This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/3hk9XqmHqY58TN36FPRIol4THYs.roa File: 3hk9XqmHqY58TN36FPRIol4THYs.roa (raw, json) Hash identifier: UsqCD7ME+ILVSkGV9DubbwCdNyqKHd5/MbEJEt8ZDw8= Subject key identifier: DE:19:3D:5E:A9:87:A9:8E:7C:4C:DD:FA:14:F4:48:A2:5E:13:1D:8B Certificate issuer: /CN=d7cb616ccfe0e866b427c0a45ef4181b0981e631 Certificate serial: 019B7F846719C67AF9F033AA0F978354C2DF Authority key identifier: D7:CB:61:6C:CF:E0:E8:66:B4:27:C0:A4:5E:F4:18:1B:09:81:E6:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18thbM_g6Ga0J8CkXvQYGwmB5jE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/3hk9XqmHqY58TN36FPRIol4THYs.roa Signing time: Fri 02 Jan 2026 16:22:22 +0000 ROA not before: Fri 02 Jan 2026 16:22:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8365 IP address blocks: 2001:67c:2184::/48 maxlen: 48 2001:67c:295c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/18thbM_g6Ga0J8CkXvQYGwmB5jE.crl rsync://rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/18thbM_g6Ga0J8CkXvQYGwmB5jE.mft rsync://rpki.ripe.net/repository/DEFAULT/18thbM_g6Ga0J8CkXvQYGwmB5jE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 13:00:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:67:19:c6:7a:f9:f0:33:aa:0f:97:83:54:c2:df Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d7cb616ccfe0e866b427c0a45ef4181b0981e631 Validity Not Before: Jan 2 16:22:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de193d5ea987a98e7c4cddfa14f448a25e131d8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:5f:d7:c4:1e:f5:1a:d4:e6:04:8a:a1:5c:ef: da:e5:22:b6:1c:b4:c3:ea:a0:e1:b9:7a:a1:40:cf: 0b:37:2d:ea:10:fb:73:a7:65:f3:2d:dd:99:34:65: ce:7e:b9:fc:d0:00:43:97:4c:8e:ce:8e:95:20:11: 63:cb:e7:cb:03:b4:99:1f:85:7f:0b:33:11:96:e6: a4:5b:98:09:8a:c0:b7:0f:21:5e:dd:54:b9:b6:cf: 15:bd:ce:c7:9f:37:d0:28:4c:f5:5f:18:a0:e3:c6: f0:9d:53:6c:d1:37:ba:39:db:e1:28:9a:ca:4b:cd: b4:aa:89:d6:44:a7:8e:27:3d:47:c8:83:bb:56:17: 68:e5:f3:b9:45:31:a0:1a:14:f8:36:67:ba:1e:84: 08:dd:90:5c:e0:6c:f9:77:36:1b:70:bf:34:98:21: 5f:2e:c9:ac:c6:5c:3b:f2:aa:ab:2d:59:cb:af:71: ad:ca:26:b2:2c:69:bf:ca:5c:4c:fe:22:61:5a:a8: ba:6d:79:fd:c4:b5:74:a2:47:73:bb:8e:f3:79:f5: 1a:55:01:82:1c:01:20:0c:7a:87:30:80:96:0b:50: 4b:55:8a:24:4f:ca:f1:23:82:e1:e2:1c:8a:4a:8d: 4b:1a:a6:1b:ad:93:99:a8:e5:df:5c:82:d5:66:7c: df:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:19:3D:5E:A9:87:A9:8E:7C:4C:DD:FA:14:F4:48:A2:5E:13:1D:8B X509v3 Authority Key Identifier: keyid:D7:CB:61:6C:CF:E0:E8:66:B4:27:C0:A4:5E:F4:18:1B:09:81:E6:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18thbM_g6Ga0J8CkXvQYGwmB5jE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/3hk9XqmHqY58TN36FPRIol4THYs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/7ce3dc-68db-45bb-8e57-3e6198a512e0/1/18thbM_g6Ga0J8CkXvQYGwmB5jE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:2184::/48 2001:67c:295c::/48 Signature Algorithm: sha256WithRSAEncryption 47:32:8d:32:03:ef:96:ed:b9:90:41:ff:5d:50:ac:75:3b:4b: da:96:a2:6b:29:fa:50:ef:6e:bb:c0:c6:8e:2b:5f:64:23:47: db:db:50:7f:a4:e5:bf:9a:72:25:1e:c0:7a:80:e5:7f:42:3a: 0c:88:a5:20:08:32:45:0c:58:cf:f3:5b:ff:63:d5:13:08:e9: 1a:87:88:64:bf:5b:94:1c:4b:82:41:b3:fc:19:17:79:82:a0: d1:3f:f1:94:f1:68:49:51:2c:70:8c:96:c4:a2:d6:f9:27:57: 25:a1:89:34:f3:9c:65:11:20:f7:5d:9b:30:5a:9c:ff:66:5c: df:ab:d6:b8:6a:f2:58:b2:b1:92:27:2e:a3:37:a1:9d:32:78: 32:7d:54:29:de:1e:cd:05:9a:78:e5:76:e9:b1:35:f9:65:84: 91:77:b5:d3:df:9a:42:92:e3:bf:48:95:68:b0:a1:d2:c4:a1: 8d:51:a3:63:7c:66:d3:21:45:ac:2c:53:42:7f:68:e7:e5:44: e6:e8:e4:bd:eb:f9:94:b2:68:5e:04:19:5d:9c:0b:96:91:4e: e5:5f:bd:3e:8b:25:da:d0:4f:4d:e7:de:f6:75:71:98:b2:58: fb:a3:0a:7c:7e:19:0f:0a:88:8d:74:8d:36:9d:8c:6d:17:7a: 9e:88:72:24 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZt/hGcZxnr58DOqD5eDVMLfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ3Y2I2MTZjY2ZlMGU4NjZiNDI3YzBhNDVlZjQxODFiMDk4 MWU2MzEwHhcNMjYwMTAyMTYyMjIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTE5M2Q1ZWE5ODdhOThlN2M0Y2RkZmExNGY0NDhhMjVlMTMxZDhiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArF/XxB71GtTmBIqhXO/a5SK2HLTD 6qDhuXqhQM8LNy3qEPtzp2XzLd2ZNGXOfrn80ABDl0yOzo6VIBFjy+fLA7SZH4V/ CzMRluakW5gJisC3DyFe3VS5ts8Vvc7HnzfQKEz1Xxig48bwnVNs0Te6OdvhKJrK S820qonWRKeOJz1HyIO7Vhdo5fO5RTGgGhT4Nme6HoQI3ZBc4Gz5dzYbcL80mCFf Lsmsxlw78qqrLVnLr3GtyiayLGm/ylxM/iJhWqi6bXn9xLV0okdzu47zefUaVQGC HAEgDHqHMICWC1BLVYokT8rxI4Lh4hyKSo1LGqYbrZOZqOXfXILVZnzfcQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFN4ZPV6ph6mOfEzd+hT0SKJeEx2LMB8GA1UdIwQY MBaAFNfLYWzP4OhmtCfApF70GBsJgeYxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMTh0aGJNX2c2R2EwSjhDa1h2UVlHd21CNWpFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC83Y2UzZGMtNjhkYi00NWJiLThlNTct M2U2MTk4YTUxMmUwLzEvM2hrOVhxbUhxWTU4VE4zNkZQUklvbDRUSFlzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC83Y2UzZGMtNjhkYi00NWJiLThlNTctM2U2MTk4YTUxMmUw LzEvMTh0aGJNX2c2R2EwSjhDa1h2UVlHd21CNWpFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfCGE AwcAIAEGfClcMA0GCSqGSIb3DQEBCwUAA4IBAQBHMo0yA++W7bmQQf9dUKx1O0va lqJrKfpQ7267wMaOK19kI0fb21B/pOW/mnIlHsB6gOV/QjoMiKUgCDJFDFjP81v/ Y9UTCOkah4hkv1uUHEuCQbP8GRd5gqDRP/GU8WhJUSxwjJbEotb5J1cloYk085xl ESD3XZswWpz/Zlzfq9a4avJYsrGSJy6jN6GdMngyfVQp3h7NBZp45XbpsTX5ZYSR d7XT35pCkuO/SJVosKHSxKGNUaNjfGbTIUWsLFNCf2jn5UTm6OS96/mUsmheBBld nAuWkU7lX70+iyXa0E9N5972dXGYslj7owp8fhkPCoiNdI02nYxtF3qeiHIk -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:31 2026 by rpki-client