This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3QU72n6t3MWYqTRmtQPsgUZpVD4.roa File: 3QU72n6t3MWYqTRmtQPsgUZpVD4.roa (raw, json) Hash identifier: SI2+K6a2Rt0xu9fvCiRz8l4pzkh4ttyf9ACSs48nZZ8= Subject key identifier: DD:05:3B:DA:7E:AD:DC:C5:98:A9:34:66:B5:03:EC:81:46:69:54:3E Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Certificate serial: 019B7C806949C7F422E716E8BB7BF269FCB8 Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3QU72n6t3MWYqTRmtQPsgUZpVD4.roa Signing time: Fri 02 Jan 2026 02:19:08 +0000 ROA not before: Fri 02 Jan 2026 02:19:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 139648 IP address blocks: 45.67.53.0/24 maxlen: 24 45.67.54.0/24 maxlen: 24 194.156.231.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Fri 23 Jan 2026 16:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:80:69:49:c7:f4:22:e7:16:e8:bb:7b:f2:69:fc:b8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13 Validity Not Before: Jan 2 02:19:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd053bda7eaddcc598a93466b503ec814669543e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:4c:05:4a:8e:9c:0b:30:2c:9f:ea:eb:29:a6: 0c:00:48:f5:0a:96:78:ae:e6:97:c1:8d:0a:9a:12: 82:b4:40:db:7a:52:9b:09:53:f3:2c:e0:55:56:d6: bd:e9:a4:c0:b9:15:47:34:0b:b1:1e:6e:f5:f4:b9: 7d:ca:40:dc:78:e9:41:4c:e3:35:f2:9c:79:68:ce: 08:ca:2e:b6:41:57:a7:6d:93:b4:dc:ee:4c:ac:09: 00:ce:eb:72:91:bc:9d:9d:8d:31:91:20:bb:7f:40: 41:2c:d3:0c:50:c0:f4:96:51:23:0e:c5:e7:98:af: 9e:0c:cb:d5:e9:f0:0b:ec:44:c1:69:8a:f1:62:ba: dd:94:10:2d:fa:ef:90:36:5b:55:c3:fb:c6:a7:32: c3:57:a5:9f:d0:7c:31:11:62:a1:12:a8:cd:16:ec: 6d:81:73:48:92:60:f6:55:9f:91:17:89:14:e5:a4: 2b:e4:09:c3:39:bb:ed:32:66:a1:76:46:6e:58:6d: 28:c3:9f:15:86:ea:84:49:44:52:4f:92:cc:95:bc: d5:48:49:5d:be:88:56:3b:fe:b2:5d:8e:38:a9:2b: b3:e6:f3:cf:9f:7c:f9:4c:2f:d1:a3:b4:f2:35:dd: 67:f6:9a:55:c1:e6:35:26:35:5b:34:6e:a6:44:cd: c6:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:05:3B:DA:7E:AD:DC:C5:98:A9:34:66:B5:03:EC:81:46:69:54:3E X509v3 Authority Key Identifier: keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/3QU72n6t3MWYqTRmtQPsgUZpVD4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.67.53.0-45.67.54.255 194.156.231.0/24 Signature Algorithm: sha256WithRSAEncryption a6:ee:a9:3e:d9:bd:22:26:ee:da:c3:c3:78:09:ec:5f:1a:e9: 68:13:67:a3:c8:2d:8b:96:71:0d:5d:e2:36:28:75:94:9a:a3: 45:92:a7:e5:ad:45:6b:1d:19:44:4a:91:ad:bc:e9:ec:21:f6: 0e:1f:63:de:f3:86:8b:32:e4:c9:da:01:58:7e:47:9a:db:57: 9e:1d:a0:90:0f:3a:c7:08:78:b9:21:9b:c1:16:05:a8:e4:ff: f6:8d:18:0c:17:46:c6:d9:7b:12:5d:85:d8:95:9f:02:c7:58: 65:63:b5:3b:a4:2a:03:73:d6:1c:9f:b9:9a:d9:e2:e9:a5:4f: 81:19:08:82:41:f2:c3:a7:2e:db:da:dd:c5:b5:ed:ab:fa:76: 07:82:2f:eb:7a:a3:9b:c4:6e:b2:32:1a:51:4b:8f:82:36:02: 5d:ad:18:23:3e:cd:83:0d:55:8e:b8:0a:d9:e0:b2:d4:1f:ab: bb:a3:d9:2f:5b:b3:9f:06:28:13:a0:36:3e:33:79:b2:22:fd: 54:f3:0f:53:82:c0:7c:66:70:9d:80:20:4d:25:96:35:ae:81: 1c:35:8a:3a:5b:e1:3a:f2:bd:ff:2d:f5:92:d4:7d:cc:d4:86: d6:85:33:d8:3b:23:90:7b:89:54:a8:95:df:cf:69:5e:79:43: a1:af:96:f4 -----BEGIN CERTIFICATE----- MIIFCzCCA/OgAwIBAgISAZt8gGlJx/Qi5xbou3vyafy4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy ODhmMTMwHhcNMjYwMTAyMDIxOTA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDA1M2JkYTdlYWRkY2M1OThhOTM0NjZiNTAzZWM4MTQ2Njk1NDNlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0wFSo6cCzAsn+rrKaYMAEj1CpZ4 ruaXwY0KmhKCtEDbelKbCVPzLOBVVta96aTAuRVHNAuxHm719Ll9ykDceOlBTOM1 8px5aM4Iyi62QVenbZO03O5MrAkAzutykbydnY0xkSC7f0BBLNMMUMD0llEjDsXn mK+eDMvV6fAL7ETBaYrxYrrdlBAt+u+QNltVw/vGpzLDV6Wf0HwxEWKhEqjNFuxt gXNIkmD2VZ+RF4kU5aQr5AnDObvtMmahdkZuWG0ow58VhuqESURST5LMlbzVSEld vohWO/6yXY44qSuz5vPPn3z5TC/Ro7TyNd1n9ppVweY1JjVbNG6mRM3GuwIDAQAB o4ICFzCCAhMwHQYDVR0OBBYEFN0FO9p+rdzFmKk0ZrUD7IFGaVQ+MB8GA1UdIwQY MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt NzM2Nzg5ZWU2ZmQwLzEvM1FVNzJuNnQzTVdZcVRSbXRRUHNnVVpwVkQ0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAtQzUD BAAtQzYDBADCnOcwDQYJKoZIhvcNAQELBQADggEBAKbuqT7ZvSIm7trDw3gJ7F8a 6WgTZ6PILYuWcQ1d4jYodZSao0WSp+WtRWsdGURKka286ewh9g4fY97zhosy5Mna AVh+R5rbV54doJAPOscIeLkhm8EWBajk//aNGAwXRsbZexJdhdiVnwLHWGVjtTuk KgNz1hyfuZrZ4umlT4EZCIJB8sOnLtva3cW17av6dgeCL+t6o5vEbrIyGlFLj4I2 Al2tGCM+zYMNVY64CtngstQfq7uj2S9bs58GKBOgNj4zebIi/VTzD1OCwHxmcJ2A IE0lljWugRw1ijpb4Tryvf8t9ZLUfczUhtaFM9g7I5B7iVSold/PaV55Q6GvlvQ= -----END CERTIFICATE-----Generated at Thu Jan 22 23:35:13 2026 by rpki-client