This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4T3IbnYh4saIcnPZM7_bM8SrdUk.roa File: 4T3IbnYh4saIcnPZM7_bM8SrdUk.roa (raw, json) Hash identifier: bQElEoR/i/ETSq5yQpPm2JLHUn2xQq3oHlgi8Prxj7o= Subject key identifier: E1:3D:C8:6E:76:21:E2:C6:88:72:73:D9:33:BF:DB:33:C4:AB:75:49 Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Certificate serial: 019B7D5CDA8EEA38E53C84A2751089BE687F Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4T3IbnYh4saIcnPZM7_bM8SrdUk.roa Signing time: Fri 02 Jan 2026 06:19:55 +0000 ROA not before: Fri 02 Jan 2026 06:19:55 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211134 IP address blocks: 89.23.122.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 16:55:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:5c:da:8e:ea:38:e5:3c:84:a2:75:10:89:be:68:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2 Validity Not Before: Jan 2 06:19:55 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e13dc86e7621e2c6887273d933bfdb33c4ab7549 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:12:d9:da:c0:fd:b7:8c:7b:b5:35:42:e4:78: 2f:00:5d:94:07:6d:64:46:ee:41:93:ab:9c:47:b7: 43:c1:de:84:11:5b:6f:e6:39:c5:d5:25:92:36:f8: cf:17:6c:be:a9:fb:42:0f:9c:25:eb:70:ce:39:d5: db:ab:f7:ae:54:8c:a8:6c:0e:18:41:04:54:ad:d5: c6:bd:73:c8:15:08:a4:a2:6f:0d:e7:46:38:fa:ad: 81:9b:df:1c:e3:3c:96:ec:47:08:ba:68:b0:2f:e0: 3f:2d:36:83:81:f3:88:dd:cb:bb:b2:64:51:ec:63: 77:c2:2e:31:0f:98:13:43:c0:5c:e2:b4:f5:f2:c8: 6a:d0:85:22:74:fc:4c:70:93:a0:01:a0:b6:24:54: 19:7e:ff:d6:cf:5a:a5:19:b8:65:f0:e7:c2:a7:78: d4:70:23:dd:88:43:7a:4b:d0:47:1c:06:fe:65:5d: f6:f1:73:01:5b:36:32:94:38:77:5d:b9:a4:9b:c2: 83:28:98:28:3d:dc:bb:99:93:32:a8:e6:95:80:f4: 73:f0:39:a9:67:92:fc:47:e9:c6:fb:93:7b:9b:f4: 89:ad:80:91:6e:ab:51:ae:34:7c:9d:d6:a9:5d:eb: 61:73:3b:16:3f:19:59:97:22:a6:75:24:71:ec:c6: c3:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:3D:C8:6E:76:21:E2:C6:88:72:73:D9:33:BF:DB:33:C4:AB:75:49 X509v3 Authority Key Identifier: keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/4T3IbnYh4saIcnPZM7_bM8SrdUk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.23.122.0/24 Signature Algorithm: sha256WithRSAEncryption 57:02:64:15:83:63:d3:75:17:73:b3:4f:c9:18:96:34:d4:36: d3:34:f8:68:4f:d5:63:0b:d7:39:18:76:67:d2:05:ea:6c:30: fb:e6:12:c7:1f:4d:f3:78:de:d2:de:85:d2:f0:be:70:13:9c: 17:24:b5:ff:0b:99:a5:b7:5e:94:fd:f6:14:10:33:6b:b9:90: 73:8d:0c:a1:26:50:4c:72:f7:31:a2:17:17:a9:34:42:cd:cf: 7e:9c:d2:6f:f4:9f:99:28:76:e7:37:cb:71:8e:38:aa:fb:41: c7:56:a8:93:bd:ff:b4:42:ee:c5:a5:52:d5:26:28:ad:06:68: 42:5a:c6:64:1d:cb:96:e7:1f:a2:76:8b:4b:34:cd:bd:a5:7a: b0:c5:55:06:7b:35:26:b1:7c:14:5f:4f:08:21:03:c9:57:0c: 59:5f:26:4a:51:94:dd:f1:80:bb:01:55:3e:6c:4b:52:6c:a3: 0a:95:9c:43:3a:e5:dd:2b:d9:d6:7f:d5:46:7b:e7:4c:ae:8f: e8:fc:6b:4f:65:df:2c:67:51:31:f9:c9:4c:f5:99:3b:ff:ff: 0f:48:ed:36:9c:52:3b:e0:a1:03:66:9b:82:e3:91:bf:2b:3a: 03:d5:84:e2:27:b9:90:63:3c:9f:8c:cb:65:ad:61:4a:07:ef: 39:fa:8d:33 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9XNqO6jjlPISidRCJvmh/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl NWVjZjIwHhcNMjYwMTAyMDYxOTU1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlMTNkYzg2ZTc2MjFlMmM2ODg3MjczZDkzM2JmZGIzM2M0YWI3NTQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3RLZ2sD9t4x7tTVC5HgvAF2UB21k Ru5Bk6ucR7dDwd6EEVtv5jnF1SWSNvjPF2y+qftCD5wl63DOOdXbq/euVIyobA4Y QQRUrdXGvXPIFQikom8N50Y4+q2Bm98c4zyW7EcIumiwL+A/LTaDgfOI3cu7smRR 7GN3wi4xD5gTQ8Bc4rT18shq0IUidPxMcJOgAaC2JFQZfv/Wz1qlGbhl8OfCp3jU cCPdiEN6S9BHHAb+ZV328XMBWzYylDh3Xbmkm8KDKJgoPdy7mZMyqOaVgPRz8Dmp Z5L8R+nG+5N7m/SJrYCRbqtRrjR8ndapXethczsWPxlZlyKmdSRx7MbDWwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFOE9yG52IeLGiHJz2TO/2zPEq3VJMB8GA1UdIwQY MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt MTcxYzM2N2JlNzgyLzEvNFQzSWJuWWg0c2FJY25QWk03X2JNOFNyZFVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd6MA0G CSqGSIb3DQEBCwUAA4IBAQBXAmQVg2PTdRdzs0/JGJY01DbTNPhoT9VjC9c5GHZn 0gXqbDD75hLHH03zeN7S3oXS8L5wE5wXJLX/C5mlt16U/fYUEDNruZBzjQyhJlBM cvcxohcXqTRCzc9+nNJv9J+ZKHbnN8txjjiq+0HHVqiTvf+0Qu7FpVLVJiitBmhC WsZkHcuW5x+idotLNM29pXqwxVUGezUmsXwUX08IIQPJVwxZXyZKUZTd8YC7AVU+ bEtSbKMKlZxDOuXdK9nWf9VGe+dMro/o/GtPZd8sZ1Ex+clM9Zk7//8PSO02nFI7 4KEDZpuC45G/KzoD1YTiJ7mQYzyfjMtlrWFKB+85+o0z -----END CERTIFICATE-----Generated at Mon Jan 19 19:57:18 2026 by rpki-client