This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/3RsLnrTTWTLPQLyhD4gSJN-DaTI.roa File: 3RsLnrTTWTLPQLyhD4gSJN-DaTI.roa (raw, json) Hash identifier: P//UvOt3ZaB3uh3PmS1jjSG8dYP/ZrhMVhcmC8uqPak= Subject key identifier: DD:1B:0B:9E:B4:D3:59:32:CF:40:BC:A1:0F:88:12:24:DF:83:69:32 Certificate issuer: /CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121 Certificate serial: 019B7E3860E81960242F5264BCD4F2F23C11 Authority key identifier: BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/3RsLnrTTWTLPQLyhD4gSJN-DaTI.roa Signing time: Fri 02 Jan 2026 10:19:42 +0000 ROA not before: Fri 02 Jan 2026 10:19:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 46.254.176.0/21 maxlen: 24 93.94.32.0/21 maxlen: 24 93.94.32.0/24 maxlen: 24 93.94.33.0/24 maxlen: 24 93.94.34.0/24 maxlen: 24 93.94.35.0/24 maxlen: 24 93.94.37.0/24 maxlen: 24 93.94.38.0/24 maxlen: 24 93.174.64.0/21 maxlen: 24 158.58.136.0/21 maxlen: 24 185.34.84.0/22 maxlen: 24 185.84.176.0/22 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.mft rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 13:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:60:e8:19:60:24:2f:52:64:bc:d4:f2:f2:3c:11 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=bf88849a2eb5e9dd571a8e743bed7b9513d7a121 Validity Not Before: Jan 2 10:19:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd1b0b9eb4d35932cf40bca10f881224df836932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:14:bd:5e:34:6f:8d:fc:f5:f7:33:77:3f:c3: 3f:ac:74:ae:3c:d6:9e:f9:61:77:48:06:52:f4:4c: 0d:72:e3:6c:c9:5d:e5:b7:2b:40:55:12:6f:64:d8: a7:f3:cb:9c:9d:f9:70:48:f9:a2:2e:63:da:a8:09: 31:87:e1:16:24:37:0d:d5:34:ce:60:55:dd:3e:4d: a0:50:aa:e3:7e:c9:a8:10:c8:cf:d9:d7:91:17:a3: eb:c4:d5:ff:7f:cf:c4:54:78:4a:f1:63:54:f4:aa: 4c:7f:3e:33:23:33:f5:84:33:28:fe:86:96:11:87: 5d:3d:bf:2a:f9:96:0a:b9:6f:d6:59:5a:c7:41:4c: e7:4d:53:f7:2b:24:c9:82:4f:f9:8a:a2:bc:6f:cf: 5b:23:f9:d8:cf:12:45:08:51:7a:39:e4:a6:df:89: 0b:15:7f:41:3a:98:f9:61:63:03:f9:42:46:40:1c: e9:86:8e:4a:f7:e5:c5:5b:f2:6b:04:9a:c3:50:44: e8:97:91:c0:0c:52:71:aa:8d:b5:c8:12:b2:a6:0c: 68:16:84:30:76:43:b0:18:d6:02:8c:9f:99:17:a1: 45:bb:b6:33:81:bf:d3:8b:0d:67:3b:10:a4:95:a0: ee:0e:a8:fb:47:3a:30:4f:0f:a1:fd:86:17:ae:fc: c1:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:1B:0B:9E:B4:D3:59:32:CF:40:BC:A1:0F:88:12:24:DF:83:69:32 X509v3 Authority Key Identifier: keyid:BF:88:84:9A:2E:B5:E9:DD:57:1A:8E:74:3B:ED:7B:95:13:D7:A1:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4iEmi616d1XGo50O-17lRPXoSE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/3RsLnrTTWTLPQLyhD4gSJN-DaTI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/dbc58e-027b-4aac-9de6-23739b5fd84c/1/v4iEmi616d1XGo50O-17lRPXoSE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.254.176.0/21 93.94.32.0/21 93.174.64.0/21 158.58.136.0/21 185.34.84.0/22 185.84.176.0/22 Signature Algorithm: sha256WithRSAEncryption 31:12:05:8d:18:8b:53:c9:9b:b3:b9:00:ef:0f:65:9b:87:bb: 8d:37:58:ec:89:15:ab:38:c1:05:99:3e:50:c4:b2:72:97:0b: d8:35:b4:5f:a4:93:4e:2a:0a:4d:78:12:1d:7a:1a:e5:79:f4: 03:a8:b1:ba:4a:19:65:ae:19:a3:07:5f:13:27:1e:19:26:3d: a1:a1:1a:3b:e7:6b:35:2c:c5:cc:7d:cb:72:9c:01:08:1d:87: a3:3f:35:91:52:cd:4c:86:08:84:db:b4:8b:54:5a:38:2b:99: 33:bd:30:27:9f:5a:ec:03:a8:3c:ab:ea:b2:2b:a6:95:87:f4: f3:e9:12:14:7a:e5:5e:94:2b:84:e4:21:09:2b:27:02:a3:6f: c7:03:24:73:43:6d:80:01:7c:3b:b1:1a:35:58:3d:41:48:ff: 27:43:ab:0f:b5:7e:88:9f:a1:88:d9:98:16:4f:b6:d2:3f:bc: ea:91:f0:d7:b4:7b:f2:9f:9e:c3:96:27:78:ab:95:43:43:57: d0:a5:95:44:9b:70:5c:f2:19:1c:70:63:b1:54:a0:b0:09:26: 12:73:06:6f:71:60:17:0f:db:cb:0a:5d:ba:73:44:02:99:8a: 5f:7e:31:1a:e6:d5:1b:96:76:15:24:45:1a:cb:5d:eb:51:74: ef:84:77:8c -----BEGIN CERTIFICATE----- MIIFGzCCBAOgAwIBAgISAZt+OGDoGWAkL1JkvNTy8jwRMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJmODg4NDlhMmViNWU5ZGQ1NzFhOGU3NDNiZWQ3Yjk1MTNk N2ExMjEwHhcNMjYwMTAyMTAxOTQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDFiMGI5ZWI0ZDM1OTMyY2Y0MGJjYTEwZjg4MTIyNGRmODM2OTMyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphS9XjRvjfz19zN3P8M/rHSuPNae +WF3SAZS9EwNcuNsyV3ltytAVRJvZNin88ucnflwSPmiLmPaqAkxh+EWJDcN1TTO YFXdPk2gUKrjfsmoEMjP2deRF6PrxNX/f8/EVHhK8WNU9KpMfz4zIzP1hDMo/oaW EYddPb8q+ZYKuW/WWVrHQUznTVP3KyTJgk/5iqK8b89bI/nYzxJFCFF6OeSm34kL FX9BOpj5YWMD+UJGQBzpho5K9+XFW/JrBJrDUETol5HADFJxqo21yBKypgxoFoQw dkOwGNYCjJ+ZF6FFu7Yzgb/Tiw1nOxCklaDuDqj7RzowTw+h/YYXrvzB/wIDAQAB o4ICJzCCAiMwHQYDVR0OBBYEFN0bC56001kyz0C8oQ+IEiTfg2kyMB8GA1UdIwQY MBaAFL+IhJoutendVxqOdDvte5UT16EhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYt MjM3MzliNWZkODRjLzEvM1JzTG5yVFRXVExQUUx5aEQ0Z1NKTi1EYVRJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83YS9kYmM1OGUtMDI3Yi00YWFjLTlkZTYtMjM3MzliNWZkODRj LzEvdjRpRW1pNjE2ZDFYR281ME8tMTdsUlBYb1NFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDLv6wAwQD XV4gAwQDXa5AAwQDnjqIAwQCuSJUAwQCuVSwMA0GCSqGSIb3DQEBCwUAA4IBAQAx EgWNGItTyZuzuQDvD2Wbh7uNN1jsiRWrOMEFmT5QxLJylwvYNbRfpJNOKgpNeBId ehrlefQDqLG6ShllrhmjB18TJx4ZJj2hoRo752s1LMXMfctynAEIHYejPzWRUs1M hgiE27SLVFo4K5kzvTAnn1rsA6g8q+qyK6aVh/Tz6RIUeuVelCuE5CEJKycCo2/H AyRzQ22AAXw7sRo1WD1BSP8nQ6sPtX6In6GI2ZgWT7bSP7zqkfDXtHvyn57Dlid4 q5VDQ1fQpZVEm3Bc8hkccGOxVKCwCSYScwZvcWAXD9vLCl26c0QCmYpffjEa5tUb lnYVJEUay13rUXTvhHeM -----END CERTIFICATE-----Generated at Sun Jan 18 16:37:22 2026 by rpki-client