM4ds0g3ERhrutXmmA0jIhH4vz sv3wFiJq88HywmDvRfD+7ViwI5knoADU84AW6e1Fic/Z6OEAopPXnXNAsXN3+sBc 2rZdzH6cmP2ehjKkWVDfLaH/ZUwtKYIUAyWonNfdKC1BSvaiIyooVXSkhKyl28sZ y7/i3v37CHgYEnHJna+99qbfWr78hDcDA1M9DbMwxS5FE8hiJISoLFy2V8/e+uKL pKa1CTRQ/PJVd5pu1q6swQH9hMZ52jiYjQLKKptmjoII3AwOF0KpJWwbaGyerZ/5 rMVNiyLa -----END CERTIFICATE-----Generated at Mon Jan 26 08:39:14 2026 by rpki-client