This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/3heoB5H6nwVD5XDGalpHob00ZGg.roa File: 3heoB5H6nwVD5XDGalpHob00ZGg.roa (raw, json) Hash identifier: 87D/niWiK3l9WEwu2pgKGsQoAKAMJw/GKgoLFV16q2c= Subject key identifier: DE:17:A8:07:91:FA:9F:05:43:E5:70:C6:6A:5A:47:A1:BD:34:64:68 Certificate issuer: /CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Certificate serial: 019B790FFF90D8793D7A0018953A532C8661 Authority key identifier: 2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/3heoB5H6nwVD5XDGalpHob00ZGg.roa Signing time: Thu 01 Jan 2026 10:17:30 +0000 ROA not before: Thu 01 Jan 2026 10:17:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 200590 IP address blocks: 78.142.250.0/23 maxlen: 23 78.142.250.0/24 maxlen: 24 78.142.251.0/24 maxlen: 24 195.7.12.0/24 maxlen: 24 195.7.13.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.mft rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:0f:ff:90:d8:79:3d:7a:00:18:95:3a:53:2c:86:61 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2f93d3ba197f5ce3098bfa7700b43854eaa80e9e Validity Not Before: Jan 1 10:17:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de17a80791fa9f0543e570c66a5a47a1bd346468 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:87:5f:6c:32:5b:e1:10:0a:b8:f9:c9:05:0d:7f: 9b:9f:7a:cc:b4:76:9a:99:61:7c:6d:c5:a2:b4:80: 36:69:99:17:19:a7:f6:50:31:c5:1a:02:61:2a:6d: e9:24:95:9b:4b:87:e6:8c:d2:f9:e6:34:8f:f8:93: cd:76:d6:fc:e4:ac:3d:c5:7d:29:2c:73:52:2b:cd: de:4d:6a:7a:51:dd:89:e3:a0:ae:22:3b:4a:83:84: 8c:cb:cb:f2:b6:b4:14:d8:54:71:83:1e:f0:c6:44: 68:f6:42:08:f0:a4:d9:20:0f:a6:ab:cb:d4:0c:7e: 09:63:b2:77:da:ea:b4:cf:18:82:c5:2c:93:d1:c7: 2e:97:fd:bc:b2:75:89:80:45:c6:b0:80:b5:a8:9a: 9d:4e:b3:63:a8:fc:ef:9a:45:f2:67:3d:b2:47:56: d0:7e:c9:e0:27:9a:a0:6d:21:5e:6b:13:36:c5:45: 11:0d:ce:c4:15:a5:e0:a5:e9:af:e4:d2:c8:51:28: 3a:d3:a6:55:e9:ef:98:14:fa:b6:c5:6e:aa:6f:da: ef:63:4a:26:03:0e:2f:bb:b6:20:8a:3c:75:7d:de: 42:8c:96:b5:ff:4f:9d:74:17:28:57:70:a2:bd:59: f1:5f:0f:db:31:43:2b:16:f6:cb:99:46:2e:b6:47: 38:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:17:A8:07:91:FA:9F:05:43:E5:70:C6:6A:5A:47:A1:BD:34:64:68 X509v3 Authority Key Identifier: keyid:2F:93:D3:BA:19:7F:5C:E3:09:8B:FA:77:00:B4:38:54:EA:A8:0E:9E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/3heoB5H6nwVD5XDGalpHob00ZGg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/24/7a87a0-8014-4605-9fb5-9e71dc24a683/1/L5PTuhl_XOMJi_p3ALQ4VOqoDp4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 78.142.250.0/23 195.7.12.0/23 Signature Algorithm: sha256WithRSAEncryption 16:ec:be:9e:52:ec:61:7f:98:95:6f:ab:ef:dd:66:09:60:92: b6:4a:b3:7a:48:96:2f:a9:86:88:d4:2f:de:58:85:10:f1:a0: 96:94:92:26:16:ee:68:5b:76:dc:1c:20:de:2a:1c:75:f6:2e: ce:06:6b:36:8f:60:6d:71:cf:f0:05:6e:a7:f5:ea:9b:dc:d0: 68:76:40:e1:09:b9:78:2d:6e:ed:dc:cb:fa:89:79:a8:7b:27: 5c:e0:f4:84:be:33:27:ca:c8:6b:42:c3:0f:d5:e6:77:30:fa: 11:91:4c:a5:3c:e8:20:e7:d8:c3:54:f3:c1:4b:64:ba:ca:1c: f4:33:0d:7d:b1:17:3a:c1:54:ed:5f:5f:0e:0d:c7:38:9e:d6: ba:f9:7b:d3:cc:02:c1:75:48:69:d3:04:54:66:d2:cc:8e:72: 2c:d0:45:22:2a:3b:77:6e:95:b1:e0:34:ad:b4:64:97:94:cd: 16:6b:8c:f4:cc:da:89:52:30:22:31:f7:55:83:df:28:10:53: cf:50:2b:82:7a:c7:51:59:a2:45:1b:de:49:d5:b0:ba:7b:5d: 73:2a:3a:52:f5:da:31:6d:6e:d9:48:bb:0a:af:70:8a:8d:95: 8b:c0:c0:12:3e:aa:eb:74:8e:b3:d8:41:34:79:40:3e:61:23: 03:40:15:63 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt5D/+Q2Hk9egAYlTpTLIZhMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDJmOTNkM2JhMTk3ZjVjZTMwOThiZmE3NzAwYjQzODU0ZWFh ODBlOWUwHhcNMjYwMTAxMTAxNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTE3YTgwNzkxZmE5ZjA1NDNlNTcwYzY2YTVhNDdhMWJkMzQ2NDY4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh19sMlvhEAq4+ckFDX+bn3rMtHaa mWF8bcWitIA2aZkXGaf2UDHFGgJhKm3pJJWbS4fmjNL55jSP+JPNdtb85Kw9xX0p LHNSK83eTWp6Ud2J46CuIjtKg4SMy8vytrQU2FRxgx7wxkRo9kII8KTZIA+mq8vU DH4JY7J32uq0zxiCxSyT0ccul/28snWJgEXGsIC1qJqdTrNjqPzvmkXyZz2yR1bQ fsngJ5qgbSFeaxM2xUURDc7EFaXgpemv5NLIUSg606ZV6e+YFPq2xW6qb9rvY0om Aw4vu7Ygijx1fd5CjJa1/0+ddBcoV3CivVnxXw/bMUMrFvbLmUYutkc4BQIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN4XqAeR+p8FQ+VwxmpaR6G9NGRoMB8GA1UdIwQY MBaAFC+T07oZf1zjCYv6dwC0OFTqqA6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUt OWU3MWRjMjRhNjgzLzEvM2hlb0I1SDZud1ZENVhER2FscEhvYjAwWkdnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yNC83YTg3YTAtODAxNC00NjA1LTlmYjUtOWU3MWRjMjRhNjgz LzEvTDVQVHVobF9YT01KaV9wM0FMUTRWT3FvRHA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBTo76AwQB wwcMMA0GCSqGSIb3DQEBCwUAA4IBAQAW7L6eUuxhf5iVb6vv3WYJYJK2SrN6SJYv qYaI1C/eWIUQ8aCWlJImFu5oW3bcHCDeKhx19i7OBms2j2Btcc/wBW6n9eqb3NBo dkDhCbl4LW7t3Mv6iXmoeydc4PSEvjMnyshrQsMP1eZ3MPoRkUylPOgg59jDVPPB S2S6yhz0Mw19sRc6wVTtX18ODcc4nta6+XvTzALBdUhp0wRUZtLMjnIs0EUiKjt3 bpWx4DSttGSXlM0Wa4z0zNqJUjAiMfdVg98oEFPPUCuCesdRWaJFG95J1bC6e11z KjpS9doxbW7ZSLsKr3CKjZWLwMASPqrrdI6z2EE0eUA+YSMDQBVj -----END CERTIFICATE-----Generated at Sun Jan 25 15:02:12 2026 by rpki-client