This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/3faqLvWKyRbHeIrogN3_fV0BvCI.roa File: 3faqLvWKyRbHeIrogN3_fV0BvCI.roa (raw, json) Hash identifier: UQfJ7cK1wnMDVZHxIQBIYMz3jz7zOHrQbZVbdTLcoWw= Subject key identifier: DD:F6:AA:2E:F5:8A:C9:16:C7:78:8A:E8:80:DD:FF:7D:5D:01:BC:22 Certificate issuer: /CN=476065d71f1e98f9a7ca78e614ecf5f46d5a643c Certificate serial: 019B7B362EFBFF1036BFA427A99D08AEB82E Authority key identifier: 47:60:65:D7:1F:1E:98:F9:A7:CA:78:E6:14:EC:F5:F4:6D:5A:64:3C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/3faqLvWKyRbHeIrogN3_fV0BvCI.roa Signing time: Thu 01 Jan 2026 20:18:27 +0000 ROA not before: Thu 01 Jan 2026 20:18:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 42484 IP address blocks: 81.13.111.0/24 maxlen: 24 81.13.112.0/24 maxlen: 24 194.67.129.0/24 maxlen: 24 194.67.139.0/24 maxlen: 24 213.252.101.0/24 maxlen: 24 213.252.108.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.crl rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.mft rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 11:00:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:2e:fb:ff:10:36:bf:a4:27:a9:9d:08:ae:b8:2e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=476065d71f1e98f9a7ca78e614ecf5f46d5a643c Validity Not Before: Jan 1 20:18:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddf6aa2ef58ac916c7788ae880ddff7d5d01bc22 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:13:08:ff:62:35:83:5c:06:84:48:af:c4:28: 03:56:d0:90:3b:17:41:c2:e0:00:78:51:70:eb:43: 46:6a:bc:b9:46:7b:28:05:78:be:7c:ce:62:73:1a: 33:79:c0:6a:07:8f:a7:6d:5a:23:6b:f5:dd:0e:fa: d6:ab:05:a8:c9:76:d0:f3:60:e1:6c:4c:98:c4:59: 19:7e:5d:5c:95:f3:76:6b:12:57:03:86:f8:31:e4: d7:cf:06:fe:6a:6c:57:33:a5:8d:95:52:82:a4:93: 50:88:dc:93:5b:6e:75:97:5f:03:af:51:f9:08:b8: 3d:f2:de:b9:b4:57:83:32:c0:a4:69:0c:80:6a:ab: e4:47:7f:25:85:e9:bd:fa:1f:98:63:30:ac:c8:b2: 11:cc:fa:cf:d1:fe:55:95:1d:39:06:c7:83:40:52: be:ba:e8:66:9d:27:78:67:8a:46:56:31:e3:e0:e5: 91:e5:5d:41:60:33:96:3d:04:8f:60:e6:de:f0:33: 8b:bd:a3:a3:c6:4f:a9:ba:6e:2f:8e:19:7d:92:ed: 23:80:43:a3:b1:aa:4a:dc:8d:09:48:e0:a1:da:d7: 19:b8:ee:f7:5b:36:bf:65:c6:05:33:8b:28:94:f9: 88:b6:cd:ae:f1:62:9c:a2:0f:22:4c:3f:b9:8f:5f: 25:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:F6:AA:2E:F5:8A:C9:16:C7:78:8A:E8:80:DD:FF:7D:5D:01:BC:22 X509v3 Authority Key Identifier: keyid:47:60:65:D7:1F:1E:98:F9:A7:CA:78:E6:14:EC:F5:F4:6D:5A:64:3C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R2Bl1x8emPmnynjmFOz19G1aZDw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/3faqLvWKyRbHeIrogN3_fV0BvCI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/526f3e-8924-48bd-a772-b51953037993/1/R2Bl1x8emPmnynjmFOz19G1aZDw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 81.13.111.0-81.13.112.255 194.67.129.0/24 194.67.139.0/24 213.252.101.0/24 213.252.108.0/24 Signature Algorithm: sha256WithRSAEncryption 8b:ff:77:72:1e:0a:59:98:8e:8e:a8:73:05:ed:69:60:95:69: 31:3c:c9:f0:09:13:79:54:03:33:72:3f:40:31:22:51:da:c2: ca:3c:e0:b5:89:66:20:d7:c4:47:d0:73:41:3a:c2:bb:19:c2: c6:b4:00:7e:0f:27:1a:fc:9b:f0:87:79:18:f0:b3:06:98:5b: 5b:79:20:3b:79:16:fe:59:a8:dc:32:13:15:93:df:1e:4a:8b: 6a:3f:a9:60:0f:12:7a:c2:f0:ca:e6:72:0d:ee:1e:54:4b:11: ba:aa:b8:7a:aa:cd:59:7b:a9:bf:b9:9e:a9:dd:00:3a:04:f4: 78:68:6e:71:50:11:52:e3:db:8a:06:da:8a:8b:b9:ee:2c:53: 88:cd:2d:4f:b2:9a:00:c5:95:94:6f:8f:35:de:61:58:52:c0: 4f:a9:a3:cd:e4:c6:9c:50:68:ea:bc:3e:4b:aa:e3:9c:72:ee: a0:2b:67:e2:5c:7c:93:de:2d:58:fa:97:9c:1b:b9:a6:4a:69: eb:3f:0d:d3:02:60:8e:70:3e:43:3f:80:6a:fd:bb:de:32:4f: d6:f1:99:9b:06:aa:16:a3:ba:58:7b:c4:d7:b4:c5:f0:6b:a1: 48:0c:53:3f:e9:e4:2c:fe:0b:29:59:04:4b:d5:5f:33:1c:11: b7:c2:20:ac -----BEGIN CERTIFICATE----- MIIFHTCCBAWgAwIBAgISAZt7Ni77/xA2v6QnqZ0IrrguMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ3NjA2NWQ3MWYxZTk4ZjlhN2NhNzhlNjE0ZWNmNWY0NmQ1 YTY0M2MwHhcNMjYwMTAxMjAxODI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGY2YWEyZWY1OGFjOTE2Yzc3ODhhZTg4MGRkZmY3ZDVkMDFiYzIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqBMI/2I1g1wGhEivxCgDVtCQOxdB wuAAeFFw60NGary5RnsoBXi+fM5icxozecBqB4+nbVoja/XdDvrWqwWoyXbQ82Dh bEyYxFkZfl1clfN2axJXA4b4MeTXzwb+amxXM6WNlVKCpJNQiNyTW251l18Dr1H5 CLg98t65tFeDMsCkaQyAaqvkR38lhem9+h+YYzCsyLIRzPrP0f5VlR05BseDQFK+ uuhmnSd4Z4pGVjHj4OWR5V1BYDOWPQSPYObe8DOLvaOjxk+pum4vjhl9ku0jgEOj sapK3I0JSOCh2tcZuO73Wza/ZcYFM4solPmIts2u8WKcog8iTD+5j18lGQIDAQAB o4ICKTCCAiUwHQYDVR0OBBYEFN32qi71iskWx3iK6IDd/31dAbwiMB8GA1UdIwQY MBaAFEdgZdcfHpj5p8p45hTs9fRtWmQ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUjJCbDF4OGVtUG1ueW5qbUZPejE5RzFhWkR3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS81MjZmM2UtODkyNC00OGJkLWE3NzIt YjUxOTUzMDM3OTkzLzEvM2ZhcUx2V0t5UmJIZUlyb2dOM19mVjBCdkNJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNS81MjZmM2UtODkyNC00OGJkLWE3NzItYjUxOTUzMDM3OTkz LzEvUjJCbDF4OGVtUG1ueW5qbUZPejE5RzFhWkR3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABRDW8D BABRDXADBADCQ4EDBADCQ4sDBADV/GUDBADV/GwwDQYJKoZIhvcNAQELBQADggEB AIv/d3IeClmYjo6ocwXtaWCVaTE8yfAJE3lUAzNyP0AxIlHawso84LWJZiDXxEfQ c0E6wrsZwsa0AH4PJxr8m/CHeRjwswaYW1t5IDt5Fv5ZqNwyExWT3x5Ki2o/qWAP EnrC8Mrmcg3uHlRLEbqquHqqzVl7qb+5nqndADoE9HhobnFQEVLj24oG2oqLue4s U4jNLU+ymgDFlZRvjzXeYVhSwE+po83kxpxQaOq8Pkuq45xy7qArZ+JcfJPeLVj6 l5wbuaZKaes/DdMCYI5wPkM/gGr9u94yT9bxmZsGqhajulh7xNe0xfBroUgMUz/p 5Cz+CylZBEvVXzMcEbfCIKw= -----END CERTIFICATE-----Generated at Mon Feb 9 18:22:28 2026 by rpki-client