This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3TSAfPOIn-6T8WxY9PbbYdzVeF4.roa File: 3TSAfPOIn-6T8WxY9PbbYdzVeF4.roa (raw, json) Hash identifier: UpR4mrfiQuZkxMrQ+6bCSHPkYh2oWmAUy9reNvBEt1M= Subject key identifier: DD:34:80:7C:F3:88:9F:EE:93:F1:6C:58:F4:F6:DB:61:DC:D5:78:5E Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0 Certificate serial: 019B7DCB761EE7947E57421C0D0124DEC3D2 Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3TSAfPOIn-6T8WxY9PbbYdzVeF4.roa Signing time: Fri 02 Jan 2026 08:20:44 +0000 ROA not before: Fri 02 Jan 2026 08:20:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 208226 IP address blocks: 151.242.147.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 18 Jan 2026 21:00:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:76:1e:e7:94:7e:57:42:1c:0d:01:24:de:c3:d2 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0 Validity Not Before: Jan 2 08:20:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd34807cf3889fee93f16c58f4f6db61dcd5785e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:86:44:00:89:3b:02:6e:d7:b7:0d:b0:ba:c8: 62:5f:e4:03:f8:bb:bc:06:58:6d:6d:91:17:5b:2b: 59:99:84:1b:53:40:56:43:3d:a9:4e:a1:51:63:a8: 23:92:bf:6a:4d:b9:b7:5c:f6:fa:e9:4d:a6:7d:c2: 6e:c2:35:5d:82:f0:d0:ff:e4:c6:ab:8d:0a:8d:ca: 16:05:d3:96:54:0b:a5:7f:c4:8d:55:3e:51:d8:b1: 81:28:b8:e0:8c:11:da:48:97:a3:b0:7b:eb:3e:d7: b6:80:c9:30:53:81:90:c8:61:7c:0c:e3:2d:b2:2b: 79:6e:53:61:24:98:4e:60:0c:cf:68:71:8b:d3:55: 25:0c:11:a3:a3:b8:81:de:6a:a1:2f:d0:0b:59:30: 06:62:33:77:73:18:19:dc:3a:5e:27:2a:13:4b:83: d3:6b:d0:72:da:b4:f3:77:a1:31:75:bd:95:6b:41: 3a:51:59:5d:ae:41:71:a4:ff:0c:47:df:cb:56:d9: bc:9d:0b:2e:72:6e:e5:23:a4:d9:67:5f:3f:d0:83: 1c:ca:49:55:82:62:80:d3:f5:1f:44:e0:83:c3:39: f6:e3:0e:24:0a:c0:ce:95:0a:95:dd:0c:37:ae:8b: d8:2a:ea:17:23:ee:3d:20:48:bf:71:9a:b5:32:5c: 48:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:34:80:7C:F3:88:9F:EE:93:F1:6C:58:F4:F6:DB:61:DC:D5:78:5E X509v3 Authority Key Identifier: keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3TSAfPOIn-6T8WxY9PbbYdzVeF4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 151.242.147.0/24 Signature Algorithm: sha256WithRSAEncryption 3b:53:60:e5:4b:25:e9:78:61:d8:92:0d:db:d6:a3:48:3f:40: 6c:9c:92:42:ad:c9:56:75:bb:f5:86:d5:36:6a:71:60:7c:1f: fd:70:f6:f5:f2:6f:bb:95:77:ce:7a:94:3c:92:f7:2e:6a:0f: 81:6b:fe:e0:d4:95:b6:83:64:86:cc:70:9f:96:12:6a:2a:fb: 82:5e:7e:ff:68:47:48:b9:5c:d5:ee:98:71:3b:e8:a0:11:8f: a8:83:da:37:7f:6f:e0:39:89:23:2c:2c:7b:94:75:b0:54:dc: 3b:a4:6b:65:7f:79:f3:d1:d4:81:bf:19:69:89:fe:50:b8:83: 8e:27:d7:28:e0:a7:b5:db:cb:09:ba:3e:db:9a:bf:90:9a:01: 9c:cd:de:bb:c5:28:8c:82:e1:1a:18:2a:02:2d:a5:46:78:7c: 90:bc:ad:d9:fb:37:d7:ca:41:4a:2a:d9:6f:b0:8f:cd:e8:4f: f3:20:71:a5:a0:84:9b:d8:2c:01:5d:23:27:c3:43:d8:e5:6a: 17:14:e0:11:39:ea:3a:8f:14:69:77:b7:01:db:73:ac:76:15: d3:57:e9:55:ec:25:0e:96:9d:0e:bd:67:df:ec:92:4f:63:4b: b5:87:ee:53:80:97:2b:1d:af:4b:70:30:e4:d0:d0:09:4b:d8: 26:19:2f:5f -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9y3Ye55R+V0IcDQEk3sPSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh NWE0YzAwHhcNMjYwMTAyMDgyMDQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDM0ODA3Y2YzODg5ZmVlOTNmMTZjNThmNGY2ZGI2MWRjZDU3ODVlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oZEAIk7Am7Xtw2wushiX+QD+Lu8 BlhtbZEXWytZmYQbU0BWQz2pTqFRY6gjkr9qTbm3XPb66U2mfcJuwjVdgvDQ/+TG q40KjcoWBdOWVAulf8SNVT5R2LGBKLjgjBHaSJejsHvrPte2gMkwU4GQyGF8DOMt sit5blNhJJhOYAzPaHGL01UlDBGjo7iB3mqhL9ALWTAGYjN3cxgZ3DpeJyoTS4PT a9By2rTzd6Exdb2Va0E6UVldrkFxpP8MR9/LVtm8nQsucm7lI6TZZ18/0IMcyklV gmKA0/UfROCDwzn24w4kCsDOlQqV3Qw3rovYKuoXI+49IEi/cZq1MlxICwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN00gHzziJ/uk/FsWPT222Hc1XheMB8GA1UdIwQY MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt MTdiOWRlMTQxMjUyLzEvM1RTQWZQT0luLTZUOFd4WTlQYmJZZHpWZUY0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/KTMA0G CSqGSIb3DQEBCwUAA4IBAQA7U2DlSyXpeGHYkg3b1qNIP0BsnJJCrclWdbv1htU2 anFgfB/9cPb18m+7lXfOepQ8kvcuag+Ba/7g1JW2g2SGzHCflhJqKvuCXn7/aEdI uVzV7phxO+igEY+og9o3f2/gOYkjLCx7lHWwVNw7pGtlf3nz0dSBvxlpif5QuIOO J9co4Ke128sJuj7bmr+QmgGczd67xSiMguEaGCoCLaVGeHyQvK3Z+zfXykFKKtlv sI/N6E/zIHGloISb2CwBXSMnw0PY5WoXFOAROeo6jxRpd7cB23OsdhXTV+lV7CUO lp0OvWff7JJPY0u1h+5TgJcrHa9LcDDk0NAJS9gmGS9f -----END CERTIFICATE-----Generated at Sun Jan 18 06:27:38 2026 by rpki-client