This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/g3UM-mxo9surPyGX-ua-Jw8Hwy0.roa File: g3UM-mxo9surPyGX-ua-Jw8Hwy0.roa (raw, json) Hash identifier: rLTMTj/qJ9X8Z52HM7aUZCnlG5iT1wzURKa+BIyHlNY= Subject key identifier: 83:75:0C:FA:6C:68:F6:CB:AB:3F:21:97:FA:E6:BE:27:0F:07:C3:2D Certificate issuer: /CN=609ea7abafc52c7ffa20a7a6aae4ae2d26252076 Certificate serial: 019B76EAEC2E803645FEC81CAB9F108DCA86 Authority key identifier: 60:9E:A7:AB:AF:C5:2C:7F:FA:20:A7:A6:AA:E4:AE:2D:26:25:20:76 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJ6nq6_FLH_6IKemquSuLSYlIHY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/g3UM-mxo9surPyGX-ua-Jw8Hwy0.roa Signing time: Thu 01 Jan 2026 00:17:45 +0000 ROA not before: Thu 01 Jan 2026 00:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50673 IP address blocks: 91.215.148.0/22 maxlen: 24 141.138.216.0/21 maxlen: 24 178.20.56.0/21 maxlen: 24 185.50.208.0/22 maxlen: 24 2a03:5380::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/YJ6nq6_FLH_6IKemquSuLSYlIHY.crl rsync://rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/YJ6nq6_FLH_6IKemquSuLSYlIHY.mft rsync://rpki.ripe.net/repository/DEFAULT/YJ6nq6_FLH_6IKemquSuLSYlIHY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 03:01:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:ec:2e:80:36:45:fe:c8:1c:ab:9f:10:8d:ca:86 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=609ea7abafc52c7ffa20a7a6aae4ae2d26252076 Validity Not Before: Jan 1 00:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=83750cfa6c68f6cbab3f2197fae6be270f07c32d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:fe:19:28:2a:ea:76:64:10:60:1f:d9:30:2b: 0a:29:99:00:11:d6:3a:0b:83:e8:b6:ee:9b:e7:8f: 12:a1:84:80:fd:d1:ad:5f:b6:4c:bf:a2:0c:d1:fe: ca:46:cb:35:5c:6c:b0:34:ef:45:74:a1:45:d7:cb: 5d:2f:44:61:63:cd:7a:ce:23:19:d0:0c:d8:d4:1a: 09:39:24:d9:e5:9c:7f:c7:c7:ab:79:48:f8:de:98: 1c:16:85:48:83:e8:c3:2f:d8:a3:82:62:63:d6:5d: b1:8c:1a:b6:26:50:31:58:d4:fb:ca:09:1a:4f:3e: 66:9c:9a:0a:96:63:54:83:eb:f4:96:06:9c:5f:28: 0d:df:e2:d8:2a:d5:c0:94:09:8a:d8:c4:6f:b0:3c: c4:51:9b:09:9f:76:80:21:7c:1d:40:bf:61:af:ff: 82:08:1d:a3:87:83:ab:b3:93:ff:9d:43:2b:69:92: ce:01:6f:57:6e:25:fe:eb:dc:6f:97:35:27:1e:e0: 9a:a6:c5:a0:19:81:ec:85:66:f0:06:4a:1b:03:53: 4c:1e:e1:92:2b:7d:a0:33:2d:0b:a3:f6:f4:98:f1: 71:4f:d2:a8:2f:82:f1:e3:fc:a9:cf:53:6b:25:62: 98:72:b5:ac:2b:fd:0e:3b:18:c0:a0:00:06:51:56: 33:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:75:0C:FA:6C:68:F6:CB:AB:3F:21:97:FA:E6:BE:27:0F:07:C3:2D X509v3 Authority Key Identifier: keyid:60:9E:A7:AB:AF:C5:2C:7F:FA:20:A7:A6:AA:E4:AE:2D:26:25:20:76 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJ6nq6_FLH_6IKemquSuLSYlIHY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/g3UM-mxo9surPyGX-ua-Jw8Hwy0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/d4565d-c884-4e2b-9d9a-4170b82adf5d/1/YJ6nq6_FLH_6IKemquSuLSYlIHY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.215.148.0/22 141.138.216.0/21 178.20.56.0/21 185.50.208.0/22 IPv6: 2a03:5380::/32 Signature Algorithm: sha256WithRSAEncryption 19:0a:49:68:a4:5a:cc:65:30:0d:5f:c8:fa:d5:57:de:65:c0: 49:c2:df:98:a8:c7:00:55:40:3b:00:0a:a3:3c:c2:7a:74:b0: ab:11:95:d5:19:90:f2:b2:bb:fd:ba:fb:6f:32:c4:9c:58:be: 61:a8:98:e2:cd:80:96:87:0d:3b:f7:50:6c:9f:b0:ef:15:4f: f0:91:24:47:ad:0a:a9:7c:2a:63:2b:fa:62:c0:9d:c4:1a:34: 0e:dc:80:7f:b7:8d:f9:e0:61:0f:67:9f:72:c7:2f:a4:c0:b7: 4b:e2:5b:ed:a7:21:06:90:12:1e:fb:00:c2:85:72:d4:3c:1c: 85:1e:94:69:e8:65:0b:60:2f:ef:39:87:c3:0b:e2:89:27:dd: 85:85:97:3b:65:69:d2:ba:8d:73:35:cd:9c:f7:40:75:d6:3c: 98:c0:f6:61:cf:4f:14:b6:77:ea:46:b0:ff:14:0f:86:1a:10: e5:b1:e8:87:ab:87:f8:1d:ab:59:4f:97:ed:08:cb:d7:91:2a: 89:d9:ad:24:d4:da:94:a3:0b:18:f6:58:d1:24:56:96:2c:6a: 30:95:2b:96:1c:40:d2:04:43:9d:fe:8c:c7:29:f2:c6:e1:cd: 25:a6:d1:ff:32:ce:88:92:0d:20:f6:c6:e5:38:b8:80:58:8e: fe:c3:a2:db -----BEGIN CERTIFICATE----- MIIFHjCCBAagAwIBAgISAZt26uwugDZF/sgcq58QjcqGMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDYwOWVhN2FiYWZjNTJjN2ZmYTIwYTdhNmFhZTRhZTJkMjYy NTIwNzYwHhcNMjYwMTAxMDAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4Mzc1MGNmYTZjNjhmNmNiYWIzZjIxOTdmYWU2YmUyNzBmMDdjMzJkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsv4ZKCrqdmQQYB/ZMCsKKZkAEdY6 C4Potu6b548SoYSA/dGtX7ZMv6IM0f7KRss1XGywNO9FdKFF18tdL0RhY816ziMZ 0AzY1BoJOSTZ5Zx/x8ereUj43pgcFoVIg+jDL9ijgmJj1l2xjBq2JlAxWNT7ygka Tz5mnJoKlmNUg+v0lgacXygN3+LYKtXAlAmK2MRvsDzEUZsJn3aAIXwdQL9hr/+C CB2jh4Ors5P/nUMraZLOAW9XbiX+69xvlzUnHuCapsWgGYHshWbwBkobA1NMHuGS K32gMy0Lo/b0mPFxT9KoL4Lx4/ypz1NrJWKYcrWsK/0OOxjAoAAGUVYzCwIDAQAB o4ICKjCCAiYwHQYDVR0OBBYEFIN1DPpsaPbLqz8hl/rmvicPB8MtMB8GA1UdIwQY MBaAFGCep6uvxSx/+iCnpqrkri0mJSB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWUo2bnE2X0ZMSF82SUtlbXF1U3VMU1lsSUhZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9kNDU2NWQtYzg4NC00ZTJiLTlkOWEt NDE3MGI4MmFkZjVkLzEvZzNVTS1teG85c3VyUHlHWC11YS1KdzhId3kwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hOC9kNDU2NWQtYzg4NC00ZTJiLTlkOWEtNDE3MGI4MmFkZjVk LzEvWUo2bnE2X0ZMSF82SUtlbXF1U3VMU1lsSUhZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW9eUAwQD jYrYAwQDshQ4AwQCuTLQMA0EAgACMAcDBQAqA1OAMA0GCSqGSIb3DQEBCwUAA4IB AQAZCklopFrMZTANX8j61VfeZcBJwt+YqMcAVUA7AAqjPMJ6dLCrEZXVGZDysrv9 uvtvMsScWL5hqJjizYCWhw0791Bsn7DvFU/wkSRHrQqpfCpjK/piwJ3EGjQO3IB/ t4354GEPZ59yxy+kwLdL4lvtpyEGkBIe+wDChXLUPByFHpRp6GULYC/vOYfDC+KJ J92FhZc7ZWnSuo1zNc2c90B11jyYwPZhz08UtnfqRrD/FA+GGhDlseiHq4f4HatZ T5ftCMvXkSqJ2a0k1NqUowsY9ljRJFaWLGowlSuWHEDSBEOd/ozHKfLG4c0lptH/ Ms6Ikg0g9sblOLiAWI7+w6Lb -----END CERTIFICATE-----Generated at Sun Jan 11 11:45:38 2026 by rpki-client