This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/_3SsPoZz4ndBlE9FKTU4o6A47bQ.roa File: _3SsPoZz4ndBlE9FKTU4o6A47bQ.roa (raw, json) Hash identifier: YLTYKbUjdWoX7zGu97DHQcaZdG5VUWTXRbFjuRFb06w= Subject key identifier: FF:74:AC:3E:86:73:E2:77:41:94:4F:45:29:35:38:A3:A0:38:ED:B4 Certificate issuer: /CN=8568407047a62e648300c5182a29353ff58eb05f Certificate serial: 019B7DCAE9FF513260529DD1DA31EC55F09C Authority key identifier: 85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/_3SsPoZz4ndBlE9FKTU4o6A47bQ.roa Signing time: Fri 02 Jan 2026 08:20:08 +0000 ROA not before: Fri 02 Jan 2026 08:20:08 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60609 IP address blocks: 185.232.48.0/24 maxlen: 24 185.232.49.0/24 maxlen: 24 185.232.50.0/24 maxlen: 24 185.232.51.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.mft rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:e9:ff:51:32:60:52:9d:d1:da:31:ec:55:f0:9c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=8568407047a62e648300c5182a29353ff58eb05f Validity Not Before: Jan 2 08:20:08 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff74ac3e8673e27741944f45293538a3a038edb4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:6a:b2:6c:8e:a7:3d:60:45:23:2f:e0:3b:ed: 04:d3:50:fc:f4:2a:d6:06:6a:e4:b5:87:93:b4:eb: 77:9b:3e:ec:16:dd:49:29:1a:43:97:d5:94:bb:f0: 2c:a7:99:9d:14:8b:32:d0:1d:e2:5f:31:3b:58:ba: c0:f9:0c:73:4a:4b:4e:58:cd:1d:32:eb:d6:92:e4: ac:3e:0b:13:5d:ac:41:9b:79:0b:93:15:7b:a4:59: 86:12:e8:4b:19:d9:1e:54:c3:3e:69:b2:fc:16:72: 75:0e:bd:4f:20:d4:b0:87:4d:9d:2b:c3:da:e6:1a: 04:be:a7:23:aa:0f:5f:1f:5e:62:a7:a5:50:b0:45: 8e:4c:b2:ad:de:69:6f:92:b4:a9:e5:ff:81:50:cc: 0a:92:d1:1b:7f:08:35:2c:c2:ab:8d:58:96:a4:d7: a5:11:0c:42:f3:b9:e3:93:86:cf:0b:c3:65:37:98: c9:8a:69:72:d3:2c:71:51:c7:59:21:8b:41:24:0b: db:d2:c8:eb:99:ae:35:75:8b:5c:0d:e6:aa:a7:5d: c5:e9:f6:31:f2:cc:e3:ec:98:d4:8c:4e:20:68:8f: e4:34:e5:3c:62:0c:34:0b:a1:51:f1:8c:c7:9a:0a: 42:ae:bb:55:44:d5:27:a8:36:58:73:36:56:48:34: cd:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:74:AC:3E:86:73:E2:77:41:94:4F:45:29:35:38:A3:A0:38:ED:B4 X509v3 Authority Key Identifier: keyid:85:68:40:70:47:A6:2E:64:83:00:C5:18:2A:29:35:3F:F5:8E:B0:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hWhAcEemLmSDAMUYKik1P_WOsF8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/_3SsPoZz4ndBlE9FKTU4o6A47bQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/320395-70c0-4002-a362-ed3e98c656e1/1/hWhAcEemLmSDAMUYKik1P_WOsF8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.232.48.0/22 Signature Algorithm: sha256WithRSAEncryption 76:d5:50:96:08:dc:bf:6d:69:38:eb:8e:2e:a1:4f:b3:75:43: 88:ba:6a:a5:3f:b1:1c:ba:2a:e5:1d:3f:d4:1b:1f:f4:64:a4: f4:00:60:aa:2c:d0:13:a1:b0:f3:c8:99:13:1c:91:41:ab:fe: 0e:8a:70:eb:81:50:7e:cb:b1:ca:7f:f3:63:c8:83:f5:79:95: 41:51:db:c1:88:f1:b1:e9:04:81:39:ad:0f:73:85:14:43:ef: 35:19:99:ed:c9:a3:ec:9e:5c:56:91:ae:e3:ca:46:1c:07:5c: b9:a2:04:da:8b:ee:a9:4e:33:8f:fb:57:96:81:3f:73:2f:eb: fd:8e:68:28:59:cc:07:1d:6d:1c:84:81:98:ff:d1:0b:fe:64: 49:32:9c:b8:2c:44:15:c8:99:f8:7a:00:1b:51:a4:48:5b:5d: b0:a0:31:1e:c4:22:01:e4:2f:64:34:05:90:fe:0a:f7:5d:0c: 04:e9:4c:33:05:26:48:28:17:e0:67:ef:d8:38:81:ca:2d:d9: ba:04:a5:7a:e1:c2:34:5e:fe:e4:09:64:fb:e2:73:41:d9:6b: 8e:9c:a8:82:44:ff:94:c8:86:a9:7e:ac:e9:87:26:db:38:92: ac:65:da:f5:ef:76:f0:ee:70:9a:02:c2:69:58:55:af:77:ae: 81:88:39:55 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt9yun/UTJgUp3R2jHsVfCcMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg1Njg0MDcwNDdhNjJlNjQ4MzAwYzUxODJhMjkzNTNmZjU4 ZWIwNWYwHhcNMjYwMTAyMDgyMDA4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjc0YWMzZTg2NzNlMjc3NDE5NDRmNDUyOTM1MzhhM2EwMzhlZGI0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGqybI6nPWBFIy/gO+0E01D89CrW BmrktYeTtOt3mz7sFt1JKRpDl9WUu/Asp5mdFIsy0B3iXzE7WLrA+QxzSktOWM0d MuvWkuSsPgsTXaxBm3kLkxV7pFmGEuhLGdkeVMM+abL8FnJ1Dr1PINSwh02dK8Pa 5hoEvqcjqg9fH15ip6VQsEWOTLKt3mlvkrSp5f+BUMwKktEbfwg1LMKrjViWpNel EQxC87njk4bPC8NlN5jJimly0yxxUcdZIYtBJAvb0sjrma41dYtcDeaqp13F6fYx 8szj7JjUjE4gaI/kNOU8Ygw0C6FR8YzHmgpCrrtVRNUnqDZYczZWSDTNRQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFP90rD6Gc+J3QZRPRSk1OKOgOO20MB8GA1UdIwQY MBaAFIVoQHBHpi5kgwDFGCopNT/1jrBfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjIt ZWQzZTk4YzY1NmUxLzEvXzNTc1BvWno0bmRCbEU5RktUVTRvNkE0N2JRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8zMjAzOTUtNzBjMC00MDAyLWEzNjItZWQzZTk4YzY1NmUx LzEvaFdoQWNFZW1MbVNEQU1VWUtpazFQX1dPc0Y4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuegwMA0G CSqGSIb3DQEBCwUAA4IBAQB21VCWCNy/bWk4644uoU+zdUOIumqlP7EcuirlHT/U Gx/0ZKT0AGCqLNATobDzyJkTHJFBq/4OinDrgVB+y7HKf/NjyIP1eZVBUdvBiPGx 6QSBOa0Pc4UUQ+81GZntyaPsnlxWka7jykYcB1y5ogTai+6pTjOP+1eWgT9zL+v9 jmgoWcwHHW0chIGY/9EL/mRJMpy4LEQVyJn4egAbUaRIW12woDEexCIB5C9kNAWQ /gr3XQwE6UwzBSZIKBfgZ+/YOIHKLdm6BKV64cI0Xv7kCWT74nNB2WuOnKiCRP+U yIapfqzphybbOJKsZdr173bw7nCaAsJpWFWvd66BiDlV -----END CERTIFICATE-----Generated at Mon Jan 26 01:15:13 2026 by rpki-client