This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/3_hTG1VNNECdXWtHf_y7Mh1I0-I.roa File: 3_hTG1VNNECdXWtHf_y7Mh1I0-I.roa (raw, json) Hash identifier: WyvWKO62KaRIQphftD3eJM5VgxI16MZECLiFVVDTedM= Subject key identifier: DF:F8:53:1B:55:4D:34:40:9D:5D:6B:47:7F:FC:BB:32:1D:48:D3:E2 Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Certificate serial: 019B76EB96E6F3472E0EA408696520C2D838 Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/3_hTG1VNNECdXWtHf_y7Mh1I0-I.roa Signing time: Thu 01 Jan 2026 00:18:29 +0000 ROA not before: Thu 01 Jan 2026 00:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204489 IP address blocks: 152.89.132.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.mft rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:eb:96:e6:f3:47:2e:0e:a4:08:69:65:20:c2:d8:38 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac Validity Not Before: Jan 1 00:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dff8531b554d34409d5d6b477ffcbb321d48d3e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:87:8b:e6:96:55:53:80:45:b7:7b:f3:e1:70: 28:2f:86:df:5f:97:31:75:ea:ec:8f:7d:c4:89:33: 44:cb:d4:58:e3:08:39:c6:0a:5b:0c:54:c8:b7:07: 76:b8:bd:be:06:29:52:15:eb:8a:f5:85:81:20:9d: bb:2a:88:3b:b8:07:dd:3a:51:2d:06:20:c8:e0:0c: 61:b3:b1:e0:0f:2a:27:3e:2f:6d:84:5f:4a:fc:18: f3:8d:02:88:62:0b:62:de:9c:cf:4e:9f:89:57:d7: 61:1f:a6:05:6d:91:79:ca:73:ea:3e:81:5b:05:c5: 86:84:9b:03:9d:84:80:05:db:32:f4:d0:d2:8c:cf: 3c:17:5c:36:13:83:a8:8e:5b:f8:47:48:bb:e3:cd: bc:15:33:57:84:fc:3a:82:e5:0d:11:ab:9b:e6:28: 53:01:68:51:9e:5a:cb:80:4a:bb:d7:66:29:c7:28: 64:62:bf:09:c6:9d:30:8c:10:79:42:c5:df:14:1b: 0d:98:93:c6:36:7c:a3:14:0f:46:9f:9f:84:fb:1d: 6e:38:36:dd:1e:14:64:1f:9c:7f:12:2a:11:54:9d: 53:10:b5:be:fd:80:66:3f:0c:6b:f8:d5:a6:f8:45: ba:06:56:9b:b6:72:cf:ee:6c:b2:20:7b:5b:9e:f0: 17:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F8:53:1B:55:4D:34:40:9D:5D:6B:47:7F:FC:BB:32:1D:48:D3:E2 X509v3 Authority Key Identifier: keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/3_hTG1VNNECdXWtHf_y7Mh1I0-I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 152.89.132.0/24 Signature Algorithm: sha256WithRSAEncryption 23:03:46:1c:23:af:c6:85:e6:24:87:bb:99:e8:8b:3c:f1:67: 37:74:58:8b:cf:5d:cf:00:c8:7c:37:b7:2c:12:7d:d1:1c:8c: 44:e7:a6:35:68:4a:ed:04:0b:63:88:00:21:6f:11:9b:15:2a: ac:fe:aa:a3:a3:21:ed:c8:29:2e:93:ce:cc:f8:2f:2c:e0:96: 8c:2f:84:49:cb:78:0e:bc:04:22:6e:5d:94:a7:82:be:3a:a3: c3:67:c5:2d:d2:a1:44:3c:1e:b1:b8:cb:5c:91:b5:bc:1a:d9: 5e:1d:fc:8a:97:0e:e3:b4:59:80:ac:f0:69:61:ef:50:4e:86: b3:20:be:c3:03:c3:66:a1:57:05:ba:86:17:6f:81:e5:a7:98: df:9b:2f:25:63:70:79:ca:43:af:37:71:f6:4f:7d:f9:c7:e3: 22:d2:92:1d:e9:b0:70:b9:6a:71:c6:86:55:f0:e1:38:51:c0: d7:95:77:56:d7:5a:8c:bf:a0:d8:ff:a5:67:fa:85:30:63:28: f4:06:b0:e8:43:d6:55:46:99:1b:76:16:6b:c4:83:db:ab:cf: 1a:e0:f0:ff:47:a0:f7:ea:30:5a:78:34:5d:46:23:27:23:3e: 92:06:fc:15:b2:9e:4a:e1:24:cb:4d:dc:f8:44:19:80:32:3c: c3:fd:69:16 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt265bm80cuDqQIaWUgwtg4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI3MjU4OGMwMGVlZjcxNTgwOWViNWZkZDZkNjcxN2NjMjhj MGRmYWMwHhcNMjYwMTAxMDAxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmY4NTMxYjU1NGQzNDQwOWQ1ZDZiNDc3ZmZjYmIzMjFkNDhkM2UyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIeL5pZVU4BFt3vz4XAoL4bfX5cx dersj33EiTNEy9RY4wg5xgpbDFTItwd2uL2+BilSFeuK9YWBIJ27Kog7uAfdOlEt BiDI4Axhs7HgDyonPi9thF9K/BjzjQKIYgti3pzPTp+JV9dhH6YFbZF5ynPqPoFb BcWGhJsDnYSABdsy9NDSjM88F1w2E4Oojlv4R0i74828FTNXhPw6guUNEaub5ihT AWhRnlrLgEq712YpxyhkYr8Jxp0wjBB5QsXfFBsNmJPGNnyjFA9Gn5+E+x1uODbd HhRkH5x/EioRVJ1TELW+/YBmPwxr+NWm+EW6BlabtnLP7myyIHtbnvAX9wIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN/4UxtVTTRAnV1rR3/8uzIdSNPiMB8GA1UdIwQY MBaAFLcliMAO73FYCetf3W1nF8wowN+sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUt N2E0MTI1NGVhYWNhLzEvM19oVEcxVk5ORUNkWFd0SGZfeTdNaDFJMC1JLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC9lYmJhYzktZmVlNy00ZjNiLThjZDUtN2E0MTI1NGVhYWNh LzEvdHlXSXdBN3ZjVmdKNjFfZGJXY1h6Q2pBMzZ3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFmEMA0G CSqGSIb3DQEBCwUAA4IBAQAjA0YcI6/GheYkh7uZ6Is88Wc3dFiLz13PAMh8N7cs En3RHIxE56Y1aErtBAtjiAAhbxGbFSqs/qqjoyHtyCkuk87M+C8s4JaML4RJy3gO vAQibl2Up4K+OqPDZ8Ut0qFEPB6xuMtckbW8GtleHfyKlw7jtFmArPBpYe9QToaz IL7DA8NmoVcFuoYXb4Hlp5jfmy8lY3B5ykOvN3H2T335x+Mi0pId6bBwuWpxxoZV 8OE4UcDXlXdW11qMv6DY/6Vn+oUwYyj0BrDoQ9ZVRpkbdhZrxIPbq88a4PD/R6D3 6jBaeDRdRiMnIz6SBvwVsp5K4STLTdz4RBmAMjzD/WkW -----END CERTIFICATE-----Generated at Mon Jan 26 07:07:07 2026 by rpki-client