This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/oFfXrLBfH6lxJPqPhKKALIEnsRY.roa File: oFfXrLBfH6lxJPqPhKKALIEnsRY.roa (raw, json) Hash identifier: xv0fWfgOWHRGVoD3X/VZOFn9nwq6PPmmOVIp8EyiD2o= Subject key identifier: A0:57:D7:AC:B0:5F:1F:A9:71:24:FA:8F:84:A2:80:2C:81:27:B1:16 Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Certificate serial: 019B7F157780FF9F2D3CA4158415CAE7023E Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/oFfXrLBfH6lxJPqPhKKALIEnsRY.roa Signing time: Fri 02 Jan 2026 14:21:11 +0000 ROA not before: Fri 02 Jan 2026 14:21:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44901 IP address blocks: 193.9.47.0/24 maxlen: 24 2a14:640::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 25 Jan 2026 23:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:77:80:ff:9f:2d:3c:a4:15:84:15:ca:e7:02:3e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3 Validity Not Before: Jan 2 14:21:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a057d7acb05f1fa97124fa8f84a2802c8127b116 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:62:a4:9b:8b:cb:67:69:6e:7e:3f:43:7b:b2: 25:17:00:48:9e:6c:ad:c9:57:ad:b2:b6:89:5c:6d: 02:cd:4e:4f:c6:4e:1d:80:00:5d:f6:87:20:99:6a: 60:9c:be:40:d9:0d:4d:14:53:05:03:d0:f6:d2:7b: 00:90:ce:cf:16:86:59:ca:c4:7b:a7:b9:58:0e:44: e5:75:0e:f6:a8:37:ce:45:8f:a5:69:6b:ce:e6:81: c4:d2:76:e6:21:0e:73:26:d3:60:11:67:f9:d1:80: e4:a1:1e:32:83:27:e1:ba:ea:52:1e:62:d4:74:3a: 68:1e:6d:7f:00:3e:cf:09:71:13:29:cb:e7:17:b5: 29:bd:1e:7d:87:31:1d:a9:2e:ab:cd:f6:a0:f5:7b: ca:bf:40:8b:d7:85:cf:1a:64:f1:34:55:1f:a2:e6: 31:a3:7b:94:c5:70:cc:40:6d:4d:99:4c:a0:12:52: 0a:10:68:c8:90:80:71:d6:a1:1d:d4:ee:6e:ad:c7: b7:c3:bc:fc:2f:1f:55:40:44:97:68:e8:28:c9:62: d5:2f:5e:df:8a:22:44:00:04:42:da:4c:69:49:78: 5d:b3:ee:c2:87:28:12:7b:2a:bd:f7:d6:30:b1:ae: 42:dc:67:82:df:79:86:18:5c:4e:f0:05:6e:1a:71: 52:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:57:D7:AC:B0:5F:1F:A9:71:24:FA:8F:84:A2:80:2C:81:27:B1:16 X509v3 Authority Key Identifier: keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/oFfXrLBfH6lxJPqPhKKALIEnsRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.9.47.0/24 IPv6: 2a14:640::/48 Signature Algorithm: sha256WithRSAEncryption a3:d0:c6:6d:56:4d:72:17:34:9c:3e:0c:ff:b2:6b:d2:1c:fc: 69:5c:d4:ec:f8:fc:42:e5:46:c8:00:07:bf:6c:47:ed:d2:d9: f3:f8:43:a5:f4:49:f9:70:f2:80:e2:57:9f:b3:d6:c7:ad:68: 7a:67:7e:d1:5e:a7:8f:d7:93:8e:05:bf:84:cf:9e:7e:86:00: f0:4a:e9:fe:0d:a3:a8:ca:c2:d5:82:db:97:be:36:e7:26:58: 24:dc:ed:27:58:09:16:53:77:7a:c8:01:6b:29:99:e6:54:c4: 7f:2e:59:d1:54:ee:fc:8b:c4:6f:ef:39:f2:82:20:6f:01:33: 8c:1f:c8:ea:87:ce:77:4e:86:67:d0:44:64:35:e8:d8:ec:23: 27:b3:fc:8a:eb:cd:26:6f:ae:dd:47:a4:fe:1e:61:45:49:e5: a6:9b:e5:f3:cb:16:e3:4d:8a:27:0a:79:59:73:94:39:3d:bf: 73:4b:f9:2b:b3:67:75:6a:6c:4a:94:49:fa:7b:95:fb:50:88: 3e:d7:32:be:3b:d8:96:32:9f:90:b7:78:81:2e:52:47:dc:0c: 94:02:53:0f:d5:0b:3e:11:51:66:47:3a:39:bf:4a:6d:63:96: 42:fa:dd:6a:5d:b7:ca:36:a9:95:c3:9d:48:b2:e0:c5:f7:e7: 10:84:62:7e -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt/FXeA/58tPKQVhBXK5wI+MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1 YmVlZTMwHhcNMjYwMTAyMTQyMTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMDU3ZDdhY2IwNWYxZmE5NzEyNGZhOGY4NGEyODAyYzgxMjdiMTE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2Kkm4vLZ2lufj9De7IlFwBInmyt yVetsraJXG0CzU5Pxk4dgABd9ocgmWpgnL5A2Q1NFFMFA9D20nsAkM7PFoZZysR7 p7lYDkTldQ72qDfORY+laWvO5oHE0nbmIQ5zJtNgEWf50YDkoR4ygyfhuupSHmLU dDpoHm1/AD7PCXETKcvnF7UpvR59hzEdqS6rzfag9XvKv0CL14XPGmTxNFUfouYx o3uUxXDMQG1NmUygElIKEGjIkIBx1qEd1O5urce3w7z8Lx9VQESXaOgoyWLVL17f iiJEAARC2kxpSXhds+7ChygSeyq999Ywsa5C3GeC33mGGFxO8AVuGnFSrwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFKBX16ywXx+pcST6j4SigCyBJ7EWMB8GA1UdIwQY MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt YTQ3M2VjNTQxMGMzLzEvb0ZmWHJMQmZINmx4SlBxUGhLS0FMSUVuc1JZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwQkvMA8E AgACMAkDBwAqFAZAAAAwDQYJKoZIhvcNAQELBQADggEBAKPQxm1WTXIXNJw+DP+y a9Ic/Glc1Oz4/ELlRsgAB79sR+3S2fP4Q6X0Sflw8oDiV5+z1setaHpnftFep4/X k44Fv4TPnn6GAPBK6f4No6jKwtWC25e+NucmWCTc7SdYCRZTd3rIAWspmeZUxH8u WdFU7vyLxG/vOfKCIG8BM4wfyOqHzndOhmfQRGQ16NjsIyez/IrrzSZvrt1HpP4e YUVJ5aab5fPLFuNNiicKeVlzlDk9v3NL+SuzZ3VqbEqUSfp7lftQiD7XMr472JYy n5C3eIEuUkfcDJQCUw/VCz4RUWZHOjm/Sm1jlkL63Wpdt8o2qZXDnUiy4MX35xCE Yn4= -----END CERTIFICATE-----Generated at Sun Jan 25 10:08:26 2026 by rpki-client