This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/3gKR0cK9QoxfvHnSIiqY4bcG8ww.roa File: 3gKR0cK9QoxfvHnSIiqY4bcG8ww.roa (raw, json) Hash identifier: ZcGaXU4YPznoibhlbyhjzKqhwZf4BJJECm4SI2hoD/U= Subject key identifier: DE:02:91:D1:C2:BD:42:8C:5F:BC:79:D2:22:2A:98:E1:B7:06:F3:0C Certificate issuer: /CN=e0691dbafa3a8de070b07022de9adf74341fb4f2 Certificate serial: 019B7BA397141A1B405978E5327DC82E1352 Authority key identifier: E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/3gKR0cK9QoxfvHnSIiqY4bcG8ww.roa Signing time: Thu 01 Jan 2026 22:17:57 +0000 ROA not before: Thu 01 Jan 2026 22:17:57 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 210474 IP address blocks: 212.23.216.0/24 maxlen: 24 2a10:a780::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/4Gkduvo6jeBwsHAi3prfdDQftPI.crl rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/4Gkduvo6jeBwsHAi3prfdDQftPI.mft rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:01:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:97:14:1a:1b:40:59:78:e5:32:7d:c8:2e:13:52 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e0691dbafa3a8de070b07022de9adf74341fb4f2 Validity Not Before: Jan 1 22:17:57 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de0291d1c2bd428c5fbc79d2222a98e1b706f30c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:e8:3c:62:40:ef:37:28:e5:66:56:15:7d:e4: 88:bc:27:77:d1:93:bf:11:15:a6:e7:76:8a:68:72: 93:b4:f0:c6:04:0b:8c:e9:d1:d4:ea:bd:56:0a:f8: be:d7:42:8b:5d:eb:04:c0:c2:d6:34:32:20:7f:70: d5:4e:a1:62:a8:36:fa:b0:67:8b:49:e7:42:ca:e8: 73:c0:79:fc:fd:c6:ae:2a:6d:c2:95:ef:cb:9c:22: db:1a:cc:b5:5c:05:8c:79:8f:16:57:31:3a:5c:92: 1f:1c:85:88:54:97:4c:5f:56:fb:24:df:ab:1d:71: 0c:72:5d:69:83:a2:b7:8d:16:a0:09:17:15:17:9d: 00:ca:9a:e3:89:e0:ff:63:3a:22:40:1e:bf:be:fd: b8:c1:fc:f3:31:09:9f:e9:a8:ea:4e:76:41:55:3f: d8:10:ce:f1:c7:bf:c0:e5:e7:05:c4:44:28:22:82: fd:a8:57:57:2d:8f:8b:2e:7c:7f:7a:ce:52:75:5e: 0d:f9:a5:14:99:ad:47:87:75:27:50:c4:21:ef:b9: 9f:12:9b:d4:82:59:f7:84:5e:df:a8:77:0c:50:b6: 65:48:83:02:2e:54:d5:1c:78:f0:1e:f2:79:ca:1d: 8b:35:2b:ae:b2:bd:55:fb:ac:b9:19:72:4d:28:ab: 38:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:02:91:D1:C2:BD:42:8C:5F:BC:79:D2:22:2A:98:E1:B7:06:F3:0C X509v3 Authority Key Identifier: keyid:E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/3gKR0cK9QoxfvHnSIiqY4bcG8ww.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/4Gkduvo6jeBwsHAi3prfdDQftPI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 212.23.216.0/24 IPv6: 2a10:a780::/29 Signature Algorithm: sha256WithRSAEncryption 58:43:80:76:1d:77:2e:be:01:38:7c:41:63:e7:50:85:97:72: 96:3b:91:84:74:16:e0:84:96:27:0a:10:69:dd:cf:9b:0a:50: 16:3f:99:fa:ab:b2:eb:f5:f4:7d:d0:ae:34:97:01:de:77:ce: 4b:97:fb:1c:b5:c8:96:fb:fd:92:c5:f5:a5:a2:49:9b:f9:21: b4:6f:a8:5a:e7:aa:e5:55:77:be:c6:5e:7a:0a:53:44:77:0d: 8a:a2:f7:ac:04:83:6e:75:6e:22:bf:18:e3:bc:6b:e4:49:37: 31:04:cd:88:da:f8:57:c7:a2:76:14:71:e7:89:e4:ba:12:8b: eb:1f:ea:46:d5:c2:ad:01:fa:46:84:a4:ef:66:04:70:a2:b2: 37:f6:14:a9:c6:50:0b:d8:0b:0f:fa:d9:7c:ec:b6:25:9e:a9: 46:44:26:bd:d5:ae:6c:dc:1b:57:67:70:2a:4e:58:0b:60:ec: 1a:ea:5f:27:29:a4:bc:eb:19:b6:61:70:9d:fb:8c:f4:03:23: 2c:9a:13:cf:22:bf:42:11:10:34:30:d3:5f:f5:e7:6e:cd:16: 35:da:a9:63:2f:df:a5:03:80:52:5e:1d:c7:15:d7:84:b9:40: 73:db:46:9c:fc:82:37:2a:a9:21:2f:9a:f4:08:f3:1b:1e:20: 4e:d9:6e:1d -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt7o5cUGhtAWXjlMn3ILhNSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUwNjkxZGJhZmEzYThkZTA3MGIwNzAyMmRlOWFkZjc0MzQx ZmI0ZjIwHhcNMjYwMTAxMjIxNzU3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTAyOTFkMWMyYmQ0MjhjNWZiYzc5ZDIyMjJhOThlMWI3MDZmMzBjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyug8YkDvNyjlZlYVfeSIvCd30ZO/ ERWm53aKaHKTtPDGBAuM6dHU6r1WCvi+10KLXesEwMLWNDIgf3DVTqFiqDb6sGeL SedCyuhzwHn8/cauKm3Cle/LnCLbGsy1XAWMeY8WVzE6XJIfHIWIVJdMX1b7JN+r HXEMcl1pg6K3jRagCRcVF50AyprjieD/YzoiQB6/vv24wfzzMQmf6ajqTnZBVT/Y EM7xx7/A5ecFxEQoIoL9qFdXLY+LLnx/es5SdV4N+aUUma1Hh3UnUMQh77mfEpvU gln3hF7fqHcMULZlSIMCLlTVHHjwHvJ5yh2LNSuusr1V+6y5GXJNKKs4GwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFN4CkdHCvUKMX7x50iIqmOG3BvMMMB8GA1UdIwQY MBaAFOBpHbr6Oo3gcLBwIt6a33Q0H7TyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQt ZmQ0OWViM2YxOWIxLzEvM2dLUjBjSzlRb3hmdkhuU0lpcVk0YmNHOHd3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQtZmQ0OWViM2YxOWIx LzEvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1BfYMA0E AgACMAcDBQMqEKeAMA0GCSqGSIb3DQEBCwUAA4IBAQBYQ4B2HXcuvgE4fEFj51CF l3KWO5GEdBbghJYnChBp3c+bClAWP5n6q7Lr9fR90K40lwHed85Ll/sctciW+/2S xfWlokmb+SG0b6ha56rlVXe+xl56ClNEdw2KovesBINudW4ivxjjvGvkSTcxBM2I 2vhXx6J2FHHnieS6EovrH+pG1cKtAfpGhKTvZgRworI39hSpxlAL2AsP+tl87LYl nqlGRCa91a5s3BtXZ3AqTlgLYOwa6l8nKaS86xm2YXCd+4z0AyMsmhPPIr9CERA0 MNNf9eduzRY12qljL9+lA4BSXh3HFdeEuUBz20ac/II3KqkhL5r0CPMbHiBO2W4d -----END CERTIFICATE-----Generated at Sun Jan 25 21:02:56 2026 by rpki-client