This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/3KF6iFFWsH8yuAB640wj-Fz9nTg.roa File: 3KF6iFFWsH8yuAB640wj-Fz9nTg.roa (raw, json) Hash identifier: 0tD4HiVj/J4aKg97epQ4VMKVnjZg9lAvP8TG0+FIcXM= Subject key identifier: DC:A1:7A:88:51:56:B0:7F:32:B8:00:7A:E3:4C:23:F8:5C:FD:9D:38 Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e Certificate serial: 019B7A5B7CB73D3478F851A1657F51A4CDE6 Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/3KF6iFFWsH8yuAB640wj-Fz9nTg.roa Signing time: Thu 01 Jan 2026 16:19:34 +0000 ROA not before: Thu 01 Jan 2026 16:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 59838 IP address blocks: 5.160.202.0/23 maxlen: 23 5.160.202.0/24 maxlen: 24 5.160.203.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.mft rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5b:7c:b7:3d:34:78:f8:51:a1:65:7f:51:a4:cd:e6 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e Validity Not Before: Jan 1 16:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dca17a885156b07f32b8007ae34c23f85cfd9d38 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:c9:3a:5a:80:06:20:03:51:28:88:89:71:42: 71:36:34:bd:3c:57:cc:ac:1b:26:99:d5:22:1a:33: bb:be:d4:04:ab:2c:62:49:8e:14:1f:54:62:91:93: 27:76:52:5a:7a:3e:17:5c:48:ff:2c:8b:7c:c7:d1: 33:1f:90:32:64:48:c3:7b:4e:49:32:fe:34:4c:29: 3e:16:f2:2d:54:74:65:cd:fe:c3:25:6c:53:64:62: 75:be:75:98:84:46:59:13:db:d2:f8:72:c6:67:78: fc:23:9c:43:de:0f:18:b9:33:e3:99:07:79:65:2a: 8d:2b:2a:1c:43:dd:5e:73:69:79:57:42:60:cb:75: 38:41:11:69:60:f6:34:48:28:8f:fb:c0:81:86:b2: 35:6e:d3:15:c1:a0:e3:fd:f8:e9:43:a5:bf:84:60: 9b:ce:7d:27:ca:d7:65:86:08:b3:d7:58:df:db:23: 2f:b2:b6:7d:d3:4f:90:77:6b:bf:a7:59:7b:c7:e2: 6c:ce:79:8d:a4:4e:96:b6:7a:3e:ac:4c:31:d9:45: a9:38:93:65:7d:e0:bb:99:9c:a0:41:6a:7c:f9:05: 17:9b:09:be:a1:d7:98:16:f4:48:49:62:4c:9d:4a: 01:d2:e2:57:38:a7:ee:a2:85:6c:e6:f7:45:a7:a6: ed:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:A1:7A:88:51:56:B0:7F:32:B8:00:7A:E3:4C:23:F8:5C:FD:9D:38 X509v3 Authority Key Identifier: keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/3KF6iFFWsH8yuAB640wj-Fz9nTg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 5.160.202.0/23 Signature Algorithm: sha256WithRSAEncryption 0b:9d:d0:b8:05:cb:7e:d0:1a:48:8f:d5:b5:c1:b6:47:b4:7f: d2:5f:d7:48:52:59:fb:6a:e7:59:cf:8e:f5:d5:a9:fb:3c:7b: c0:94:5a:90:48:c3:60:09:16:34:1c:ea:e4:ab:23:c8:89:1f: 9e:22:05:50:ea:82:f2:38:57:a8:aa:f8:b9:31:6c:17:5c:f1: 5a:d3:58:51:2f:13:50:47:31:b8:d1:25:fd:a7:7c:b0:db:45: d2:b5:b1:d5:c4:46:dd:c5:b9:81:e4:d5:e1:4c:0f:32:8c:0f: bb:a3:2c:69:9d:c0:d7:e0:14:dc:4c:c1:9a:45:5e:c2:f4:6c: db:38:ac:c1:38:12:1c:b8:a7:1a:ac:08:86:26:b4:06:d3:51: a2:66:d4:bf:a4:5b:0d:af:b7:17:90:ed:38:3a:98:f4:c3:9d: a3:03:b1:d0:f2:e8:58:6a:c9:82:6e:19:6c:c6:38:f4:1f:cf: 09:d0:f2:96:8c:29:e0:70:c2:38:20:8c:01:f8:1e:99:6e:20: c9:f0:b7:38:b8:69:b9:27:5b:5b:b1:31:64:21:f6:af:4c:f6: 87:cc:68:5b:29:f1:07:c5:64:2b:f6:dc:8b:bb:ad:93:c0:66: 73:34:19:6a:b8:7d:ed:b5:b7:f2:c2:58:4c:7e:8a:0d:9c:67: 44:60:91:d2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt6W3y3PTR4+FGhZX9RpM3mMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy OGI4N2UwHhcNMjYwMTAxMTYxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkY2ExN2E4ODUxNTZiMDdmMzJiODAwN2FlMzRjMjNmODVjZmQ5ZDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMk6WoAGIANRKIiJcUJxNjS9PFfM rBsmmdUiGjO7vtQEqyxiSY4UH1RikZMndlJaej4XXEj/LIt8x9EzH5AyZEjDe05J Mv40TCk+FvItVHRlzf7DJWxTZGJ1vnWYhEZZE9vS+HLGZ3j8I5xD3g8YuTPjmQd5 ZSqNKyocQ91ec2l5V0Jgy3U4QRFpYPY0SCiP+8CBhrI1btMVwaDj/fjpQ6W/hGCb zn0nytdlhgiz11jf2yMvsrZ900+Qd2u/p1l7x+JsznmNpE6Wtno+rEwx2UWpOJNl feC7mZygQWp8+QUXmwm+odeYFvRISWJMnUoB0uJXOKfuooVs5vdFp6btdQIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFNyheohRVrB/MrgAeuNMI/hc/Z04MB8GA1UdIwQY MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt YjQ1NDBjNzRjOTRiLzEvM0tGNmlGRldzSDh5dUFCNjQwd2otRno5blRnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBBaDKMA0G CSqGSIb3DQEBCwUAA4IBAQALndC4Bct+0BpIj9W1wbZHtH/SX9dIUln7audZz471 1an7PHvAlFqQSMNgCRY0HOrkqyPIiR+eIgVQ6oLyOFeoqvi5MWwXXPFa01hRLxNQ RzG40SX9p3yw20XStbHVxEbdxbmB5NXhTA8yjA+7oyxpncDX4BTcTMGaRV7C9Gzb OKzBOBIcuKcarAiGJrQG01GiZtS/pFsNr7cXkO04Opj0w52jA7HQ8uhYasmCbhls xjj0H88J0PKWjCngcMI4IIwB+B6ZbiDJ8Lc4uGm5J1tbsTFkIfavTPaHzGhbKfEH xWQr9tyLu62TwGZzNBlquH3ttbfywlhMfooNnGdEYJHS -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:47 2026 by rpki-client