This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3H3uMb09v_ZrwdlGPIkEO0W4l-g.roa File: 3H3uMb09v_ZrwdlGPIkEO0W4l-g.roa (raw, json) Hash identifier: 6eeS3X3yVlDS6UMAKTM8DWVBH+h7Du+YIwS3EzqpDnU= Subject key identifier: DC:7D:EE:31:BD:3D:BF:F6:6B:C1:D9:46:3C:89:04:3B:45:B8:97:E8 Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Certificate serial: 019B7F837920E6E1D4D43959739D37AD4362 Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3H3uMb09v_ZrwdlGPIkEO0W4l-g.roa Signing time: Fri 02 Jan 2026 16:21:21 +0000 ROA not before: Fri 02 Jan 2026 16:21:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3339 IP address blocks: 91.200.244.0/22 maxlen: 22 176.97.224.0/22 maxlen: 22 185.72.12.0/22 maxlen: 22 185.72.12.0/24 maxlen: 24 185.73.188.0/22 maxlen: 22 185.95.56.0/22 maxlen: 22 185.177.168.0/22 maxlen: 22 185.209.120.0/22 maxlen: 22 185.233.76.0/22 maxlen: 22 185.255.104.0/22 maxlen: 22 192.145.40.0/22 maxlen: 22 2a0a:4280::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 15:35:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:79:20:e6:e1:d4:d4:39:59:73:9d:37:ad:43:62 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20 Validity Not Before: Jan 2 16:21:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc7dee31bd3dbff66bc1d9463c89043b45b897e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:bb:0a:91:54:1d:38:a3:97:de:80:9c:39:6d: 95:8b:1d:c5:5d:35:76:cf:b1:fb:2a:09:8c:6d:51: 14:41:c7:f9:0f:83:2f:4c:1f:88:d5:cd:8a:5e:83: 7b:b3:7f:80:08:63:56:41:10:19:8c:7a:9a:27:9b: 3d:c1:04:06:2f:61:ef:92:93:54:8c:a5:ca:f1:2a: 76:7a:a8:d3:d9:13:b8:58:d3:39:96:3e:b3:8f:3a: 33:0e:c1:7d:1c:78:00:01:d4:83:99:42:f9:b1:19: 8e:ea:aa:97:9e:ed:35:20:3d:d3:2b:7c:65:89:87: 0a:77:d0:ca:2a:9b:13:e8:fc:f6:6d:59:ab:d6:7c: 61:7f:84:1c:fb:27:fe:58:52:83:c6:cd:88:2f:56: df:32:18:e7:c8:3b:bb:c3:cf:1b:5d:86:c8:1f:29: 1c:86:83:67:8a:0f:d2:2d:1f:9c:cb:ed:4d:4b:d3: 38:7c:83:50:2c:cc:7a:85:c9:3f:35:6d:2e:b1:65: 10:52:90:bb:03:1d:a6:05:b3:a6:f9:ed:3d:bb:4f: 21:2f:dc:12:c5:09:50:68:fc:67:4b:cc:a5:1c:88: 0c:cb:ba:8f:9d:7e:52:81:19:d9:d1:d5:c4:b9:57: c0:f7:d6:d5:13:06:cf:bb:93:11:d4:f3:56:30:72: 1b:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:7D:EE:31:BD:3D:BF:F6:6B:C1:D9:46:3C:89:04:3B:45:B8:97:E8 X509v3 Authority Key Identifier: keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/3H3uMb09v_ZrwdlGPIkEO0W4l-g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.200.244.0/22 176.97.224.0/22 185.72.12.0/22 185.73.188.0/22 185.95.56.0/22 185.177.168.0/22 185.209.120.0/22 185.233.76.0/22 185.255.104.0/22 192.145.40.0/22 IPv6: 2a0a:4280::/29 Signature Algorithm: sha256WithRSAEncryption 70:6f:9a:bb:16:48:78:c7:aa:e0:db:ad:47:bf:c6:77:99:b4: b0:f5:f6:08:10:31:00:40:b4:b6:e9:a6:1f:8e:d6:1d:aa:b8: 7a:74:01:9b:a9:c1:5d:0a:cd:a0:00:6c:ea:ff:aa:43:12:2c: 52:ee:be:54:13:b6:44:90:22:03:5b:b2:71:e4:cf:aa:09:73: 63:09:f8:e4:3a:06:1d:9c:54:9e:69:4c:1b:f4:f1:bc:41:98: 01:35:28:a6:98:56:0e:4d:28:1f:dc:76:b8:f9:43:c8:44:47: ba:bc:e4:04:10:d1:a0:06:c0:ea:fa:05:38:6f:08:ce:6a:c3: 05:53:a4:38:fc:46:be:28:fa:04:b6:e6:5f:2b:18:f9:f3:ee: d9:08:94:a9:c9:d3:7b:ab:94:fe:07:40:78:ff:4b:d9:d2:c3: 16:6e:a1:79:98:5a:eb:69:f1:da:1d:39:86:44:c1:b1:42:fe: f1:82:b1:b9:0c:7b:86:82:39:e5:34:14:42:58:9f:45:ff:e6: e4:a3:68:f8:a4:6c:b5:0b:44:17:02:71:08:dd:d9:22:98:c1: 6f:f1:43:5a:06:da:6f:bc:84:60:8e:45:ea:1a:01:e9:1a:cd: 62:1e:9b:08:c8:f4:d8:72:e6:46:5e:7c:9a:45:1a:23:ed:46: 76:41:de:01 -----BEGIN CERTIFICATE----- MIIFQjCCBCqgAwIBAgISAZt/g3kg5uHU1DlZc503rUNiMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5 MjNmMjAwHhcNMjYwMTAyMTYyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzdkZWUzMWJkM2RiZmY2NmJjMWQ5NDYzYzg5MDQzYjQ1Yjg5N2U4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7sKkVQdOKOX3oCcOW2Vix3FXTV2 z7H7KgmMbVEUQcf5D4MvTB+I1c2KXoN7s3+ACGNWQRAZjHqaJ5s9wQQGL2HvkpNU jKXK8Sp2eqjT2RO4WNM5lj6zjzozDsF9HHgAAdSDmUL5sRmO6qqXnu01ID3TK3xl iYcKd9DKKpsT6Pz2bVmr1nxhf4Qc+yf+WFKDxs2IL1bfMhjnyDu7w88bXYbIHykc hoNnig/SLR+cy+1NS9M4fINQLMx6hck/NW0usWUQUpC7Ax2mBbOm+e09u08hL9wS xQlQaPxnS8ylHIgMy7qPnX5SgRnZ0dXEuVfA99bVEwbPu5MR1PNWMHIbzQIDAQAB o4ICTjCCAkowHQYDVR0OBBYEFNx97jG9Pb/2a8HZRjyJBDtFuJfoMB8GA1UdIwQY MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt Nzc3MzczZTYwNTVlLzEvM0gzdU1iMDl2X1pyd2RsR1BJa0VPMFc0bC1nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCW8j0AwQC sGHgAwQCuUgMAwQCuUm8AwQCuV84AwQCubGoAwQCudF4AwQCuelMAwQCuf9oAwQC wJEoMA0EAgACMAcDBQMqCkKAMA0GCSqGSIb3DQEBCwUAA4IBAQBwb5q7Fkh4x6rg 261Hv8Z3mbSw9fYIEDEAQLS26aYfjtYdqrh6dAGbqcFdCs2gAGzq/6pDEixS7r5U E7ZEkCIDW7Jx5M+qCXNjCfjkOgYdnFSeaUwb9PG8QZgBNSimmFYOTSgf3Ha4+UPI REe6vOQEENGgBsDq+gU4bwjOasMFU6Q4/Ea+KPoEtuZfKxj58+7ZCJSpydN7q5T+ B0B4/0vZ0sMWbqF5mFrrafHaHTmGRMGxQv7xgrG5DHuGgjnlNBRCWJ9F/+bko2j4 pGy1C0QXAnEI3dkimMFv8UNaBtpvvIRgjkXqGgHpGs1iHpsIyPTYcuZGXnyaRRoj 7UZ2Qd4B -----END CERTIFICATE-----Generated at Mon Jan 26 23:43:24 2026 by rpki-client