This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/3HA_1lO-g3srAl0KnDOqTE8vmb4.roa File: 3HA_1lO-g3srAl0KnDOqTE8vmb4.roa (raw, json) Hash identifier: WzrROx5V4oNoscwV/H8t/Xts7F8Neso2UzUFA+ReT9w= Subject key identifier: DC:70:3F:D6:53:BE:83:7B:2B:02:5D:0A:9C:33:AA:4C:4F:2F:99:BE Certificate issuer: /CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1 Certificate serial: 019B3B74331248B0676CD743A859358CC41F Authority key identifier: F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/3HA_1lO-g3srAl0KnDOqTE8vmb4.roa Signing time: Sat 20 Dec 2025 11:10:29 +0000 ROA not before: Sat 20 Dec 2025 11:10:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 216211 IP address blocks: 80.249.134.0/24 maxlen: 24 2a13:edc0:1::/48 maxlen: 48 2a13:edc0:2::/48 maxlen: 48 2a13:edc0:3::/48 maxlen: 48 2a13:edc0:4::/48 maxlen: 48 2a13:edc0:5::/48 maxlen: 48 2a13:edc0:6::/48 maxlen: 48 2a13:edc0:7::/48 maxlen: 48 2a13:edc0:8::/48 maxlen: 48 2a13:edc0:9::/48 maxlen: 48 2a13:edc0:10::/48 maxlen: 48 2a13:edc0:11::/48 maxlen: 48 2a13:edc0:12::/48 maxlen: 48 2a13:edc0:13::/48 maxlen: 48 2a13:edc0:14::/48 maxlen: 48 2a13:edc0:15::/48 maxlen: 48 2a13:edc0:16::/48 maxlen: 48 2a13:edc0:17::/48 maxlen: 48 2a13:edc0:18::/48 maxlen: 48 2a13:edc0:19::/48 maxlen: 48 2a13:edc0:20::/48 maxlen: 48 2a13:edc0:21::/48 maxlen: 48 2a13:edc0:22::/48 maxlen: 48 2a13:edc0:23::/48 maxlen: 48 2a13:edc0:24::/48 maxlen: 48 2a13:edc0:25::/48 maxlen: 48 2a13:edc0:26::/48 maxlen: 48 2a13:edc0:27::/48 maxlen: 48 2a13:edc0:28::/48 maxlen: 48 2a13:edc0:29::/48 maxlen: 48 2a13:edc0:30::/48 maxlen: 48 2a13:edc0:31::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.crl rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.mft rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 21 Dec 2025 15:46:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:74:33:12:48:b0:67:6c:d7:43:a8:59:35:8c:c4:1f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f31ed7b1f63b51aa516a9ffcb035a3a0d69e65a1 Validity Not Before: Dec 20 11:10:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dc703fd653be837b2b025d0a9c33aa4c4f2f99be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:35:28:f8:61:2b:d5:ef:84:0c:28:90:54:47: b7:57:49:0a:c2:a9:78:e7:e0:ca:e1:cb:ca:fb:2e: 65:1b:24:d9:ac:60:bf:31:2e:80:6f:95:dc:bd:50: 8a:16:d3:2e:6b:30:bc:3b:fc:b4:32:57:a1:63:97: 3e:65:55:d2:ae:c8:10:07:1d:cf:30:71:5d:39:19: 68:a7:d3:ca:1c:3f:0c:48:fa:d3:24:d7:5f:c4:1d: 6d:91:92:82:bf:45:ac:db:08:f7:b0:86:89:33:c8: 8e:e3:1a:49:c0:a0:d3:08:04:09:f0:5d:88:fd:53: 1d:ba:b4:07:ac:fb:db:d2:6a:a7:21:70:b7:f4:ae: 23:b3:c1:7f:6e:5e:f9:04:ec:12:6c:07:0f:f4:49: 34:7d:cf:7b:48:20:60:3b:d4:4f:10:66:40:cb:a0: dd:4a:41:a6:54:4a:cc:a7:35:d4:f2:ed:de:d3:b1: 01:d7:e8:42:80:b7:6f:d5:cd:51:bc:63:57:74:59: e9:d9:d3:55:a0:ff:9f:14:47:31:7a:72:e5:ed:82: e1:56:80:ef:e0:13:3c:14:86:d7:e7:64:8e:bf:33: b5:48:e7:ad:34:26:c8:c0:83:f5:dc:ee:ef:af:c2: b2:e6:ed:93:b2:18:9a:97:27:bf:47:bc:74:13:14: 46:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:70:3F:D6:53:BE:83:7B:2B:02:5D:0A:9C:33:AA:4C:4F:2F:99:BE X509v3 Authority Key Identifier: keyid:F3:1E:D7:B1:F6:3B:51:AA:51:6A:9F:FC:B0:35:A3:A0:D6:9E:65:A1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8x7XsfY7UapRap_8sDWjoNaeZaE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/3HA_1lO-g3srAl0KnDOqTE8vmb4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/80/99ed06-e445-4ca2-b647-bd2b3abae121/1/8x7XsfY7UapRap_8sDWjoNaeZaE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 80.249.134.0/24 IPv6: 2a13:edc0:1::-2a13:edc0:9:ffff:ffff:ffff:ffff:ffff 2a13:edc0:10::-2a13:edc0:19:ffff:ffff:ffff:ffff:ffff 2a13:edc0:20::-2a13:edc0:29:ffff:ffff:ffff:ffff:ffff 2a13:edc0:30::/47 Signature Algorithm: sha256WithRSAEncryption 0c:46:8c:67:8d:4e:71:7e:34:cf:f3:76:45:ad:0c:cc:34:d5: dc:17:f5:da:28:56:8f:d6:07:73:b4:6d:40:a3:02:b4:92:7d: ab:cd:7d:a5:92:0b:7b:7b:b2:41:d2:f7:29:57:02:b2:f5:d8: 3d:ca:20:84:f6:60:81:02:2a:29:d5:79:30:a6:7e:1a:b8:98: eb:c0:5a:15:cc:4b:07:68:c9:e9:53:95:33:cc:44:33:25:7d: d5:a0:fe:78:b6:79:56:6b:f2:76:79:8f:90:10:8b:5a:d2:25: b8:03:8c:dd:f6:ca:e6:66:ec:90:4e:fb:ff:20:1a:87:4e:95: aa:1b:ae:de:ff:97:28:9a:17:22:74:7a:ab:fc:c9:ca:be:cb: 09:37:db:16:84:90:9e:86:88:e3:ad:45:6a:38:2a:53:cd:22: dc:45:31:34:dd:1d:6e:ae:3c:46:95:61:f6:5d:4c:5a:65:3f: 7e:8d:88:46:26:2f:c0:72:de:27:ab:e2:1e:b1:d4:c1:a5:66: 5f:c6:de:ab:f5:88:16:01:39:3b:76:bb:7f:51:27:07:ce:9a: f3:aa:6b:37:c2:d2:95:bf:4c:1d:95:9f:f2:cf:c1:a3:42:f0: d1:78:f5:77:9f:44:cc:25:f6:46:1e:73:ca:05:e1:3a:6f:f9: 02:1f:8c:df -----BEGIN CERTIFICATE----- MIIFSjCCBDKgAwIBAgISAZs7dDMSSLBnbNdDqFk1jMQfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYzMWVkN2IxZjYzYjUxYWE1MTZhOWZmY2IwMzVhM2EwZDY5 ZTY1YTEwHhcNMjUxMjIwMTExMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzcwM2ZkNjUzYmU4MzdiMmIwMjVkMGE5YzMzYWE0YzRmMmY5OWJlMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjUo+GEr1e+EDCiQVEe3V0kKwql4 5+DK4cvK+y5lGyTZrGC/MS6Ab5XcvVCKFtMuazC8O/y0MlehY5c+ZVXSrsgQBx3P MHFdORlop9PKHD8MSPrTJNdfxB1tkZKCv0Ws2wj3sIaJM8iO4xpJwKDTCAQJ8F2I /VMdurQHrPvb0mqnIXC39K4js8F/bl75BOwSbAcP9Ek0fc97SCBgO9RPEGZAy6Dd SkGmVErMpzXU8u3e07EB1+hCgLdv1c1RvGNXdFnp2dNVoP+fFEcxenLl7YLhVoDv 4BM8FIbX52SOvzO1SOetNCbIwIP13O7vr8Ky5u2Tshialye/R7x0ExRG4wIDAQAB o4ICVjCCAlIwHQYDVR0OBBYEFNxwP9ZTvoN7KwJdCpwzqkxPL5m+MB8GA1UdIwQY MBaAFPMe17H2O1GqUWqf/LA1o6DWnmWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDct YmQyYjNhYmFlMTIxLzEvM0hBXzFsTy1nM3NyQWwwS25ET3FURTh2bWI0LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MC85OWVkMDYtZTQ0NS00Y2EyLWI2NDctYmQyYjNhYmFlMTIx LzEvOHg3WHNmWTdVYXBSYXBfOHNEV2pvTmFlWmFFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzAMBAIAATAGAwQAUPmGMEsE AgACMEUwEgMHACoT7cAAAQMHASoT7cAACDASAwcEKhPtwAAQAwcBKhPtwAAYMBID BwUqE+3AACADBwEqE+3AACgDBwEqE+3AADAwDQYJKoZIhvcNAQELBQADggEBAAxG jGeNTnF+NM/zdkWtDMw01dwX9dooVo/WB3O0bUCjArSSfavNfaWSC3t7skHS9ylX ArL12D3KIIT2YIECKinVeTCmfhq4mOvAWhXMSwdoyelTlTPMRDMlfdWg/ni2eVZr 8nZ5j5AQi1rSJbgDjN32yuZm7JBO+/8gGodOlaobrt7/lyiaFyJ0eqv8ycq+ywk3 2xaEkJ6GiOOtRWo4KlPNItxFMTTdHW6uPEaVYfZdTFplP36NiEYmL8By3ier4h6x 1MGlZl/G3qv1iBYBOTt2u39RJwfOmvOqazfC0pW/TB2Vn/LPwaNC8NF49XefRMwl 9kYec8oF4Tpv+QIfjN8= -----END CERTIFICATE-----Generated at Sat Dec 20 21:43:45 2025 by rpki-client