This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/_3kzqKok3z7fQDLrnmIfOGBMWpE.roa File: _3kzqKok3z7fQDLrnmIfOGBMWpE.roa (raw, json) Hash identifier: vrsV62/+f0qeXZvSNXU86WQluWpB748JDnGujS/D0TU= Subject key identifier: FF:79:33:A8:AA:24:DF:3E:DF:40:32:EB:9E:62:1F:38:60:4C:5A:91 Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301 Certificate serial: 019B76EAE8EB5E1CA4A0166DA1F9C83C82FB Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/_3kzqKok3z7fQDLrnmIfOGBMWpE.roa Signing time: Thu 01 Jan 2026 00:17:45 +0000 ROA not before: Thu 01 Jan 2026 00:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50149 IP address blocks: 89.104.107.0/24 maxlen: 24 89.104.119.0/24 maxlen: 24 89.104.125.0/24 maxlen: 24 94.154.128.0/22 maxlen: 22 185.228.88.0/23 maxlen: 23 185.228.90.0/23 maxlen: 23 2a00:ab01::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.mft rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:76:ea:e8:eb:5e:1c:a4:a0:16:6d:a1:f9:c8:3c:82:fb Signature Algorithm: sha256WithRSAEncryption Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301 Validity Not Before: Jan 1 00:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ff7933a8aa24df3edf4032eb9e621f38604c5a91 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:6d:d9:3d:4f:a2:38:16:c7:12:1a:5c:fb:e4: f7:c0:a9:7e:77:90:8b:7b:3d:70:b0:8c:a4:f8:6d: e5:c9:69:a8:76:13:6e:4f:8c:74:7e:d4:9a:8c:d9: 50:7f:13:f1:f6:81:9e:15:41:22:41:6c:8f:bb:dd: 90:ca:77:2b:97:82:8d:19:8d:73:6b:bb:84:92:99: 28:f6:e8:64:6d:ac:4b:20:57:68:7b:61:d6:b8:29: 91:b7:2c:e1:39:62:d3:94:ce:92:1a:14:d5:a7:98: 1f:e1:c8:86:66:b6:42:66:a9:95:93:75:a2:9f:4c: 0f:4d:bd:d1:1f:3c:3f:70:b7:96:8d:8a:57:1f:46: 59:22:50:5b:d3:c7:dc:eb:0a:ee:03:15:07:01:37: 10:6c:b0:4a:04:5c:48:04:06:8e:a0:fa:da:33:ce: 58:ab:47:1a:03:6f:a1:c6:f5:f3:d5:d0:e9:f5:25: 1a:c9:ae:91:35:e3:cb:32:d6:03:27:b8:d5:dc:79: ee:0e:6e:8b:c1:63:06:61:a7:a9:b6:9b:2f:8c:c2: bc:75:5d:cb:e3:d8:2a:dc:11:42:f3:c6:aa:9b:13: 02:0b:28:36:b2:43:60:49:98:b1:4b:af:74:8f:9c: 88:c4:f1:86:2d:85:09:d1:81:56:c4:86:bd:9a:71: 29:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:79:33:A8:AA:24:DF:3E:DF:40:32:EB:9E:62:1F:38:60:4C:5A:91 X509v3 Authority Key Identifier: keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/_3kzqKok3z7fQDLrnmIfOGBMWpE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.104.107.0/24 89.104.119.0/24 89.104.125.0/24 94.154.128.0/22 185.228.88.0/22 IPv6: 2a00:ab01::/32 Signature Algorithm: sha256WithRSAEncryption 8a:75:bb:73:f1:81:77:fe:85:a6:72:4d:91:a8:df:b9:41:1c: bd:8a:4c:59:5d:bf:04:f4:db:e7:51:21:7f:5e:0b:ae:91:52: 12:83:46:8a:aa:a3:57:a6:f7:05:b3:00:0d:f6:d0:96:ba:8b: 95:8e:a8:67:f7:8e:40:de:59:a3:1c:3a:d1:bc:3a:70:17:20: fb:57:45:ee:10:28:4a:ca:6d:3f:36:29:0e:b2:01:02:ed:c2: de:b7:4d:c3:cf:ab:86:f3:49:08:ca:51:cd:a0:ec:b2:3b:51: 4d:7e:53:f7:13:d4:cb:27:64:09:ae:15:16:8e:a1:81:2a:15: 8f:04:5e:ed:93:58:cc:f1:37:51:88:5c:41:df:42:16:ca:7d: f3:83:ce:f7:08:c2:ff:19:48:50:4c:72:e0:3c:f8:83:58:83: b9:66:85:db:87:66:a8:f1:26:78:c4:bc:c2:7c:7d:e3:13:1c: e3:2f:1f:49:a2:ee:80:a0:a0:18:f3:86:fe:39:91:80:e6:62: 7c:57:1f:2e:32:cf:76:ae:0b:e8:66:de:21:90:3e:7e:39:54: 54:11:e1:e8:1e:b6:93:60:c8:ce:e0:0e:a9:64:14:03:a5:6b: 3b:63:c0:bb:05:39:17:a7:89:0c:29:8f:d7:c6:52:2b:d5:b9: 66:39:b5:29 -----BEGIN CERTIFICATE----- MIIFJDCCBAygAwIBAgISAZt26ujrXhykoBZtofnIPIL7MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4 MGEzMDEwHhcNMjYwMTAxMDAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmZjc5MzNhOGFhMjRkZjNlZGY0MDMyZWI5ZTYyMWYzODYwNGM1YTkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo23ZPU+iOBbHEhpc++T3wKl+d5CL ez1wsIyk+G3lyWmodhNuT4x0ftSajNlQfxPx9oGeFUEiQWyPu92Qyncrl4KNGY1z a7uEkpko9uhkbaxLIFdoe2HWuCmRtyzhOWLTlM6SGhTVp5gf4ciGZrZCZqmVk3Wi n0wPTb3RHzw/cLeWjYpXH0ZZIlBb08fc6wruAxUHATcQbLBKBFxIBAaOoPraM85Y q0caA2+hxvXz1dDp9SUaya6RNePLMtYDJ7jV3HnuDm6LwWMGYaeptpsvjMK8dV3L 49gq3BFC88aqmxMCCyg2skNgSZixS690j5yIxPGGLYUJ0YFWxIa9mnEpcwIDAQAB o4ICMDCCAiwwHQYDVR0OBBYEFP95M6iqJN8+30Ay655iHzhgTFqRMB8GA1UdIwQY MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt ZDE2OWMwODhiNDEyLzEvXzNrenFLb2szejdmUURMcm5tSWZPR0JNV3BFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWWhrAwQA WWh3AwQAWWh9AwQCXpqAAwQCueRYMA0EAgACMAcDBQAqAKsBMA0GCSqGSIb3DQEB CwUAA4IBAQCKdbtz8YF3/oWmck2RqN+5QRy9ikxZXb8E9NvnUSF/XguukVISg0aK qqNXpvcFswAN9tCWuouVjqhn945A3lmjHDrRvDpwFyD7V0XuEChKym0/NikOsgEC 7cLet03Dz6uG80kIylHNoOyyO1FNflP3E9TLJ2QJrhUWjqGBKhWPBF7tk1jM8TdR iFxB30IWyn3zg873CML/GUhQTHLgPPiDWIO5ZoXbh2ao8SZ4xLzCfH3jExzjLx9J ou6AoKAY84b+OZGA5mJ8Vx8uMs92rgvoZt4hkD5+OVRUEeHoHraTYMjO4A6pZBQD pWs7Y8C7BTkXp4kMKY/XxlIr1blmObUp -----END CERTIFICATE-----Generated at Sun Jan 25 23:33:16 2026 by rpki-client