This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/hh3l1mlaeA5W2ptSjPEVg_Bu1kY.roa File: hh3l1mlaeA5W2ptSjPEVg_Bu1kY.roa (raw, json) Hash identifier: fKzTMhRl/y/AWHaTSp1Gf9SPCYT2knRS4XSazW6HvU4= Subject key identifier: 86:1D:E5:D6:69:5A:78:0E:56:DA:9B:52:8C:F1:15:83:F0:6E:D6:46 Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019C15ABDC181834050AFF995C6501FE8590 Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/hh3l1mlaeA5W2ptSjPEVg_Bu1kY.roa Signing time: Sat 31 Jan 2026 20:08:30 +0000 ROA not before: Sat 31 Jan 2026 20:08:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 49581 IP address blocks: 91.217.166.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 03:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9c:15:ab:dc:18:18:34:05:0a:ff:99:5c:65:01:fe:85:90 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Jan 31 20:08:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=861de5d6695a780e56da9b528cf11583f06ed646 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:95:0a:74:e2:93:95:bb:78:e6:0e:c5:67:53: 3f:21:86:e8:4d:a1:18:a0:3d:11:92:25:b7:64:f6: 0f:8c:a4:35:32:c6:6a:a1:0c:a3:ad:1f:54:ca:b8: 54:05:7e:57:87:89:2c:70:25:b7:24:bf:c2:16:19: 10:2a:f6:80:6c:72:06:f2:ec:b1:30:37:c0:e4:5c: 79:ac:ae:bb:4f:7f:5e:40:6c:9b:6d:44:6c:87:33: 4b:da:06:17:35:e2:80:5b:3e:53:b6:29:96:a4:7f: 3f:3a:af:51:d1:74:b1:82:31:ea:c0:bc:bc:1d:1e: 9a:6e:b5:6e:9a:fc:7e:32:3f:da:76:ff:9b:d9:f7: ea:e6:c7:ba:ab:1b:de:10:b5:39:c7:01:5b:dc:3a: a1:8e:06:a4:c9:ad:9f:15:93:16:99:20:16:b7:4b: b0:a6:7b:d6:41:70:d5:92:b1:2a:2b:44:bd:5f:1a: 9d:65:2a:50:b5:e1:bd:af:9f:86:ec:5f:80:87:eb: 72:5e:16:92:76:a7:9a:ce:75:08:b2:6f:51:bc:78: 57:36:2b:33:f3:f9:74:15:0d:07:c5:87:3f:05:08: 3e:88:3b:0b:c5:9e:7a:2e:f9:04:43:fd:32:e5:7f: b2:7c:e0:df:e8:2c:dc:04:d9:35:b1:13:89:6b:c9: bd:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 86:1D:E5:D6:69:5A:78:0E:56:DA:9B:52:8C:F1:15:83:F0:6E:D6:46 X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/hh3l1mlaeA5W2ptSjPEVg_Bu1kY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.166.0/24 Signature Algorithm: sha256WithRSAEncryption 89:22:a3:1c:32:84:e8:e3:f9:c5:d4:2f:96:3d:10:1e:47:b9: 72:9d:86:18:b6:9e:05:84:4a:7e:aa:3d:ab:3f:83:77:aa:e8: cb:0c:33:5f:1e:df:3f:d4:c0:75:74:89:c2:40:c4:2a:51:5a: ee:81:d5:94:2c:fc:cf:3e:ea:f9:6c:c8:92:f7:1e:fb:6d:61: 98:92:78:66:bd:88:40:58:86:38:d8:6d:08:df:8e:42:5f:12: 29:ae:6f:37:32:e8:18:00:bc:f7:2e:9c:d3:35:e5:a5:90:df: 37:5a:94:72:61:59:67:68:d3:c6:7e:9c:a6:00:15:90:9b:72: 89:19:c4:d1:7a:39:53:8b:04:c6:6c:64:e8:9d:6c:3b:40:3d: 39:32:61:65:0f:42:6c:d7:46:60:7a:71:4c:fe:59:ce:b0:33: 54:a4:ba:35:cd:27:3b:3f:3f:8b:14:dd:4c:61:5a:3d:16:a8: c4:ce:4d:f5:5d:8d:ce:60:2e:23:2a:39:4d:fc:58:59:a7:ed: 6f:d1:df:db:59:54:2e:86:d5:c9:3f:96:7b:57:a1:02:0d:98: 69:61:ab:80:11:97:f2:87:f6:02:77:28:9d:75:09:61:ba:66: c0:49:0f:36:e4:d9:5e:15:4a:f2:bc:3d:77:0d:2a:4c:6f:e5: b7:1c:ca:24 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZwVq9wYGDQFCv+ZXGUB/oWQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjYwMTMxMjAwODMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4NjFkZTVkNjY5NWE3ODBlNTZkYTliNTI4Y2YxMTU4M2YwNmVkNjQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJUKdOKTlbt45g7FZ1M/IYboTaEY oD0RkiW3ZPYPjKQ1MsZqoQyjrR9UyrhUBX5Xh4kscCW3JL/CFhkQKvaAbHIG8uyx MDfA5Fx5rK67T39eQGybbURshzNL2gYXNeKAWz5TtimWpH8/Oq9R0XSxgjHqwLy8 HR6abrVumvx+Mj/adv+b2ffq5se6qxveELU5xwFb3Dqhjgakya2fFZMWmSAWt0uw pnvWQXDVkrEqK0S9XxqdZSpQteG9r5+G7F+Ah+tyXhaSdqeaznUIsm9RvHhXNisz 8/l0FQ0HxYc/BQg+iDsLxZ56LvkEQ/0y5X+yfODf6CzcBNk1sROJa8m9yQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFIYd5dZpWngOVtqbUozxFYPwbtZGMB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvaGgzbDFtbGFlQTVXMnB0U2pQRVZnX0J1MWtZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9mmMA0G CSqGSIb3DQEBCwUAA4IBAQCJIqMcMoTo4/nF1C+WPRAeR7lynYYYtp4FhEp+qj2r P4N3qujLDDNfHt8/1MB1dInCQMQqUVrugdWULPzPPur5bMiS9x77bWGYknhmvYhA WIY42G0I345CXxIprm83MugYALz3LpzTNeWlkN83WpRyYVlnaNPGfpymABWQm3KJ GcTRejlTiwTGbGTonWw7QD05MmFlD0Js10ZgenFM/lnOsDNUpLo1zSc7Pz+LFN1M YVo9FqjEzk31XY3OYC4jKjlN/FhZp+1v0d/bWVQuhtXJP5Z7V6ECDZhpYauAEZfy h/YCdyiddQlhumbASQ825NleFUryvD13DSpMb+W3HMok -----END CERTIFICATE-----Generated at Sun Feb 1 07:38:59 2026 by rpki-client