This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/l3jaT1bSWorYPTAH0tIKpX9ObJ0.roa File: l3jaT1bSWorYPTAH0tIKpX9ObJ0.roa (raw, json) Hash identifier: Xv2kbEZdjMxUOGqN/7wXLuOx7RktMUlXqMhlKu4Yx9w= Subject key identifier: 97:78:DA:4F:56:D2:5A:8A:D8:3D:30:07:D2:D2:0A:A5:7F:4E:6C:9D Certificate issuer: /CN=881ab180cb3517186221b3999b08b83af4f66945 Certificate serial: 019B7A5B02A4CD5AAE43C776E8ED8364700E Authority key identifier: 88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/l3jaT1bSWorYPTAH0tIKpX9ObJ0.roa Signing time: Thu 01 Jan 2026 16:19:03 +0000 ROA not before: Thu 01 Jan 2026 16:19:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215742 IP address blocks: 91.211.85.0/24 maxlen: 24 2a0d:ebc0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.crl rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.mft rsync://rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:02:a4:cd:5a:ae:43:c7:76:e8:ed:83:64:70:0e Signature Algorithm: sha256WithRSAEncryption Issuer: CN=881ab180cb3517186221b3999b08b83af4f66945 Validity Not Before: Jan 1 16:19:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9778da4f56d25a8ad83d3007d2d20aa57f4e6c9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:0f:92:d1:fb:08:8c:2d:c0:ba:82:6f:1a:a2: 34:e3:44:73:a4:03:9d:3f:e7:96:81:53:05:99:b3: d8:e0:5c:a4:8f:73:fe:85:84:de:fa:fd:2e:5c:4d: 81:f6:1d:a5:a8:5f:b6:f5:38:7d:78:fb:1b:da:99: 86:09:1a:4e:39:a4:d6:38:d9:0e:aa:c3:6d:cd:41: 7d:b7:cd:a8:c7:32:0f:f1:a5:b9:18:8e:5b:57:5e: 31:2b:5e:43:7a:df:22:41:14:2f:9c:8a:08:db:e1: 48:61:1d:b4:71:fb:c5:c1:e0:92:bf:3d:5d:cc:3c: 56:1c:fb:06:c9:5d:41:c7:c0:92:f1:d0:58:08:8b: 6b:a9:fc:2f:13:86:cc:6f:ca:bc:89:4a:75:89:6f: 81:80:4d:c4:30:55:e3:0f:34:de:ef:39:7d:ea:a4: f4:30:ba:b8:42:93:cc:59:cb:4b:6b:37:e9:81:83: b4:4f:71:8d:cd:7e:5e:0e:af:56:13:96:d8:d8:93: 41:04:44:7d:43:5f:a7:af:f2:00:a8:51:67:85:58: ff:82:90:4c:89:56:e8:58:ba:1a:cb:fe:b7:4e:aa: 75:59:08:2b:26:f1:f0:a5:53:0d:37:f0:a7:5d:be: 42:f8:97:a1:90:34:f5:bc:9f:88:a7:97:39:d2:cd: b4:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:78:DA:4F:56:D2:5A:8A:D8:3D:30:07:D2:D2:0A:A5:7F:4E:6C:9D X509v3 Authority Key Identifier: keyid:88:1A:B1:80:CB:35:17:18:62:21:B3:99:9B:08:B8:3A:F4:F6:69:45 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBqxgMs1FxhiIbOZmwi4OvT2aUU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/l3jaT1bSWorYPTAH0tIKpX9ObJ0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/33/c7f601-3fa2-4db6-a03d-3a63bf7630f5/1/iBqxgMs1FxhiIbOZmwi4OvT2aUU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.211.85.0/24 IPv6: 2a0d:ebc0::/32 Signature Algorithm: sha256WithRSAEncryption 61:ee:fb:27:77:82:05:f4:f2:47:6e:24:9b:76:73:98:40:bb: 9d:e9:ea:3b:5b:b6:e4:3a:77:39:0e:6e:4a:66:99:ee:48:cc: b4:82:92:a6:c2:57:06:6f:a6:f2:4a:1c:7e:6f:44:99:bb:41: 4c:6d:dc:e8:a6:fb:bf:ea:7b:f5:97:3d:f3:df:01:4d:8e:89: 14:d4:ac:f6:64:ba:ce:48:f9:d1:c6:58:c8:99:64:38:e5:1f: 48:c7:7e:c2:da:56:a4:e4:c2:9d:e1:1b:9f:42:8f:4a:be:b9: 3a:a9:c8:6d:38:71:a3:37:3e:e0:60:6f:8c:c1:d0:a0:4d:43: c4:d5:49:0c:6b:1f:5f:ca:0f:f7:8d:18:f7:8e:8e:46:45:26: e7:4c:ff:cc:7d:0a:c6:9c:f0:62:56:f2:5d:d0:0e:03:db:54: 28:0d:4f:86:7b:79:e4:83:d3:04:05:ac:fd:36:53:6f:c5:dd: 9b:e2:a6:44:0f:52:17:a9:f5:5e:3e:0f:b8:4e:c4:da:a3:58: 8b:c6:c6:0f:38:32:b4:47:d2:3f:15:e7:74:c3:a4:b2:d6:df: 4f:91:6c:1f:f3:08:8d:2c:a2:3c:32:c9:c3:2b:d1:32:68:b4: 15:1b:63:0e:4d:c2:ce:a1:39:b8:7a:ec:59:64:f2:1e:0e:d3: 38:55:2f:d8 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt6WwKkzVquQ8d26O2DZHAOMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MWFiMTgwY2IzNTE3MTg2MjIxYjM5OTliMDhiODNhZjRm NjY5NDUwHhcNMjYwMTAxMTYxOTAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5Nzc4ZGE0ZjU2ZDI1YThhZDgzZDMwMDdkMmQyMGFhNTdmNGU2YzlkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg+S0fsIjC3AuoJvGqI040RzpAOd P+eWgVMFmbPY4Fykj3P+hYTe+v0uXE2B9h2lqF+29Th9ePsb2pmGCRpOOaTWONkO qsNtzUF9t82oxzIP8aW5GI5bV14xK15Det8iQRQvnIoI2+FIYR20cfvFweCSvz1d zDxWHPsGyV1Bx8CS8dBYCItrqfwvE4bMb8q8iUp1iW+BgE3EMFXjDzTe7zl96qT0 MLq4QpPMWctLazfpgYO0T3GNzX5eDq9WE5bY2JNBBER9Q1+nr/IAqFFnhVj/gpBM iVboWLoay/63Tqp1WQgrJvHwpVMNN/CnXb5C+JehkDT1vJ+Ip5c50s20XwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFJd42k9W0lqK2D0wB9LSCqV/TmydMB8GA1UdIwQY MBaAFIgasYDLNRcYYiGzmZsIuDr09mlFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUJxeGdNczFGeGhpSWJPWm13aTRPdlQyYVVVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9jN2Y2MDEtM2ZhMi00ZGI2LWEwM2Qt M2E2M2JmNzYzMGY1LzEvbDNqYVQxYlNXb3JZUFRBSDB0SUtwWDlPYkowLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zMy9jN2Y2MDEtM2ZhMi00ZGI2LWEwM2QtM2E2M2JmNzYzMGY1 LzEvaUJxeGdNczFGeGhpSWJPWm13aTRPdlQyYVVVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9NVMA0E AgACMAcDBQAqDevAMA0GCSqGSIb3DQEBCwUAA4IBAQBh7vsnd4IF9PJHbiSbdnOY QLud6eo7W7bkOnc5Dm5KZpnuSMy0gpKmwlcGb6byShx+b0SZu0FMbdzopvu/6nv1 lz3z3wFNjokU1Kz2ZLrOSPnRxljImWQ45R9Ix37C2lak5MKd4RufQo9Kvrk6qcht OHGjNz7gYG+MwdCgTUPE1UkMax9fyg/3jRj3jo5GRSbnTP/MfQrGnPBiVvJd0A4D 21QoDU+Ge3nkg9MEBaz9NlNvxd2b4qZED1IXqfVePg+4TsTao1iLxsYPODK0R9I/ Fed0w6Sy1t9PkWwf8wiNLKI8MsnDK9EyaLQVG2MOTcLOoTm4euxZZPIeDtM4VS/Y -----END CERTIFICATE-----Generated at Mon Jan 26 04:50:15 2026 by rpki-client