This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/3MNxWlvYJ1UEreJxUOEEE9L47Ng.roa File: 3MNxWlvYJ1UEreJxUOEEE9L47Ng.roa (raw, json) Hash identifier: dV3Q++D9g4wj89CuXX4P3NnLKAaay8XuMVHolFZE0pI= Subject key identifier: DC:C3:71:5A:5B:D8:27:55:04:AD:E2:71:50:E1:04:13:D2:F8:EC:D8 Certificate issuer: /CN=ecfb00381e733dc6e41d06db9ec8ddd311281bdd Certificate serial: 019B7E392E330E9234F25ED19C0E4AEE5492 Authority key identifier: EC:FB:00:38:1E:73:3D:C6:E4:1D:06:DB:9E:C8:DD:D3:11:28:1B:DD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PsAOB5zPcbkHQbbnsjd0xEoG90.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/3MNxWlvYJ1UEreJxUOEEE9L47Ng.roa Signing time: Fri 02 Jan 2026 10:20:35 +0000 ROA not before: Fri 02 Jan 2026 10:20:35 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 205681 IP address blocks: 85.158.120.0/21 maxlen: 21 85.158.120.0/24 maxlen: 24 85.158.123.0/24 maxlen: 24 85.158.124.0/24 maxlen: 24 85.158.127.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/7PsAOB5zPcbkHQbbnsjd0xEoG90.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/7PsAOB5zPcbkHQbbnsjd0xEoG90.mft rsync://rpki.ripe.net/repository/DEFAULT/7PsAOB5zPcbkHQbbnsjd0xEoG90.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 21:05:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:39:2e:33:0e:92:34:f2:5e:d1:9c:0e:4a:ee:54:92 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ecfb00381e733dc6e41d06db9ec8ddd311281bdd Validity Not Before: Jan 2 10:20:35 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dcc3715a5bd8275504ade27150e10413d2f8ecd8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:84:f6:c3:77:c3:d9:41:2e:b7:b2:c1:ca:28:41: 02:fb:94:bc:6c:e7:55:31:71:15:5c:5b:dd:ee:8c: 64:b3:15:91:4a:5e:a4:15:5f:86:97:27:c5:fa:f8: d9:da:b8:ca:35:7e:8a:b5:10:40:9f:85:fd:ba:d9: 63:c4:70:ed:80:c7:47:76:3b:0f:5b:3e:c4:4b:a3: da:40:3b:73:5e:94:38:16:92:4e:65:09:bd:46:d3: ad:10:e7:bc:92:ae:bc:9a:56:74:3f:dd:28:5e:0f: 5c:60:aa:9e:0c:72:ee:82:3f:98:45:62:00:fa:78: 91:2d:c4:af:36:7e:bd:78:71:07:db:c0:ba:6d:d3: 1d:03:c0:4c:08:78:e5:9b:88:68:ba:7f:29:63:f1: 4f:38:0d:22:10:df:dd:36:94:63:4f:30:b1:38:77: e2:fc:c7:d9:a6:da:fa:72:4a:9e:51:61:1b:54:2e: 6b:43:0a:b3:ec:3d:68:03:4c:9a:45:1d:dc:4d:d3: 35:71:8c:99:1c:7a:8d:1a:17:95:b7:cf:64:52:82: 2d:22:46:bb:71:b4:fd:a5:bf:b6:e4:57:22:cc:f9: b0:b3:07:27:fa:a2:54:73:a8:36:b6:22:c1:99:c0: 87:0b:9f:f0:71:3b:47:99:d3:ff:1d:0e:2c:d2:c3: ce:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:C3:71:5A:5B:D8:27:55:04:AD:E2:71:50:E1:04:13:D2:F8:EC:D8 X509v3 Authority Key Identifier: keyid:EC:FB:00:38:1E:73:3D:C6:E4:1D:06:DB:9E:C8:DD:D3:11:28:1B:DD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PsAOB5zPcbkHQbbnsjd0xEoG90.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/3MNxWlvYJ1UEreJxUOEEE9L47Ng.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0a7eae-739c-42ea-940a-58366e98a9e6/1/7PsAOB5zPcbkHQbbnsjd0xEoG90.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 85.158.120.0/21 Signature Algorithm: sha256WithRSAEncryption 00:ab:f0:f6:9d:44:df:7d:6a:6b:22:06:0f:d3:70:3b:1a:a6: d7:ae:c0:15:ad:58:5e:d2:5d:8f:35:45:91:ad:fd:3b:ae:0d: 79:90:24:4e:08:ca:07:32:f4:db:74:d6:32:aa:ea:65:dc:82: 10:7d:bc:1f:d7:3e:41:3b:4f:ba:df:c0:03:80:5a:bd:14:24: 89:ad:7b:c8:11:a1:97:8d:e4:64:c9:53:f4:6c:8c:55:b7:c3: 16:4c:d9:6c:87:e9:92:70:98:69:24:e9:11:aa:2d:6b:3b:95: cd:8c:44:15:fc:ca:01:7b:c3:d4:a1:4e:31:12:d6:e7:c7:e7: a0:cd:56:b6:55:76:94:8f:08:96:9b:10:68:a3:29:83:c7:9d: 5e:c9:da:1d:0e:db:05:be:d3:b4:12:0c:8a:46:08:eb:c7:3b: 26:c4:10:e2:e1:28:8b:0b:42:35:fb:b2:8b:fe:ef:94:48:c5: c5:78:c5:d4:b3:c7:e0:f9:eb:d0:73:26:58:96:06:04:bd:7f: be:7d:2d:31:c3:c1:4c:a3:3c:c2:96:00:15:0f:d7:21:7d:a9: 6c:85:b8:b8:cb:dd:ae:69:78:55:cf:7d:b1:33:11:8c:cc:09: f8:a2:41:8c:37:dc:a9:6c:4e:51:56:86:44:9a:ab:14:e5:aa: c6:1d:29:c4 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt+OS4zDpI08l7RnA5K7lSSMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGVjZmIwMDM4MWU3MzNkYzZlNDFkMDZkYjllYzhkZGQzMTEy ODFiZGQwHhcNMjYwMTAyMTAyMDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkY2MzNzE1YTViZDgyNzU1MDRhZGUyNzE1MGUxMDQxM2QyZjhlY2Q4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPbDd8PZQS63ssHKKEEC+5S8bOdV MXEVXFvd7oxksxWRSl6kFV+GlyfF+vjZ2rjKNX6KtRBAn4X9utljxHDtgMdHdjsP Wz7ES6PaQDtzXpQ4FpJOZQm9RtOtEOe8kq68mlZ0P90oXg9cYKqeDHLugj+YRWIA +niRLcSvNn69eHEH28C6bdMdA8BMCHjlm4houn8pY/FPOA0iEN/dNpRjTzCxOHfi /MfZptr6ckqeUWEbVC5rQwqz7D1oA0yaRR3cTdM1cYyZHHqNGheVt89kUoItIka7 cbT9pb+25FcizPmwswcn+qJUc6g2tiLBmcCHC5/wcTtHmdP/HQ4s0sPOPQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNzDcVpb2CdVBK3icVDhBBPS+OzYMB8GA1UdIwQY MBaAFOz7ADgecz3G5B0G257I3dMRKBvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvN1BzQU9CNXpQY2JrSFFiYm5zamQweEVvRzkwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wYTdlYWUtNzM5Yy00MmVhLTk0MGEt NTgzNjZlOThhOWU2LzEvM01OeFdsdllKMVVFcmVKeFVPRUVFOUw0N05nLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC8wYTdlYWUtNzM5Yy00MmVhLTk0MGEtNTgzNjZlOThhOWU2 LzEvN1BzQU9CNXpQY2JrSFFiYm5zamQweEVvRzkwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDVZ54MA0G CSqGSIb3DQEBCwUAA4IBAQAAq/D2nUTffWprIgYP03A7GqbXrsAVrVhe0l2PNUWR rf07rg15kCROCMoHMvTbdNYyqupl3IIQfbwf1z5BO0+638ADgFq9FCSJrXvIEaGX jeRkyVP0bIxVt8MWTNlsh+mScJhpJOkRqi1rO5XNjEQV/MoBe8PUoU4xEtbnx+eg zVa2VXaUjwiWmxBooymDx51eydodDtsFvtO0EgyKRgjrxzsmxBDi4SiLC0I1+7KL /u+USMXFeMXUs8fg+evQcyZYlgYEvX++fS0xw8FMozzClgAVD9chfalshbi4y92u aXhVz32xMxGMzAn4okGMN9ypbE5RVoZEmqsU5arGHSnE -----END CERTIFICATE-----Generated at Tue Feb 10 03:10:31 2026 by rpki-client