This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3HOqUNS76Rvl8dYaKG9EN_NysLE.roa File: 3HOqUNS76Rvl8dYaKG9EN_NysLE.roa (raw, json) Hash identifier: puhmVMnWQpQddUEuNZkgu+dwMEriXi5onTWrtIT5ll8= Subject key identifier: DC:73:AA:50:D4:BB:E9:1B:E5:F1:D6:1A:28:6F:44:37:F3:72:B0:B1 Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Certificate serial: 019B775956F5A6CF6ACD518F3A6EEBADA368 Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3HOqUNS76Rvl8dYaKG9EN_NysLE.roa Signing time: Thu 01 Jan 2026 02:18:22 +0000 ROA not before: Thu 01 Jan 2026 02:18:22 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51909 IP address blocks: 89.47.192.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:59:56:f5:a6:cf:6a:cd:51:8f:3a:6e:eb:ad:a3:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59 Validity Not Before: Jan 1 02:18:22 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc73aa50d4bbe91be5f1d61a286f4437f372b0b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ae:0e:0a:e3:3c:1d:1a:63:0a:97:ac:80:8f: 73:8f:a1:29:64:ea:a5:65:29:5a:16:53:35:b8:86: 6e:ec:86:dd:82:ea:61:a6:12:49:93:ec:30:30:2a: 23:71:82:a3:fb:0e:d3:16:7c:8e:a5:0e:b0:77:2c: f1:54:54:de:a5:98:17:3a:78:90:d0:e2:4e:37:02: 4e:7d:a5:a6:79:b2:19:03:96:66:29:69:e9:8a:d3: 40:f8:fa:98:d6:dd:c0:da:93:d1:f4:56:4a:cd:e3: 2a:d6:b0:b1:bd:50:a3:20:ec:10:30:7b:f8:4f:59: b4:c8:02:cf:94:f6:4c:f4:6c:0c:6b:29:81:ee:89: 77:8a:7a:28:64:37:b1:dd:30:89:e2:04:c9:5c:6a: e5:5d:85:da:82:8c:4c:5f:b5:0d:69:8c:6b:36:94: 1a:4f:9a:93:bc:1b:9d:b9:39:e8:90:45:af:a3:09: 54:b1:1d:dc:f6:5a:fd:96:cb:8a:a6:7c:26:9b:e1: 37:30:32:6b:eb:2f:03:a8:12:cd:2c:1d:0c:e0:e6: 26:93:bf:75:4d:64:a0:e8:d0:be:9b:53:e7:b6:76: a9:11:66:db:15:54:33:a0:00:c2:a7:b8:48:62:ec: d6:4f:9a:0c:0b:22:58:8b:ac:81:5d:bc:84:fc:3b: a9:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:73:AA:50:D4:BB:E9:1B:E5:F1:D6:1A:28:6F:44:37:F3:72:B0:B1 X509v3 Authority Key Identifier: keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/3HOqUNS76Rvl8dYaKG9EN_NysLE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 89.47.192.0/22 Signature Algorithm: sha256WithRSAEncryption a0:35:1a:f7:6f:9c:6b:01:49:3b:e7:92:b4:ba:29:d9:dd:18: 2a:0a:b8:56:3f:de:d2:19:e2:65:7c:cb:1a:db:57:24:99:24: 44:d4:82:1b:95:5a:97:b1:09:3e:43:42:96:7f:f1:7a:e4:90: 95:05:ed:84:5c:03:e1:e5:e2:2f:5e:c0:64:5d:55:c3:18:b2: ca:1d:d5:53:aa:12:af:de:17:0c:25:61:7d:00:6c:28:aa:0d: 9b:82:9f:ce:27:7b:1d:e5:79:f7:07:7f:0a:86:1a:86:0d:09: 20:07:72:50:5b:5e:28:25:5c:29:41:f3:d6:24:1a:60:46:f8: 5c:24:71:97:f6:0a:e5:f1:b2:9f:87:3f:f0:86:09:26:02:7d: 8b:55:c7:ee:6b:19:46:44:57:50:70:1a:1e:8f:05:8b:3b:7f: ca:a7:88:4e:51:e5:0f:d4:23:8b:e1:d4:e6:4e:d4:95:3b:75: 44:70:31:87:b1:c3:e9:f4:99:61:14:63:d8:4a:7f:c6:a9:9b: 61:73:b6:a3:85:f3:c0:bf:c6:45:61:cf:44:d0:72:76:a9:33: 89:4b:ae:ef:1b:e5:3a:9d:52:3f:5e:9c:c9:b5:f5:22:c0:9b: 37:05:91:01:ea:ac:b4:25:49:63:38:81:b8:f0:ca:49:94:a5: 3b:49:92:cf -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt3WVb1ps9qzVGPOm7rraNoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy MTliNTkwHhcNMjYwMTAxMDIxODIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzczYWE1MGQ0YmJlOTFiZTVmMWQ2MWEyODZmNDQzN2YzNzJiMGIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAya4OCuM8HRpjCpesgI9zj6EpZOql ZSlaFlM1uIZu7IbdguphphJJk+wwMCojcYKj+w7TFnyOpQ6wdyzxVFTepZgXOniQ 0OJONwJOfaWmebIZA5ZmKWnpitNA+PqY1t3A2pPR9FZKzeMq1rCxvVCjIOwQMHv4 T1m0yALPlPZM9GwMaymB7ol3inooZDex3TCJ4gTJXGrlXYXagoxMX7UNaYxrNpQa T5qTvBuduTnokEWvowlUsR3c9lr9lsuKpnwmm+E3MDJr6y8DqBLNLB0M4OYmk791 TWSg6NC+m1PntnapEWbbFVQzoADCp7hIYuzWT5oMCyJYi6yBXbyE/DupcQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFNxzqlDUu+kb5fHWGihvRDfzcrCxMB8GA1UdIwQY MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl LTkyZTI1ZmUxNjMzMS8xLzNIT3FVTlM3NlJ2bDhkWWFLRzlFTl9OeXNMRS5yb2Ew gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZL8Aw DQYJKoZIhvcNAQELBQADggEBAKA1GvdvnGsBSTvnkrS6KdndGCoKuFY/3tIZ4mV8 yxrbVySZJETUghuVWpexCT5DQpZ/8XrkkJUF7YRcA+Hl4i9ewGRdVcMYssod1VOq Eq/eFwwlYX0AbCiqDZuCn84nex3lefcHfwqGGoYNCSAHclBbXiglXClB89YkGmBG +FwkcZf2CuXxsp+HP/CGCSYCfYtVx+5rGUZEV1BwGh6PBYs7f8qniE5R5Q/UI4vh 1OZO1JU7dURwMYexw+n0mWEUY9hKf8apm2FztqOF88C/xkVhz0TQcnapM4lLru8b 5TqdUj9enMm19SLAmzcFkQHqrLQlSWM4gbjwykmUpTtJks8= -----END CERTIFICATE-----Generated at Sun Jan 25 17:33:59 2026 by rpki-client