This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/3QNCUyziq2NCQzag95T2-uqk5kk.roa File: 3QNCUyziq2NCQzag95T2-uqk5kk.roa (raw, json) Hash identifier: p0EolByolBbZ5LQrfo9cgFCeGxE7C5y0TvaxEkMa+Dc= Subject key identifier: DD:03:42:53:2C:E2:AB:63:42:43:36:A0:F7:94:F6:FA:EA:A4:E6:49 Certificate issuer: /CN=cf5de5f4fec16f516f0bc4d631c2627663f905f3 Certificate serial: 019B77C750F1C1B70FDE965A8370686A28A4 Authority key identifier: CF:5D:E5:F4:FE:C1:6F:51:6F:0B:C4:D6:31:C2:62:76:63:F9:05:F3 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z13l9P7Bb1FvC8TWMcJidmP5BfM.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/3QNCUyziq2NCQzag95T2-uqk5kk.roa Signing time: Thu 01 Jan 2026 04:18:29 +0000 ROA not before: Thu 01 Jan 2026 04:18:29 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 197082 IP address blocks: 91.217.225.0/24 maxlen: 24 185.75.216.0/22 maxlen: 22 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/z13l9P7Bb1FvC8TWMcJidmP5BfM.crl rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/z13l9P7Bb1FvC8TWMcJidmP5BfM.mft rsync://rpki.ripe.net/repository/DEFAULT/z13l9P7Bb1FvC8TWMcJidmP5BfM.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 03:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:c7:50:f1:c1:b7:0f:de:96:5a:83:70:68:6a:28:a4 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=cf5de5f4fec16f516f0bc4d631c2627663f905f3 Validity Not Before: Jan 1 04:18:29 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd0342532ce2ab63424336a0f794f6faeaa4e649 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:71:ec:11:ba:ba:79:c9:c6:b3:6b:eb:f2:c0: e0:f1:58:c2:8b:b0:be:f8:b4:e7:1b:b4:c6:98:4d: 12:98:7b:35:71:73:7e:9b:7c:4b:8c:91:7e:3f:83: 44:64:56:d3:09:09:0f:1e:17:d9:04:ca:68:7d:ef: c6:37:0a:db:bb:81:5c:9f:bd:b3:5d:4d:bb:55:e2: ac:43:b8:14:6d:68:82:14:40:2a:fd:8f:9f:96:c7: ab:1c:98:a0:76:08:a3:ef:15:c8:e2:df:1a:b2:a4: 85:53:77:b4:90:ed:db:cd:21:3e:3a:26:85:ef:00: 8c:59:4c:32:aa:99:82:d8:3c:76:00:33:ac:62:eb: ed:a9:70:36:a6:77:e3:f8:fa:0c:82:68:14:8b:da: 49:37:05:71:a4:c5:76:8b:0f:ad:f7:c1:05:19:eb: 49:6c:4f:65:1b:03:80:c6:c0:15:55:24:59:54:a4: 2a:69:49:dc:c0:12:3b:85:19:70:aa:46:4f:87:db: 89:07:8f:07:2e:55:72:ba:95:51:77:0c:46:54:6e: d9:8c:2a:f9:dd:79:1c:b2:87:47:f6:ab:cd:b3:22: 90:6c:be:23:03:d0:48:1c:b6:dd:da:71:37:15:6a: 26:2e:6e:b7:73:38:c3:41:35:30:c1:8e:50:be:c2: 10:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:03:42:53:2C:E2:AB:63:42:43:36:A0:F7:94:F6:FA:EA:A4:E6:49 X509v3 Authority Key Identifier: keyid:CF:5D:E5:F4:FE:C1:6F:51:6F:0B:C4:D6:31:C2:62:76:63:F9:05:F3 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z13l9P7Bb1FvC8TWMcJidmP5BfM.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/3QNCUyziq2NCQzag95T2-uqk5kk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/e1e670-626a-4c15-a669-6fe1494fbc2c/1/z13l9P7Bb1FvC8TWMcJidmP5BfM.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 91.217.225.0/24 185.75.216.0/22 Signature Algorithm: sha256WithRSAEncryption 49:42:a3:e5:64:61:df:11:53:86:7d:2d:ee:93:af:35:cd:56: 0b:40:8b:05:1d:b2:82:52:86:9c:9f:64:05:58:91:7a:04:0a: fe:cb:b8:de:e7:50:f9:14:49:a5:61:df:f8:d7:7c:5b:d7:30: 25:3d:64:1f:4f:73:e7:09:e3:2f:28:9a:ae:81:79:ec:92:32: 25:75:14:1c:42:43:bc:43:60:24:15:dc:1b:8a:48:c7:dd:7b: 5f:a6:90:c5:1e:c2:9e:2c:60:bd:0d:02:7d:13:9f:ef:78:86: 51:44:57:83:20:d3:e3:84:cc:10:80:14:d1:26:59:46:64:5b: 5f:e0:db:21:e7:14:4b:36:da:eb:3d:a8:56:88:f8:9e:fd:a4: 3d:c7:09:2a:26:ff:da:42:ab:ac:0c:c3:9f:36:79:b9:03:2b: f2:9e:37:68:4f:1d:ae:60:60:45:a4:cb:01:89:c2:69:68:63: fc:6d:e8:33:b6:c0:e7:f8:2e:c9:df:1a:af:cc:63:ab:1f:82: c9:07:26:90:af:a4:68:02:f1:ff:29:90:ea:9c:e5:9a:a7:c0: ca:af:37:35:a5:f5:32:85:22:22:8b:0f:c4:13:9f:cd:06:65: b4:f8:a4:2b:d2:7d:fd:70:98:e5:56:5e:e3:d2:33:89:bf:8f: 3f:b1:d7:27 -----BEGIN CERTIFICATE----- MIIFAzCCA+ugAwIBAgISAZt3x1DxwbcP3pZag3BoaiikMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGNmNWRlNWY0ZmVjMTZmNTE2ZjBiYzRkNjMxYzI2Mjc2NjNm OTA1ZjMwHhcNMjYwMTAxMDQxODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDAzNDI1MzJjZTJhYjYzNDI0MzM2YTBmNzk0ZjZmYWVhYTRlNjQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXHsEbq6ecnGs2vr8sDg8VjCi7C+ +LTnG7TGmE0SmHs1cXN+m3xLjJF+P4NEZFbTCQkPHhfZBMpofe/GNwrbu4Fcn72z XU27VeKsQ7gUbWiCFEAq/Y+flserHJigdgij7xXI4t8asqSFU3e0kO3bzSE+OiaF 7wCMWUwyqpmC2Dx2ADOsYuvtqXA2pnfj+PoMgmgUi9pJNwVxpMV2iw+t98EFGetJ bE9lGwOAxsAVVSRZVKQqaUncwBI7hRlwqkZPh9uJB48HLlVyupVRdwxGVG7ZjCr5 3XkcsodH9qvNsyKQbL4jA9BIHLbd2nE3FWomLm63czjDQTUwwY5QvsIQFwIDAQAB o4ICDzCCAgswHQYDVR0OBBYEFN0DQlMs4qtjQkM2oPeU9vrqpOZJMB8GA1UdIwQY MBaAFM9d5fT+wW9RbwvE1jHCYnZj+QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvejEzbDlQN0JiMUZ2QzhUV01jSmlkbVA1QmZNLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lMWU2NzAtNjI2YS00YzE1LWE2Njkt NmZlMTQ5NGZiYzJjLzEvM1FOQ1V5emlxMk5DUXphZzk1VDItdXFrNWtrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mOC9lMWU2NzAtNjI2YS00YzE1LWE2NjktNmZlMTQ5NGZiYzJj LzEvejEzbDlQN0JiMUZ2QzhUV01jSmlkbVA1QmZNLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9nhAwQC uUvYMA0GCSqGSIb3DQEBCwUAA4IBAQBJQqPlZGHfEVOGfS3uk681zVYLQIsFHbKC Uoacn2QFWJF6BAr+y7je51D5FEmlYd/413xb1zAlPWQfT3PnCeMvKJqugXnskjIl dRQcQkO8Q2AkFdwbikjH3XtfppDFHsKeLGC9DQJ9E5/veIZRRFeDINPjhMwQgBTR JllGZFtf4Nsh5xRLNtrrPahWiPie/aQ9xwkqJv/aQqusDMOfNnm5AyvynjdoTx2u YGBFpMsBicJpaGP8begztsDn+C7J3xqvzGOrH4LJByaQr6RoAvH/KZDqnOWap8DK rzc1pfUyhSIiiw/EE5/NBmW0+KQr0n39cJjlVl7j0jOJv48/sdcn -----END CERTIFICATE-----Generated at Fri Jan 2 11:28:58 2026 by rpki-client