This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/3KHb4LyjMb7GTQzfARliH9VGTGI.roa File: 3KHb4LyjMb7GTQzfARliH9VGTGI.roa (raw, json) Hash identifier: u+uDt3VaqBj8WsuUzznZC8YIOei+XhXe+h41yVBm6d0= Subject key identifier: DC:A1:DB:E0:BC:A3:31:BE:C6:4D:0C:DF:01:19:62:1F:D5:46:4C:62 Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5 Certificate serial: 019B7E385448B3178EF3847B38345DB209B4 Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/3KHb4LyjMb7GTQzfARliH9VGTGI.roa Signing time: Fri 02 Jan 2026 10:19:39 +0000 ROA not before: Fri 02 Jan 2026 10:19:39 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50311 IP address blocks: 91.220.131.0/24 maxlen: 24 2a04:3e00:1000::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.mft rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:54:48:b3:17:8e:f3:84:7b:38:34:5d:b2:09:b4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5 Validity Not Before: Jan 2 10:19:39 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dca1dbe0bca331bec64d0cdf0119621fd5464c62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ac:e0:19:bd:34:a0:5f:03:03:3e:c7:6c:a8: b6:e6:41:e1:53:44:46:82:31:3c:d6:4b:9b:30:9c: 72:49:cc:4d:4d:62:2e:4d:c4:8b:72:da:5d:aa:da: a2:ce:93:bd:17:da:b0:87:5c:8d:2e:00:78:7d:20: ad:c2:84:c5:7f:f8:97:64:95:79:f7:6a:54:b0:de: b2:09:52:e0:c9:77:5b:c8:fc:2e:55:80:31:ca:8a: 50:aa:98:3b:ca:6d:5f:f1:a2:e2:f7:b1:f6:e7:f3: e9:90:b2:07:36:94:97:6f:8e:c7:5f:e6:9c:8e:3c: b8:3b:77:10:3f:73:db:d9:3f:07:b1:9b:f0:e3:44: 03:64:24:cf:6c:ba:dd:8c:28:c7:60:f5:e7:9e:04: e1:1c:6f:33:33:55:e8:8d:f2:bb:70:d5:8f:af:58: b4:4b:9f:0e:9e:c9:b5:42:88:5d:79:9e:da:06:19: 28:17:fc:28:d9:52:35:dd:5a:3f:e6:ce:d1:5b:b7: 36:c6:aa:c8:fd:7c:d9:5b:97:eb:3f:b8:b6:d6:1e: 24:40:20:44:22:28:1e:81:d9:37:76:f9:d1:ca:f7: cb:5f:4c:96:c8:1b:4b:49:ec:f3:77:96:25:df:9f: 57:3d:61:3f:42:94:28:b1:d4:bb:72:23:34:ad:b5: c3:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:A1:DB:E0:BC:A3:31:BE:C6:4D:0C:DF:01:19:62:1F:D5:46:4C:62 X509v3 Authority Key Identifier: keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/3KHb4LyjMb7GTQzfARliH9VGTGI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.220.131.0/24 IPv6: 2a04:3e00:1000::/48 Signature Algorithm: sha256WithRSAEncryption a9:f0:a9:17:cc:e9:65:f5:9d:58:fa:5b:ba:40:1a:b5:00:57: f7:f5:dc:34:51:43:30:2c:96:fc:f9:a8:57:22:ee:1d:ef:ce: c6:1e:67:e9:6a:d9:42:f0:23:75:55:40:22:05:5f:9a:88:bf: 9f:21:2f:a8:63:d8:17:e3:2b:7c:56:36:df:18:3c:fe:25:06: 3f:ae:d0:3c:e2:78:5a:dd:8f:0b:3f:b9:3d:42:a3:27:b7:2b: 42:49:8d:60:4e:39:66:c6:e6:30:d0:6d:74:d7:24:57:38:58: e0:f9:2f:47:98:c5:d5:74:12:8d:fd:c0:0a:ce:ae:31:a1:c8: 11:81:8f:01:8c:b2:50:e8:b5:d9:22:de:e3:cc:13:d5:b0:84: b4:46:31:ed:d9:b9:f2:ab:d3:e2:93:f6:8d:9a:0b:4e:55:bf: 5c:56:64:91:80:c9:08:c8:e8:8a:3e:3d:53:02:93:5d:b3:8d: 56:ce:7c:18:6f:47:1d:6b:e2:a3:84:c9:d8:6f:f2:8d:11:e4: 1a:7a:f1:e8:2d:ea:07:bf:e5:65:05:e7:e6:18:cc:21:a8:bd: 27:bc:6e:ce:64:b5:7d:c2:2a:78:c2:28:00:40:7b:2e:e2:90: ee:6f:62:e0:9f:44:26:60:bf:e2:e1:f8:eb:c1:a0:8b:66:54: cc:90:a3:13 -----BEGIN CERTIFICATE----- MIIFDjCCA/agAwIBAgISAZt+OFRIsxeO84R7ODRdsgm0MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx ZDNjYTUwHhcNMjYwMTAyMTAxOTM5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkY2ExZGJlMGJjYTMzMWJlYzY0ZDBjZGYwMTE5NjIxZmQ1NDY0YzYyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6zgGb00oF8DAz7HbKi25kHhU0RG gjE81kubMJxyScxNTWIuTcSLctpdqtqizpO9F9qwh1yNLgB4fSCtwoTFf/iXZJV5 92pUsN6yCVLgyXdbyPwuVYAxyopQqpg7ym1f8aLi97H25/PpkLIHNpSXb47HX+ac jjy4O3cQP3Pb2T8HsZvw40QDZCTPbLrdjCjHYPXnngThHG8zM1XojfK7cNWPr1i0 S58Onsm1QohdeZ7aBhkoF/wo2VI13Vo/5s7RW7c2xqrI/XzZW5frP7i21h4kQCBE Iigegdk3dvnRyvfLX0yWyBtLSezzd5Yl359XPWE/QpQosdS7ciM0rbXDfwIDAQAB o4ICGjCCAhYwHQYDVR0OBBYEFNyh2+C8ozG+xk0M3wEZYh/VRkxiMB8GA1UdIwQY MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt MWM2ODBhZGY3YTI2LzEvM0tIYjRMeWpNYjdHVFF6ZkFSbGlIOVZHVEdJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2 LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9yDMA8E AgACMAkDBwAqBD4AEAAwDQYJKoZIhvcNAQELBQADggEBAKnwqRfM6WX1nVj6W7pA GrUAV/f13DRRQzAslvz5qFci7h3vzsYeZ+lq2ULwI3VVQCIFX5qIv58hL6hj2Bfj K3xWNt8YPP4lBj+u0DzieFrdjws/uT1Coye3K0JJjWBOOWbG5jDQbXTXJFc4WOD5 L0eYxdV0Eo39wArOrjGhyBGBjwGMslDotdki3uPME9WwhLRGMe3ZufKr0+KT9o2a C05Vv1xWZJGAyQjI6Io+PVMCk12zjVbOfBhvRx1r4qOEydhv8o0R5Bp68egt6ge/ 5WUF5+YYzCGovSe8bs5ktX3CKnjCKABAey7ikO5vYuCfRCZgv+Lh+OvBoItmVMyQ oxM= -----END CERTIFICATE-----Generated at Sun Jan 25 22:41:45 2026 by rpki-client