This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/A3WTKCACeEMnsJPRt1EtZ_IOE_o.roa File: A3WTKCACeEMnsJPRt1EtZ_IOE_o.roa (raw, json) Hash identifier: fTMDJzlNdc8urBX1kRcFBR3Pb++06Ji2RDkWJYrM/nE= Subject key identifier: 03:75:93:28:20:02:78:43:27:B0:93:D1:B7:51:2D:67:F2:0E:13:FA Certificate issuer: /CN=87be093097097c4457ff5aa3e5893c8c15432612 Certificate serial: 019B7BA31D04DD758E5DA93A497FABC86F84 Authority key identifier: 87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/A3WTKCACeEMnsJPRt1EtZ_IOE_o.roa Signing time: Thu 01 Jan 2026 22:17:25 +0000 ROA not before: Thu 01 Jan 2026 22:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213122 IP address blocks: 89.35.48.0/24 maxlen: 24 89.37.99.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.mft rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 09:01:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a3:1d:04:dd:75:8e:5d:a9:3a:49:7f:ab:c8:6f:84 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=87be093097097c4457ff5aa3e5893c8c15432612 Validity Not Before: Jan 1 22:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=037593282002784327b093d1b7512d67f20e13fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:e4:52:d3:35:34:41:74:ed:5f:53:05:4e:b5: 8d:08:21:08:64:3d:38:e8:bb:52:71:ca:c2:ea:ed: 5d:74:20:7a:18:df:ca:53:46:ad:32:e0:23:79:4b: d4:c1:07:b2:f8:12:2f:43:fe:b1:5e:fa:7d:4b:8d: 29:7e:49:a4:ca:a9:76:82:28:db:56:ea:9a:fd:12: 14:ab:fe:91:43:09:4f:2a:79:00:14:c2:2b:70:2b: fd:10:18:d2:86:8e:0d:53:9f:f3:5f:70:51:0c:25: 1c:21:76:df:27:ed:b5:86:6f:b4:6b:5c:4f:d8:06: aa:79:4a:68:b1:59:13:04:e3:0a:e7:46:aa:83:f4: 04:8b:6b:31:66:0f:58:19:a9:31:27:c6:ce:3b:4b: 54:c9:20:23:6a:d3:c6:db:4c:71:36:90:c6:88:26: 2d:57:ea:85:3e:b1:91:63:8e:dc:5d:32:fe:df:7b: 29:66:91:cd:89:fc:cb:2b:7b:5c:ff:1d:d4:c1:9b: 67:fa:e7:b1:6c:85:e4:7e:77:c3:3f:60:e4:d3:8b: 96:d0:9d:35:0c:25:79:29:93:ad:98:11:21:fd:70: b4:73:e6:82:78:aa:b5:ff:e1:5d:7d:ab:b0:70:df: 93:53:8e:93:94:8e:0d:a8:2c:6e:2a:74:62:20:b2: 4a:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:75:93:28:20:02:78:43:27:B0:93:D1:B7:51:2D:67:F2:0E:13:FA X509v3 Authority Key Identifier: keyid:87:BE:09:30:97:09:7C:44:57:FF:5A:A3:E5:89:3C:8C:15:43:26:12 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h74JMJcJfERX_1qj5Yk8jBVDJhI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/A3WTKCACeEMnsJPRt1EtZ_IOE_o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/29/cc8f4a-4c02-404b-8d93-2cde65f3112a/1/h74JMJcJfERX_1qj5Yk8jBVDJhI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.35.48.0/24 89.37.99.0/24 Signature Algorithm: sha256WithRSAEncryption 09:f4:d6:4f:88:b8:54:e3:cf:24:5a:21:27:da:a0:29:67:3a: 26:41:01:26:d4:3a:b0:78:c5:30:8e:f2:f8:db:07:f2:0a:e8: a9:64:7c:44:da:15:54:84:04:49:7b:71:aa:7b:2d:8e:81:60: 0f:bc:24:a8:2a:bd:e0:eb:08:e6:17:08:62:b6:b3:e3:bd:83: db:4a:a8:75:33:b9:11:e8:e3:4c:7b:71:6b:45:08:7f:04:5b: bb:f7:98:f6:3b:f1:31:c3:16:31:c2:b2:de:fd:63:e5:17:7e: c9:dc:d6:06:4c:c4:67:c1:b3:bf:4f:cb:3e:63:44:29:ec:5d: 56:38:f9:b2:ae:4c:ce:0b:bc:2c:c3:7f:bb:1b:00:6a:b4:08: bc:ce:4c:13:33:c0:ad:0e:59:8a:5c:bb:3d:c7:21:b6:66:d0: f0:82:34:32:b4:6e:b7:bf:de:79:5b:3c:4b:c0:7b:ea:d8:98: f7:d6:65:27:10:15:5b:40:6c:c7:33:b2:b5:25:3c:05:a6:76: cd:03:ea:94:d0:ec:49:bc:8b:2b:80:bf:4f:f4:dc:4e:ef:68: fa:fa:50:dd:b8:9a:db:10:28:99:15:11:c0:bb:2f:ee:48:97: 8f:25:8f:0b:28:0f:22:38:09:46:51:89:22:30:10:51:26:ff: 5e:19:8a:79 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt7ox0E3XWOXak6SX+ryG+EMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg3YmUwOTMwOTcwOTdjNDQ1N2ZmNWFhM2U1ODkzYzhjMTU0 MzI2MTIwHhcNMjYwMTAxMjIxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMzc1OTMyODIwMDI3ODQzMjdiMDkzZDFiNzUxMmQ2N2YyMGUxM2ZhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreRS0zU0QXTtX1MFTrWNCCEIZD04 6LtSccrC6u1ddCB6GN/KU0atMuAjeUvUwQey+BIvQ/6xXvp9S40pfkmkyql2gijb Vuqa/RIUq/6RQwlPKnkAFMIrcCv9EBjSho4NU5/zX3BRDCUcIXbfJ+21hm+0a1xP 2AaqeUposVkTBOMK50aqg/QEi2sxZg9YGakxJ8bOO0tUySAjatPG20xxNpDGiCYt V+qFPrGRY47cXTL+33spZpHNifzLK3tc/x3UwZtn+uexbIXkfnfDP2Dk04uW0J01 DCV5KZOtmBEh/XC0c+aCeKq1/+FdfauwcN+TU46TlI4NqCxuKnRiILJK+wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFAN1kyggAnhDJ7CT0bdRLWfyDhP6MB8GA1UdIwQY MBaAFIe+CTCXCXxEV/9ao+WJPIwVQyYSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMt MmNkZTY1ZjMxMTJhLzEvQTNXVEtDQUNlRU1uc0pQUnQxRXRaX0lPRV9vLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOS9jYzhmNGEtNGMwMi00MDRiLThkOTMtMmNkZTY1ZjMxMTJh LzEvaDc0Sk1KY0pmRVJYXzFxajVZazhqQlZESmhJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSMwAwQA WSVjMA0GCSqGSIb3DQEBCwUAA4IBAQAJ9NZPiLhU488kWiEn2qApZzomQQEm1Dqw eMUwjvL42wfyCuipZHxE2hVUhARJe3Gqey2OgWAPvCSoKr3g6wjmFwhitrPjvYPb Sqh1M7kR6ONMe3FrRQh/BFu795j2O/ExwxYxwrLe/WPlF37J3NYGTMRnwbO/T8s+ Y0Qp7F1WOPmyrkzOC7wsw3+7GwBqtAi8zkwTM8CtDlmKXLs9xyG2ZtDwgjQytG63 v955WzxLwHvq2Jj31mUnEBVbQGzHM7K1JTwFpnbNA+qU0OxJvIsrgL9P9NxO72j6 +lDduJrbECiZFRHAuy/uSJePJY8LKA8iOAlGUYkiMBBRJv9eGYp5 -----END CERTIFICATE-----Generated at Mon Jan 19 17:45:42 2026 by rpki-client