This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/m3UYalXj1FlItkx4Rfdvy-zoe3E.roa File: m3UYalXj1FlItkx4Rfdvy-zoe3E.roa (raw, json) Hash identifier: fRgZKtug12cWuESnK4ZE4YhyfFuUNO2BSLzpL2F6bjY= Subject key identifier: 9B:75:18:6A:55:E3:D4:59:48:B6:4C:78:45:F7:6F:CB:EC:E8:7B:71 Certificate issuer: /CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e Certificate serial: 019B7B359F51403DD5E3056020C8EA57D4D5 Authority key identifier: 8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/m3UYalXj1FlItkx4Rfdvy-zoe3E.roa Signing time: Thu 01 Jan 2026 20:17:50 +0000 ROA not before: Thu 01 Jan 2026 20:17:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 21013 IP address blocks: 80.243.160.0/20 maxlen: 20 85.31.0.0/19 maxlen: 19 185.91.80.0/22 maxlen: 22 212.52.192.0/19 maxlen: 19 2a02:940::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.mft rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 14:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:9f:51:40:3d:d5:e3:05:60:20:c8:ea:57:d4:d5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ad240603ec6ebcd62f72d46f1dc00cb7e1f0b2e Validity Not Before: Jan 1 20:17:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9b75186a55e3d45948b64c7845f76fcbece87b71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:42:25:39:03:8d:36:9f:39:62:dc:0c:21:25: e4:60:11:0c:81:14:73:4b:71:fa:ba:43:40:dd:da: f5:3b:38:55:d9:c5:a2:cf:49:39:5e:12:24:62:de: 50:5a:52:ad:72:9a:35:fe:fa:1d:24:5e:43:82:df: 04:21:f1:bf:a8:6f:55:3d:7a:de:56:a7:90:14:9d: 20:b6:9d:18:9c:d6:8f:98:9b:44:4f:da:c6:94:97: 22:e7:c6:c7:8d:7f:02:bd:e6:9d:f9:35:c3:84:e5: 24:38:2b:16:84:cd:ef:8d:9c:30:0f:df:f9:c6:26: 5b:e3:68:ce:d4:a7:8d:82:1f:30:a5:e3:63:18:c6: 5f:2f:b2:f0:22:d5:23:75:c0:14:cf:43:d9:d9:8b: 9d:bd:55:46:83:09:c0:95:87:05:3c:9f:93:96:0f: 88:dc:04:ea:6d:fa:18:93:ad:d5:48:96:07:e4:b2: e0:56:83:7b:3a:96:ca:03:a8:43:85:b5:58:52:dd: 77:46:ab:5d:04:6f:d6:ff:0f:00:4c:61:b8:e9:16: 47:3c:36:bd:d1:cd:bc:5b:1f:d7:b6:9a:9d:39:2a: 41:ba:32:eb:a7:61:5a:54:86:18:63:d2:3c:b4:0c: 17:1c:3c:71:ac:a7:00:cd:ab:59:ab:69:8e:cd:b5: 07:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:75:18:6A:55:E3:D4:59:48:B6:4C:78:45:F7:6F:CB:EC:E8:7B:71 X509v3 Authority Key Identifier: keyid:8A:D2:40:60:3E:C6:EB:CD:62:F7:2D:46:F1:DC:00:CB:7E:1F:0B:2E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itJAYD7G681i9y1G8dwAy34fCy4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/m3UYalXj1FlItkx4Rfdvy-zoe3E.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/425149-9c68-41fb-8035-d76c8c739861/1/itJAYD7G681i9y1G8dwAy34fCy4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.243.160.0/20 85.31.0.0/19 185.91.80.0/22 212.52.192.0/19 IPv6: 2a02:940::/32 Signature Algorithm: sha256WithRSAEncryption 16:de:45:26:e0:f9:aa:fd:40:8e:28:d8:0e:7a:86:a9:62:80: 36:62:8f:81:45:2b:51:3b:7f:e9:ec:fb:53:7d:89:e1:12:14: c0:24:7a:a8:34:12:ff:06:e5:52:df:a8:91:da:f5:8b:19:c1: b8:33:ec:22:2e:01:08:4d:ee:24:e3:87:d6:7c:17:4b:47:52: e5:d9:f9:b2:8d:84:2e:21:00:0f:ae:a3:82:0a:51:f1:ea:84: f6:ee:80:62:18:90:3c:a2:df:c3:4b:8a:ed:be:4e:84:75:21: c7:b4:c0:1b:38:39:f7:cd:b8:f0:b5:16:61:cb:f1:34:1f:f7: 8b:30:7c:73:7a:4d:17:25:99:e8:72:9a:79:8d:ce:d9:a6:4c: e9:78:2b:7a:5f:8a:4a:47:96:bc:00:f1:29:2e:62:b8:d7:d7: b2:55:ff:da:44:61:6d:0b:48:eb:ba:0d:75:9d:60:a1:33:62: 6e:05:31:0c:9d:8c:82:d9:75:95:89:01:3a:2d:9b:6d:31:8f: 71:12:82:8a:31:4c:c6:94:0f:70:49:c7:26:5b:48:25:18:d5: a6:43:98:0b:34:32:b7:ae:6f:60:e0:6c:db:6a:93:bb:59:e5: ee:1b:87:27:db:b7:04:c4:54:35:d4:b1:d1:f7:4d:38:08:d3: 46:d8:d2:8b -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt7NZ9RQD3V4wVgIMjqV9TVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhhZDI0MDYwM2VjNmViY2Q2MmY3MmQ0NmYxZGMwMGNiN2Ux ZjBiMmUwHhcNMjYwMTAxMjAxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Yjc1MTg2YTU1ZTNkNDU5NDhiNjRjNzg0NWY3NmZjYmVjZTg3YjcxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20IlOQONNp85YtwMISXkYBEMgRRz S3H6ukNA3dr1OzhV2cWiz0k5XhIkYt5QWlKtcpo1/vodJF5Dgt8EIfG/qG9VPXre VqeQFJ0gtp0YnNaPmJtET9rGlJci58bHjX8Cvead+TXDhOUkOCsWhM3vjZwwD9/5 xiZb42jO1KeNgh8wpeNjGMZfL7LwItUjdcAUz0PZ2YudvVVGgwnAlYcFPJ+Tlg+I 3ATqbfoYk63VSJYH5LLgVoN7OpbKA6hDhbVYUt13RqtdBG/W/w8ATGG46RZHPDa9 0c28Wx/XtpqdOSpBujLrp2FaVIYYY9I8tAwXHDxxrKcAzatZq2mOzbUHmQIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFJt1GGpV49RZSLZMeEX3b8vs6HtxMB8GA1UdIwQY MBaAFIrSQGA+xuvNYvctRvHcAMt+HwsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUt ZDc2YzhjNzM5ODYxLzEvbTNVWWFsWGoxRmxJdGt4NFJmZHZ5LXpvZTNFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNy80MjUxNDktOWM2OC00MWZiLTgwMzUtZDc2YzhjNzM5ODYx LzEvaXRKQVlEN0c2ODFpOXkxRzhkd0F5MzRmQ3k0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUPOgAwQF VR8AAwQCuVtQAwQF1DTAMA0EAgACMAcDBQAqAglAMA0GCSqGSIb3DQEBCwUAA4IB AQAW3kUm4Pmq/UCOKNgOeoapYoA2Yo+BRStRO3/p7PtTfYnhEhTAJHqoNBL/BuVS 36iR2vWLGcG4M+wiLgEITe4k44fWfBdLR1Ll2fmyjYQuIQAPrqOCClHx6oT27oBi GJA8ot/DS4rtvk6EdSHHtMAbODn3zbjwtRZhy/E0H/eLMHxzek0XJZnocpp5jc7Z pkzpeCt6X4pKR5a8APEpLmK419eyVf/aRGFtC0jrug11nWChM2JuBTEMnYyC2XWV iQE6LZttMY9xEoKKMUzGlA9wSccmW0glGNWmQ5gLNDK3rm9g4GzbapO7WeXuG4cn 27cExFQ11LHR9004CNNG2NKL -----END CERTIFICATE-----Generated at Mon Jan 26 18:16:10 2026 by rpki-client