This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/u65mmO6HRK5seaMFhAXBI1NDzRY.roa File: u65mmO6HRK5seaMFhAXBI1NDzRY.roa (raw, json) Hash identifier: bDLwuznXJEsV9R4nt39n1oPS76JZaY8ubPqpqj3zceQ= Subject key identifier: BB:AE:66:98:EE:87:44:AE:6C:79:A3:05:84:05:C1:23:53:43:CD:16 Certificate issuer: /CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763 Certificate serial: 019B7F83F07364DF8A5599B9621490E78650 Authority key identifier: B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/u65mmO6HRK5seaMFhAXBI1NDzRY.roa Signing time: Fri 02 Jan 2026 16:21:51 +0000 ROA not before: Fri 02 Jan 2026 16:21:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33832 IP address blocks: 185.99.144.0/22 maxlen: 22 2a06:12c0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/s6t6iYCGh8w9rXug998LrOAZ92M.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/s6t6iYCGh8w9rXug998LrOAZ92M.mft rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 14 Jan 2026 04:01:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:83:f0:73:64:df:8a:55:99:b9:62:14:90:e7:86:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3ab7a89808687cc3dad7ba0f7df0bace019f763 Validity Not Before: Jan 2 16:21:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bbae6698ee8744ae6c79a3058405c1235343cd16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:be:e9:d8:71:8e:9c:dd:c9:00:9b:8b:db:32: e7:94:09:79:b9:a1:72:35:0b:5e:ca:5c:ca:65:d6: 64:b3:2c:4a:d8:80:f2:bf:43:00:ff:10:b5:a2:3a: 2a:d0:cc:34:87:8b:e9:4d:40:3b:7b:3c:1a:ca:10: a8:f8:e4:67:f2:93:32:9a:64:66:50:1a:68:ce:e9: e1:83:8a:d3:5e:c0:51:b0:a5:1f:dc:1c:27:5f:db: 61:eb:fe:a3:56:c6:d4:8e:57:f7:7b:e1:80:ab:98: 7c:75:50:00:ea:d7:16:24:4f:62:4b:e1:f0:cd:09: d3:7b:7b:31:b3:85:14:3a:32:c4:31:7e:34:53:53: f1:95:31:93:37:8b:7e:b6:16:c2:e8:e5:4b:20:25: c6:d0:f3:2d:0d:2e:bd:89:67:64:01:c9:60:c7:06: e9:32:16:12:90:0c:fb:28:f2:59:47:a2:83:34:17: 5a:4e:65:cd:bf:c0:98:dd:cb:86:94:b0:0f:36:f5: 9f:3a:80:84:e2:36:c0:23:34:2e:ec:f2:2a:80:b1: 3f:66:db:b6:eb:f2:4c:1e:f9:69:2c:90:50:7d:ca: 16:c0:57:20:4f:ed:82:0e:b8:fc:df:ad:e6:54:31: 7f:14:02:37:7d:80:e0:23:35:55:d3:24:26:02:34: 94:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:AE:66:98:EE:87:44:AE:6C:79:A3:05:84:05:C1:23:53:43:CD:16 X509v3 Authority Key Identifier: keyid:B3:AB:7A:89:80:86:87:CC:3D:AD:7B:A0:F7:DF:0B:AC:E0:19:F7:63 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6t6iYCGh8w9rXug998LrOAZ92M.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/u65mmO6HRK5seaMFhAXBI1NDzRY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/83f939-05f1-4afa-aa10-8606a724d891/1/s6t6iYCGh8w9rXug998LrOAZ92M.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.99.144.0/22 IPv6: 2a06:12c0::/29 Signature Algorithm: sha256WithRSAEncryption 3e:5a:e3:14:0d:a8:13:fa:d3:5c:40:7a:64:6d:96:8e:5e:c3: 20:ec:64:a6:04:82:44:11:4a:8e:46:28:fb:40:70:2f:8e:88: c8:ef:1f:ef:87:94:6f:ed:3b:dc:2f:f5:b9:13:d1:9e:d9:9a: de:f0:03:e6:27:c4:07:42:fe:da:35:52:bd:b1:e4:ee:73:2b: 29:9a:ba:8a:7d:ae:dc:41:3d:19:3b:00:75:f6:38:45:d3:bd: 41:54:cd:14:df:9c:3c:cd:14:cf:91:46:45:44:ea:cf:3b:35: 0d:24:4f:5d:6f:66:f6:de:31:22:41:2f:2e:42:aa:63:72:db: f9:9a:68:38:61:f9:42:5d:0b:84:22:56:46:2d:72:d8:e1:05: 2c:06:f2:94:8b:91:47:2c:52:94:41:19:2c:86:d2:d8:9a:db: 19:90:6a:fc:da:72:cd:ce:72:45:b8:16:6e:ad:03:ab:94:b6: ae:f5:d5:43:cc:fa:f7:6d:fd:e3:5a:49:5a:df:21:9c:66:93: 6f:ac:50:d1:22:90:49:f5:55:9a:c5:f3:36:63:4b:38:fd:ee: 6f:32:0e:12:c9:19:83:27:b9:a6:23:42:5d:86:34:49:88:ed: e5:d5:a3:82:6a:ae:66:1b:20:d1:d1:81:15:02:e8:a6:c9:7a: 6e:56:85:51 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt/g/BzZN+KVZm5YhSQ54ZQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYWI3YTg5ODA4Njg3Y2MzZGFkN2JhMGY3ZGYwYmFjZTAx OWY3NjMwHhcNMjYwMTAyMTYyMTUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiYmFlNjY5OGVlODc0NGFlNmM3OWEzMDU4NDA1YzEyMzUzNDNjZDE2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn77p2HGOnN3JAJuL2zLnlAl5uaFy NQteylzKZdZksyxK2IDyv0MA/xC1ojoq0Mw0h4vpTUA7ezwayhCo+ORn8pMymmRm UBpozunhg4rTXsBRsKUf3BwnX9th6/6jVsbUjlf3e+GAq5h8dVAA6tcWJE9iS+Hw zQnTe3sxs4UUOjLEMX40U1PxlTGTN4t+thbC6OVLICXG0PMtDS69iWdkAclgxwbp MhYSkAz7KPJZR6KDNBdaTmXNv8CY3cuGlLAPNvWfOoCE4jbAIzQu7PIqgLE/Ztu2 6/JMHvlpLJBQfcoWwFcgT+2CDrj8363mVDF/FAI3fYDgIzVV0yQmAjSUhQIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFLuuZpjuh0SubHmjBYQFwSNTQ80WMB8GA1UdIwQY MBaAFLOreomAhofMPa17oPffC6zgGfdjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAt ODYwNmE3MjRkODkxLzEvdTY1bW1PNkhSSzVzZWFNRmhBWEJJMU5EelJZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS84M2Y5MzktMDVmMS00YWZhLWFhMTAtODYwNmE3MjRkODkx LzEvczZ0NmlZQ0doOHc5clh1Zzk5OExyT0FaOTJNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWOQMA0E AgACMAcDBQMqBhLAMA0GCSqGSIb3DQEBCwUAA4IBAQA+WuMUDagT+tNcQHpkbZaO XsMg7GSmBIJEEUqORij7QHAvjojI7x/vh5Rv7TvcL/W5E9Ge2Zre8APmJ8QHQv7a NVK9seTucyspmrqKfa7cQT0ZOwB19jhF071BVM0U35w8zRTPkUZFROrPOzUNJE9d b2b23jEiQS8uQqpjctv5mmg4YflCXQuEIlZGLXLY4QUsBvKUi5FHLFKUQRkshtLY mtsZkGr82nLNznJFuBZurQOrlLau9dVDzPr3bf3jWkla3yGcZpNvrFDRIpBJ9VWa xfM2Y0s4/e5vMg4SyRmDJ7mmI0JdhjRJiO3l1aOCaq5mGyDR0YEVAuimyXpuVoVR -----END CERTIFICATE-----Generated at Tue Jan 13 14:39:00 2026 by rpki-client