This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/sd3Ti-PexTeIfKSIlFVsahi831g.roa File: sd3Ti-PexTeIfKSIlFVsahi831g.roa (raw, json) Hash identifier: bnhb+UkUn0OUvRl5Jv3gihCvYD+cOKAgFSe/iwbzctY= Subject key identifier: B1:DD:D3:8B:E3:DE:C5:37:88:7C:A4:88:94:55:6C:6A:18:BC:DF:58 Certificate issuer: /CN=d1c81c62d3942033d0a74044b0c5a4f113e43df3 Certificate serial: 019B7EA48413B0789DDBFC66526ED385113D Authority key identifier: D1:C8:1C:62:D3:94:20:33:D0:A7:40:44:B0:C5:A4:F1:13:E4:3D:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0cgcYtOUIDPQp0BEsMWk8RPkPfM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/sd3Ti-PexTeIfKSIlFVsahi831g.roa Signing time: Fri 02 Jan 2026 12:17:49 +0000 ROA not before: Fri 02 Jan 2026 12:17:49 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 58194 IP address blocks: 91.239.176.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/0cgcYtOUIDPQp0BEsMWk8RPkPfM.crl rsync://rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/0cgcYtOUIDPQp0BEsMWk8RPkPfM.mft rsync://rpki.ripe.net/repository/DEFAULT/0cgcYtOUIDPQp0BEsMWk8RPkPfM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:84:13:b0:78:9d:db:fc:66:52:6e:d3:85:11:3d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d1c81c62d3942033d0a74044b0c5a4f113e43df3 Validity Not Before: Jan 2 12:17:49 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=b1ddd38be3dec537887ca48894556c6a18bcdf58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:c9:11:01:06:ca:d3:07:d9:a3:7f:5b:af:79: 46:cb:ba:01:f9:78:22:50:c3:ce:3a:bd:fa:c6:fa: 44:e4:11:ac:8c:35:20:1d:72:a7:bf:18:eb:f8:e8: 8c:7b:00:0d:aa:31:43:68:ce:5b:45:30:38:4a:5c: 78:e3:c3:60:4c:fe:11:d3:03:6e:ea:cc:8d:a2:e2: a7:44:80:c4:b5:17:18:a9:18:fe:e0:be:17:27:47: 87:ea:71:c1:f9:d1:ce:b9:f9:b3:15:23:36:29:a7: 84:59:19:ad:8a:89:20:a0:5c:fa:83:0b:2a:b7:4e: bd:ac:11:88:51:05:6c:fb:33:e4:8c:7f:6a:20:b4: 12:88:41:63:03:b5:3b:f7:53:fe:58:9d:de:b1:91: 1e:a7:23:47:9a:ea:f7:72:71:ff:51:55:e1:82:9d: 68:09:8a:19:80:83:54:04:ce:6e:81:13:ad:b2:f3: 30:b0:6d:b1:d8:d2:a2:c5:c1:84:5a:1d:a0:68:e9: 0b:8b:37:96:2c:98:7e:07:44:e4:23:b8:b5:38:17: 2b:03:77:cb:64:32:55:f6:37:5b:34:78:99:41:5a: 30:69:10:5f:77:0d:88:fe:ef:e4:b4:cf:1b:05:c3: f1:3a:d3:0b:02:c3:a9:69:ae:49:be:86:fb:e5:17: 07:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:DD:D3:8B:E3:DE:C5:37:88:7C:A4:88:94:55:6C:6A:18:BC:DF:58 X509v3 Authority Key Identifier: keyid:D1:C8:1C:62:D3:94:20:33:D0:A7:40:44:B0:C5:A4:F1:13:E4:3D:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0cgcYtOUIDPQp0BEsMWk8RPkPfM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/sd3Ti-PexTeIfKSIlFVsahi831g.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/87f973-ea6e-47df-b1b0-df3138b434c8/1/0cgcYtOUIDPQp0BEsMWk8RPkPfM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.239.176.0/24 Signature Algorithm: sha256WithRSAEncryption 12:4f:3a:f8:39:fc:cf:aa:85:35:27:91:2c:c3:f9:20:5b:19: 39:89:b2:3a:48:a0:eb:8a:2b:26:11:53:f7:02:e7:c8:8a:c1: bf:c2:37:b1:70:a1:fc:af:5c:bd:a4:d2:f6:80:7f:e9:a9:de: 83:cf:18:cf:05:74:50:d0:02:39:d4:93:97:26:36:7c:0c:e1: 6f:8e:41:ba:97:1c:6f:ce:c7:df:70:4f:53:97:3e:6e:bc:ce: ba:70:8d:b1:48:97:de:12:c5:c3:47:3e:75:ca:8e:35:ba:3f: e2:9e:00:5a:d3:88:6f:d4:68:55:9b:d2:72:da:f1:6f:22:6c: b1:c8:4e:91:9e:d5:c0:35:95:ac:00:68:a9:04:6c:53:5a:2f: 46:cc:c8:ee:34:dc:7e:ab:ff:a3:9b:54:e6:7b:a4:58:49:88: ba:f5:74:ef:a2:4f:14:88:ae:ea:52:f9:fc:a7:74:ad:5e:16: ea:20:b6:6f:82:52:48:3f:6c:56:dd:58:09:59:9d:fc:84:a0: 13:b9:f4:02:c9:b8:84:e7:7c:ce:b5:f9:69:65:39:eb:db:4c: 8d:4c:42:29:49:9f:60:90:2f:41:f2:8f:e8:ad:66:c8:5f:6a: c5:4c:25:e6:fe:2b:d1:d7:3f:38:7f:af:c4:a3:d0:73:ee:fb: 57:70:1f:83 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+pIQTsHid2/xmUm7ThRE9MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQxYzgxYzYyZDM5NDIwMzNkMGE3NDA0NGIwYzVhNGYxMTNl NDNkZjMwHhcNMjYwMTAyMTIxNzQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiMWRkZDM4YmUzZGVjNTM3ODg3Y2E0ODg5NDU1NmM2YTE4YmNkZjU4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsskRAQbK0wfZo39br3lGy7oB+Xgi UMPOOr36xvpE5BGsjDUgHXKnvxjr+OiMewANqjFDaM5bRTA4Slx448NgTP4R0wNu 6syNouKnRIDEtRcYqRj+4L4XJ0eH6nHB+dHOufmzFSM2KaeEWRmtiokgoFz6gwsq t069rBGIUQVs+zPkjH9qILQSiEFjA7U791P+WJ3esZEepyNHmur3cnH/UVXhgp1o CYoZgINUBM5ugROtsvMwsG2x2NKixcGEWh2gaOkLizeWLJh+B0TkI7i1OBcrA3fL ZDJV9jdbNHiZQVowaRBfdw2I/u/ktM8bBcPxOtMLAsOpaa5Jvob75RcHuQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFLHd04vj3sU3iHykiJRVbGoYvN9YMB8GA1UdIwQY MBaAFNHIHGLTlCAz0KdARLDFpPET5D3zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMGNnY1l0T1VJRFBRcDBCRXNNV2s4UlBrUGZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi84N2Y5NzMtZWE2ZS00N2RmLWIxYjAt ZGYzMTM4YjQzNGM4LzEvc2QzVGktUGV4VGVJZktTSWxGVnNhaGk4MzFnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMi84N2Y5NzMtZWE2ZS00N2RmLWIxYjAtZGYzMTM4YjQzNGM4 LzEvMGNnY1l0T1VJRFBRcDBCRXNNV2s4UlBrUGZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW++wMA0G CSqGSIb3DQEBCwUAA4IBAQASTzr4OfzPqoU1J5Esw/kgWxk5ibI6SKDriismEVP3 AufIisG/wjexcKH8r1y9pNL2gH/pqd6DzxjPBXRQ0AI51JOXJjZ8DOFvjkG6lxxv zsffcE9Tlz5uvM66cI2xSJfeEsXDRz51yo41uj/ingBa04hv1GhVm9Jy2vFvImyx yE6RntXANZWsAGipBGxTWi9GzMjuNNx+q/+jm1Tme6RYSYi69XTvok8UiK7qUvn8 p3StXhbqILZvglJIP2xW3VgJWZ38hKATufQCybiE53zOtflpZTnr20yNTEIpSZ9g kC9B8o/orWbIX2rFTCXm/ivR1z84f6/Eo9Bz7vtXcB+D -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:37 2026 by rpki-client