This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/Dr3WDUpz6-xPqX9Onpmd9dBVP5Q.roa File: Dr3WDUpz6-xPqX9Onpmd9dBVP5Q.roa (raw, json) Hash identifier: K0SdFptEazmOT46XEGng/FuWvVaWyGlgcNjhMXNpZ4c= Subject key identifier: 0E:BD:D6:0D:4A:73:EB:EC:4F:A9:7F:4E:9E:99:9D:F5:D0:55:3F:94 Certificate issuer: /CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69 Certificate serial: 019B7CED67756CE6248D5D3382A7528CE10F Authority key identifier: 3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/Dr3WDUpz6-xPqX9Onpmd9dBVP5Q.roa Signing time: Fri 02 Jan 2026 04:18:11 +0000 ROA not before: Fri 02 Jan 2026 04:18:11 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 34469 IP address blocks: 85.158.222.0/23 maxlen: 23 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/O0d6YmB_uUyOI7WgYseNk9-cvWk.crl rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/O0d6YmB_uUyOI7WgYseNk9-cvWk.mft rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:ed:67:75:6c:e6:24:8d:5d:33:82:a7:52:8c:e1:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b477a62607fb94c8e23b5a062c78d93df9cbd69 Validity Not Before: Jan 2 04:18:11 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=0ebdd60d4a73ebec4fa97f4e9e999df5d0553f94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ba:79:b7:af:50:3f:e5:35:61:f3:a1:78:d3: 74:ef:a9:db:8b:ad:11:f8:16:ba:10:94:ee:cb:a2: 4e:26:38:9d:f6:3f:61:51:71:c5:89:9b:2c:77:8f: 6a:26:66:7a:52:fc:55:f3:c4:a5:be:c5:35:c5:8b: d9:cc:52:11:6b:59:ff:2a:56:93:82:09:62:6a:e8: a6:89:f8:14:2a:78:78:a7:8e:8a:b9:a7:ae:0b:c4: 15:b0:4d:61:4b:a9:db:cc:80:25:3d:80:a5:6c:bb: d6:83:72:53:15:e4:c8:5f:50:a2:80:8b:03:08:27: c5:38:65:1a:bc:eb:ba:67:c7:82:5c:bb:9c:bb:85: c3:a3:d0:e9:60:7b:f6:7b:ca:fd:cf:2d:47:e6:15: 52:c3:e7:91:91:f6:84:21:e1:43:11:c1:e1:60:f2: 85:43:40:54:92:ae:1d:15:53:58:7d:9c:97:7e:06: 4b:0c:77:20:9d:68:65:c9:58:5d:90:de:63:cc:bf: 8d:71:b9:28:be:33:9c:1c:a5:ca:9d:db:73:1e:da: 77:2e:58:c4:6e:5d:6c:37:c7:18:59:d5:ed:bf:5b: c9:03:99:5a:44:19:d6:28:f0:30:e8:5d:39:de:47: 1c:42:12:8a:1d:75:b9:97:49:75:cc:9d:ac:0e:98: a2:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:BD:D6:0D:4A:73:EB:EC:4F:A9:7F:4E:9E:99:9D:F5:D0:55:3F:94 X509v3 Authority Key Identifier: keyid:3B:47:7A:62:60:7F:B9:4C:8E:23:B5:A0:62:C7:8D:93:DF:9C:BD:69 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0d6YmB_uUyOI7WgYseNk9-cvWk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/Dr3WDUpz6-xPqX9Onpmd9dBVP5Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/f33379-63d9-4f2b-8e65-30a6c3af9095/1/O0d6YmB_uUyOI7WgYseNk9-cvWk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.222.0/23 Signature Algorithm: sha256WithRSAEncryption 7c:c5:ca:91:34:27:50:df:c1:d6:ee:51:55:c8:3b:94:a7:87: 76:ce:ed:fd:7e:03:00:67:07:26:82:c5:cb:32:5a:ec:d2:18: 89:4d:ca:2a:20:89:15:f5:9f:f3:ee:49:a3:6b:52:db:5d:3f: 4b:23:22:c8:08:17:4b:51:43:7c:15:74:9a:ea:d1:90:d8:aa: 57:ee:ec:c7:37:1f:24:4a:7b:79:68:3a:9a:9d:74:a3:cc:05: 62:b7:0a:db:65:bf:16:f7:f0:98:87:df:1b:32:67:fd:de:5f: c5:27:a3:93:02:39:6b:fc:38:41:0c:ef:ee:2a:c1:6e:86:0f: 79:a4:25:e1:7d:af:72:ef:17:51:50:f8:3d:38:a8:0f:ef:78: fb:85:6c:fa:e1:e3:63:79:5e:8e:d4:8a:ba:42:16:85:b0:b7: 9b:f7:41:3e:64:57:22:c7:23:2f:18:4a:db:ea:f3:df:17:eb: 73:1c:7f:d6:50:fa:de:91:4e:ab:15:2f:e2:f5:3a:30:7a:e6: d7:68:55:26:bf:73:0c:13:af:c1:04:f5:7c:4d:12:d1:7e:a1: 54:6d:b1:00:c3:eb:66:02:dd:f9:92:78:96:1b:49:07:2e:be: 64:7f:e3:8f:d2:72:6d:de:58:e5:76:68:31:fa:07:48:5e:54: e6:10:62:5c -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt87Wd1bOYkjV0zgqdSjOEPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiNDc3YTYyNjA3ZmI5NGM4ZTIzYjVhMDYyYzc4ZDkzZGY5 Y2JkNjkwHhcNMjYwMTAyMDQxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygwZWJkZDYwZDRhNzNlYmVjNGZhOTdmNGU5ZTk5OWRmNWQwNTUzZjk0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbp5t69QP+U1YfOheNN076nbi60R +Ba6EJTuy6JOJjid9j9hUXHFiZssd49qJmZ6UvxV88SlvsU1xYvZzFIRa1n/KlaT ggliauimifgUKnh4p46KuaeuC8QVsE1hS6nbzIAlPYClbLvWg3JTFeTIX1CigIsD CCfFOGUavOu6Z8eCXLucu4XDo9DpYHv2e8r9zy1H5hVSw+eRkfaEIeFDEcHhYPKF Q0BUkq4dFVNYfZyXfgZLDHcgnWhlyVhdkN5jzL+NcbkovjOcHKXKndtzHtp3LljE bl1sN8cYWdXtv1vJA5laRBnWKPAw6F053kccQhKKHXW5l0l1zJ2sDpiiDwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFA691g1Kc+vsT6l/Tp6ZnfXQVT+UMB8GA1UdIwQY MBaAFDtHemJgf7lMjiO1oGLHjZPfnL1pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUt MzBhNmMzYWY5MDk1LzEvRHIzV0RVcHo2LXhQcVg5T25wbWQ5ZEJWUDVRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC9mMzMzNzktNjNkOS00ZjJiLThlNjUtMzBhNmMzYWY5MDk1 LzEvTzBkNlltQl91VXlPSTdXZ1lzZU5rOS1jdldrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVZ7eMA0G CSqGSIb3DQEBCwUAA4IBAQB8xcqRNCdQ38HW7lFVyDuUp4d2zu39fgMAZwcmgsXL Mlrs0hiJTcoqIIkV9Z/z7kmja1LbXT9LIyLICBdLUUN8FXSa6tGQ2KpX7uzHNx8k Snt5aDqanXSjzAVitwrbZb8W9/CYh98bMmf93l/FJ6OTAjlr/DhBDO/uKsFuhg95 pCXhfa9y7xdRUPg9OKgP73j7hWz64eNjeV6O1Iq6QhaFsLeb90E+ZFcixyMvGErb 6vPfF+tzHH/WUPrekU6rFS/i9ToweubXaFUmv3MME6/BBPV8TRLRfqFUbbEAw+tm At35kniWG0kHLr5kf+OP0nJt3ljldmgx+gdIXlTmEGJc -----END CERTIFICATE-----Generated at Mon Jan 26 22:00:48 2026 by rpki-client