This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/3mS5hMWhKlnGO3h-ssMwusOTMaM.roa File: 3mS5hMWhKlnGO3h-ssMwusOTMaM.roa (raw, json) Hash identifier: f29QqM6z7OhHISNe7rHupfilJIPnryz8YS8+zsLSDfs= Subject key identifier: DE:64:B9:84:C5:A1:2A:59:C6:3B:78:7E:B2:C3:30:BA:C3:93:31:A3 Certificate issuer: /CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd Certificate serial: 019B797E06CA241E0EB709642D77897DD515 Authority key identifier: D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/3mS5hMWhKlnGO3h-ssMwusOTMaM.roa Signing time: Thu 01 Jan 2026 12:17:41 +0000 ROA not before: Thu 01 Jan 2026 12:17:41 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 202111 IP address blocks: 46.252.8.0/21 maxlen: 21 46.252.12.0/22 maxlen: 22 2a00:5900::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.mft rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 21:01:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:06:ca:24:1e:0e:b7:09:64:2d:77:89:7d:d5:15 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d8284f18cd44604bdd6d08f4d878dc61456c40fd Validity Not Before: Jan 1 12:17:41 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de64b984c5a12a59c63b787eb2c330bac39331a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:77:e4:ad:67:e1:ee:00:50:d1:fd:ef:21:f1: 65:68:8a:89:a1:cf:11:f0:f5:7a:71:9e:33:96:9e: 0a:0e:94:b2:d5:3c:52:c7:41:cd:72:ba:9f:cf:c5: fe:46:8d:b4:dc:32:07:c1:c6:21:7e:70:94:b8:bc: fb:33:70:1e:20:30:97:45:4e:b2:45:b7:d0:0f:fc: 06:58:af:38:54:39:66:bc:d0:1b:14:03:e4:ed:18: 6b:8c:af:ec:ba:3d:8a:8c:68:61:d4:39:b0:8d:09: 1e:b5:8e:b9:f8:fd:dc:44:f2:1c:da:f9:4f:5a:01: b1:3d:b6:aa:21:35:46:16:d7:f7:26:89:13:a7:40: c9:56:22:18:79:79:7c:22:9d:fc:f3:4b:5d:59:db: eb:27:24:73:16:d8:e7:ba:b3:b1:9e:6b:2f:c9:b4: b0:9c:37:64:cf:1f:85:8e:49:19:c9:98:54:b8:53: 84:09:12:10:19:d2:bf:8d:ae:66:7f:79:85:31:97: da:d6:64:08:09:2e:09:8d:2b:8a:d5:a1:0e:58:3f: 2b:4d:ca:a1:cb:0d:5f:d1:0e:d3:8a:b6:ee:82:02: cb:d3:dd:7d:9f:81:e5:4d:4f:88:9f:24:52:9c:35: 77:97:d4:ce:87:a6:0c:57:2a:50:16:7d:36:85:7a: d5:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:64:B9:84:C5:A1:2A:59:C6:3B:78:7E:B2:C3:30:BA:C3:93:31:A3 X509v3 Authority Key Identifier: keyid:D8:28:4F:18:CD:44:60:4B:DD:6D:08:F4:D8:78:DC:61:45:6C:40:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2ChPGM1EYEvdbQj02HjcYUVsQP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/3mS5hMWhKlnGO3h-ssMwusOTMaM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/2652cd-7ecf-49e8-a4f8-c7869128582c/1/2ChPGM1EYEvdbQj02HjcYUVsQP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 46.252.8.0/21 IPv6: 2a00:5900::/32 Signature Algorithm: sha256WithRSAEncryption 45:9f:4c:ad:51:2a:f4:30:ab:76:6c:37:aa:10:eb:d2:aa:d8: a2:3c:27:83:5f:ea:90:b2:ab:9d:2e:65:6a:1e:cb:78:c8:ed: da:8a:b7:c6:4a:89:7b:b6:eb:48:3a:4c:89:7f:b7:d1:4f:36: f6:f1:3d:13:31:da:8b:e1:0e:03:3a:5b:f1:10:65:94:d1:0d: c2:8a:c6:d1:87:61:36:b4:47:0b:61:dd:b0:6e:c3:c2:a0:51: f1:b1:07:df:c8:f8:5b:ff:42:d4:38:ef:67:7d:7f:86:ce:f2: cf:31:26:d9:97:82:53:cb:89:06:45:a2:fe:d0:25:7a:02:ce: 32:8d:0e:50:31:9d:1c:70:b8:1b:34:18:5a:89:e7:34:8c:b6: 6c:fd:02:f9:b7:4d:6f:b2:6b:05:f2:2b:ab:45:c2:31:3f:f9: a4:e8:2f:f0:4c:fa:99:e2:16:c3:57:14:d5:e1:9d:53:b6:d9: 6c:8f:f5:cc:48:a2:18:73:25:5a:82:cb:06:4b:da:26:87:d3: 1b:d6:8d:90:0d:ff:55:9f:67:82:b6:f2:e4:4c:89:a3:69:4c: fc:45:47:df:b8:48:79:7e:87:ca:a8:68:f0:6c:72:36:1c:7a: 8a:7c:05:42:45:13:8d:e5:1c:8f:52:f6:17:25:eb:e1:79:5b: e8:2f:71:42 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt5fgbKJB4OtwlkLXeJfdUVMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQ4Mjg0ZjE4Y2Q0NDYwNGJkZDZkMDhmNGQ4NzhkYzYxNDU2 YzQwZmQwHhcNMjYwMTAxMTIxNzQxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTY0Yjk4NGM1YTEyYTU5YzYzYjc4N2ViMmMzMzBiYWMzOTMzMWEzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXfkrWfh7gBQ0f3vIfFlaIqJoc8R 8PV6cZ4zlp4KDpSy1TxSx0HNcrqfz8X+Ro203DIHwcYhfnCUuLz7M3AeIDCXRU6y RbfQD/wGWK84VDlmvNAbFAPk7RhrjK/suj2KjGhh1DmwjQketY65+P3cRPIc2vlP WgGxPbaqITVGFtf3JokTp0DJViIYeXl8Ip3880tdWdvrJyRzFtjnurOxnmsvybSw nDdkzx+FjkkZyZhUuFOECRIQGdK/ja5mf3mFMZfa1mQICS4JjSuK1aEOWD8rTcqh yw1f0Q7TirbuggLL0919n4HlTU+InyRSnDV3l9TOh6YMVypQFn02hXrV+wIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFN5kuYTFoSpZxjt4frLDMLrDkzGjMB8GA1UdIwQY MBaAFNgoTxjNRGBL3W0I9Nh43GFFbED9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0Zjgt Yzc4NjkxMjg1ODJjLzEvM21TNWhNV2hLbG5HTzNoLXNzTXd1c09UTWFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81Yi8yNjUyY2QtN2VjZi00OWU4LWE0ZjgtYzc4NjkxMjg1ODJj LzEvMkNoUEdNMUVZRXZkYlFqMDJIamNZVVZzUVAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDLvwIMA0E AgACMAcDBQAqAFkAMA0GCSqGSIb3DQEBCwUAA4IBAQBFn0ytUSr0MKt2bDeqEOvS qtiiPCeDX+qQsqudLmVqHst4yO3airfGSol7tutIOkyJf7fRTzb28T0TMdqL4Q4D OlvxEGWU0Q3CisbRh2E2tEcLYd2wbsPCoFHxsQffyPhb/0LUOO9nfX+GzvLPMSbZ l4JTy4kGRaL+0CV6As4yjQ5QMZ0ccLgbNBhaiec0jLZs/QL5t01vsmsF8iurRcIx P/mk6C/wTPqZ4hbDVxTV4Z1Tttlsj/XMSKIYcyVagssGS9omh9Mb1o2QDf9Vn2eC tvLkTImjaUz8RUffuEh5fofKqGjwbHI2HHqKfAVCRRON5RyPUvYXJevheVvoL3FC -----END CERTIFICATE-----Generated at Mon Jan 26 04:40:34 2026 by rpki-client