This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oQw-7P89OSNkroP_9-28pP_Gf1I.roa File: oQw-7P89OSNkroP_9-28pP_Gf1I.roa (raw, json) Hash identifier: F58ZsXZITuzeOIh2N7uuzQ0ICrp49F94LCCvJYC+RZY= Subject key identifier: A1:0C:3E:EC:FF:3D:39:23:64:AE:83:FF:F7:ED:BC:A4:FF:C6:7F:52 Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Certificate serial: 019B78A2FD9DF1CFB79F22A34CC159723585 Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oQw-7P89OSNkroP_9-28pP_Gf1I.roa Signing time: Thu 01 Jan 2026 08:18:26 +0000 ROA not before: Thu 01 Jan 2026 08:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 44796 IP address blocks: 2a00:1728:1d::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 02:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:fd:9d:f1:cf:b7:9f:22:a3:4c:c1:59:72:35:85 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d Validity Not Before: Jan 1 08:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a10c3eecff3d392364ae83fff7edbca4ffc67f52 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:a2:fb:08:57:54:37:31:6d:57:b8:94:8c:8c: b8:6c:27:18:52:14:31:dc:d8:42:82:7c:5e:58:da: 35:7e:a6:44:ce:20:6d:f1:65:d7:60:95:12:2e:58: f5:18:7f:04:88:f6:e6:eb:01:7e:ad:1d:3e:52:6d: f9:ab:1c:b1:c2:4d:e6:13:50:91:1c:d3:de:08:d7: dd:f5:56:71:cb:bc:5d:df:38:d2:b7:84:8f:77:24: 8a:ec:ed:9b:57:b0:31:9a:fe:a2:01:e0:ea:7d:15: 18:29:1c:35:cf:7b:83:5b:e0:9b:38:b8:42:d5:d3: f5:d3:1d:69:71:51:1e:93:2e:8d:33:50:5b:85:d5: ff:cd:f8:01:c6:7f:26:52:9e:ce:eb:45:11:3c:06: d4:7f:c0:cc:cb:0d:fd:d1:18:b9:5a:28:90:fc:51: 25:04:c1:18:b8:41:03:82:89:c4:ba:28:18:b3:4d: 35:81:a0:ae:b3:f9:6a:e7:40:2d:5e:b7:f4:39:88: 0a:90:9c:b1:40:32:e3:63:99:e4:d9:cd:69:4c:45: 8c:29:3f:d0:64:de:b6:94:5f:da:f6:4a:ef:93:4b: 32:9c:0a:0f:ec:46:6c:be:e5:77:98:17:e4:b9:63: e3:de:87:5c:27:83:45:dc:01:ff:c5:3e:68:f6:dc: 1d:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:0C:3E:EC:FF:3D:39:23:64:AE:83:FF:F7:ED:BC:A4:FF:C6:7F:52 X509v3 Authority Key Identifier: keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oQw-7P89OSNkroP_9-28pP_Gf1I.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:1728:1d::/48 Signature Algorithm: sha256WithRSAEncryption 9b:5c:ed:55:ee:87:c6:fb:c9:98:4e:eb:e9:20:91:d0:4b:d3: 1f:90:84:1e:06:ca:d5:a0:61:de:46:62:8c:bb:30:38:c5:27: 74:d6:25:9b:57:69:c6:0c:ed:f7:23:7f:8a:33:a8:f1:bf:30: da:3b:11:f0:12:05:cd:2b:53:93:26:75:35:62:d5:40:97:c3: 4f:51:c8:fe:ec:d4:69:6a:af:91:a4:aa:92:03:94:a4:8d:ee: ce:b7:22:76:f1:36:86:d8:5f:6e:ed:c2:86:09:a0:8d:5b:74: 06:41:32:0a:59:9c:d7:87:c6:9c:68:32:7a:2f:28:2f:c5:8c: 62:64:88:f9:54:df:c8:f8:e2:bf:83:75:db:d4:b2:16:68:ff: 62:22:87:2a:9d:00:9b:e7:ce:e5:81:e7:89:5f:2b:46:b8:55: 24:6d:81:7d:e7:74:9f:65:34:6e:8a:a7:c5:86:2f:01:29:58: 0d:45:47:a6:f7:7d:63:54:c1:60:4a:37:2f:5f:e9:2a:2b:e7: 02:0d:37:3c:32:b5:7a:bb:d8:0c:a5:76:0c:0b:57:d0:61:a0: 65:47:cf:67:cf:1c:21:8f:dc:89:ca:8d:ca:2a:92:de:a1:eb: a6:a3:cd:7a:c7:c4:59:85:7d:b6:87:c1:94:25:9a:de:f6:29: 47:10:66:62 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt4ov2d8c+3nyKjTMFZcjWFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3 NzVlOWQwHhcNMjYwMTAxMDgxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMTBjM2VlY2ZmM2QzOTIzNjRhZTgzZmZmN2VkYmNhNGZmYzY3ZjUyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuqL7CFdUNzFtV7iUjIy4bCcYUhQx 3NhCgnxeWNo1fqZEziBt8WXXYJUSLlj1GH8EiPbm6wF+rR0+Um35qxyxwk3mE1CR HNPeCNfd9VZxy7xd3zjSt4SPdySK7O2bV7Axmv6iAeDqfRUYKRw1z3uDW+CbOLhC 1dP10x1pcVEeky6NM1BbhdX/zfgBxn8mUp7O60URPAbUf8DMyw390Ri5WiiQ/FEl BMEYuEEDgonEuigYs001gaCus/lq50AtXrf0OYgKkJyxQDLjY5nk2c1pTEWMKT/Q ZN62lF/a9krvk0synAoP7EZsvuV3mBfkuWPj3odcJ4NF3AH/xT5o9twdNQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFKEMPuz/PTkjZK6D//ftvKT/xn9SMB8GA1UdIwQY MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct Y2QzY2E1OTc1NzEyLzEvb1F3LTdQODlPU05rcm9QXzktMjhwUF9HZjFJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAXKAAd MA0GCSqGSIb3DQEBCwUAA4IBAQCbXO1V7ofG+8mYTuvpIJHQS9MfkIQeBsrVoGHe RmKMuzA4xSd01iWbV2nGDO33I3+KM6jxvzDaOxHwEgXNK1OTJnU1YtVAl8NPUcj+ 7NRpaq+RpKqSA5Skje7OtyJ28TaG2F9u7cKGCaCNW3QGQTIKWZzXh8acaDJ6Lygv xYxiZIj5VN/I+OK/g3Xb1LIWaP9iIocqnQCb587lgeeJXytGuFUkbYF953SfZTRu iqfFhi8BKVgNRUem931jVMFgSjcvX+kqK+cCDTc8MrV6u9gMpXYMC1fQYaBlR89n zxwhj9yJyo3KKpLeoeumo816x8RZhX22h8GUJZre9ilHEGZi -----END CERTIFICATE-----Generated at Fri Jan 2 12:03:28 2026 by rpki-client