This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/3S2xPTKnn78YdkuL1FaKKKj_YTo.roa File: 3S2xPTKnn78YdkuL1FaKKKj_YTo.roa (raw, json) Hash identifier: rHbDJXW9oQjYpySunNLhfzqe5DC3DBmeqQpnD/fIuKo= Subject key identifier: DD:2D:B1:3D:32:A7:9F:BF:18:76:4B:8B:D4:56:8A:28:A8:FF:61:3A Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6 Certificate serial: 019B8617FD2D6CFBEB6F84C1EEF0F957F081 Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/3S2xPTKnn78YdkuL1FaKKKj_YTo.roa Signing time: Sat 03 Jan 2026 23:01:17 +0000 ROA not before: Sat 03 Jan 2026 23:01:17 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 834 IP address blocks: 109.111.32.0/22 maxlen: 24 109.111.34.0/23 maxlen: 24 109.111.48.0/20 maxlen: 20 109.111.50.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:86:17:fd:2d:6c:fb:eb:6f:84:c1:ee:f0:f9:57:f0:81 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6 Validity Not Before: Jan 3 23:01:17 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd2db13d32a79fbf18764b8bd4568a28a8ff613a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:2a:4f:d7:d7:21:09:d4:31:c2:c5:f9:4d:eb: a9:b6:24:98:23:ce:54:ba:7b:af:95:eb:ba:a4:6a: 95:d8:16:38:98:20:90:b4:7c:5e:b6:5e:e4:a2:d3: b4:8e:21:4c:aa:fe:71:f0:51:be:36:21:8e:fb:f1: ef:2b:83:fe:c2:ee:99:34:1d:3a:d9:ca:df:b4:95: 11:f7:cc:d6:7b:65:be:37:45:07:a0:9f:ba:15:1d: bf:e9:51:e7:ee:30:d5:d9:9f:2a:10:20:c4:8f:03: ba:d5:62:73:56:80:3e:93:33:be:9f:30:4e:56:81: 16:8b:c7:93:a0:cd:11:9b:72:b7:32:00:5d:a1:d9: 18:79:20:0d:99:a3:67:26:be:c2:9e:93:a4:0a:a6: 67:9c:8b:7a:c1:1b:bb:f3:c0:cd:fc:dd:a3:5f:5c: 48:cc:e4:1e:ad:5c:c7:81:59:56:06:dc:84:50:06: 35:3b:8d:97:59:ff:68:63:18:2e:b9:9e:46:dc:0d: 09:ee:54:bc:01:1e:37:69:ce:04:28:13:9e:0b:c9: 29:3b:84:fa:e6:b3:90:71:6a:18:0a:10:d4:b6:de: 2c:f2:4a:95:01:58:b6:ed:39:7c:77:ae:30:91:e1: a6:71:53:b3:4f:14:18:41:43:75:68:1e:c8:b9:47: 9e:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:2D:B1:3D:32:A7:9F:BF:18:76:4B:8B:D4:56:8A:28:A8:FF:61:3A X509v3 Authority Key Identifier: keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/3S2xPTKnn78YdkuL1FaKKKj_YTo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 109.111.32.0/22 109.111.48.0/20 Signature Algorithm: sha256WithRSAEncryption 9b:02:56:3d:46:4e:17:5a:cb:3e:3a:0b:b9:6e:36:34:21:e1: 71:ec:32:f0:d2:36:27:d9:99:1d:aa:06:c6:79:50:23:b8:d9: 1b:a6:35:81:5a:4a:72:6d:d9:2a:6f:32:3b:26:c2:54:56:fc: e3:c6:f6:c5:ae:36:2e:02:84:5a:2e:8d:be:d4:8a:c9:6c:b5: 76:ad:dc:a3:a8:34:fb:b2:9f:47:f8:e6:2c:3e:91:c7:c8:9f: 8d:28:b0:87:32:1c:fa:4c:b5:4d:05:20:14:28:87:b8:d3:09: cd:41:35:95:47:60:2a:10:0e:12:c5:cd:a6:c9:f1:74:9b:11: e1:84:0d:0b:11:71:63:9c:b8:3e:37:56:9a:2d:41:02:20:b9: 40:1e:37:05:cb:d8:00:30:8e:00:b4:e0:c9:61:68:da:50:81: 60:27:9a:bc:d9:93:61:55:ad:4b:a6:f5:4b:bf:72:a1:6f:0b: 4f:ea:73:61:2b:45:4e:b3:7d:70:07:be:1f:17:10:b9:d3:62: c3:00:03:31:e0:76:e5:3f:1d:2c:d0:be:25:4d:62:12:27:6c: 42:20:26:c7:c8:52:f1:88:ff:33:af:3f:f5:6c:8a:fe:b7:61: 7e:e9:9c:49:2c:37:d6:9f:61:b3:3a:79:ea:89:49:e8:27:6c: a0:a6:6a:c0 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZuGF/0tbPvrb4TB7vD5V/CBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl ZWNkYjYwHhcNMjYwMTAzMjMwMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDJkYjEzZDMyYTc5ZmJmMTg3NjRiOGJkNDU2OGEyOGE4ZmY2MTNhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSpP19chCdQxwsX5TeuptiSYI85U unuvleu6pGqV2BY4mCCQtHxetl7kotO0jiFMqv5x8FG+NiGO+/HvK4P+wu6ZNB06 2crftJUR98zWe2W+N0UHoJ+6FR2/6VHn7jDV2Z8qECDEjwO61WJzVoA+kzO+nzBO VoEWi8eToM0Rm3K3MgBdodkYeSANmaNnJr7CnpOkCqZnnIt6wRu788DN/N2jX1xI zOQerVzHgVlWBtyEUAY1O42XWf9oYxguuZ5G3A0J7lS8AR43ac4EKBOeC8kpO4T6 5rOQcWoYChDUtt4s8kqVAVi27Tl8d64wkeGmcVOzTxQYQUN1aB7IuUeemQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN0tsT0yp5+/GHZLi9RWiiio/2E6MB8GA1UdIwQY MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt NjY0NTc3MjRjMmQzLzEvM1MyeFBUS25uNzhZZGt1TDFGYUtLS2pfWVRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCbW8gAwQE bW8wMA0GCSqGSIb3DQEBCwUAA4IBAQCbAlY9Rk4XWss+Ogu5bjY0IeFx7DLw0jYn 2ZkdqgbGeVAjuNkbpjWBWkpybdkqbzI7JsJUVvzjxvbFrjYuAoRaLo2+1IrJbLV2 rdyjqDT7sp9H+OYsPpHHyJ+NKLCHMhz6TLVNBSAUKIe40wnNQTWVR2AqEA4Sxc2m yfF0mxHhhA0LEXFjnLg+N1aaLUECILlAHjcFy9gAMI4AtODJYWjaUIFgJ5q82ZNh Va1LpvVLv3KhbwtP6nNhK0VOs31wB74fFxC502LDAAMx4HblPx0s0L4lTWISJ2xC ICbHyFLxiP8zrz/1bIr+t2F+6ZxJLDfWn2GzOnnqiUnoJ2ygpmrA -----END CERTIFICATE-----Generated at Sun Jan 25 12:15:30 2026 by rpki-client