This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/wt3Ui80OQ2RXah5MDzF8MWqly2Q.roa File: wt3Ui80OQ2RXah5MDzF8MWqly2Q.roa (raw, json) Hash identifier: J67sJRmcaTP47jMbuSDSqG6+LX3lK8JypZ67sDFFc/U= Subject key identifier: C2:DD:D4:8B:CD:0E:43:64:57:6A:1E:4C:0F:31:7C:31:6A:A5:CB:64 Certificate issuer: /CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12 Certificate serial: 019B7BA3F00350894BF9FC7E01D9A0BD51E0 Authority key identifier: 40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/wt3Ui80OQ2RXah5MDzF8MWqly2Q.roa Signing time: Thu 01 Jan 2026 22:18:19 +0000 ROA not before: Thu 01 Jan 2026 22:18:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 29119 IP address blocks: 185.223.96.0/22 maxlen: 22 195.128.12.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.mft rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:f0:03:50:89:4b:f9:fc:7e:01:d9:a0:bd:51:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40cfd3a49bc71e74a0d0bf7e346ca89b29597a12 Validity Not Before: Jan 1 22:18:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c2ddd48bcd0e4364576a1e4c0f317c316aa5cb64 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:96:65:03:c8:3c:bc:8e:51:3f:e1:21:ea:9c:0c: c2:84:ef:66:43:54:2f:fc:e2:f8:05:67:aa:20:3d: d6:81:34:78:c7:73:8d:94:92:82:ad:74:6d:6f:2b: 5a:45:5d:3d:76:d0:a2:fe:3b:7c:64:d2:e2:ea:b3: fe:a7:81:c9:46:42:f1:7b:4b:17:5f:4f:fd:e8:ea: 42:b0:96:f2:76:ae:3b:db:de:49:f9:55:83:6f:97: 78:9e:1e:fc:55:4d:04:f2:01:83:3c:ac:de:29:9a: a8:db:91:20:25:ca:96:9c:19:52:2c:5d:0e:b1:8f: 2f:45:ee:c8:3e:cf:cf:35:b5:23:67:eb:c9:a8:d9: 98:f6:f7:bf:9c:cf:c9:1e:f3:b9:84:e3:2d:e0:ce: b5:00:cb:89:94:c5:b4:63:cc:9b:6c:c8:06:e7:20: fe:f2:43:f8:5c:cb:2a:d9:4d:23:27:97:ba:b4:2d: 05:f9:2e:e2:fc:b8:c7:17:30:b7:36:e2:a6:66:81: fd:a4:e1:b6:b7:27:9c:cd:eb:6d:fb:56:51:5b:fd: 61:13:ff:87:02:42:6b:4a:d0:68:d8:35:ea:a1:87: d3:46:8a:1f:59:db:35:36:43:59:c7:de:44:08:0f: 88:a9:be:3a:fe:b0:97:4e:b5:85:bf:5e:0a:c8:ca: 04:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:DD:D4:8B:CD:0E:43:64:57:6A:1E:4C:0F:31:7C:31:6A:A5:CB:64 X509v3 Authority Key Identifier: keyid:40:CF:D3:A4:9B:C7:1E:74:A0:D0:BF:7E:34:6C:A8:9B:29:59:7A:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QM_TpJvHHnSg0L9-NGyomylZehI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/wt3Ui80OQ2RXah5MDzF8MWqly2Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0b9f07-f166-4675-b185-60b6ebbb7e6f/1/QM_TpJvHHnSg0L9-NGyomylZehI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.223.96.0/22 195.128.12.0/22 Signature Algorithm: sha256WithRSAEncryption 36:1e:a9:88:66:47:93:c8:f5:63:3b:1c:54:ca:b5:08:16:bf: f0:36:0d:e7:e6:3a:29:82:89:d2:9a:ec:a1:75:05:31:52:68: d0:bf:e3:40:a6:ad:4e:9b:7b:72:c9:d6:90:4d:1f:5f:1c:3b: 0b:ae:0d:fa:c3:fb:36:b3:fd:81:53:f8:98:95:14:ab:2a:cf: d9:c9:35:84:87:f4:0d:12:2b:8b:8c:8a:52:65:20:d3:07:52: 76:9b:b9:b5:9c:dd:b6:42:68:66:77:1c:d8:31:d2:c4:6d:4c: e7:16:38:b1:cc:bd:5b:99:a3:63:c7:8b:59:fa:65:c9:eb:5d: 49:3d:dc:9e:08:ef:b9:6d:33:f3:2f:d4:fd:d7:17:23:cc:da: d0:4c:b1:36:4b:5b:44:f7:72:c2:e9:f5:16:a0:e3:1c:2e:e9: 94:06:db:3b:87:f9:a2:db:6c:11:d8:a1:6a:80:01:66:f9:c9: 2e:a9:f7:e1:c2:b6:cc:bf:be:3b:cb:6a:39:a3:b5:8c:ce:31: 19:d7:db:48:81:11:ca:f3:90:6b:93:11:51:c8:79:42:93:00: 9f:ea:6e:14:4c:84:b8:d8:08:92:1b:0e:0d:66:55:f9:20:94: af:e8:f2:f9:6c:49:ae:03:29:08:7d:df:e9:0a:da:a3:76:64: 4f:85:a8:11 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7o/ADUIlL+fx+AdmgvVHgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwY2ZkM2E0OWJjNzFlNzRhMGQwYmY3ZTM0NmNhODliMjk1 OTdhMTIwHhcNMjYwMTAxMjIxODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjMmRkZDQ4YmNkMGU0MzY0NTc2YTFlNGMwZjMxN2MzMTZhYTVjYjY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmUDyDy8jlE/4SHqnAzChO9mQ1Qv /OL4BWeqID3WgTR4x3ONlJKCrXRtbytaRV09dtCi/jt8ZNLi6rP+p4HJRkLxe0sX X0/96OpCsJbydq47295J+VWDb5d4nh78VU0E8gGDPKzeKZqo25EgJcqWnBlSLF0O sY8vRe7IPs/PNbUjZ+vJqNmY9ve/nM/JHvO5hOMt4M61AMuJlMW0Y8ybbMgG5yD+ 8kP4XMsq2U0jJ5e6tC0F+S7i/LjHFzC3NuKmZoH9pOG2tyeczett+1ZRW/1hE/+H AkJrStBo2DXqoYfTRoofWds1NkNZx95ECA+Iqb46/rCXTrWFv14KyMoEGwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFMLd1IvNDkNkV2oeTA8xfDFqpctkMB8GA1UdIwQY MBaAFEDP06Sbxx50oNC/fjRsqJspWXoSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUt NjBiNmViYmI3ZTZmLzEvd3QzVWk4ME9RMlJYYWg1TUR6RjhNV3FseTJRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMS8wYjlmMDctZjE2Ni00Njc1LWIxODUtNjBiNmViYmI3ZTZm LzEvUU1fVHBKdkhIblNnMEw5LU5HeW9teWxaZWhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCud9gAwQC w4AMMA0GCSqGSIb3DQEBCwUAA4IBAQA2HqmIZkeTyPVjOxxUyrUIFr/wNg3n5jop gonSmuyhdQUxUmjQv+NApq1Om3tyydaQTR9fHDsLrg36w/s2s/2BU/iYlRSrKs/Z yTWEh/QNEiuLjIpSZSDTB1J2m7m1nN22QmhmdxzYMdLEbUznFjixzL1bmaNjx4tZ +mXJ611JPdyeCO+5bTPzL9T91xcjzNrQTLE2S1tE93LC6fUWoOMcLumUBts7h/mi 22wR2KFqgAFm+ckuqffhwrbMv747y2o5o7WMzjEZ19tIgRHK85BrkxFRyHlCkwCf 6m4UTIS42AiSGw4NZlX5IJSv6PL5bEmuAykIfd/pCtqjdmRPhagR -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:23 2026 by rpki-client