This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3ji0Wlm5mmLR8IrB0SjVb6LKBu8.roa File: 3ji0Wlm5mmLR8IrB0SjVb6LKBu8.roa (raw, json) Hash identifier: epu2k++TCBPSDoOcNwdGM1yWxCA7jm2nmD6aInDJWwU= Subject key identifier: DE:38:B4:5A:59:B9:9A:62:D1:F0:8A:C1:D1:28:D5:6F:A2:CA:06:EF Certificate issuer: /CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72 Certificate serial: 019B797E043747432A251C03A0570D3B51C1 Authority key identifier: 36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3ji0Wlm5mmLR8IrB0SjVb6LKBu8.roa Signing time: Thu 01 Jan 2026 12:17:40 +0000 ROA not before: Thu 01 Jan 2026 12:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 203059 IP address blocks: 45.91.120.0/24 maxlen: 24 45.95.211.0/24 maxlen: 24 85.155.156.0/22 maxlen: 24 91.218.77.0/24 maxlen: 24 109.202.224.0/23 maxlen: 24 134.255.242.0/24 maxlen: 24 178.16.230.0/23 maxlen: 24 185.53.33.0/24 maxlen: 24 185.231.228.0/22 maxlen: 24 185.234.101.0/24 maxlen: 24 185.253.62.0/23 maxlen: 24 194.156.132.0/23 maxlen: 24 194.156.150.0/23 maxlen: 24 2a13:5080::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.mft rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 02 Feb 2026 19:29:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:04:37:47:43:2a:25:1c:03:a0:57:0d:3b:51:c1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=36c3c4565743ae57bd2aea9a363c2b3c3e250f72 Validity Not Before: Jan 1 12:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de38b45a59b99a62d1f08ac1d128d56fa2ca06ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:78:42:b6:2f:2c:78:8f:5f:23:ae:dd:95:6a: 73:5f:86:a6:c8:63:1d:42:53:61:dd:61:d9:1c:99: e8:24:f6:8f:b6:4e:32:a7:5a:b7:d6:04:c2:d4:f0: a2:34:4f:08:3c:4d:54:c5:0b:1c:ff:f8:9c:9a:e3: 9a:bc:e6:bf:cb:4c:4c:51:66:18:f3:3d:a4:bb:05: 23:a4:9c:80:c8:ec:58:55:fd:21:30:07:6d:a6:08: e5:62:69:b6:ab:8e:35:da:fe:e5:ab:38:1d:f0:ec: c6:60:a4:47:64:2c:f2:34:fc:27:ba:17:7a:d8:45: c6:4a:6f:dc:e5:b6:62:29:64:f8:c0:62:ce:0b:3a: 9c:63:aa:20:42:c1:6f:57:77:ac:45:26:50:1a:d7: e3:02:5f:1a:1b:6c:20:e4:39:4c:25:36:f7:a0:78: 80:b5:eb:96:18:2e:8e:5b:ed:b4:9b:ba:01:69:ab: 93:c8:88:e8:77:c2:0a:88:9d:85:4b:a9:de:bb:e6: 53:c5:76:fd:ea:41:af:b6:cd:f9:ee:c0:55:e3:74: 70:66:95:bb:3c:b2:33:c3:6f:5c:64:44:0b:f4:c8: 0c:ca:c6:b5:07:1a:9a:01:ad:50:da:7f:97:07:cb: be:d5:f1:fa:84:ee:33:f3:73:44:a9:3d:6b:2a:66: 09:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:38:B4:5A:59:B9:9A:62:D1:F0:8A:C1:D1:28:D5:6F:A2:CA:06:EF X509v3 Authority Key Identifier: keyid:36:C3:C4:56:57:43:AE:57:BD:2A:EA:9A:36:3C:2B:3C:3E:25:0F:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsPEVldDrle9KuqaNjwrPD4lD3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/3ji0Wlm5mmLR8IrB0SjVb6LKBu8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/016156-093e-405b-9b2d-a5749d2346e7/1/NsPEVldDrle9KuqaNjwrPD4lD3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.91.120.0/24 45.95.211.0/24 85.155.156.0/22 91.218.77.0/24 109.202.224.0/23 134.255.242.0/24 178.16.230.0/23 185.53.33.0/24 185.231.228.0/22 185.234.101.0/24 185.253.62.0/23 194.156.132.0/23 194.156.150.0/23 IPv6: 2a13:5080::/29 Signature Algorithm: sha256WithRSAEncryption 9e:19:91:1c:ad:ca:76:a9:52:0d:f7:d5:85:96:e5:67:a4:4a: c0:ee:96:b6:c8:d3:15:a8:6f:13:b1:d1:5f:cc:ed:ba:a7:b5: 7c:ab:c4:b2:36:83:10:fa:1f:61:4f:fa:83:c8:1f:ac:64:bc: c4:f3:27:d7:04:f9:fe:4a:7e:71:bd:0d:bc:4d:99:2d:8e:99: b6:45:87:e9:46:2a:c7:d9:b7:47:1d:30:7a:af:ae:9c:05:0f: 5e:cc:75:93:0f:b4:10:6d:43:31:43:4a:1e:be:f5:c8:17:3c: a6:8a:e1:57:af:3d:94:55:14:16:6b:3f:c8:8d:6d:08:13:cd: 6e:2f:b8:f1:cd:98:81:df:65:34:ab:33:82:99:0a:96:34:c0: 06:2c:fe:e4:68:34:ad:06:34:ef:46:5c:1f:b8:9c:35:c8:0c: f7:a4:c2:bb:ce:73:72:d1:db:b4:b2:1e:c2:bf:fb:73:e3:f6: 5d:47:64:ed:7d:11:5c:51:c8:30:29:bb:c5:0f:9d:44:bf:9e: a9:e7:96:ab:69:63:b0:7e:0a:d2:8b:6d:b8:ce:4a:e4:74:e3: 99:16:22:b7:ec:64:e7:e9:8d:bc:ba:6d:5c:72:47:5e:ef:6a: a3:bb:45:78:88:83:ce:91:d8:3b:f3:c5:e1:5a:ac:9c:2c:f7: cc:34:bc:90 -----BEGIN CERTIFICATE----- MIIFVDCCBDygAwIBAgISAZt5fgQ3R0MqJRwDoFcNO1HBMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2YzNjNDU2NTc0M2FlNTdiZDJhZWE5YTM2M2MyYjNjM2Uy NTBmNzIwHhcNMjYwMTAxMTIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTM4YjQ1YTU5Yjk5YTYyZDFmMDhhYzFkMTI4ZDU2ZmEyY2EwNmVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3hCti8seI9fI67dlWpzX4amyGMd QlNh3WHZHJnoJPaPtk4yp1q31gTC1PCiNE8IPE1UxQsc//icmuOavOa/y0xMUWYY 8z2kuwUjpJyAyOxYVf0hMAdtpgjlYmm2q4412v7lqzgd8OzGYKRHZCzyNPwnuhd6 2EXGSm/c5bZiKWT4wGLOCzqcY6ogQsFvV3esRSZQGtfjAl8aG2wg5DlMJTb3oHiA teuWGC6OW+20m7oBaauTyIjod8IKiJ2FS6neu+ZTxXb96kGvts357sBV43RwZpW7 PLIzw29cZEQL9MgMysa1BxqaAa1Q2n+XB8u+1fH6hO4z83NEqT1rKmYJbwIDAQAB o4ICYDCCAlwwHQYDVR0OBBYEFN44tFpZuZpi0fCKwdEo1W+iygbvMB8GA1UdIwQY MBaAFDbDxFZXQ65XvSrqmjY8Kzw+JQ9yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQt YTU3NDlkMjM0NmU3LzEvM2ppMFdsbTVtbUxSOElyQjBTalZiNkxLQnU4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYi8wMTYxNTYtMDkzZS00MDViLTliMmQtYTU3NDlkMjM0NmU3 LzEvTnNQRVZsZERybGU5S3VxYU5qd3JQRDRsRDNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQALVt4AwQA LV/TAwQCVZucAwQAW9pNAwQBbcrgAwQAhv/yAwQBshDmAwQAuTUhAwQCuefkAwQA ueplAwQBuf0+AwQBwpyEAwQBwpyWMA0EAgACMAcDBQMqE1CAMA0GCSqGSIb3DQEB CwUAA4IBAQCeGZEcrcp2qVIN99WFluVnpErA7pa2yNMVqG8TsdFfzO26p7V8q8Sy NoMQ+h9hT/qDyB+sZLzE8yfXBPn+Sn5xvQ28TZktjpm2RYfpRirH2bdHHTB6r66c BQ9ezHWTD7QQbUMxQ0oevvXIFzymiuFXrz2UVRQWaz/IjW0IE81uL7jxzZiB32U0 qzOCmQqWNMAGLP7kaDStBjTvRlwfuJw1yAz3pMK7znNy0du0sh7Cv/tz4/ZdR2Tt fRFcUcgwKbvFD51Ev56p55araWOwfgrSi224zkrkdOOZFiK37GTn6Y28um1cckde 72qju0V4iIPOkdg788XhWqycLPfMNLyQ -----END CERTIFICATE-----Generated at Mon Feb 2 06:18:59 2026 by rpki-client