This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/3f5hSAbyuRxrV6ERS_8K3eov-zs.roa File: 3f5hSAbyuRxrV6ERS_8K3eov-zs.roa (raw, json) Hash identifier: i4VKC4WTXw6bm8VI4lFI1xoR94400lDFZbrMtGI0T7Q= Subject key identifier: DD:FE:61:48:06:F2:B9:1C:6B:57:A1:11:4B:FF:0A:DD:EA:2F:FB:3B Certificate issuer: /CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5 Certificate serial: 019B7FF24F8728B7CE6C56CE7EE645E669E8 Authority key identifier: E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/3f5hSAbyuRxrV6ERS_8K3eov-zs.roa Signing time: Fri 02 Jan 2026 18:22:24 +0000 ROA not before: Fri 02 Jan 2026 18:22:24 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 680 IP address blocks: 193.22.64.0/20 maxlen: 20 193.22.71.0/24 maxlen: 24 193.22.72.0/23 maxlen: 23 193.22.74.0/23 maxlen: 23 193.22.76.0/24 maxlen: 24 193.22.78.0/24 maxlen: 24 193.22.79.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.mft rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 28 Jan 2026 03:01:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:f2:4f:87:28:b7:ce:6c:56:ce:7e:e6:45:e6:69:e8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e938cd7ecf23ac1c4962546e1bcf5e083ad229a5 Validity Not Before: Jan 2 18:22:24 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddfe614806f2b91c6b57a1114bff0addea2ffb3b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:d5:90:a8:56:26:95:79:a0:78:4e:13:b3:c8: 88:dc:bc:6e:ee:29:44:be:36:1b:77:19:9e:4c:fb: 15:11:f9:73:f1:5e:a4:54:a7:7b:98:dc:92:4c:ac: 46:0e:37:ff:02:06:db:b3:79:41:6a:8a:54:25:39: 0e:24:66:2e:38:3b:fd:b5:44:b6:ff:77:b4:d5:2a: f6:7b:cf:2a:2f:79:00:f4:7b:45:e1:68:eb:20:c0: ef:13:09:1f:52:32:11:bc:e3:91:f7:f5:4c:f9:32: 52:a5:7a:36:36:a5:07:11:ef:c9:f6:80:37:69:5c: 8e:a4:e2:89:46:2f:41:b7:1f:59:d6:56:0e:3b:bc: 56:bc:26:07:de:4f:88:32:3a:3d:31:02:fa:19:8d: 8b:22:26:b7:61:6a:d8:0f:85:7b:03:12:76:70:51: e3:f9:dd:d2:8c:f3:cd:d8:2a:ef:75:ef:91:be:9f: 87:66:74:94:70:84:8a:e9:69:b8:20:6c:26:3c:f0: 8b:7a:6d:c1:45:f8:1b:b6:11:58:3d:bb:e9:17:06: 96:f5:5e:e1:00:45:2a:e5:41:95:1c:de:f9:1a:8e: 85:fb:d8:39:b7:dc:c6:6d:a3:6b:16:00:83:2a:9d: db:6e:04:60:98:8b:9a:66:fd:06:09:c8:42:fc:c2: b7:3f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:FE:61:48:06:F2:B9:1C:6B:57:A1:11:4B:FF:0A:DD:EA:2F:FB:3B X509v3 Authority Key Identifier: keyid:E9:38:CD:7E:CF:23:AC:1C:49:62:54:6E:1B:CF:5E:08:3A:D2:29:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6TjNfs8jrBxJYlRuG89eCDrSKaU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/3f5hSAbyuRxrV6ERS_8K3eov-zs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/02/761bf5-037e-4807-88c0-feee86c6b600/1/6TjNfs8jrBxJYlRuG89eCDrSKaU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 193.22.64.0/20 Signature Algorithm: sha256WithRSAEncryption 99:3a:cc:e2:da:c6:19:88:72:99:ef:4a:b1:92:2d:78:aa:3b: 2d:3c:d3:a6:db:96:b7:1b:40:07:47:b2:a4:8f:9f:15:72:a0: 8c:a4:21:4c:0d:25:30:26:cc:64:5d:51:54:d3:d6:ad:0d:c7: 55:26:4f:d4:d3:22:46:0d:c9:4e:2d:56:85:24:f9:54:f3:98: 43:8d:9a:17:ba:99:50:7c:f0:42:0d:68:05:44:45:15:cf:92: 2a:a9:7e:9c:e3:3a:4a:79:65:51:0e:b4:dc:e7:cf:9c:15:e3: b6:13:4d:77:65:53:23:08:4a:e0:2c:74:72:ee:fc:23:79:60: 81:ab:26:d3:35:83:2d:6f:9d:00:83:9e:02:52:34:b9:f8:4e: bc:f6:3b:5c:84:dc:9f:5c:cf:eb:bc:fa:a2:40:15:d3:7c:46: 74:d8:c3:77:e0:79:4f:ea:06:be:b4:31:ef:39:ca:27:3c:35: fa:cc:54:ad:87:4a:44:b2:62:76:9c:4c:62:0e:21:58:06:8f: 11:c7:26:b7:7f:2e:ee:43:c1:00:32:9f:40:52:e1:2f:ce:b3: 5e:16:7d:bd:f2:5d:41:a5:b4:7e:b9:4f:7b:3d:a9:c1:93:d4: 04:c3:12:e8:b5:3e:a0:58:1f:f6:e6:52:cf:c6:55:96:30:db: 7b:d6:0c:2c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt/8k+HKLfObFbOfuZF5mnoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGU5MzhjZDdlY2YyM2FjMWM0OTYyNTQ2ZTFiY2Y1ZTA4M2Fk MjI5YTUwHhcNMjYwMTAyMTgyMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGZlNjE0ODA2ZjJiOTFjNmI1N2ExMTE0YmZmMGFkZGVhMmZmYjNiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdWQqFYmlXmgeE4Ts8iI3Lxu7ilE vjYbdxmeTPsVEflz8V6kVKd7mNySTKxGDjf/Agbbs3lBaopUJTkOJGYuODv9tUS2 /3e01Sr2e88qL3kA9HtF4WjrIMDvEwkfUjIRvOOR9/VM+TJSpXo2NqUHEe/J9oA3 aVyOpOKJRi9Btx9Z1lYOO7xWvCYH3k+IMjo9MQL6GY2LIia3YWrYD4V7AxJ2cFHj +d3SjPPN2Crvde+Rvp+HZnSUcISK6Wm4IGwmPPCLem3BRfgbthFYPbvpFwaW9V7h AEUq5UGVHN75Go6F+9g5t9zGbaNrFgCDKp3bbgRgmIuaZv0GCchC/MK3PwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN3+YUgG8rkca1ehEUv/Ct3qL/s7MB8GA1UdIwQY MBaAFOk4zX7PI6wcSWJUbhvPXgg60imlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAt ZmVlZTg2YzZiNjAwLzEvM2Y1aFNBYnl1UnhyVjZFUlNfOEszZW92LXpzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMi83NjFiZjUtMDM3ZS00ODA3LTg4YzAtZmVlZTg2YzZiNjAw LzEvNlRqTmZzOGpyQnhKWWxSdUc4OWVDRHJTS2FVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwRZAMA0G CSqGSIb3DQEBCwUAA4IBAQCZOszi2sYZiHKZ70qxki14qjstPNOm25a3G0AHR7Kk j58VcqCMpCFMDSUwJsxkXVFU09atDcdVJk/U0yJGDclOLVaFJPlU85hDjZoXuplQ fPBCDWgFREUVz5IqqX6c4zpKeWVRDrTc58+cFeO2E013ZVMjCErgLHRy7vwjeWCB qybTNYMtb50Ag54CUjS5+E689jtchNyfXM/rvPqiQBXTfEZ02MN34HlP6ga+tDHv OconPDX6zFSth0pEsmJ2nExiDiFYBo8Rxya3fy7uQ8EAMp9AUuEvzrNeFn298l1B pbR+uU97PanBk9QEwxLotT6gWB/25lLPxlWWMNt71gws -----END CERTIFICATE-----Generated at Tue Jan 27 11:26:50 2026 by rpki-client