This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/3BxhZ35N8Qx2oPV8uifmlMo5dOs.roa File: 3BxhZ35N8Qx2oPV8uifmlMo5dOs.roa (raw, json) Hash identifier: bD1bjEPm+DLe/WM+85t8bSN4Tr3PbaJNuazlrJ3Q/3o= Subject key identifier: DC:1C:61:67:7E:4D:F1:0C:76:A0:F5:7C:BA:27:E6:94:CA:39:74:EB Certificate issuer: /CN=7f56f28948c832f2d434bb44d5de0ea122601b05 Certificate serial: 019B7D5D1C7D8112605BE6329DF3D3FDD6B8 Authority key identifier: 7F:56:F2:89:48:C8:32:F2:D4:34:BB:44:D5:DE:0E:A1:22:60:1B:05 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1byiUjIMvLUNLtE1d4OoSJgGwU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/3BxhZ35N8Qx2oPV8uifmlMo5dOs.roa Signing time: Fri 02 Jan 2026 06:20:12 +0000 ROA not before: Fri 02 Jan 2026 06:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203096 IP address blocks: 185.40.110.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/f1byiUjIMvLUNLtE1d4OoSJgGwU.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/f1byiUjIMvLUNLtE1d4OoSJgGwU.mft rsync://rpki.ripe.net/repository/DEFAULT/f1byiUjIMvLUNLtE1d4OoSJgGwU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 11 Jan 2026 15:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5d:1c:7d:81:12:60:5b:e6:32:9d:f3:d3:fd:d6:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7f56f28948c832f2d434bb44d5de0ea122601b05 Validity Not Before: Jan 2 06:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc1c61677e4df10c76a0f57cba27e694ca3974eb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8e:f2:d5:f3:6c:36:51:84:62:f8:51:ef:84:ca: 1d:ee:62:6e:cc:c8:29:7b:57:69:5c:8d:18:61:72: 94:c4:f6:54:85:dd:63:35:5e:d1:48:5d:4d:69:8f: f7:2f:6d:fd:80:45:fd:a6:4f:11:18:cd:24:6f:41: 69:98:6a:ab:fe:b5:73:ba:20:d8:3c:37:51:c5:85: 29:54:d6:6c:b6:ee:26:69:13:b6:61:97:b7:e8:34: 1d:f5:f4:dc:5c:3d:8f:32:3e:30:85:57:a5:90:2d: 23:38:4c:17:be:c0:f2:5c:68:63:5a:6e:8c:20:07: cb:62:f0:b0:e6:56:09:a9:5a:49:85:3e:31:1d:a0: fe:e3:41:85:94:86:51:f6:e7:ea:d7:db:50:96:45: b0:3c:89:79:fd:83:57:32:dc:b1:1f:ef:53:6c:b9: 07:f0:1c:85:ab:6c:27:7f:5d:8f:a2:45:ac:8d:af: aa:40:d5:ec:3a:ba:45:df:0c:e4:e7:a8:1c:14:1b: 6b:95:f8:ad:b3:79:79:e0:bc:8f:9e:fe:e6:5e:2b: b8:34:24:db:99:48:12:1c:e4:33:6b:28:e3:a1:22: 8f:41:2d:74:74:50:a7:a8:e8:c4:0f:17:57:4b:28: 63:44:a1:57:63:b2:da:41:56:10:9e:91:a8:c0:83: 1f:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:1C:61:67:7E:4D:F1:0C:76:A0:F5:7C:BA:27:E6:94:CA:39:74:EB X509v3 Authority Key Identifier: keyid:7F:56:F2:89:48:C8:32:F2:D4:34:BB:44:D5:DE:0E:A1:22:60:1B:05 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1byiUjIMvLUNLtE1d4OoSJgGwU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/3BxhZ35N8Qx2oPV8uifmlMo5dOs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/21fbca-80e0-4b8c-8622-4e86ad64f774/1/f1byiUjIMvLUNLtE1d4OoSJgGwU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.40.110.0/24 Signature Algorithm: sha256WithRSAEncryption 43:5f:0a:23:62:a0:bc:d1:40:ed:41:da:01:0d:a3:d5:43:d9: 37:48:6d:07:1c:fb:56:76:58:8d:fe:f2:54:ca:dc:bf:b8:b2: 36:22:89:af:58:52:a4:2a:d1:bf:72:b0:a5:94:82:c4:d8:ad: b1:72:26:6f:b5:e9:c9:9c:79:e5:98:b2:44:64:a8:af:7a:05: e7:c0:73:75:da:32:23:b3:5b:0b:b6:46:d4:ab:f1:77:2a:18: df:2e:66:0a:79:29:dc:b7:5b:be:21:db:e5:f6:ed:55:2e:5d: 76:e6:c1:5e:0e:f4:6d:16:6f:0f:58:a8:00:22:c6:fa:cd:b2: df:94:7e:6d:84:83:fb:0e:c7:71:4b:fd:bc:95:a8:fc:ce:e2: 7c:a2:c6:e7:82:96:9b:c9:dc:98:0b:0e:8a:99:64:10:65:7d: bd:9a:06:cc:67:da:10:9b:08:e3:26:61:79:45:57:33:1e:5c: 98:af:1a:2f:28:75:53:6d:62:a7:cf:49:8e:16:9a:c6:06:3e: 17:af:65:bc:13:78:66:ab:8d:94:4f:7f:f6:d0:7b:36:fe:14: 9b:45:ab:e7:ab:4a:42:93:b8:82:23:a1:ce:6e:b9:ac:4d:46: 7a:09:2f:a3:85:19:5e:15:b6:07:4e:88:04:04:67:44:e4:1e: ca:5b:63:03 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XRx9gRJgW+YynfPT/da4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdmNTZmMjg5NDhjODMyZjJkNDM0YmI0NGQ1ZGUwZWExMjI2 MDFiMDUwHhcNMjYwMTAyMDYyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzFjNjE2NzdlNGRmMTBjNzZhMGY1N2NiYTI3ZTY5NGNhMzk3NGViMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvLV82w2UYRi+FHvhMod7mJuzMgp e1dpXI0YYXKUxPZUhd1jNV7RSF1NaY/3L239gEX9pk8RGM0kb0FpmGqr/rVzuiDY PDdRxYUpVNZstu4maRO2YZe36DQd9fTcXD2PMj4whVelkC0jOEwXvsDyXGhjWm6M IAfLYvCw5lYJqVpJhT4xHaD+40GFlIZR9ufq19tQlkWwPIl5/YNXMtyxH+9TbLkH 8ByFq2wnf12PokWsja+qQNXsOrpF3wzk56gcFBtrlfits3l54LyPnv7mXiu4NCTb mUgSHOQzayjjoSKPQS10dFCnqOjEDxdXSyhjRKFXY7LaQVYQnpGowIMfzwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNwcYWd+TfEMdqD1fLon5pTKOXTrMB8GA1UdIwQY MBaAFH9W8olIyDLy1DS7RNXeDqEiYBsFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZjFieWlVaklNdkxVTkx0RTFkNE9vU0pnR3dVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yMWZiY2EtODBlMC00YjhjLTg2MjIt NGU4NmFkNjRmNzc0LzEvM0J4aFozNU44UXgyb1BWOHVpZm1sTW81ZE9zLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yMWZiY2EtODBlMC00YjhjLTg2MjItNGU4NmFkNjRmNzc0 LzEvZjFieWlVaklNdkxVTkx0RTFkNE9vU0pnR3dVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuShuMA0G CSqGSIb3DQEBCwUAA4IBAQBDXwojYqC80UDtQdoBDaPVQ9k3SG0HHPtWdliN/vJU yty/uLI2IomvWFKkKtG/crCllILE2K2xciZvtenJnHnlmLJEZKivegXnwHN12jIj s1sLtkbUq/F3KhjfLmYKeSnct1u+Idvl9u1VLl125sFeDvRtFm8PWKgAIsb6zbLf lH5thIP7DsdxS/28laj8zuJ8osbngpabydyYCw6KmWQQZX29mgbMZ9oQmwjjJmF5 RVczHlyYrxovKHVTbWKnz0mOFprGBj4Xr2W8E3hmq42UT3/20Hs2/hSbRavnq0pC k7iCI6HObrmsTUZ6CS+jhRleFbYHTogEBGdE5B7KW2MD -----END CERTIFICATE-----Generated at Sat Jan 10 23:45:25 2026 by rpki-client