This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/3xhOROtsWU6kcbRg-0eVsWv_Cf4.roa File: 3xhOROtsWU6kcbRg-0eVsWv_Cf4.roa (raw, json) Hash identifier: 5LTgCgWwER8eaf33nSzOpEaP32v0UF0hdAvBDa8TC70= Subject key identifier: DF:18:4E:44:EB:6C:59:4E:A4:71:B4:60:FB:47:95:B1:6B:FF:09:FE Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0 Certificate serial: 019B7F83D39156E6261B05EC44B0F3A99872 Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/3xhOROtsWU6kcbRg-0eVsWv_Cf4.roa Signing time: Fri 02 Jan 2026 16:21:44 +0000 ROA not before: Fri 02 Jan 2026 16:21:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207422 IP address blocks: 31.129.244.0/24 maxlen: 24 31.129.245.0/24 maxlen: 24 31.129.246.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.mft rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:d3:91:56:e6:26:1b:05:ec:44:b0:f3:a9:98:72 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0 Validity Not Before: Jan 2 16:21:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=df184e44eb6c594ea471b460fb4795b16bff09fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:a3:09:85:bd:f6:1f:75:36:87:ca:ed:0c:44: d6:94:f2:4f:72:5f:c4:05:32:58:15:d0:e6:42:65: 68:7b:4a:19:ba:13:de:ff:ea:74:26:e2:07:17:be: 3e:52:c0:49:d1:c1:81:e1:11:19:32:51:67:bd:03: 1c:2a:c6:a8:9e:f8:13:84:ee:f3:9d:a6:28:83:d9: f2:f1:d3:7b:a6:dd:2d:52:37:e2:98:32:ca:de:8d: 15:06:82:f4:63:d9:6e:14:8b:d7:57:8f:76:e3:f6: 67:4a:8f:e6:85:cc:89:7f:db:f1:d3:8b:81:97:23: 25:65:b2:49:36:f6:85:ce:2f:f3:a2:21:cf:e4:42: 96:7c:0d:1b:9e:04:cd:79:60:40:a2:c4:44:b0:4d: 01:cf:e6:0d:2e:ad:96:1e:a8:53:0d:ea:f7:37:85: dc:b1:7a:0b:d8:1f:90:b8:07:da:63:5f:d1:cc:7d: de:dc:68:bb:75:00:5d:ae:cc:2a:b5:42:eb:d5:19: 61:e1:8a:d7:df:94:c6:01:40:52:83:c3:d0:ea:10: 7e:6b:4c:cc:13:7a:d1:20:f7:94:7a:48:1c:d8:a6: 8a:3a:be:06:92:26:c7:15:c5:87:1e:e9:ca:35:c7: 44:6b:62:31:62:6c:98:1e:15:78:4f:83:46:42:5d: 56:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:18:4E:44:EB:6C:59:4E:A4:71:B4:60:FB:47:95:B1:6B:FF:09:FE X509v3 Authority Key Identifier: keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/3xhOROtsWU6kcbRg-0eVsWv_Cf4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 31.129.244.0-31.129.246.255 Signature Algorithm: sha256WithRSAEncryption 18:8f:2b:81:77:5f:d4:c0:01:d8:47:70:b6:22:a6:5a:97:9c: 1d:9c:66:6b:00:a6:71:fe:55:39:e3:2d:42:c3:be:9e:63:a8: 09:89:12:80:81:db:62:ee:68:1e:24:39:87:bd:2c:4e:29:f8: df:ba:56:56:af:dd:5e:4f:1f:bb:aa:a1:d7:43:8a:7b:4e:8b: fd:ee:67:e2:7c:83:eb:10:21:71:c0:c0:bb:48:e9:f1:f5:ab: c8:5b:e8:d2:f6:51:5b:9e:61:11:ba:69:d6:52:50:cc:c3:77: 11:dd:7e:4d:4f:f0:4e:a5:b3:a1:71:74:91:b4:3d:d7:2a:ad: a7:cc:9d:a8:1a:86:51:34:bb:85:ea:d5:8b:62:52:e6:46:41: 9f:38:ff:0b:83:45:4f:7c:cc:2d:17:d6:4b:c1:5a:bd:7a:b7: c9:9f:1c:12:de:ac:09:2c:14:1d:d2:07:b9:c2:8d:f0:4b:88: da:86:63:18:64:37:2e:71:25:de:e8:71:71:e5:52:bf:f8:8a: 03:64:c1:7e:24:06:45:25:b3:0a:cc:be:2b:59:2f:eb:60:c5: 39:8c:7a:ce:05:e3:23:24:f8:f7:3e:30:a1:5e:68:74:88:80: 2f:5f:fa:f6:97:4b:2a:8c:52:f6:49:6e:bf:3c:90:5e:c6:e7: ab:3c:07:c8 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt/g9ORVuYmGwXsRLDzqZhyMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl ZTA4ZTAwHhcNMjYwMTAyMTYyMTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZjE4NGU0NGViNmM1OTRlYTQ3MWI0NjBmYjQ3OTViMTZiZmYwOWZlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6MJhb32H3U2h8rtDETWlPJPcl/E BTJYFdDmQmVoe0oZuhPe/+p0JuIHF74+UsBJ0cGB4REZMlFnvQMcKsaonvgThO7z naYog9ny8dN7pt0tUjfimDLK3o0VBoL0Y9luFIvXV4924/ZnSo/mhcyJf9vx04uB lyMlZbJJNvaFzi/zoiHP5EKWfA0bngTNeWBAosREsE0Bz+YNLq2WHqhTDer3N4Xc sXoL2B+QuAfaY1/RzH3e3Gi7dQBdrswqtULr1Rlh4YrX35TGAUBSg8PQ6hB+a0zM E3rRIPeUekgc2KaKOr4GkibHFcWHHunKNcdEa2IxYmyYHhV4T4NGQl1WRwIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFN8YTkTrbFlOpHG0YPtHlbFr/wn+MB8GA1UdIwQY MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt ODYzYzliM2QzMmIwLzEvM3hoT1JPdHNXVTZrY2JSZy0wZVZzV3ZfQ2Y0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIfgfQD BAAfgfYwDQYJKoZIhvcNAQELBQADggEBABiPK4F3X9TAAdhHcLYiplqXnB2cZmsA pnH+VTnjLULDvp5jqAmJEoCB22LuaB4kOYe9LE4p+N+6Vlav3V5PH7uqoddDintO i/3uZ+J8g+sQIXHAwLtI6fH1q8hb6NL2UVueYRG6adZSUMzDdxHdfk1P8E6ls6Fx dJG0PdcqrafMnagahlE0u4Xq1YtiUuZGQZ84/wuDRU98zC0X1kvBWr16t8mfHBLe rAksFB3SB7nCjfBLiNqGYxhkNy5xJd7ocXHlUr/4igNkwX4kBkUlswrMvitZL+tg xTmMes4F4yMk+Pc+MKFeaHSIgC9f+vaXSyqMUvZJbr88kF7G56s8B8g= -----END CERTIFICATE-----Generated at Sun Jan 25 19:43:08 2026 by rpki-client