This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/3q5RWSGOxCn-4vQQtjRT8k1IAvA.roa File: 3q5RWSGOxCn-4vQQtjRT8k1IAvA.roa (raw, json) Hash identifier: MIWK18fPNJwt93Pk47XkLTue9uAHSbtiIrZzbMWjVSU= Subject key identifier: DE:AE:51:59:21:8E:C4:29:FE:E2:F4:10:B6:34:53:F2:4D:48:02:F0 Certificate issuer: /CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7 Certificate serial: 019B790FF6EDB4DE55A24E9655180D260D31 Authority key identifier: C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/3q5RWSGOxCn-4vQQtjRT8k1IAvA.roa Signing time: Thu 01 Jan 2026 10:17:28 +0000 ROA not before: Thu 01 Jan 2026 10:17:28 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 35617 IP address blocks: 45.131.220.0/22 maxlen: 24 46.21.16.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/xs-pT2E045YOpfMYhGowzz6SLdc.crl rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/xs-pT2E045YOpfMYhGowzz6SLdc.mft rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:0f:f6:ed:b4:de:55:a2:4e:96:55:18:0d:26:0d:31 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c6cfa94f6134e3960ea5f318846a30cf3e922dd7 Validity Not Before: Jan 1 10:17:28 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=deae5159218ec429fee2f410b63453f24d4802f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:ca:6c:5c:92:58:e1:1b:4e:7c:99:20:42:ac: e2:6f:5a:33:e5:b0:ae:96:d6:5a:43:ec:0e:65:c9: 2a:2f:59:ca:1b:08:61:d4:05:d4:12:fd:cd:0f:43: 15:31:40:14:20:36:40:f7:18:69:c9:2c:7e:47:3d: 7d:7f:6f:a0:d6:f6:44:b4:11:8b:e6:df:4f:0a:ed: e3:13:21:f3:32:64:1d:6a:75:70:40:d2:28:71:28: d3:28:b1:e3:bb:76:c7:df:6f:92:04:c9:05:c8:68: ef:5e:f9:11:68:e9:f4:5f:d7:ad:d6:88:53:69:75: 0c:8f:d1:d5:3e:2c:41:53:03:3c:21:45:a0:f2:1a: 45:82:86:b6:3e:0e:7b:ff:c4:ab:69:8f:d1:26:6a: e7:d7:d4:c8:36:68:9a:7f:f5:9b:04:a6:84:7b:9a: 78:b7:51:8e:53:06:64:ae:2d:dd:76:4b:35:be:f3: 90:c9:62:2e:94:27:b0:9c:0a:25:73:33:39:0b:4c: 20:db:8a:27:f4:0c:76:72:71:e6:7a:48:27:b6:0d: 18:eb:38:9f:e6:1f:1b:1c:86:51:81:cd:02:1b:4c: 70:8a:44:72:47:49:2b:58:d3:a5:1d:69:72:7b:79: 0b:93:a0:22:75:7c:d1:ad:aa:93:d6:77:c6:d6:7e: 3b:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:AE:51:59:21:8E:C4:29:FE:E2:F4:10:B6:34:53:F2:4D:48:02:F0 X509v3 Authority Key Identifier: keyid:C6:CF:A9:4F:61:34:E3:96:0E:A5:F3:18:84:6A:30:CF:3E:92:2D:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xs-pT2E045YOpfMYhGowzz6SLdc.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/3q5RWSGOxCn-4vQQtjRT8k1IAvA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/959e03-78fc-4589-acde-f9a43709d00b/1/xs-pT2E045YOpfMYhGowzz6SLdc.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 45.131.220.0/22 46.21.16.0/22 Signature Algorithm: sha256WithRSAEncryption 8f:65:bf:14:23:0c:b3:85:fb:46:3d:c1:f6:a7:62:1c:a0:ff: a9:85:b8:5e:6b:86:ab:b2:17:a4:1c:02:08:60:cf:72:fc:64: 8b:b6:64:c7:45:3a:b1:fb:65:73:58:99:72:da:26:18:28:67: c2:54:94:88:90:0c:d8:bc:68:c2:64:2d:f2:59:e5:d2:c9:8b: b8:de:f4:eb:e7:e5:85:e9:01:f5:ec:73:bf:dd:9e:3c:34:6d: 8b:ea:49:cb:33:e0:ee:ec:d8:2d:34:ec:7c:e7:1a:0b:d3:07: 3a:04:9b:db:75:b6:ff:7b:a7:32:bd:81:9b:98:47:b4:20:95: de:13:3d:aa:6d:f9:c2:a5:60:7b:f4:c4:c6:eb:74:ab:c4:9c: ab:89:56:5b:72:80:db:50:b1:c1:10:34:fd:5b:81:7c:69:b1: 62:5d:4d:6d:35:f7:16:8c:c9:6f:a2:79:19:59:ea:48:a8:1d: 38:f5:f4:1d:f2:d9:b8:9a:fa:bb:0c:a6:dd:9d:49:19:1b:1a: c4:85:4b:ec:fd:18:57:e6:c5:7e:3f:cf:4f:53:98:a0:23:8c: be:73:44:02:7e:a2:b7:2b:6d:9f:1e:0c:9b:8b:c0:a5:fe:55: 6d:f9:41:a3:e3:e2:52:1f:be:d7:e3:46:2c:0b:93:20:45:d0: ad:af:f2:71 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5D/bttN5Vok6WVRgNJg0xMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM2Y2ZhOTRmNjEzNGUzOTYwZWE1ZjMxODg0NmEzMGNmM2U5 MjJkZDcwHhcNMjYwMTAxMTAxNzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWFlNTE1OTIxOGVjNDI5ZmVlMmY0MTBiNjM0NTNmMjRkNDgwMmYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8psXJJY4RtOfJkgQqzib1oz5bCu ltZaQ+wOZckqL1nKGwhh1AXUEv3ND0MVMUAUIDZA9xhpySx+Rz19f2+g1vZEtBGL 5t9PCu3jEyHzMmQdanVwQNIocSjTKLHju3bH32+SBMkFyGjvXvkRaOn0X9et1ohT aXUMj9HVPixBUwM8IUWg8hpFgoa2Pg57/8SraY/RJmrn19TINmiaf/WbBKaEe5p4 t1GOUwZkri3ddks1vvOQyWIulCewnAolczM5C0wg24on9Ax2cnHmekgntg0Y6zif 5h8bHIZRgc0CG0xwikRyR0krWNOlHWlye3kLk6AidXzRraqT1nfG1n470wIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN6uUVkhjsQp/uL0ELY0U/JNSALwMB8GA1UdIwQY MBaAFMbPqU9hNOOWDqXzGIRqMM8+ki3XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUt ZjlhNDM3MDlkMDBiLzEvM3E1UldTR094Q24tNHZRUXRqUlQ4azFJQXZBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xZi85NTllMDMtNzhmYy00NTg5LWFjZGUtZjlhNDM3MDlkMDBi LzEveHMtcFQyRTA0NVlPcGZNWWhHb3d6ejZTTGRjLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLYPcAwQC LhUQMA0GCSqGSIb3DQEBCwUAA4IBAQCPZb8UIwyzhftGPcH2p2IcoP+phbhea4ar shekHAIIYM9y/GSLtmTHRTqx+2VzWJly2iYYKGfCVJSIkAzYvGjCZC3yWeXSyYu4 3vTr5+WF6QH17HO/3Z48NG2L6knLM+Du7NgtNOx85xoL0wc6BJvbdbb/e6cyvYGb mEe0IJXeEz2qbfnCpWB79MTG63SrxJyriVZbcoDbULHBEDT9W4F8abFiXU1tNfcW jMlvonkZWepIqB049fQd8tm4mvq7DKbdnUkZGxrEhUvs/RhX5sV+P89PU5igI4y+ c0QCfqK3K22fHgybi8Cl/lVt+UGj4+JSH77X40YsC5MgRdCtr/Jx -----END CERTIFICATE-----Generated at Mon Jan 26 08:40:20 2026 by rpki-client