This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3qWiv8aUt9sce-sZcGdmrNaNLPY.roa File: 3qWiv8aUt9sce-sZcGdmrNaNLPY.roa (raw, json) Hash identifier: fDS2D0rIZulEuzsnb+BYc++UCvsn6GakJSLWm65oY60= Subject key identifier: DE:A5:A2:BF:C6:94:B7:DB:1C:7B:EB:19:70:67:66:AC:D6:8D:2C:F6 Certificate issuer: /CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f Certificate serial: 019B7C7FC16AD8F6BECC98D4669629D08C0B Authority key identifier: D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3qWiv8aUt9sce-sZcGdmrNaNLPY.roa Signing time: Fri 02 Jan 2026 02:18:25 +0000 ROA not before: Fri 02 Jan 2026 02:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59811 IP address blocks: 185.66.205.0/24 maxlen: 24 185.66.206.0/24 maxlen: 24 185.149.208.0/24 maxlen: 24 185.149.210.0/23 maxlen: 24 194.0.116.0/22 maxlen: 24 2a04:1840::/29 maxlen: 32 2a0b:8640::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.mft rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 11 Feb 2026 02:00:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c1:6a:d8:f6:be:cc:98:d4:66:96:29:d0:8c:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d04079bb7070ed0eeea3a1a467c79462bcc5455f Validity Not Before: Jan 2 02:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dea5a2bfc694b7db1c7beb19706766acd68d2cf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b8:e0:e6:74:a2:13:a6:e5:ba:81:91:17:99: 47:48:a7:75:10:b7:03:ad:a4:ab:b4:81:e3:fd:0c: 77:2a:7b:7c:0b:a6:47:e5:80:af:a1:3d:0d:ef:9b: 87:97:df:e9:72:db:98:c9:41:12:48:ff:ce:bc:38: 43:c6:94:57:13:37:fa:a5:9a:bd:e0:0c:d8:3c:fe: b3:d7:78:45:e6:be:58:d6:2f:98:2f:03:e4:c8:d3: f9:8f:56:75:d6:51:57:06:31:17:1a:c5:91:6d:90: 57:19:63:b8:15:de:7c:e1:a1:3a:cc:e3:73:23:78: 8c:15:ce:ce:60:9f:48:cf:28:46:bd:fa:b3:53:a3: 50:c8:1d:4c:52:ff:b3:63:08:22:45:59:21:db:b2: ef:73:8d:31:a1:d0:89:99:cf:35:54:55:73:d9:f1: 7e:56:22:5c:93:94:4d:0a:0e:eb:7e:c8:15:e7:77: 86:f9:35:06:fb:7e:8a:f5:88:35:33:8c:63:37:32: 73:9e:4e:50:a5:d2:e3:15:51:73:0e:a5:cc:e3:5e: 28:45:71:60:ea:e8:f8:72:bd:d7:4b:8e:26:48:b6: a2:b3:4c:d0:ed:e3:90:69:fa:4f:42:32:22:49:21: dd:83:ad:09:a1:ec:d4:bb:a0:78:8c:98:e3:c1:05: e4:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:A5:A2:BF:C6:94:B7:DB:1C:7B:EB:19:70:67:66:AC:D6:8D:2C:F6 X509v3 Authority Key Identifier: keyid:D0:40:79:BB:70:70:ED:0E:EE:A3:A1:A4:67:C7:94:62:BC:C5:45:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/3qWiv8aUt9sce-sZcGdmrNaNLPY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a93da0-e155-4324-9ba9-62098d1ec1e6/1/0EB5u3Bw7Q7uo6GkZ8eUYrzFRV8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.66.205.0-185.66.206.255 185.149.208.0/24 185.149.210.0/23 194.0.116.0/22 IPv6: 2a04:1840::/29 2a0b:8640::/29 Signature Algorithm: sha256WithRSAEncryption 38:d8:a6:4d:2b:82:76:04:55:34:41:7f:a0:74:ce:1f:09:94: 6a:50:64:b1:e3:b6:8a:69:1e:cb:32:9f:ca:7b:da:9a:61:e2: bc:76:2a:f2:c8:87:c0:9f:50:02:b6:bd:02:cc:20:fd:a8:53: f3:08:b9:47:08:67:a1:ed:19:3f:98:65:2d:35:02:ae:6e:0a: b9:b8:36:5c:91:19:a1:62:44:a7:66:90:4a:90:ab:2d:31:5e: 4c:04:21:ae:da:2e:b5:a4:9f:0a:d4:1b:35:47:0c:2e:7e:5a: 45:b8:4d:85:63:bd:32:7d:41:ff:54:ca:c5:83:14:37:03:50: fd:b3:5e:39:56:4f:01:b9:fe:37:6b:cb:13:c8:69:8f:b2:26: aa:7a:99:90:61:3e:f0:e4:69:54:49:2b:41:63:d0:b3:99:ee: da:f5:2a:b5:8a:bb:9a:b0:b2:8e:fc:30:bd:be:4a:0c:0e:9f: 58:76:51:7a:b3:61:4a:6c:d4:f0:ca:e2:7d:10:b8:f5:5e:ea: d8:df:93:c2:e4:40:2c:18:73:81:49:4e:0f:8d:68:96:37:8e: b4:64:8e:21:a1:2a:fe:cc:33:e5:28:07:55:13:3f:ad:8b:9b: 87:a6:9c:99:db:73:9e:e0:9b:b3:bb:08:02:60:ab:d5:35:0d: 6b:4a:ec:f0 -----BEGIN CERTIFICATE----- MIIFLTCCBBWgAwIBAgISAZt8f8Fq2Pa+zJjUZpYp0IwLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQwNDA3OWJiNzA3MGVkMGVlZWEzYTFhNDY3Yzc5NDYyYmNj NTQ1NWYwHhcNMjYwMTAyMDIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWE1YTJiZmM2OTRiN2RiMWM3YmViMTk3MDY3NjZhY2Q2OGQyY2Y2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrjg5nSiE6bluoGRF5lHSKd1ELcD raSrtIHj/Qx3Knt8C6ZH5YCvoT0N75uHl9/pctuYyUESSP/OvDhDxpRXEzf6pZq9 4AzYPP6z13hF5r5Y1i+YLwPkyNP5j1Z11lFXBjEXGsWRbZBXGWO4Fd584aE6zONz I3iMFc7OYJ9IzyhGvfqzU6NQyB1MUv+zYwgiRVkh27Lvc40xodCJmc81VFVz2fF+ ViJck5RNCg7rfsgV53eG+TUG+36K9Yg1M4xjNzJznk5QpdLjFVFzDqXM414oRXFg 6uj4cr3XS44mSLais0zQ7eOQafpPQjIiSSHdg60JoezUu6B4jJjjwQXkvQIDAQAB o4ICOTCCAjUwHQYDVR0OBBYEFN6lor/GlLfbHHvrGXBnZqzWjSz2MB8GA1UdIwQY MBaAFNBAebtwcO0O7qOhpGfHlGK8xUVfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTkt NjIwOThkMWVjMWU2LzEvM3FXaXY4YVV0OXNjZS1zWmNHZG1yTmFOTFBZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83NS9hOTNkYTAtZTE1NS00MzI0LTliYTktNjIwOThkMWVjMWU2 LzEvMEVCNXUzQnc3UTd1bzZHa1o4ZVVZcnpGUlY4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAmBAIAATAgMAwDBAC5Qs0D BAC5Qs4DBAC5ldADBAG5ldIDBALCAHQwFAQCAAIwDgMFAyoEGEADBQMqC4ZAMA0G CSqGSIb3DQEBCwUAA4IBAQA42KZNK4J2BFU0QX+gdM4fCZRqUGSx47aKaR7LMp/K e9qaYeK8diryyIfAn1ACtr0CzCD9qFPzCLlHCGeh7Rk/mGUtNQKubgq5uDZckRmh YkSnZpBKkKstMV5MBCGu2i61pJ8K1Bs1RwwuflpFuE2FY70yfUH/VMrFgxQ3A1D9 s145Vk8Buf43a8sTyGmPsiaqepmQYT7w5GlUSStBY9Czme7a9Sq1iruasLKO/DC9 vkoMDp9YdlF6s2FKbNTwyuJ9ELj1XurY35PC5EAsGHOBSU4PjWiWN460ZI4hoSr+ zDPlKAdVEz+ti5uHppyZ23Oe4JuzuwgCYKvVNQ1rSuzw -----END CERTIFICATE-----Generated at Tue Feb 10 11:33:29 2026 by rpki-client