This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/S31jWM3wEsReURsulHI7U8Kz478.roa File: S31jWM3wEsReURsulHI7U8Kz478.roa (raw, json) Hash identifier: /Sp5r8Qxi7xeH5fyeueoA88dFZr2CShlD/FHWPU4Yh8= Subject key identifier: 4B:7D:63:58:CD:F0:12:C4:5E:51:1B:2E:94:72:3B:53:C2:B3:E3:BF Certificate issuer: /CN=3d9424b3c8e72f746a59eb199455aa3646a3a457 Certificate serial: 019B7A5B344B59C54B126F2E39876D980542 Authority key identifier: 3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/S31jWM3wEsReURsulHI7U8Kz478.roa Signing time: Thu 01 Jan 2026 16:19:16 +0000 ROA not before: Thu 01 Jan 2026 16:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202283 IP address blocks: 185.232.220.0/22 maxlen: 22 193.109.238.0/24 maxlen: 24 2a0c:d100::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/PZQks8jnL3RqWesZlFWqNkajpFc.crl rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/PZQks8jnL3RqWesZlFWqNkajpFc.mft rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:34:4b:59:c5:4b:12:6f:2e:39:87:6d:98:05:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3d9424b3c8e72f746a59eb199455aa3646a3a457 Validity Not Before: Jan 1 16:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4b7d6358cdf012c45e511b2e94723b53c2b3e3bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:20:a2:30:46:4a:b1:f2:70:08:f9:68:e5:cc: 6f:51:3b:cf:3a:77:3c:1f:2a:ad:a2:3a:ce:60:a7: f7:6e:44:9b:d8:22:9d:70:b1:81:e8:a3:2c:35:06: 2e:ec:58:e9:4a:f2:56:47:fe:a5:ad:b9:6d:4f:78: 70:71:28:43:bf:02:85:ce:ad:0f:86:7b:65:50:11: 9e:c1:9e:da:9b:a6:b5:af:94:e7:f8:57:52:02:15: 6b:9d:a7:08:22:0c:d7:69:04:cc:84:7e:06:7a:7b: ff:2a:88:d8:40:20:66:ad:0b:cf:a9:a5:58:76:43: ee:b9:7b:2a:7c:54:88:6b:fc:a3:1d:0a:23:e2:f9: 7d:84:fb:c9:a8:1b:fd:91:2c:da:20:60:58:c9:5c: 9c:28:16:e6:e0:48:c5:77:64:66:27:6f:43:74:cd: 87:cf:eb:49:b8:8c:e8:f5:4c:81:4f:f0:5c:13:5c: c7:1d:e5:8a:dd:0c:0e:1f:04:f2:dc:d4:9f:cc:98: 36:73:0e:56:a7:6a:a8:01:a0:0e:14:b5:0b:12:56: 37:45:27:42:cf:a3:a4:60:ea:04:bd:e0:59:c0:c5: 23:53:22:84:19:03:cf:5d:80:a3:97:19:59:41:f7: 4d:53:39:7c:81:84:10:ff:f7:e0:f7:8e:73:bb:3d: e6:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:7D:63:58:CD:F0:12:C4:5E:51:1B:2E:94:72:3B:53:C2:B3:E3:BF X509v3 Authority Key Identifier: keyid:3D:94:24:B3:C8:E7:2F:74:6A:59:EB:19:94:55:AA:36:46:A3:A4:57 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PZQks8jnL3RqWesZlFWqNkajpFc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/S31jWM3wEsReURsulHI7U8Kz478.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/df2947-cd05-4405-949a-6a8033dcbe1c/1/PZQks8jnL3RqWesZlFWqNkajpFc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.232.220.0/22 193.109.238.0/24 IPv6: 2a0c:d100::/29 Signature Algorithm: sha256WithRSAEncryption 40:82:14:fd:80:a5:57:60:b8:f0:d7:81:60:8c:84:df:5f:29: 30:2a:12:41:58:ae:3d:8f:ce:85:8e:e9:6a:c5:38:55:d6:6e: 04:6c:86:f9:c2:10:a1:75:dd:bf:08:15:1e:27:f1:58:67:36: d1:50:0c:df:16:37:1c:44:7f:2b:ac:be:1f:0d:9c:96:2f:74: f4:7c:b5:a1:e2:ae:f7:ff:03:f9:73:70:78:76:2f:a2:e4:86: 9c:ee:aa:cb:02:69:88:70:67:12:56:d0:32:d1:62:9c:f6:71: 22:78:93:42:28:4c:20:ea:b2:4f:56:17:c7:00:0d:c3:83:34: 8b:26:bd:81:38:59:89:07:1d:d2:b0:de:48:6a:6b:68:aa:79: 0b:30:6f:92:00:fe:f9:46:f9:9c:19:eb:00:bc:18:23:83:d3: 46:bb:10:83:f8:d8:9a:78:e2:9d:33:4f:2b:17:6f:30:ac:a7: d2:19:59:dd:75:0b:12:27:f7:d7:09:c0:a3:84:1b:6a:59:cd: 70:df:f2:55:b6:5b:8b:fa:08:d1:87:47:f5:d9:ca:f6:0e:04: d4:bd:86:e2:f0:17:d6:13:12:93:46:44:3b:4e:fc:93:51:89: d1:8f:5c:e6:7e:e1:92:e1:f7:34:3f:18:83:00:2f:de:23:2a: 59:95:76:b3 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6WzRLWcVLEm8uOYdtmAVCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNkOTQyNGIzYzhlNzJmNzQ2YTU5ZWIxOTk0NTVhYTM2NDZh M2E0NTcwHhcNMjYwMTAxMTYxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0YjdkNjM1OGNkZjAxMmM0NWU1MTFiMmU5NDcyM2I1M2MyYjNlM2JmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSCiMEZKsfJwCPlo5cxvUTvPOnc8 HyqtojrOYKf3bkSb2CKdcLGB6KMsNQYu7FjpSvJWR/6lrbltT3hwcShDvwKFzq0P hntlUBGewZ7am6a1r5Tn+FdSAhVrnacIIgzXaQTMhH4Genv/KojYQCBmrQvPqaVY dkPuuXsqfFSIa/yjHQoj4vl9hPvJqBv9kSzaIGBYyVycKBbm4EjFd2RmJ29DdM2H z+tJuIzo9UyBT/BcE1zHHeWK3QwOHwTy3NSfzJg2cw5Wp2qoAaAOFLULElY3RSdC z6OkYOoEveBZwMUjUyKEGQPPXYCjlxlZQfdNUzl8gYQQ//fg945zuz3mEwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFEt9Y1jN8BLEXlEbLpRyO1PCs+O/MB8GA1UdIwQY MBaAFD2UJLPI5y90alnrGZRVqjZGo6RXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEt NmE4MDMzZGNiZTFjLzEvUzMxaldNM3dFc1JlVVJzdWxISTdVOEt6NDc4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kNy9kZjI5NDctY2QwNS00NDA1LTk0OWEtNmE4MDMzZGNiZTFj LzEvUFpRa3M4am5MM1JxV2VzWmxGV3FOa2FqcEZjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuejcAwQA wW3uMA0EAgACMAcDBQMqDNEAMA0GCSqGSIb3DQEBCwUAA4IBAQBAghT9gKVXYLjw 14FgjITfXykwKhJBWK49j86FjulqxThV1m4EbIb5whChdd2/CBUeJ/FYZzbRUAzf FjccRH8rrL4fDZyWL3T0fLWh4q73/wP5c3B4di+i5Iac7qrLAmmIcGcSVtAy0WKc 9nEieJNCKEwg6rJPVhfHAA3DgzSLJr2BOFmJBx3SsN5IamtoqnkLMG+SAP75Rvmc GesAvBgjg9NGuxCD+NiaeOKdM08rF28wrKfSGVnddQsSJ/fXCcCjhBtqWc1w3/JV tluL+gjRh0f12cr2DgTUvYbi8BfWExKTRkQ7TvyTUYnRj1zmfuGS4fc0PxiDAC/e IypZlXaz -----END CERTIFICATE-----Generated at Mon Jan 26 04:51:33 2026 by rpki-client