This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3nWcd2m6s6bBzM_QYoygo0Ze6w0.roa File: 3nWcd2m6s6bBzM_QYoygo0Ze6w0.roa (raw, json) Hash identifier: htxDxHlHgU8dQkoVd6zcmNYRmFdbpmcNklfsUpe9Ix0= Subject key identifier: DE:75:9C:77:69:BA:B3:A6:C1:CC:CF:D0:62:8C:A0:A3:46:5E:EB:0D Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Certificate serial: 019B76EB7BDF5866BF513BDA29754048480F Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3nWcd2m6s6bBzM_QYoygo0Ze6w0.roa Signing time: Thu 01 Jan 2026 00:18:22 +0000 ROA not before: Thu 01 Jan 2026 00:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5606 IP address blocks: 31.14.21.0/24 maxlen: 24 45.14.236.0/24 maxlen: 24 45.14.238.0/24 maxlen: 24 45.67.36.0/24 maxlen: 24 45.67.38.0/24 maxlen: 24 45.67.39.0/24 maxlen: 24 45.82.28.0/23 maxlen: 23 84.247.23.0/24 maxlen: 24 89.34.101.0/24 maxlen: 24 89.39.6.0/24 maxlen: 24 89.39.7.0/24 maxlen: 24 89.42.133.0/24 maxlen: 24 92.114.2.0/24 maxlen: 24 92.114.3.0/24 maxlen: 24 93.174.160.0/24 maxlen: 24 93.174.162.0/24 maxlen: 24 93.174.167.0/24 maxlen: 24 176.223.114.0/24 maxlen: 24 185.220.184.0/24 maxlen: 24 185.220.185.0/24 maxlen: 24 185.220.186.0/24 maxlen: 24 185.248.139.0/24 maxlen: 24 188.240.0.0/24 maxlen: 24 188.241.72.0/24 maxlen: 24 188.241.73.0/24 maxlen: 24 188.241.74.0/23 maxlen: 23 193.16.144.0/24 maxlen: 24 193.200.62.0/24 maxlen: 24 193.200.63.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 06:00:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:7b:df:58:66:bf:51:3b:da:29:75:40:48:48:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589 Validity Not Before: Jan 1 00:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de759c7769bab3a6c1cccfd0628ca0a3465eeb0d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:8b:b7:74:63:17:5b:79:8b:4e:5b:ee:12:cd:02: 3d:45:2d:a5:ff:25:20:f8:15:68:4f:f6:e5:b4:8e: 93:af:3b:94:29:e7:67:75:4d:d3:aa:37:10:91:53: d1:a4:b6:fe:d6:41:fc:92:54:44:8d:2e:9c:3c:c6: 80:b7:0c:8c:99:36:e8:7c:44:bb:7d:bb:95:e2:f5: 12:09:a9:6a:b4:fc:06:a7:b1:83:ea:bd:5e:86:d7: b6:b7:a5:2b:e6:46:24:82:e7:07:fa:16:13:bc:f0: d0:2a:4a:4a:ae:49:ad:49:bf:34:ac:15:ac:6e:50: 6b:78:1e:a2:bb:d2:96:16:86:5b:fe:92:55:12:d8: 24:ca:f9:46:b1:92:03:03:ef:eb:52:3f:2c:9f:79: 4a:a7:94:19:19:ab:84:ed:fa:29:f5:0d:25:1e:13: d4:75:d0:92:ef:9b:18:a0:30:9d:29:ad:a9:02:0f: d8:7a:06:3d:d2:87:44:f0:c2:5c:c5:d0:1c:10:28: 1a:ff:56:8f:aa:9c:cd:4d:fd:fe:b2:4b:4d:18:75: 6e:13:3b:89:85:8f:21:41:c5:74:a6:b1:7a:bc:3c: c6:e6:8e:0c:f2:b0:65:17:7e:12:06:a3:7b:d0:9c: 3a:ff:67:e2:03:fd:da:df:7a:c8:01:31:89:a8:8a: d7:83 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:75:9C:77:69:BA:B3:A6:C1:CC:CF:D0:62:8C:A0:A3:46:5E:EB:0D X509v3 Authority Key Identifier: keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3nWcd2m6s6bBzM_QYoygo0Ze6w0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.14.21.0/24 45.14.236.0/24 45.14.238.0/24 45.67.36.0/24 45.67.38.0/23 45.82.28.0/23 84.247.23.0/24 89.34.101.0/24 89.39.6.0/23 89.42.133.0/24 92.114.2.0/23 93.174.160.0/24 93.174.162.0/24 93.174.167.0/24 176.223.114.0/24 185.220.184.0-185.220.186.255 185.248.139.0/24 188.240.0.0/24 188.241.72.0/22 193.16.144.0/24 193.200.62.0/23 Signature Algorithm: sha256WithRSAEncryption 71:12:08:23:cc:75:36:04:61:79:72:04:16:d7:bb:b7:9f:11: 55:13:e6:74:77:49:08:b5:76:c4:77:a2:78:c8:4f:07:78:a7: 38:9b:97:29:aa:90:03:39:b2:91:2a:7c:dc:6e:9f:7d:6d:57: 40:6b:61:05:21:36:f7:be:8d:9f:c8:e8:9d:d2:c4:72:7e:e4: 54:51:90:b5:8a:98:49:3d:3e:df:07:ea:9d:3a:07:74:09:a4: 3f:37:b9:3c:85:16:b1:02:0e:82:bf:94:f2:d8:83:0c:86:8f: ba:4c:76:c8:9f:2b:8c:f1:9b:30:e8:83:37:a4:c2:bf:0e:76: 97:0d:c8:2c:d5:d5:3c:56:76:54:8f:ee:f1:61:e6:1f:60:f7: c3:97:94:a1:ec:55:22:e7:af:ce:18:0f:6c:eb:87:92:c7:df: 38:db:75:28:d1:73:05:70:dc:4d:dc:06:54:1c:e0:4c:70:82: 9e:70:3b:c4:d2:a2:af:20:c5:93:92:54:f9:94:66:49:47:4c: d6:d7:cb:e1:95:8c:3d:d1:c2:22:a3:0c:3d:4e:81:26:25:c0: 54:89:84:79:ae:99:af:c5:0a:f4:08:17:9b:f4:74:80:2a:3f: 9b:b7:79:25:4b:72:16:9f:02:b9:0f:48:4c:2f:91:b4:1d:8c: a1:d7:94:6d -----BEGIN CERTIFICATE----- MIIFgjCCBGqgAwIBAgISAZt263vfWGa/UTvaKXVASEgPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3 YjQ1ODkwHhcNMjYwMTAxMDAxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTc1OWM3NzY5YmFiM2E2YzFjY2NmZDA2MjhjYTBhMzQ2NWVlYjBkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7d0YxdbeYtOW+4SzQI9RS2l/yUg +BVoT/bltI6TrzuUKedndU3TqjcQkVPRpLb+1kH8klREjS6cPMaAtwyMmTbofES7 fbuV4vUSCalqtPwGp7GD6r1ehte2t6Ur5kYkgucH+hYTvPDQKkpKrkmtSb80rBWs blBreB6iu9KWFoZb/pJVEtgkyvlGsZIDA+/rUj8sn3lKp5QZGauE7fop9Q0lHhPU ddCS75sYoDCdKa2pAg/YegY90odE8MJcxdAcECga/1aPqpzNTf3+sktNGHVuEzuJ hY8hQcV0prF6vDzG5o4M8rBlF34SBqN70Jw6/2fiA/3a33rIATGJqIrXgwIDAQAB o4ICjjCCAoowHQYDVR0OBBYEFN51nHdpurOmwczP0GKMoKNGXusNMB8GA1UdIwQY MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt MmVjZTA0ZTE4NWMyLzEvM25XY2QybTZzNmJCek1fUVlveWdvMFplNncwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAf DhUDBAAtDuwDBAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBABZImUDBAFZ JwYDBABZKoUDBAFccgIDBABdrqADBABdrqIDBABdrqcDBACw33IwDAMEA7ncuAME ALncugMEALn4iwMEALzwAAMEArzxSAMEAMEQkAMEAcHIPjANBgkqhkiG9w0BAQsF AAOCAQEAcRIII8x1NgRheXIEFte7t58RVRPmdHdJCLV2xHeieMhPB3inOJuXKaqQ AzmykSp83G6ffW1XQGthBSE2976Nn8jondLEcn7kVFGQtYqYST0+3wfqnToHdAmk Pze5PIUWsQIOgr+U8tiDDIaPukx2yJ8rjPGbMOiDN6TCvw52lw3ILNXVPFZ2VI/u 8WHmH2D3w5eUoexVIuevzhgPbOuHksffONt1KNFzBXDcTdwGVBzgTHCCnnA7xNKi ryDFk5JU+ZRmSUdM1tfL4ZWMPdHCIqMMPU6BJiXAVImEea6Zr8UK9AgXm/R0gCo/ m7d5JUtyFp8CuQ9ITC+RtB2ModeUbQ== -----END CERTIFICATE-----Generated at Wed Jan 21 11:08:18 2026 by rpki-client