This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/3_yk5eFrwBov3U-c2HIugxbMWSI.roa File: 3_yk5eFrwBov3U-c2HIugxbMWSI.roa (raw, json) Hash identifier: kKYQPtwtsyFnBnK/TTMNwaIGIt9OfuH8gl7hmRir+s0= Subject key identifier: DF:FC:A4:E5:E1:6B:C0:1A:2F:DD:4F:9C:D8:72:2E:83:16:CC:59:22 Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e Certificate serial: 019B7C7FC037BFFA3FCFBF968E3AC5A58F17 Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/3_yk5eFrwBov3U-c2HIugxbMWSI.roa Signing time: Fri 02 Jan 2026 02:18:25 +0000 ROA not before: Fri 02 Jan 2026 02:18:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 47674 IP address blocks: 171.22.255.0/24 maxlen: 24 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:7f:c0:37:bf:fa:3f:cf:bf:96:8e:3a:c5:a5:8f:17 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e Validity Not Before: Jan 2 02:18:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dffca4e5e16bc01a2fdd4f9cd8722e8316cc5922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:3b:9e:a3:1a:ac:2f:bc:da:28:ac:fe:bf:b0: f7:71:d4:b8:e5:7c:99:9c:29:58:5f:a9:18:28:1f: 9f:62:a4:6d:67:8e:01:03:ef:93:05:d7:30:a5:71: 04:5d:e2:95:ce:69:84:23:e0:57:8b:2f:a5:36:6b: b5:eb:41:b5:75:ea:b4:0b:ef:45:fb:11:49:ea:b0: 44:37:49:32:d0:c3:0d:98:cb:65:af:fa:31:2d:fc: 60:ca:33:0d:a0:47:f9:cd:25:a7:02:28:62:9f:29: b4:a3:99:8b:de:12:da:87:1f:ff:14:be:33:e4:48: f4:86:90:f3:ac:07:c3:bb:1e:29:14:40:0c:ef:07: 88:a0:d0:18:d4:81:ba:bd:60:07:8d:a7:29:22:80: 5a:33:c5:04:2f:46:28:51:61:d6:7d:be:39:13:af: 00:5c:49:32:22:cd:92:3b:3b:64:c4:65:f2:d7:e9: 98:44:95:00:c7:41:7b:ea:4b:ef:ea:a8:f1:f6:63: 66:6e:19:18:5b:2b:ff:3b:7b:8a:02:f3:ac:83:9d: 30:81:d8:e8:80:ef:0f:73:af:89:16:09:e3:37:a7: b9:58:3e:a0:25:c4:65:7f:54:50:4b:b3:22:a4:f2: d6:be:26:20:8d:b6:89:e9:54:11:69:da:4f:3d:75: 0e:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FC:A4:E5:E1:6B:C0:1A:2F:DD:4F:9C:D8:72:2E:83:16:CC:59:22 X509v3 Authority Key Identifier: keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/3_yk5eFrwBov3U-c2HIugxbMWSI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 171.22.255.0/24 Signature Algorithm: sha256WithRSAEncryption 67:6d:bd:c9:4a:38:3d:fc:5f:ea:cc:21:b5:95:00:a0:ba:fc: af:48:17:e1:dd:42:b5:21:ea:23:7f:23:cc:39:5a:78:08:3d: 91:b6:fc:60:29:26:55:80:b1:d4:5e:ac:26:75:ec:93:3d:1d: d2:15:1a:e3:25:b7:53:49:11:e9:6b:89:6b:2e:7b:cb:c3:bc: 6f:ec:fa:6f:2d:d8:71:97:be:c3:a6:45:b7:e0:ad:c0:b6:9c: 04:7a:5c:8b:72:15:e8:7d:be:ed:f8:7d:1f:e5:03:eb:b6:3a: 8a:55:d4:e6:95:8f:fb:c6:5d:26:c6:87:2f:8e:db:cb:8a:dc: 59:94:d3:50:37:dd:e9:22:8d:a6:41:d4:a4:91:0e:e3:a6:42: 64:80:ab:28:c6:11:32:19:58:63:d5:8a:0b:d2:f0:2f:f2:c0: de:99:76:4f:1b:0e:1c:3a:83:4c:49:ea:50:a9:0f:be:6a:38: 02:11:3d:89:3c:02:4d:22:2d:34:e3:59:28:ac:90:fe:6f:d0: 7d:7d:20:fc:c2:f2:a4:60:4f:b3:48:c9:84:f3:5a:01:aa:01: ea:4d:4c:eb:36:08:46:89:4b:ba:34:8c:14:00:2d:07:1c:fc: 60:72:81:ec:50:29:f6:eb:63:0c:ec:36:e9:08:e6:5f:2b:f4: 1c:3e:fc:c2 -----BEGIN CERTIFICATE----- MIIE/TCCA+WgAwIBAgISAZt8f8A3v/o/z7+WjjrFpY8XMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx OWE3NGUwHhcNMjYwMTAyMDIxODI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmZjYTRlNWUxNmJjMDFhMmZkZDRmOWNkODcyMmU4MzE2Y2M1OTIyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzueoxqsL7zaKKz+v7D3cdS45XyZ nClYX6kYKB+fYqRtZ44BA++TBdcwpXEEXeKVzmmEI+BXiy+lNmu160G1deq0C+9F +xFJ6rBEN0ky0MMNmMtlr/oxLfxgyjMNoEf5zSWnAihinym0o5mL3hLahx//FL4z 5Ej0hpDzrAfDux4pFEAM7weIoNAY1IG6vWAHjacpIoBaM8UEL0YoUWHWfb45E68A XEkyIs2SOztkxGXy1+mYRJUAx0F76kvv6qjx9mNmbhkYWyv/O3uKAvOsg50wgdjo gO8Pc6+JFgnjN6e5WD6gJcRlf1RQS7MipPLWviYgjbaJ6VQRadpPPXUOZwIDAQAB o4ICCTCCAgUwHQYDVR0OBBYEFN/8pOXha8AaL91PnNhyLoMWzFkiMB8GA1UdIwQY MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct OTViMDhlMzY2MGNmLzEvM195azVlRnJ3Qm92M1UtYzJISXVneGJNV1NJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqxb/MA0G CSqGSIb3DQEBCwUAA4IBAQBnbb3JSjg9/F/qzCG1lQCguvyvSBfh3UK1IeojfyPM OVp4CD2RtvxgKSZVgLHUXqwmdeyTPR3SFRrjJbdTSRHpa4lrLnvLw7xv7PpvLdhx l77DpkW34K3AtpwEelyLchXofb7t+H0f5QPrtjqKVdTmlY/7xl0mxocvjtvLitxZ lNNQN93pIo2mQdSkkQ7jpkJkgKsoxhEyGVhj1YoL0vAv8sDemXZPGw4cOoNMSepQ qQ++ajgCET2JPAJNIi0041korJD+b9B9fSD8wvKkYE+zSMmE81oBqgHqTUzrNghG iUu6NIwUAC0HHPxgcoHsUCn262MM7DbpCOZfK/QcPvzC -----END CERTIFICATE-----Generated at Sun Jan 25 13:43:47 2026 by rpki-client