This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/3CApeUyJD6bQwRWKiM1EMQF3kvY.roa File: 3CApeUyJD6bQwRWKiM1EMQF3kvY.roa (raw, json) Hash identifier: ybH4Bx/zM0Uzd/7q3lf5ZQTsjL4RIUspa20ZvnQgIGU= Subject key identifier: DC:20:29:79:4C:89:0F:A6:D0:C1:15:8A:88:CD:44:31:01:77:92:F6 Certificate issuer: /CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b Certificate serial: 019AB60861CCE596E22746825B8D4F2AA59C Authority key identifier: 61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/3CApeUyJD6bQwRWKiM1EMQF3kvY.roa Signing time: Mon 24 Nov 2025 13:23:13 +0000 ROA not before: Mon 24 Nov 2025 13:23:13 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 57280 IP address blocks: 195.10.196.0/24 maxlen: 24 2a03:5580::/30 maxlen: 30 2a03:5584::/30 maxlen: 30 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.crl rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.mft rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 21:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:08:61:cc:e5:96:e2:27:46:82:5b:8d:4f:2a:a5:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=614b70ff9c22ffe0b77f43f41c08074de6f36e1b Validity Not Before: Nov 24 13:23:13 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dc2029794c890fa6d0c1158a88cd4431017792f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:ec:48:da:1a:98:82:58:28:db:e0:82:de:d0: 19:4a:94:f5:61:b5:9b:05:ee:4a:9a:b3:1d:2d:0a: 14:46:27:25:fb:cc:b9:f9:9f:dc:df:b1:59:e5:bd: e1:aa:3a:48:4b:8c:b6:8f:0d:88:fc:39:ac:42:42: 3b:3f:26:c2:73:0d:e7:91:e3:22:3f:6d:6e:1e:03: fd:3a:64:e5:cf:e4:c5:2d:17:13:02:35:4e:4e:09: 24:ec:fb:6e:9c:12:24:56:f5:93:f9:85:f4:49:f7: 8c:28:8d:6b:fc:5d:57:d7:66:84:23:4a:c1:4d:b5: d3:01:61:27:85:22:f5:05:9b:ed:64:fc:69:94:90: 77:47:88:89:d0:ac:36:47:29:13:a2:0c:a8:13:8d: 28:0c:d2:2e:f9:08:ab:9e:96:ca:8c:7f:f6:0d:d6: cf:4f:f5:e8:c2:eb:77:d0:38:04:ee:5f:33:7c:bb: e7:b5:e1:27:4e:35:5e:cf:40:d8:05:1a:8f:14:bc: 1c:ad:17:3b:46:50:4d:95:45:48:c9:df:ac:4e:f7: dc:ed:24:05:e9:52:02:2e:17:6e:37:92:d2:f7:d9: 0d:c3:84:74:21:c0:09:2d:18:98:93:e3:f7:1a:70: 70:d8:7f:08:19:43:c8:3a:57:e3:f9:e9:ca:e5:a1: 0e:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:20:29:79:4C:89:0F:A6:D0:C1:15:8A:88:CD:44:31:01:77:92:F6 X509v3 Authority Key Identifier: keyid:61:4B:70:FF:9C:22:FF:E0:B7:7F:43:F4:1C:08:07:4D:E6:F3:6E:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YUtw_5wi_-C3f0P0HAgHTebzbhs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/3CApeUyJD6bQwRWKiM1EMQF3kvY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/971f17-0bf8-4ba1-b768-55fec1252ab0/1/YUtw_5wi_-C3f0P0HAgHTebzbhs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 195.10.196.0/24 IPv6: 2a03:5580::/29 Signature Algorithm: sha256WithRSAEncryption 2c:3c:38:ea:4d:ed:d9:30:09:12:63:ad:0b:80:8f:cf:6e:50: 04:99:7a:4d:e8:60:31:9a:81:0d:f1:f7:35:5a:6d:eb:a4:79: 20:04:b9:15:ce:54:d9:82:f8:2b:98:ff:68:da:8e:b5:23:4a: 5e:76:dd:18:3c:47:92:f3:18:f3:c4:42:8b:2f:2f:7d:74:1c: e0:f5:ec:b4:08:c6:ef:d0:66:45:90:39:aa:7d:dd:f5:0f:40: dc:ea:68:50:f0:d2:77:20:3b:79:1b:98:79:6b:38:3b:fd:63: cc:0c:1d:61:ed:57:97:56:cc:b8:f3:92:be:78:b1:41:75:fb: 4b:1d:2a:ac:d7:95:b5:9a:93:c4:74:62:fc:47:4d:ac:93:94: af:85:45:41:3f:df:c4:56:fc:7a:03:bc:d2:8f:05:63:63:90: 8f:37:da:1a:8b:0e:8f:d9:26:43:41:82:7c:67:a5:77:c6:03: 54:fe:ec:bd:94:f2:e7:d0:65:3d:a5:da:e9:70:07:b4:fa:73: 94:76:6f:80:b0:06:7d:9d:3e:e0:3f:6a:1d:2c:4d:ec:a7:c0: 2e:fd:39:a4:23:dd:7f:4e:0d:59:d4:d0:f8:d8:87:2f:18:5c: f9:c5:26:99:d2:c7:9a:9c:7d:b9:68:af:17:9b:c9:10:a6:04: a0:9e:ab:98 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZq2CGHM5ZbiJ0aCW41PKqWcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYxNGI3MGZmOWMyMmZmZTBiNzdmNDNmNDFjMDgwNzRkZTZm MzZlMWIwHhcNMjUxMTI0MTMyMzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzIwMjk3OTRjODkwZmE2ZDBjMTE1OGE4OGNkNDQzMTAxNzc5MmY2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+xI2hqYglgo2+CC3tAZSpT1YbWb Be5KmrMdLQoURicl+8y5+Z/c37FZ5b3hqjpIS4y2jw2I/DmsQkI7PybCcw3nkeMi P21uHgP9OmTlz+TFLRcTAjVOTgkk7PtunBIkVvWT+YX0SfeMKI1r/F1X12aEI0rB TbXTAWEnhSL1BZvtZPxplJB3R4iJ0Kw2RykTogyoE40oDNIu+QirnpbKjH/2DdbP T/Xowut30DgE7l8zfLvnteEnTjVez0DYBRqPFLwcrRc7RlBNlUVIyd+sTvfc7SQF 6VICLhduN5LS99kNw4R0IcAJLRiYk+P3GnBw2H8IGUPIOlfj+enK5aEOXQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFNwgKXlMiQ+m0MEViojNRDEBd5L2MB8GA1UdIwQY MBaAFGFLcP+cIv/gt39D9BwIB03m824bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3Njgt NTVmZWMxMjUyYWIwLzEvM0NBcGVVeUpENmJRd1JXS2lNMUVNUUYza3ZZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lMi85NzFmMTctMGJmOC00YmExLWI3NjgtNTVmZWMxMjUyYWIw LzEvWVV0d181d2lfLUMzZjBQMEhBZ0hUZWJ6YmhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwwrEMA0E AgACMAcDBQMqA1WAMA0GCSqGSIb3DQEBCwUAA4IBAQAsPDjqTe3ZMAkSY60LgI/P blAEmXpN6GAxmoEN8fc1Wm3rpHkgBLkVzlTZgvgrmP9o2o61I0pedt0YPEeS8xjz xEKLLy99dBzg9ey0CMbv0GZFkDmqfd31D0Dc6mhQ8NJ3IDt5G5h5azg7/WPMDB1h 7VeXVsy485K+eLFBdftLHSqs15W1mpPEdGL8R02sk5SvhUVBP9/EVvx6A7zSjwVj Y5CPN9oaiw6P2SZDQYJ8Z6V3xgNU/uy9lPLn0GU9pdrpcAe0+nOUdm+AsAZ9nT7g P2odLE3sp8Au/TmkI91/Tg1Z1ND42IcvGFz5xSaZ0seanH25aK8Xm8kQpgSgnquY -----END CERTIFICATE-----Generated at Sun Dec 7 06:31:02 2025 by rpki-client