This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3c9t4MGeStGLHjUZ66vza3tkSYE.roa File: 3c9t4MGeStGLHjUZ66vza3tkSYE.roa (raw, json) Hash identifier: gUlMaCaFHiCOJrfl/wIO9xX9xKZ4Jh8J4bUEdwCYkrQ= Subject key identifier: DD:CF:6D:E0:C1:9E:4A:D1:8B:1E:35:19:EB:AB:F3:6B:7B:64:49:81 Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Certificate serial: 019B783456A3A9310D0DA721FD60132798B4 Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3c9t4MGeStGLHjUZ66vza3tkSYE.roa Signing time: Thu 01 Jan 2026 06:17:34 +0000 ROA not before: Thu 01 Jan 2026 06:17:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39020 IP address blocks: 192.71.213.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 05:00:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:34:56:a3:a9:31:0d:0d:a7:21:fd:60:13:27:98:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b Validity Not Before: Jan 1 06:17:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddcf6de0c19e4ad18b1e3519ebabf36b7b644981 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:85:71:d9:1e:b9:d1:a2:8d:8f:ca:cf:bc:d8:42: a3:6e:6e:9f:1c:f7:90:4f:c9:c7:74:5c:fe:9f:51: 31:d7:36:d1:03:68:a1:2a:c7:a1:1a:28:36:e9:a2: 8c:64:b8:33:0f:d3:62:3b:b7:32:ad:4e:e2:84:52: b2:38:c6:c2:4b:94:06:eb:38:f1:4d:ba:86:fd:c8: 4f:11:2b:07:22:0b:00:64:9f:1a:f8:ba:6b:bd:24: 91:26:2d:ee:32:5c:d5:bf:68:82:4b:7e:3f:ad:40: 71:09:2c:99:ad:86:f9:3d:e1:09:3f:f8:4b:d3:92: b0:65:4c:b7:67:69:1b:3a:96:5a:b6:ce:33:71:e1: c5:8f:ce:76:fe:04:da:38:da:ab:78:be:44:5b:a0: 7a:99:1f:3c:48:7b:a8:03:d3:ae:46:0e:e6:49:e6: 3f:f1:06:c5:55:8b:74:d0:9c:81:5c:ea:43:99:70: 1b:33:a7:4b:8e:dd:24:ef:83:30:e2:48:51:c1:69: fa:d4:98:73:cc:1d:73:ba:eb:57:e0:2a:0e:03:b6: 09:9e:27:6a:e6:cc:92:db:57:a6:1e:12:58:c2:8d: 62:43:a9:04:ed:40:00:41:26:ef:98:f7:98:33:3b: b7:58:45:e9:b4:5b:b2:c7:f4:a5:f7:ce:37:e0:a4: 04:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:CF:6D:E0:C1:9E:4A:D1:8B:1E:35:19:EB:AB:F3:6B:7B:64:49:81 X509v3 Authority Key Identifier: keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/3c9t4MGeStGLHjUZ66vza3tkSYE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 192.71.213.0/24 Signature Algorithm: sha256WithRSAEncryption 3e:63:88:68:ce:9f:f6:65:e2:a7:92:53:79:51:9a:b3:72:cc: 03:13:f7:ca:a3:f2:c1:46:9d:58:eb:79:55:f8:8b:82:0f:60: 43:d2:91:5d:ef:f8:37:0c:35:12:48:ee:e1:60:97:fa:d4:19: 7c:cc:d1:4d:51:ec:27:d0:28:b0:dc:f5:de:bf:e7:74:55:d5: b3:33:da:b0:55:05:0e:1b:20:81:a9:44:5d:33:4b:45:58:97: b0:1d:30:ff:e1:f0:df:0a:68:dd:b1:5e:c1:08:41:cb:0e:d7: 19:10:a0:14:da:ac:15:9b:b0:6a:26:4f:8e:68:8c:d8:7c:d3: a5:11:67:8a:0a:55:d7:81:e8:6c:82:06:60:9c:1a:40:a0:8e: 30:ef:cf:09:60:1e:ef:a1:a4:56:e8:d3:01:c4:11:01:c0:20: 3a:75:78:7c:ad:0b:c1:55:84:0c:c3:5f:7a:96:82:aa:fd:d8: c6:58:4b:49:2b:43:ae:45:f0:3e:30:59:9e:c1:bb:90:c1:ae: e9:76:2a:73:ee:ef:03:f8:35:12:e9:4a:e6:64:38:2b:60:d5: 5f:85:c4:5c:94:82:d1:3c:91:fa:56:98:4b:98:36:2a:57:54: 77:1f:af:08:46:4a:84:a6:c9:28:35:ff:79:ce:1a:4b:0a:bf: 7c:2a:ee:d7 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt4NFajqTENDach/WATJ5i0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh ZGFmMWIwHhcNMjYwMTAxMDYxNzM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGNmNmRlMGMxOWU0YWQxOGIxZTM1MTllYmFiZjM2YjdiNjQ0OTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXHZHrnRoo2Pys+82EKjbm6fHPeQ T8nHdFz+n1Ex1zbRA2ihKsehGig26aKMZLgzD9NiO7cyrU7ihFKyOMbCS5QG6zjx TbqG/chPESsHIgsAZJ8a+LprvSSRJi3uMlzVv2iCS34/rUBxCSyZrYb5PeEJP/hL 05KwZUy3Z2kbOpZats4zceHFj852/gTaONqreL5EW6B6mR88SHuoA9OuRg7mSeY/ 8QbFVYt00JyBXOpDmXAbM6dLjt0k74Mw4khRwWn61JhzzB1zuutX4CoOA7YJnidq 5syS21emHhJYwo1iQ6kE7UAAQSbvmPeYMzu3WEXptFuyx/Sl98434KQEMQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN3PbeDBnkrRix41Geur82t7ZEmBMB8GA1UdIwQY MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt OTQzZDAzMzIxMzI2LzEvM2M5dDRNR2VTdEdMSGpVWjY2dnphM3RrU1lFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2 LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwEfVMA0G CSqGSIb3DQEBCwUAA4IBAQA+Y4hozp/2ZeKnklN5UZqzcswDE/fKo/LBRp1Y63lV +IuCD2BD0pFd7/g3DDUSSO7hYJf61Bl8zNFNUewn0Ciw3PXev+d0VdWzM9qwVQUO GyCBqURdM0tFWJewHTD/4fDfCmjdsV7BCEHLDtcZEKAU2qwVm7BqJk+OaIzYfNOl EWeKClXXgehsggZgnBpAoI4w788JYB7voaRW6NMBxBEBwCA6dXh8rQvBVYQMw196 loKq/djGWEtJK0OuRfA+MFmewbuQwa7pdipz7u8D+DUS6UrmZDgrYNVfhcRclILR PJH6VphLmDYqV1R3H68IRkqEpskoNf95zhpLCr98Ku7X -----END CERTIFICATE-----Generated at Sun Jan 25 15:01:53 2026 by rpki-client