This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/AN3xpl22PaRyPEelcwTSWgg5W5A.roa File: AN3xpl22PaRyPEelcwTSWgg5W5A.roa (raw, json) Hash identifier: re4tuXpQRY9PMdfHT4O4lemkMyHNhEqfGaE5zniD/ZM= Subject key identifier: 00:DD:F1:A6:5D:B6:3D:A4:72:3C:47:A5:73:04:D2:5A:08:39:5B:90 Certificate issuer: /CN=8ff85eff2448c73646e354afea641bcf79e7c7f9 Certificate serial: 019B7CEE65E39DC709ED76F1BF5AF41574E3 Authority key identifier: 8F:F8:5E:FF:24:48:C7:36:46:E3:54:AF:EA:64:1B:CF:79:E7:C7:F9 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/AN3xpl22PaRyPEelcwTSWgg5W5A.roa Signing time: Fri 02 Jan 2026 04:19:16 +0000 ROA not before: Fri 02 Jan 2026 04:19:16 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197838 IP address blocks: 91.228.8.0/23 maxlen: 23 94.154.16.0/21 maxlen: 21 2001:678:a74::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.crl rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.mft rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ee:65:e3:9d:c7:09:ed:76:f1:bf:5a:f4:15:74:e3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8ff85eff2448c73646e354afea641bcf79e7c7f9 Validity Not Before: Jan 2 04:19:16 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=00ddf1a65db63da4723c47a57304d25a08395b90 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:d5:3f:97:3f:b3:fe:82:cf:83:50:d6:d8:08: d5:ae:46:55:1f:db:e6:20:62:25:5e:63:c8:31:73: 03:51:83:c3:5e:93:2f:cc:ca:7f:f0:c6:e1:95:b8: 2e:3d:46:0c:10:88:da:44:31:4f:bd:42:72:68:84: cb:e3:08:67:ee:c3:a7:64:df:7f:d4:f0:2c:9c:be: 11:ec:df:71:94:69:d7:3d:e0:10:22:54:61:9b:36: 7a:00:20:c3:46:71:af:41:85:f1:b9:8f:19:45:94: 56:0c:e2:08:48:eb:85:07:79:7e:8a:fd:4e:57:f9: 22:b6:76:04:15:47:b8:b3:ec:90:e6:73:b3:9b:25: f9:b9:37:0f:67:66:9e:53:51:ab:1a:83:b8:15:62: 1d:70:6d:df:25:bd:ff:c6:d3:33:17:9d:64:c1:84: 41:42:17:96:9d:16:30:2b:90:48:48:f4:8f:d0:52: 6b:ad:ba:a8:82:92:99:6c:8f:64:97:be:36:96:dd: 0c:f0:fe:6e:e1:00:6a:1d:0b:2b:66:fa:ae:65:3e: 8c:df:62:43:18:12:68:0b:73:bc:9d:84:21:55:69: 0c:43:dd:de:c5:f7:2c:cb:93:47:35:82:81:06:3a: bd:ad:49:2e:aa:bf:59:ba:21:0a:9a:67:18:bc:0e: 0d:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:DD:F1:A6:5D:B6:3D:A4:72:3C:47:A5:73:04:D2:5A:08:39:5B:90 X509v3 Authority Key Identifier: keyid:8F:F8:5E:FF:24:48:C7:36:46:E3:54:AF:EA:64:1B:CF:79:E7:C7:F9 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j_he_yRIxzZG41Sv6mQbz3nnx_k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/AN3xpl22PaRyPEelcwTSWgg5W5A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9fe53d-eb4e-4e6b-9022-e322087870d2/1/j_he_yRIxzZG41Sv6mQbz3nnx_k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.228.8.0/23 94.154.16.0/21 IPv6: 2001:678:a74::/48 Signature Algorithm: sha256WithRSAEncryption 85:84:0d:1b:56:81:af:e9:f7:b6:49:65:49:21:97:86:0f:43: b6:6c:dc:67:9f:87:3e:2a:15:16:70:32:50:38:1e:56:ab:4f: 53:7b:fc:b0:b7:f7:c7:28:a8:e3:f4:2c:43:49:d1:fa:44:d2: 0d:b0:20:1f:2e:36:6c:f3:fb:ef:78:fb:5c:42:c7:b6:6a:01: 16:e8:d8:62:7c:85:4d:49:ec:f5:9d:b9:79:18:39:69:4c:cd: 08:21:a1:41:82:80:e4:aa:80:8c:87:34:94:25:8c:00:e9:05: 89:2d:b2:37:79:b7:35:38:2c:45:c5:f5:03:6c:e3:71:ae:72: 73:f3:d2:5b:0c:8f:04:f4:c6:b2:92:1f:43:1c:40:de:ef:d8: 15:e9:23:f5:e5:25:13:60:1c:c4:66:ba:a8:e7:79:af:fb:9d: 46:18:0c:84:5b:b7:01:ec:de:96:b7:83:ad:ed:70:1a:26:ab: 90:db:ee:cf:87:5d:9c:31:4e:9c:90:00:ea:64:28:f6:25:2e: 4d:45:a4:a6:f4:8f:1c:65:84:cc:83:2c:b1:1d:71:11:3e:06: bb:93:46:3b:98:b3:70:b8:bf:0a:ed:b2:d8:1d:20:75:d7:3e: 57:7c:a8:5f:7d:34:88:98:bb:54:d3:31:ce:bb:95:aa:fe:8b: 7c:20:f5:10 -----BEGIN CERTIFICATE----- MIIFFDCCA/ygAwIBAgISAZt87mXjnccJ7Xbxv1r0FXTjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDhmZjg1ZWZmMjQ0OGM3MzY0NmUzNTRhZmVhNjQxYmNmNzll N2M3ZjkwHhcNMjYwMTAyMDQxOTE2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwMGRkZjFhNjVkYjYzZGE0NzIzYzQ3YTU3MzA0ZDI1YTA4Mzk1YjkwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNU/lz+z/oLPg1DW2AjVrkZVH9vm IGIlXmPIMXMDUYPDXpMvzMp/8MbhlbguPUYMEIjaRDFPvUJyaITL4whn7sOnZN9/ 1PAsnL4R7N9xlGnXPeAQIlRhmzZ6ACDDRnGvQYXxuY8ZRZRWDOIISOuFB3l+iv1O V/kitnYEFUe4s+yQ5nOzmyX5uTcPZ2aeU1GrGoO4FWIdcG3fJb3/xtMzF51kwYRB QheWnRYwK5BISPSP0FJrrbqogpKZbI9kl742lt0M8P5u4QBqHQsrZvquZT6M32JD GBJoC3O8nYQhVWkMQ93exfcsy5NHNYKBBjq9rUkuqr9ZuiEKmmcYvA4NawIDAQAB o4ICIDCCAhwwHQYDVR0OBBYEFADd8aZdtj2kcjxHpXME0loIOVuQMB8GA1UdIwQY MBaAFI/4Xv8kSMc2RuNUr+pkG89558f5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQval9oZV95Ukl4elpHNDFTdjZtUWJ6M25ueF9rLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZmU1M2QtZWI0ZS00ZTZiLTkwMjIt ZTMyMjA4Nzg3MGQyLzEvQU4zeHBsMjJQYVJ5UEVlbGN3VFNXZ2c1VzVBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OC85ZmU1M2QtZWI0ZS00ZTZiLTkwMjItZTMyMjA4Nzg3MGQy LzEval9oZV95Ukl4elpHNDFTdjZtUWJ6M25ueF9rLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW+QIAwQD XpoQMA8EAgACMAkDBwAgAQZ4CnQwDQYJKoZIhvcNAQELBQADggEBAIWEDRtWga/p 97ZJZUkhl4YPQ7Zs3Gefhz4qFRZwMlA4HlarT1N7/LC398coqOP0LENJ0fpE0g2w IB8uNmzz++94+1xCx7ZqARbo2GJ8hU1J7PWduXkYOWlMzQghoUGCgOSqgIyHNJQl jADpBYktsjd5tzU4LEXF9QNs43GucnPz0lsMjwT0xrKSH0McQN7v2BXpI/XlJRNg HMRmuqjnea/7nUYYDIRbtwHs3pa3g63tcBomq5Db7s+HXZwxTpyQAOpkKPYlLk1F pKb0jxxlhMyDLLEdcRE+BruTRjuYs3C4vwrtstgdIHXXPld8qF99NIiYu1TTMc67 lar+i3wg9RA= -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:21 2026 by rpki-client