This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/3hCGWzvELH55mpVn4uKDFqlbo8A.roa File: 3hCGWzvELH55mpVn4uKDFqlbo8A.roa (raw, json) Hash identifier: fh3+qnTWKRFUhHaDY/XoVgctnD35QjJX8ymXccmziuw= Subject key identifier: DE:10:86:5B:3B:C4:2C:7E:79:9A:95:67:E2:E2:83:16:A9:5B:A3:C0 Certificate issuer: /CN=a011a02e929c43f0199c8326302e24899c4a4151 Certificate serial: 019B7A5B68CBD18D2F99B68C19E39AADCB27 Authority key identifier: A0:11:A0:2E:92:9C:43:F0:19:9C:83:26:30:2E:24:89:9C:4A:41:51 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/3hCGWzvELH55mpVn4uKDFqlbo8A.roa Signing time: Thu 01 Jan 2026 16:19:29 +0000 ROA not before: Thu 01 Jan 2026 16:19:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51739 IP address blocks: 91.223.0.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.mft rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:68:cb:d1:8d:2f:99:b6:8c:19:e3:9a:ad:cb:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=a011a02e929c43f0199c8326302e24899c4a4151 Validity Not Before: Jan 1 16:19:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de10865b3bc42c7e799a9567e2e28316a95ba3c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:be:8c:5e:09:54:9e:6f:46:9a:c1:c1:d9:6c: 3d:8d:51:11:d2:ed:df:a3:e1:b7:3f:50:b0:0f:f2: 6e:1e:e7:0d:9e:6c:6d:c9:e9:09:ae:66:5d:ee:74: 58:89:02:c1:8f:4b:e6:2c:c0:e7:78:e8:6c:15:f9: a4:e9:b4:f2:be:bd:3d:76:d3:64:d5:eb:c6:2e:b1: 7f:56:b3:87:a9:ae:c3:d5:96:a4:25:79:e0:3b:d5: d7:db:45:df:a4:dd:cb:11:18:ce:46:35:f8:c2:c9: e6:da:24:e7:77:18:6b:75:95:3e:7b:ad:05:a1:9d: 7b:a4:a4:75:64:2c:25:b9:f6:b4:6a:fe:e5:45:e7: ca:3e:ed:d5:50:51:b1:ee:1e:76:35:f9:53:eb:93: 12:ff:4c:ac:f8:20:73:72:53:14:7b:0f:dc:b6:b9: aa:01:d7:30:17:75:9b:f3:f7:2f:8c:c4:7c:82:29: e3:09:3d:64:84:a1:76:c1:83:1a:b9:e3:78:ef:7f: 32:ac:bf:5a:a3:53:fa:be:67:97:8c:e5:c2:72:0a: af:fb:c9:43:3a:fb:81:0e:fb:1f:e9:a5:1f:11:c3: 74:95:c0:0b:8c:9b:7c:7a:d0:53:0a:91:bf:f3:d3: 23:ff:ed:58:7b:54:bb:17:4b:c3:a4:6f:47:b3:89: bd:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:10:86:5B:3B:C4:2C:7E:79:9A:95:67:E2:E2:83:16:A9:5B:A3:C0 X509v3 Authority Key Identifier: keyid:A0:11:A0:2E:92:9C:43:F0:19:9C:83:26:30:2E:24:89:9C:4A:41:51 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/3hCGWzvELH55mpVn4uKDFqlbo8A.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/f97d7e-8078-4cee-af76-9f6d0bfd2058/1/oBGgLpKcQ_AZnIMmMC4kiZxKQVE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.223.0.0/24 Signature Algorithm: sha256WithRSAEncryption 2b:92:1b:da:31:a7:3b:cb:9b:8c:6b:d6:24:93:3d:ae:62:ae: f0:ea:9c:a1:2d:db:b9:fd:3c:c2:3e:1a:f1:02:de:2e:6e:a0: c0:3f:93:6e:51:79:b2:46:fb:10:af:35:81:67:02:97:7a:4b: 41:2d:6f:19:b3:6f:2b:5c:8d:de:e7:3c:0c:41:25:63:9e:09: 94:de:d5:a6:28:0e:5f:0e:95:e2:fb:8f:19:ef:03:e5:aa:03: fd:13:c7:95:27:bf:b3:41:78:56:cc:d5:46:81:e2:52:0c:0f: 83:9e:ed:93:0e:08:f3:9d:dc:b9:2b:17:19:ed:b8:bd:8f:26: 35:f1:58:ab:2b:83:ad:30:1e:ed:e2:db:1b:87:6e:21:64:55: fc:e2:15:b5:ab:36:a3:ff:c4:b1:c7:79:ff:f7:98:4c:cb:a1: cd:84:4a:4b:26:a2:2c:e5:47:f8:73:6b:6e:63:b7:2c:e5:90: f1:95:05:4d:82:3a:6b:c0:24:38:36:56:5a:c8:cc:e4:7d:4d: fa:ba:ef:e0:39:a8:cc:fb:da:1e:e3:74:ed:c1:e4:ba:ea:a7: c9:0a:b6:3c:d8:a1:5f:9a:c1:ff:53:c2:99:9f:6a:1a:ff:ef: 0e:69:4d:b7:0c:e5:e8:8c:bf:ec:7f:3c:78:8e:6b:b2:e4:d5: fb:df:48:a2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W2jL0Y0vmbaMGeOarcsnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGEwMTFhMDJlOTI5YzQzZjAxOTljODMyNjMwMmUyNDg5OWM0 YTQxNTEwHhcNMjYwMTAxMTYxOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTEwODY1YjNiYzQyYzdlNzk5YTk1NjdlMmUyODMxNmE5NWJhM2MwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA076MXglUnm9GmsHB2Ww9jVER0u3f o+G3P1CwD/JuHucNnmxtyekJrmZd7nRYiQLBj0vmLMDneOhsFfmk6bTyvr09dtNk 1evGLrF/VrOHqa7D1ZakJXngO9XX20XfpN3LERjORjX4wsnm2iTndxhrdZU+e60F oZ17pKR1ZCwlufa0av7lRefKPu3VUFGx7h52NflT65MS/0ys+CBzclMUew/ctrmq AdcwF3Wb8/cvjMR8ginjCT1khKF2wYMaueN4738yrL9ao1P6vmeXjOXCcgqv+8lD OvuBDvsf6aUfEcN0lcALjJt8etBTCpG/89Mj/+1Ye1S7F0vDpG9Hs4m9QQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN4Qhls7xCx+eZqVZ+LigxapW6PAMB8GA1UdIwQY MBaAFKARoC6SnEPwGZyDJjAuJImcSkFRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvb0JHZ0xwS2NRX0FabklNbU1DNGtpWnhLUVZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9mOTdkN2UtODA3OC00Y2VlLWFmNzYt OWY2ZDBiZmQyMDU4LzEvM2hDR1d6dkVMSDU1bXBWbjR1S0RGcWxibzhBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS9mOTdkN2UtODA3OC00Y2VlLWFmNzYtOWY2ZDBiZmQyMDU4 LzEvb0JHZ0xwS2NRX0FabklNbU1DNGtpWnhLUVZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW98AMA0G CSqGSIb3DQEBCwUAA4IBAQArkhvaMac7y5uMa9Ykkz2uYq7w6pyhLdu5/TzCPhrx At4ubqDAP5NuUXmyRvsQrzWBZwKXektBLW8Zs28rXI3e5zwMQSVjngmU3tWmKA5f DpXi+48Z7wPlqgP9E8eVJ7+zQXhWzNVGgeJSDA+Dnu2TDgjzndy5KxcZ7bi9jyY1 8VirK4OtMB7t4tsbh24hZFX84hW1qzaj/8Sxx3n/95hMy6HNhEpLJqIs5Uf4c2tu Y7cs5ZDxlQVNgjprwCQ4NlZayMzkfU36uu/gOajM+9oe43TtweS66qfJCrY82KFf msH/U8KZn2oa/+8OaU23DOXojL/sfzx4jmuy5NX730ii -----END CERTIFICATE-----Generated at Mon Feb 9 19:39:26 2026 by rpki-client