This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/3WItZ4mhefefk4OFRU301cRZ_vQ.roa File: 3WItZ4mhefefk4OFRU301cRZ_vQ.roa (raw, json) Hash identifier: dtdvArxYE5qEj5Mf66z8Nr0a//V3Hh8mgQw7uOvKT6M= Subject key identifier: DD:62:2D:67:89:A1:79:F7:9F:93:83:85:45:4D:F4:D5:C4:59:FE:F4 Certificate issuer: /CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01 Certificate serial: 019B7A5B49195A94B17F5A0BCA1E904255D6 Authority key identifier: 2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/3WItZ4mhefefk4OFRU301cRZ_vQ.roa Signing time: Thu 01 Jan 2026 16:19:21 +0000 ROA not before: Thu 01 Jan 2026 16:19:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209626 IP address blocks: 89.106.200.0/24 maxlen: 24 2a12:5240::/47 maxlen: 47 2a12:5240::/48 maxlen: 48 2a12:5240:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.mft rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:49:19:5a:94:b1:7f:5a:0b:ca:1e:90:42:55:d6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2cc57499546c4efd730ff871df3bd1afbf3b9f01 Validity Not Before: Jan 1 16:19:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd622d6789a179f79f938385454df4d5c459fef4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:9b:73:65:88:9a:e7:46:8d:1e:c8:b8:80:8a: be:e9:67:26:78:de:91:df:4c:d1:8e:b3:fe:99:8f: 74:1a:ab:d9:84:c6:70:ad:85:fa:eb:a6:65:02:62: d9:7f:cd:55:d5:69:cf:75:77:ec:df:37:3c:3b:60: fc:90:70:02:1a:c2:fe:c1:27:84:bb:6f:79:91:57: 3e:10:f9:f8:1e:26:2e:70:0c:99:91:2e:71:fb:db: 44:b6:2d:22:43:27:f5:b1:e9:7e:3a:0c:8b:c7:4b: 72:e4:e2:0f:44:7e:ab:42:8c:6e:e7:af:ba:a4:59: b2:73:47:62:18:34:33:e8:dd:a4:9a:c5:30:81:ff: 27:31:2c:1e:a0:35:79:b9:ac:f9:cd:15:1b:58:6a: 69:c4:41:17:a6:61:95:0a:65:4c:9c:7a:40:41:34: 7e:8c:f9:b3:b4:c8:92:d9:5c:f2:2e:ee:4f:bd:ca: 0f:9f:0a:b4:23:1c:b5:7f:c9:81:2e:01:08:f9:bc: f1:83:42:2e:ad:bf:f2:2c:59:a8:45:81:e5:ce:f9: 1e:0a:bc:a2:cc:a8:a8:13:0a:3d:4f:b5:9e:08:55: 8a:80:d3:fa:6f:7a:57:0e:41:11:73:da:4e:fb:6a: aa:81:7d:05:e2:b1:df:aa:23:1d:ca:7b:69:c0:75: c9:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:62:2D:67:89:A1:79:F7:9F:93:83:85:45:4D:F4:D5:C4:59:FE:F4 X509v3 Authority Key Identifier: keyid:2C:C5:74:99:54:6C:4E:FD:73:0F:F8:71:DF:3B:D1:AF:BF:3B:9F:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LMV0mVRsTv1zD_hx3zvRr787nwE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/3WItZ4mhefefk4OFRU301cRZ_vQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b5ba29-b29f-4065-98fb-b529b0cf5411/1/LMV0mVRsTv1zD_hx3zvRr787nwE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.106.200.0/24 IPv6: 2a12:5240::/47 Signature Algorithm: sha256WithRSAEncryption 41:4d:15:e9:ca:c2:ef:81:f7:36:72:3e:4e:3d:02:02:b2:3b: 9f:69:98:db:4e:49:df:dd:c0:4a:b2:d2:24:ed:47:6b:de:de: af:67:29:c7:54:23:3e:21:8a:e4:68:88:2c:03:1b:e8:f4:8a: 0a:48:c9:a1:e9:36:82:8c:f4:78:6f:6c:08:46:20:48:1c:d0: 9a:f7:b3:51:b3:81:f7:8b:c6:fa:d0:69:f0:de:12:df:6e:c1: 5d:1c:c3:eb:df:79:04:fe:48:1c:47:38:61:6b:39:47:94:89: e5:53:8c:c0:18:1b:43:a3:fa:0c:93:74:56:6f:76:fe:a7:f1: 30:0a:ce:3e:a6:38:10:f6:3b:4a:6b:e3:1b:86:34:22:32:47: 84:a1:4d:91:94:4d:81:ff:f7:76:67:9e:33:92:7c:20:17:8c: b4:91:07:c4:43:9b:2c:04:ec:3c:c0:1a:4d:b0:0e:ee:e7:ac: d4:07:03:6b:23:c4:6b:39:95:c5:88:e5:ac:3e:17:86:88:af: 81:93:96:6a:91:8d:a8:d7:65:bd:58:37:df:24:fc:ce:86:f3: 6d:a3:35:32:30:8f:e3:ad:7b:46:b0:a1:a1:f3:07:5a:04:49: 18:de:e0:44:70:a6:92:82:58:99:ae:fa:40:30:4a:21:0b:64: 46:f0:cd:16 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt6W0kZWpSxf1oLyh6QQlXWMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJjYzU3NDk5NTQ2YzRlZmQ3MzBmZjg3MWRmM2JkMWFmYmYz YjlmMDEwHhcNMjYwMTAxMTYxOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDYyMmQ2Nzg5YTE3OWY3OWY5MzgzODU0NTRkZjRkNWM0NTlmZWY0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZtzZYia50aNHsi4gIq+6WcmeN6R 30zRjrP+mY90GqvZhMZwrYX666ZlAmLZf81V1WnPdXfs3zc8O2D8kHACGsL+wSeE u295kVc+EPn4HiYucAyZkS5x+9tEti0iQyf1sel+OgyLx0ty5OIPRH6rQoxu56+6 pFmyc0diGDQz6N2kmsUwgf8nMSweoDV5uaz5zRUbWGppxEEXpmGVCmVMnHpAQTR+ jPmztMiS2VzyLu5PvcoPnwq0Ixy1f8mBLgEI+bzxg0Iurb/yLFmoRYHlzvkeCryi zKioEwo9T7WeCFWKgNP6b3pXDkERc9pO+2qqgX0F4rHfqiMdyntpwHXJ1QIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFN1iLWeJoXn3n5ODhUVN9NXEWf70MB8GA1UdIwQY MBaAFCzFdJlUbE79cw/4cd870a+/O58BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmIt YjUyOWIwY2Y1NDExLzEvM1dJdFo0bWhlZmVmazRPRlJVMzAxY1JaX3ZRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOS9iNWJhMjktYjI5Zi00MDY1LTk4ZmItYjUyOWIwY2Y1NDEx LzEvTE1WMG1WUnNUdjF6RF9oeDN6dlJyNzg3bndFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWWrIMA8E AgACMAkDBwEqElJAAAAwDQYJKoZIhvcNAQELBQADggEBAEFNFenKwu+B9zZyPk49 AgKyO59pmNtOSd/dwEqy0iTtR2ve3q9nKcdUIz4hiuRoiCwDG+j0igpIyaHpNoKM 9HhvbAhGIEgc0Jr3s1GzgfeLxvrQafDeEt9uwV0cw+vfeQT+SBxHOGFrOUeUieVT jMAYG0Oj+gyTdFZvdv6n8TAKzj6mOBD2O0pr4xuGNCIyR4ShTZGUTYH/93ZnnjOS fCAXjLSRB8RDmywE7DzAGk2wDu7nrNQHA2sjxGs5lcWI5aw+F4aIr4GTlmqRjajX Zb1YN98k/M6G822jNTIwj+Ote0awoaHzB1oESRje4ERwppKCWJmu+kAwSiELZEbw zRY= -----END CERTIFICATE-----Generated at Mon Feb 9 21:23:21 2026 by rpki-client