This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/3k_DXo4ofAXcZYPDcNLzBletpVk.roa File: 3k_DXo4ofAXcZYPDcNLzBletpVk.roa (raw, json) Hash identifier: ziaq+fvQdyZn6u+jlF4Bvlh3Rp/2kXUfv41qFJFnMKU= Subject key identifier: DE:4F:C3:5E:8E:28:7C:05:DC:65:83:C3:70:D2:F3:06:57:AD:A5:59 Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c Certificate serial: 019B7F1438A0409EDFD20137C8702C8215EB Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/3k_DXo4ofAXcZYPDcNLzBletpVk.roa Signing time: Fri 02 Jan 2026 14:19:50 +0000 ROA not before: Fri 02 Jan 2026 14:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213438 IP address blocks: 78.159.130.0/24 maxlen: 24 93.152.219.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 24 Jan 2026 00:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:38:a0:40:9e:df:d2:01:37:c8:70:2c:82:15:eb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c Validity Not Before: Jan 2 14:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de4fc35e8e287c05dc6583c370d2f30657ada559 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:be:bd:f5:d3:6b:34:4c:bf:fa:5a:40:53:93: fe:d4:20:f8:37:e1:bf:33:f9:ec:d1:17:16:e6:2a: 51:c8:9d:97:55:0d:ee:49:8c:d2:3c:62:16:09:f8: 35:9a:f4:2c:e1:98:e1:d1:bd:cf:30:7d:4a:bf:21: 88:59:2b:aa:43:4c:5d:ce:cb:d8:e4:65:5d:37:47: 5d:44:ca:b7:d4:7d:62:d7:c0:54:02:17:0b:bb:b3: 4d:28:f4:3e:7c:77:68:27:4c:8d:e5:79:16:a7:10: 2c:bf:94:8d:18:1b:3b:43:d5:ff:bb:04:b0:52:0f: e6:97:92:bf:70:4b:39:4d:13:da:e8:b8:38:04:0e: 1c:91:ce:c8:09:dc:7b:4a:4a:fe:27:f4:ef:af:74: ef:0b:31:41:fb:d7:a1:79:38:78:4d:49:72:70:e2: 4b:b0:09:28:f8:23:f7:53:10:99:28:8a:fe:42:56: 99:99:22:77:dd:07:0b:4b:19:75:7f:97:a1:85:dd: 49:c8:f6:af:f5:bd:a6:47:aa:ec:7f:37:16:93:a7: 55:47:b1:22:75:aa:29:ed:b9:3f:43:85:d9:db:5f: e6:41:fc:2c:42:36:bf:d4:90:a5:ce:70:10:40:59: fc:e1:2b:dc:78:40:f2:3c:83:5d:b3:12:c2:a1:ad: 10:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:4F:C3:5E:8E:28:7C:05:DC:65:83:C3:70:D2:F3:06:57:AD:A5:59 X509v3 Authority Key Identifier: keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/3k_DXo4ofAXcZYPDcNLzBletpVk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.159.130.0/24 93.152.219.0/24 Signature Algorithm: sha256WithRSAEncryption 29:bd:d3:ae:f2:92:26:87:17:c0:cb:b6:ed:f9:32:61:3c:06: d0:da:42:b4:35:18:8b:25:0e:8d:74:10:76:f7:2d:a0:ac:85: c3:49:40:1b:3f:b8:68:b4:57:80:b9:22:83:ef:98:d3:5e:43: 87:1d:d1:71:eb:47:09:53:88:27:4e:81:c2:ac:30:f5:b8:de: b9:08:f6:03:d0:ba:f9:8c:3f:66:8a:70:ca:7b:0f:19:f7:52: 49:99:a3:d8:7d:9b:8f:48:4d:0f:0b:5c:a4:bc:31:4c:30:3f: 7d:6c:a9:65:fa:57:8d:15:70:fb:21:ef:08:2f:fd:5b:5e:01: 9c:38:ad:82:37:70:79:4b:ab:9d:5b:06:a2:5f:32:53:9c:d1: ac:f4:29:65:a9:72:65:9f:93:2d:48:3f:c4:15:33:1d:25:20: 1d:33:a0:a1:e5:ed:6b:7a:17:7c:a8:87:11:6d:0c:4f:fe:4c: 77:6d:24:d5:90:f0:a5:14:d4:6d:92:a8:84:ea:1a:08:dd:72: 60:71:1c:26:19:8b:3e:9f:0d:f9:cb:59:15:c0:c5:34:90:14: c9:ca:c7:33:62:5e:78:fb:16:0b:ad:bd:97:77:03:14:76:af: e5:9c:d9:1d:96:4b:9d:2b:d4:f6:dd:db:8c:83:3a:50:d0:ae: 35:31:cc:09 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt/FDigQJ7f0gE3yHAsghXrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk MDAxOGMwHhcNMjYwMTAyMTQxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTRmYzM1ZThlMjg3YzA1ZGM2NTgzYzM3MGQyZjMwNjU3YWRhNTU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvL699dNrNEy/+lpAU5P+1CD4N+G/ M/ns0RcW5ipRyJ2XVQ3uSYzSPGIWCfg1mvQs4Zjh0b3PMH1KvyGIWSuqQ0xdzsvY 5GVdN0ddRMq31H1i18BUAhcLu7NNKPQ+fHdoJ0yN5XkWpxAsv5SNGBs7Q9X/uwSw Ug/ml5K/cEs5TRPa6Lg4BA4ckc7ICdx7Skr+J/Tvr3TvCzFB+9eheTh4TUlycOJL sAko+CP3UxCZKIr+QlaZmSJ33QcLSxl1f5ehhd1JyPav9b2mR6rsfzcWk6dVR7Ei daop7bk/Q4XZ21/mQfwsQja/1JClznAQQFn84SvceEDyPINdsxLCoa0QawIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN5Pw16OKHwF3GWDw3DS8wZXraVZMB8GA1UdIwQY MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct MjliMDg1ZGQyM2FkLzEvM2tfRFhvNG9mQVhjWllQRGNOTHpCbGV0cFZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATp+CAwQA XZjbMA0GCSqGSIb3DQEBCwUAA4IBAQApvdOu8pImhxfAy7bt+TJhPAbQ2kK0NRiL JQ6NdBB29y2grIXDSUAbP7hotFeAuSKD75jTXkOHHdFx60cJU4gnToHCrDD1uN65 CPYD0Lr5jD9minDKew8Z91JJmaPYfZuPSE0PC1ykvDFMMD99bKll+leNFXD7Ie8I L/1bXgGcOK2CN3B5S6udWwaiXzJTnNGs9CllqXJln5MtSD/EFTMdJSAdM6Ch5e1r ehd8qIcRbQxP/kx3bSTVkPClFNRtkqiE6hoI3XJgcRwmGYs+nw35y1kVwMU0kBTJ ysczYl54+xYLrb2XdwMUdq/lnNkdlkudK9T23duMgzpQ0K41McwJ -----END CERTIFICATE-----Generated at Fri Jan 23 09:20:40 2026 by rpki-client