This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/i3dZrndLKOdAX4fmBKLNisvgCU4.roa File: i3dZrndLKOdAX4fmBKLNisvgCU4.roa (raw, json) Hash identifier: AOIV+Iu3cvphLn4bbaPQNGarjwL1kFw2bCXNmN94Ucg= Subject key identifier: 8B:77:59:AE:77:4B:28:E7:40:5F:87:E6:04:A2:CD:8A:CB:E0:09:4E Certificate issuer: /CN=ce958f181fb507a0a2a821856b8be0d54b118b85 Certificate serial: 019B7EA56AEFF6D65AEDC11C996DAAC5660A Authority key identifier: CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/i3dZrndLKOdAX4fmBKLNisvgCU4.roa Signing time: Fri 02 Jan 2026 12:18:48 +0000 ROA not before: Fri 02 Jan 2026 12:18:48 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398772 IP address blocks: 185.168.156.0/24 maxlen: 24 185.174.88.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.mft rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 18:01:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a5:6a:ef:f6:d6:5a:ed:c1:1c:99:6d:aa:c5:66:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ce958f181fb507a0a2a821856b8be0d54b118b85 Validity Not Before: Jan 2 12:18:48 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8b7759ae774b28e7405f87e604a2cd8acbe0094e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:96:57:10:4d:fd:c7:bd:85:e4:95:e0:3b:d2: d7:60:32:80:7c:c0:a8:d0:39:68:15:c9:34:71:de: eb:b7:ea:c9:15:f7:d5:bf:0c:53:1a:1e:6d:4e:4f: 96:5b:62:92:a4:90:05:b4:34:9e:01:5e:40:9d:f0: 0a:0f:e9:f0:6d:31:5e:43:af:f9:6a:c5:e6:d1:7c: ee:55:cb:6d:a9:ec:bd:76:4b:7b:1c:1f:02:8c:29: af:2b:54:aa:cc:d2:1e:3f:01:5b:7d:ae:5d:c5:26: 4a:fa:91:11:76:d2:bd:9e:72:b5:bd:ab:50:08:a1: 4b:31:7d:85:14:ec:43:9d:17:f4:b7:a1:42:ad:f7: 80:84:95:7e:61:45:2f:5b:db:60:14:ef:44:1c:9e: f6:67:2d:22:3f:7a:60:9f:a3:ee:cc:93:a0:23:13: 94:9c:4a:0f:7d:4e:0e:e2:49:0f:29:31:c2:51:99: 83:d7:41:8e:2b:95:58:68:8b:ee:2c:de:62:e3:b8: 77:0b:56:b2:91:d3:70:df:4e:7c:a6:93:78:d0:d5: 46:6b:92:44:ab:08:02:9d:d8:60:98:ab:8a:8e:3f: 8f:f1:c2:8b:b2:01:76:0f:a4:fc:97:01:bd:6f:55: 60:69:3d:97:03:ba:58:51:d3:00:9c:a4:67:cd:16: de:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:77:59:AE:77:4B:28:E7:40:5F:87:E6:04:A2:CD:8A:CB:E0:09:4E X509v3 Authority Key Identifier: keyid:CE:95:8F:18:1F:B5:07:A0:A2:A8:21:85:6B:8B:E0:D5:4B:11:8B:85 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zpWPGB-1B6CiqCGFa4vg1UsRi4U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/i3dZrndLKOdAX4fmBKLNisvgCU4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/3d9bfa-cfd0-44a8-842e-0dbb3b8db15f/1/zpWPGB-1B6CiqCGFa4vg1UsRi4U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.168.156.0/24 185.174.88.0/23 Signature Algorithm: sha256WithRSAEncryption 3f:8c:9d:b2:6d:e6:ca:22:ff:c8:11:ed:2c:ce:8c:57:47:ad: ad:f9:80:ef:ca:a4:bb:9f:19:1b:be:af:80:e1:3a:d9:e1:f7: f0:cd:7d:8d:3f:8b:93:69:03:a3:53:87:2e:f0:77:2a:16:72: fd:c1:5a:7f:bc:b0:ed:6a:09:8c:77:df:c8:ee:6f:d2:6f:a1: 70:1d:d3:ba:ed:3f:16:fc:01:ac:33:dd:91:59:1e:de:be:da: 89:1c:ca:c7:14:48:d5:e8:50:2b:59:dc:ca:98:3a:c4:65:c7: 5e:94:70:48:01:a6:7e:b8:3d:6b:eb:49:cd:aa:e3:61:5b:5d: 52:1d:aa:44:28:34:0a:e4:94:29:e0:af:28:47:4a:ef:00:41: a2:cb:fe:50:5e:80:e8:3d:87:39:ea:0a:5d:72:c6:88:3c:44: 2c:15:c6:03:56:04:8b:cd:46:7d:59:49:66:9d:97:1c:64:75: 8e:ae:ee:ef:d0:38:d3:86:30:59:93:90:9b:70:c8:85:ce:30: 6a:e4:ef:cd:60:b0:2c:b0:e5:cc:20:81:8e:b6:c3:1b:db:14: 6e:4c:ab:8a:1a:e6:82:f7:05:fa:f4:b6:04:9d:67:97:0a:b0: ad:98:db:cd:4f:91:f0:65:b8:f6:3f:f3:55:88:fb:85:3f:48: bd:fb:bc:b9 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt+pWrv9tZa7cEcmW2qxWYKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNlOTU4ZjE4MWZiNTA3YTBhMmE4MjE4NTZiOGJlMGQ1NGIx MThiODUwHhcNMjYwMTAyMTIxODQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Yjc3NTlhZTc3NGIyOGU3NDA1Zjg3ZTYwNGEyY2Q4YWNiZTAwOTRlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5ZXEE39x72F5JXgO9LXYDKAfMCo 0DloFck0cd7rt+rJFffVvwxTGh5tTk+WW2KSpJAFtDSeAV5AnfAKD+nwbTFeQ6/5 asXm0XzuVcttqey9dkt7HB8CjCmvK1SqzNIePwFbfa5dxSZK+pERdtK9nnK1vatQ CKFLMX2FFOxDnRf0t6FCrfeAhJV+YUUvW9tgFO9EHJ72Zy0iP3pgn6PuzJOgIxOU nEoPfU4O4kkPKTHCUZmD10GOK5VYaIvuLN5i47h3C1aykdNw3058ppN40NVGa5JE qwgCndhgmKuKjj+P8cKLsgF2D6T8lwG9b1VgaT2XA7pYUdMAnKRnzRbeBQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFIt3Wa53SyjnQF+H5gSizYrL4AlOMB8GA1UdIwQY MBaAFM6VjxgftQegoqghhWuL4NVLEYuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUt MGRiYjNiOGRiMTVmLzEvaTNkWnJuZExLT2RBWDRmbUJLTE5pc3ZnQ1U0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mYS8zZDliZmEtY2ZkMC00NGE4LTg0MmUtMGRiYjNiOGRiMTVm LzEvenBXUEdCLTFCNkNpcUNHRmE0dmcxVXNSaTRVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuaicAwQB ua5YMA0GCSqGSIb3DQEBCwUAA4IBAQA/jJ2ybebKIv/IEe0szoxXR62t+YDvyqS7 nxkbvq+A4TrZ4ffwzX2NP4uTaQOjU4cu8HcqFnL9wVp/vLDtagmMd9/I7m/Sb6Fw HdO67T8W/AGsM92RWR7evtqJHMrHFEjV6FArWdzKmDrEZcdelHBIAaZ+uD1r60nN quNhW11SHapEKDQK5JQp4K8oR0rvAEGiy/5QXoDoPYc56gpdcsaIPEQsFcYDVgSL zUZ9WUlmnZccZHWOru7v0DjThjBZk5CbcMiFzjBq5O/NYLAssOXMIIGOtsMb2xRu TKuKGuaC9wX69LYEnWeXCrCtmNvNT5HwZbj2P/NViPuFP0i9+7y5 -----END CERTIFICATE-----Generated at Mon Jan 26 03:57:11 2026 by rpki-client