This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/3V5hdONsM9mnD45S8jPJ1WtCJLE.roa File: 3V5hdONsM9mnD45S8jPJ1WtCJLE.roa (raw, json) Hash identifier: ycXvRVGBtkt6ad8wPNg1L/oY1B8Crh02govZSgpTHFQ= Subject key identifier: DD:5E:61:74:E3:6C:33:D9:A7:0F:8E:52:F2:33:C9:D5:6B:42:24:B1 Certificate issuer: /CN=9993fe77f63bee90888fcde1a125adfe6535d816 Certificate serial: 019B7A5B05500E5E1852A7E95172BCC739F0 Authority key identifier: 99:93:FE:77:F6:3B:EE:90:88:8F:CD:E1:A1:25:AD:FE:65:35:D8:16 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZP-d_Y77pCIj83hoSWt_mU12BY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/3V5hdONsM9mnD45S8jPJ1WtCJLE.roa Signing time: Thu 01 Jan 2026 16:19:04 +0000 ROA not before: Thu 01 Jan 2026 16:19:04 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 43885 IP address blocks: 188.212.36.0/24 maxlen: 24 193.162.14.0/24 maxlen: 24 2a10:ce00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/mZP-d_Y77pCIj83hoSWt_mU12BY.crl rsync://rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/mZP-d_Y77pCIj83hoSWt_mU12BY.mft rsync://rpki.ripe.net/repository/DEFAULT/mZP-d_Y77pCIj83hoSWt_mU12BY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 16:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:05:50:0e:5e:18:52:a7:e9:51:72:bc:c7:39:f0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9993fe77f63bee90888fcde1a125adfe6535d816 Validity Not Before: Jan 1 16:19:04 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd5e6174e36c33d9a70f8e52f233c9d56b4224b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:6a:f9:51:b2:ae:ab:dc:92:e3:ab:d5:ef:04: 7c:16:09:c3:fa:22:0d:27:0a:b5:d0:ff:9f:6f:cc: 62:9d:b1:20:aa:ab:b6:d3:a9:a1:53:25:12:c5:31: 92:a7:0d:da:5e:a6:4b:35:38:d7:ff:69:57:56:b2: cc:77:b6:85:ff:2e:bf:90:05:c5:7a:8b:d0:21:e1: 92:07:b0:f4:2a:4a:ef:0e:1e:8d:8b:d3:70:e2:10: 4c:50:84:47:c9:63:92:a5:b0:74:8b:02:28:81:98: 56:0d:d0:87:18:fc:47:56:37:6c:35:c2:88:db:86: 11:e6:4c:b2:fa:88:31:0a:38:4b:a7:1c:ec:8b:2c: 05:6b:e5:a1:30:bf:02:3b:f5:86:a6:d6:3e:09:54: d6:f3:41:8a:8f:2b:48:a5:fe:25:d8:c0:66:2e:de: 8b:e4:09:da:07:f5:f4:93:ed:4c:0d:1b:31:00:89: c7:14:47:34:3d:95:e0:16:28:3e:42:4b:44:00:74: 31:1c:cd:92:95:97:f2:7b:33:73:58:52:27:36:ae: 96:ae:62:24:4b:cb:99:f8:be:97:4a:1c:3d:46:4c: a0:34:10:87:ab:ae:ea:15:f0:61:46:34:e6:f9:6f: 78:37:91:b8:05:ac:e2:25:f1:89:ee:95:75:ca:dd: 74:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:5E:61:74:E3:6C:33:D9:A7:0F:8E:52:F2:33:C9:D5:6B:42:24:B1 X509v3 Authority Key Identifier: keyid:99:93:FE:77:F6:3B:EE:90:88:8F:CD:E1:A1:25:AD:FE:65:35:D8:16 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZP-d_Y77pCIj83hoSWt_mU12BY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/3V5hdONsM9mnD45S8jPJ1WtCJLE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/f9b6aa-a917-496f-a24f-66959e1bb7fe/1/mZP-d_Y77pCIj83hoSWt_mU12BY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 188.212.36.0/24 193.162.14.0/24 IPv6: 2a10:ce00::/29 Signature Algorithm: sha256WithRSAEncryption 29:8c:94:a1:b7:b2:32:00:b2:50:7a:b5:71:60:52:9f:6e:51: 29:60:c6:b0:ce:2a:cd:49:ca:3f:9d:1f:71:c5:3e:fa:c0:64: a1:33:69:9c:b2:62:9f:f9:74:67:70:2d:d2:44:2f:26:dd:89: be:db:60:76:e5:53:35:3c:bb:79:84:86:8e:71:ff:1d:86:8c: 0a:75:a4:5a:23:b2:f8:f4:62:60:90:ea:82:93:1e:89:e7:f4: bc:b5:1d:2b:cb:fa:16:91:02:00:49:61:e5:eb:bf:a2:75:7e: 12:b1:ed:b5:f3:b5:76:0c:e6:f9:f1:8c:a8:8e:10:d0:4c:c0: 41:b0:b4:33:f5:c1:c7:55:2c:f9:bd:2c:c6:ab:78:44:5e:56: 80:34:13:e5:8e:5f:bd:23:93:2d:11:a0:f2:58:77:14:5d:a4: b9:19:a1:eb:02:1c:ad:f4:2e:5b:ab:6a:2e:e3:71:35:ce:ed: 83:b8:db:4f:c3:0b:a6:60:f0:3c:6d:c6:cb:58:38:46:8c:6a: 75:95:21:8b:49:ac:e1:1b:8c:be:b6:ad:c0:5c:5f:0c:d2:ba: 8e:35:a2:2e:11:17:00:58:69:16:0c:ac:3d:74:ff:99:17:df: 3d:eb:67:41:bf:d3:97:85:39:00:2d:ad:6b:59:f3:28:be:84: 17:22:5a:a4 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6WwVQDl4YUqfpUXK8xznwMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk5OTNmZTc3ZjYzYmVlOTA4ODhmY2RlMWExMjVhZGZlNjUz NWQ4MTYwHhcNMjYwMTAxMTYxOTA0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDVlNjE3NGUzNmMzM2Q5YTcwZjhlNTJmMjMzYzlkNTZiNDIyNGIxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Wr5UbKuq9yS46vV7wR8FgnD+iIN Jwq10P+fb8xinbEgqqu206mhUyUSxTGSpw3aXqZLNTjX/2lXVrLMd7aF/y6/kAXF eovQIeGSB7D0KkrvDh6Ni9Nw4hBMUIRHyWOSpbB0iwIogZhWDdCHGPxHVjdsNcKI 24YR5kyy+ogxCjhLpxzsiywFa+WhML8CO/WGptY+CVTW80GKjytIpf4l2MBmLt6L 5AnaB/X0k+1MDRsxAInHFEc0PZXgFig+QktEAHQxHM2SlZfyezNzWFInNq6WrmIk S8uZ+L6XShw9RkygNBCHq67qFfBhRjTm+W94N5G4BaziJfGJ7pV1yt10gQIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFN1eYXTjbDPZpw+OUvIzydVrQiSxMB8GA1UdIwQY MBaAFJmT/nf2O+6QiI/N4aElrf5lNdgWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbVpQLWRfWTc3cENJajgzaG9TV3RfbVUxMkJZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9mOWI2YWEtYTkxNy00OTZmLWEyNGYt NjY5NTllMWJiN2ZlLzEvM1Y1aGRPTnNNOW1uRDQ1UzhqUEoxV3RDSkxFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iOS9mOWI2YWEtYTkxNy00OTZmLWEyNGYtNjY5NTllMWJiN2Zl LzEvbVpQLWRfWTc3cENJajgzaG9TV3RfbVUxMkJZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAvNQkAwQA waIOMA0EAgACMAcDBQMqEM4AMA0GCSqGSIb3DQEBCwUAA4IBAQApjJSht7IyALJQ erVxYFKfblEpYMawzirNSco/nR9xxT76wGShM2mcsmKf+XRncC3SRC8m3Ym+22B2 5VM1PLt5hIaOcf8dhowKdaRaI7L49GJgkOqCkx6J5/S8tR0ry/oWkQIASWHl67+i dX4Sse2187V2DOb58YyojhDQTMBBsLQz9cHHVSz5vSzGq3hEXlaANBPljl+9I5Mt EaDyWHcUXaS5GaHrAhyt9C5bq2ou43E1zu2DuNtPwwumYPA8bcbLWDhGjGp1lSGL SazhG4y+tq3AXF8M0rqONaIuERcAWGkWDKw9dP+ZF98962dBv9OXhTkALa1rWfMo voQXIlqk -----END CERTIFICATE-----Generated at Sun Jan 25 23:51:09 2026 by rpki-client