This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/3U9XXw27zqpf94-wxZvCnYoD8Rs.roa File: 3U9XXw27zqpf94-wxZvCnYoD8Rs.roa (raw, json) Hash identifier: ABKpv4/y9oSC6KDlLnuTzCpaeYoyjfjg6JlyvzIxSDs= Subject key identifier: DD:4F:57:5F:0D:BB:CE:AA:5F:F7:8F:B0:C5:9B:C2:9D:8A:03:F1:1B Certificate issuer: /CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f Certificate serial: 019B797F438075B1141B544A0B2E3F314EBC Authority key identifier: F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/3U9XXw27zqpf94-wxZvCnYoD8Rs.roa Signing time: Thu 01 Jan 2026 12:19:01 +0000 ROA not before: Thu 01 Jan 2026 12:19:01 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 39821 IP address blocks: 89.107.120.0/21 maxlen: 21 109.233.240.0/21 maxlen: 21 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/90IFIPikG7BNbRsPQBQOVT-K828.crl rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/90IFIPikG7BNbRsPQBQOVT-K828.mft rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 12:00:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7f:43:80:75:b1:14:1b:54:4a:0b:2e:3f:31:4e:bc Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f Validity Not Before: Jan 1 12:19:01 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd4f575f0dbbceaa5ff78fb0c59bc29d8a03f11b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:85:b6:11:6d:22:49:45:d5:ee:7c:3a:a0:c8: fc:9d:fe:0d:68:a2:8f:1c:ff:52:7b:64:93:33:ac: 74:ab:46:fc:d8:03:ba:40:7a:9f:5a:b0:f1:66:f4: 90:d2:f3:43:36:e2:3b:47:b4:7a:c5:4b:9c:1c:89: 67:41:57:b8:16:72:f3:4f:33:15:42:2d:5c:77:c8: 4c:bb:dc:c9:d8:57:5f:6a:88:2c:bd:8c:62:35:d8: 2f:b4:30:b7:86:fa:80:56:d2:e4:a3:9c:5b:1d:05: ca:85:a9:34:ba:10:b2:8e:79:0b:8c:b7:0a:11:53: c8:2f:24:6c:39:68:71:07:d3:8a:1c:a1:2f:9e:2b: ae:2c:fd:15:05:18:90:cc:07:bb:23:29:60:aa:79: dc:e1:82:11:43:2f:03:81:3a:cb:a7:9f:4f:a1:0a: b9:26:8d:b0:bb:41:5d:4a:45:85:b0:cc:21:f5:8e: a0:5b:df:a4:c1:f4:45:17:5a:2e:5b:35:af:8a:f1: 5c:dd:e5:7e:f7:ef:03:00:e8:a1:c4:b1:76:46:ad: f3:5d:2c:17:89:8b:0b:75:11:78:1f:74:ff:c4:6e: 9f:69:35:e0:f1:d4:35:93:6a:d4:18:ab:fd:88:22: 01:25:70:c8:74:d3:e2:50:48:19:df:5e:36:32:db: 78:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:4F:57:5F:0D:BB:CE:AA:5F:F7:8F:B0:C5:9B:C2:9D:8A:03:F1:1B X509v3 Authority Key Identifier: keyid:F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/3U9XXw27zqpf94-wxZvCnYoD8Rs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/90IFIPikG7BNbRsPQBQOVT-K828.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.107.120.0/21 109.233.240.0/21 Signature Algorithm: sha256WithRSAEncryption 9d:3c:e6:81:4d:df:db:b9:eb:85:c0:82:01:83:48:c0:52:8a: 15:6d:51:08:da:9a:67:83:ba:33:1b:15:71:58:80:f4:a3:40: e0:64:f7:64:6e:35:ff:77:8d:28:e8:38:b1:11:2a:c5:81:0d: 77:b2:74:0b:d7:c1:44:fa:d1:38:ef:7a:8c:51:7c:b0:c9:50: 62:4a:5e:3b:3d:ae:cf:8f:b8:64:e4:ff:42:8c:77:b5:dc:a6: 17:1d:a3:d6:1e:c4:e4:eb:53:fa:55:07:88:16:59:9a:b7:92: 2c:73:eb:1c:e6:41:6a:21:10:03:d7:83:57:7f:ee:87:8e:6b: 30:63:39:7e:35:c3:3d:f5:9a:aa:29:1a:69:4d:10:c6:19:52: 6a:c8:9e:8f:ec:2a:da:57:e5:a3:ce:ff:cb:fa:3f:e8:29:2b: 66:d7:86:91:71:21:1e:34:14:7d:4f:d6:87:b3:08:c9:7a:d4: dd:03:b8:3e:00:2b:f3:a8:f1:99:9c:e1:d5:9c:6b:1b:52:44: 6f:ed:5a:4d:6c:ba:3f:82:8c:76:c7:67:52:07:21:4d:af:65: ca:88:77:96:68:d0:e1:24:92:1e:72:4f:c8:55:73:85:3c:26: c5:b6:73:ea:41:49:fb:44:ec:c0:53:5b:ba:a2:ee:fe:94:64: 0d:25:d6:f5 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5f0OAdbEUG1RKCy4/MU68MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY3NDIwNTIwZjhhNDFiYjA0ZDZkMWIwZjQwMTQwZTU1M2Y4 YWYzNmYwHhcNMjYwMTAxMTIxOTAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDRmNTc1ZjBkYmJjZWFhNWZmNzhmYjBjNTliYzI5ZDhhMDNmMTFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIW2EW0iSUXV7nw6oMj8nf4NaKKP HP9Se2STM6x0q0b82AO6QHqfWrDxZvSQ0vNDNuI7R7R6xUucHIlnQVe4FnLzTzMV Qi1cd8hMu9zJ2FdfaogsvYxiNdgvtDC3hvqAVtLko5xbHQXKhak0uhCyjnkLjLcK EVPILyRsOWhxB9OKHKEvniuuLP0VBRiQzAe7Iylgqnnc4YIRQy8DgTrLp59PoQq5 Jo2wu0FdSkWFsMwh9Y6gW9+kwfRFF1ouWzWvivFc3eV+9+8DAOihxLF2Rq3zXSwX iYsLdRF4H3T/xG6faTXg8dQ1k2rUGKv9iCIBJXDIdNPiUEgZ3142Mtt48wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN1PV18Nu86qX/ePsMWbwp2KA/EbMB8GA1UdIwQY MBaAFPdCBSD4pBuwTW0bD0AUDlU/ivNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYt MDhiZTNlZTZkOGFhLzEvM1U5WFh3Mjd6cXBmOTQtd3hadkNuWW9EOFJzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYtMDhiZTNlZTZkOGFh LzEvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWt4AwQD benwMA0GCSqGSIb3DQEBCwUAA4IBAQCdPOaBTd/bueuFwIIBg0jAUooVbVEI2ppn g7ozGxVxWID0o0DgZPdkbjX/d40o6DixESrFgQ13snQL18FE+tE473qMUXywyVBi Sl47Pa7Pj7hk5P9CjHe13KYXHaPWHsTk61P6VQeIFlmat5Isc+sc5kFqIRAD14NX f+6HjmswYzl+NcM99ZqqKRppTRDGGVJqyJ6P7CraV+Wjzv/L+j/oKStm14aRcSEe NBR9T9aHswjJetTdA7g+ACvzqPGZnOHVnGsbUkRv7VpNbLo/gox2x2dSByFNr2XK iHeWaNDhJJIeck/IVXOFPCbFtnPqQUn7ROzAU1u6ou7+lGQNJdb1 -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:56 2026 by rpki-client