This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/PqzFQQ5sES2MqGglMugWf_lMxyY.roa File: PqzFQQ5sES2MqGglMugWf_lMxyY.roa (raw, json) Hash identifier: khSqFydqj9KZQBk9HYnRXgBI+ueTAb2xBqHtEX2tAzU= Subject key identifier: 3E:AC:C5:41:0E:6C:11:2D:8C:A8:68:25:32:E8:16:7F:F9:4C:C7:26 Certificate issuer: /CN=4cf9c3ec47fccf01d9305fe0d7d481b306b0d48c Certificate serial: 019B7EA42E08EBF2BE4872AA965D9844448B Authority key identifier: 4C:F9:C3:EC:47:FC:CF:01:D9:30:5F:E0:D7:D4:81:B3:06:B0:D4:8C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPnD7Ef8zwHZMF_g19SBswaw1Iw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/PqzFQQ5sES2MqGglMugWf_lMxyY.roa Signing time: Fri 02 Jan 2026 12:17:27 +0000 ROA not before: Fri 02 Jan 2026 12:17:27 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216195 IP address blocks: 2a13:fc41::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/TPnD7Ef8zwHZMF_g19SBswaw1Iw.crl rsync://rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/TPnD7Ef8zwHZMF_g19SBswaw1Iw.mft rsync://rpki.ripe.net/repository/DEFAULT/TPnD7Ef8zwHZMF_g19SBswaw1Iw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a4:2e:08:eb:f2:be:48:72:aa:96:5d:98:44:44:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=4cf9c3ec47fccf01d9305fe0d7d481b306b0d48c Validity Not Before: Jan 2 12:17:27 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3eacc5410e6c112d8ca8682532e8167ff94cc726 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ed:5c:da:a3:73:9d:88:5d:13:bb:29:8e:28: ce:ce:65:98:4d:84:e2:62:24:34:9c:aa:08:b1:32: 4d:fe:7f:be:e8:f7:26:02:fe:e1:76:e5:b0:c6:57: 47:02:25:d7:e4:1f:72:19:b5:23:da:f6:88:e4:fc: 21:a3:fc:82:10:12:60:f0:20:3d:c2:64:79:91:01: 9f:f5:81:93:12:36:a3:64:e4:a9:8b:02:09:17:2d: 3c:0b:6d:94:9f:7d:2d:de:76:9b:d2:87:f0:70:bc: 37:0a:65:dd:43:65:b0:b6:16:04:2c:30:96:36:d5: 7c:06:a4:d4:00:fe:f1:ee:b9:c4:4d:e9:1f:8b:f4: d5:c3:05:c2:b4:30:12:ec:22:d0:46:d1:fc:60:5e: f9:42:b0:3a:fa:71:57:af:97:2d:e3:cc:95:b1:3b: 31:4b:a5:cb:04:89:65:3f:f5:3f:30:7c:52:c5:67: e9:9b:cb:c6:45:90:09:9d:fe:23:20:80:7c:a8:e3: 19:01:17:52:b3:c9:ab:a5:77:f0:0f:e0:a4:de:7e: a5:59:04:62:06:d8:d3:03:f0:08:b1:41:59:44:c4: 21:e4:0d:7d:6e:ce:06:a2:26:2d:76:f9:31:c5:dd: 66:dd:8e:cf:5c:d1:9a:b5:aa:88:00:2b:ef:b8:08: c3:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:AC:C5:41:0E:6C:11:2D:8C:A8:68:25:32:E8:16:7F:F9:4C:C7:26 X509v3 Authority Key Identifier: keyid:4C:F9:C3:EC:47:FC:CF:01:D9:30:5F:E0:D7:D4:81:B3:06:B0:D4:8C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPnD7Ef8zwHZMF_g19SBswaw1Iw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/PqzFQQ5sES2MqGglMugWf_lMxyY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b3fa64-f8b1-44e8-aba6-8601663395eb/1/TPnD7Ef8zwHZMF_g19SBswaw1Iw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:fc41::/48 Signature Algorithm: sha256WithRSAEncryption 25:33:57:52:67:6d:d1:da:d9:ee:75:26:41:5a:b4:22:f7:2f: 47:cc:08:f1:6d:7b:16:17:34:14:bf:7e:53:f0:fd:9b:58:a5: 14:1d:d5:15:d1:88:23:b7:68:13:30:fc:9b:b4:bd:5c:0a:84: 3f:ba:b3:38:11:ba:79:46:86:d2:72:b7:bd:2b:12:ba:21:c5: 08:e8:57:f6:5f:3e:ef:7c:61:42:7f:56:75:fb:f9:04:84:6c: 2f:d9:59:a1:e1:d0:f4:51:0f:d5:e6:ec:b0:b8:4f:25:84:8a: 4b:e2:bc:49:0b:d8:c0:95:ab:94:ad:39:8f:b8:33:2c:02:42: be:0d:ba:78:bd:36:d3:ad:4c:5b:04:0b:e9:7f:b0:ce:ab:34: 10:86:aa:1f:62:12:7b:fb:18:2b:fb:ab:50:03:d8:c4:dd:5e: ef:be:db:db:e4:bf:fc:4e:2a:e4:76:07:45:0b:ab:b5:e2:d0: 74:95:bf:f3:4f:a9:69:23:b4:46:7d:df:fe:78:c9:f7:13:68: fd:8a:2f:d7:ad:8a:b3:54:62:30:9e:49:62:4e:5e:c9:33:0b: 07:a3:88:06:c4:4f:86:08:08:20:19:d7:9a:0e:55:8b:3e:87: dd:b8:cd:ef:63:f5:7b:a6:49:f4:35:23:23:1f:cf:db:4a:5f: b0:da:e8:3d -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt+pC4I6/K+SHKqll2YRESLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDRjZjljM2VjNDdmY2NmMDFkOTMwNWZlMGQ3ZDQ4MWIzMDZi MGQ0OGMwHhcNMjYwMTAyMTIxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZWFjYzU0MTBlNmMxMTJkOGNhODY4MjUzMmU4MTY3ZmY5NGNjNzI2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO1c2qNznYhdE7spjijOzmWYTYTi YiQ0nKoIsTJN/n++6PcmAv7hduWwxldHAiXX5B9yGbUj2vaI5Pwho/yCEBJg8CA9 wmR5kQGf9YGTEjajZOSpiwIJFy08C22Un30t3nab0ofwcLw3CmXdQ2WwthYELDCW NtV8BqTUAP7x7rnETekfi/TVwwXCtDAS7CLQRtH8YF75QrA6+nFXr5ct48yVsTsx S6XLBIllP/U/MHxSxWfpm8vGRZAJnf4jIIB8qOMZARdSs8mrpXfwD+Ck3n6lWQRi BtjTA/AIsUFZRMQh5A19bs4GoiYtdvkxxd1m3Y7PXNGataqIACvvuAjDaQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFD6sxUEObBEtjKhoJTLoFn/5TMcmMB8GA1UdIwQY MBaAFEz5w+xH/M8B2TBf4NfUgbMGsNSMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvVFBuRDdFZjh6d0haTUZfZzE5U0Jzd2F3MUl3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iM2ZhNjQtZjhiMS00NGU4LWFiYTYt ODYwMTY2MzM5NWViLzEvUHF6RlFRNXNFUzJNcUdnbE11Z1dmX2xNeHlZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMy9iM2ZhNjQtZjhiMS00NGU4LWFiYTYtODYwMTY2MzM5NWVi LzEvVFBuRDdFZjh6d0haTUZfZzE5U0Jzd2F3MUl3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhP8QQAA MA0GCSqGSIb3DQEBCwUAA4IBAQAlM1dSZ23R2tnudSZBWrQi9y9HzAjxbXsWFzQU v35T8P2bWKUUHdUV0Ygjt2gTMPybtL1cCoQ/urM4Ebp5RobScre9KxK6IcUI6Ff2 Xz7vfGFCf1Z1+/kEhGwv2Vmh4dD0UQ/V5uywuE8lhIpL4rxJC9jAlauUrTmPuDMs AkK+Dbp4vTbTrUxbBAvpf7DOqzQQhqofYhJ7+xgr+6tQA9jE3V7vvtvb5L/8Tirk dgdFC6u14tB0lb/zT6lpI7RGfd/+eMn3E2j9ii/XrYqzVGIwnkliTl7JMwsHo4gG xE+GCAggGdeaDlWLPofduM3vY/V7pkn0NSMjH8/bSl+w2ug9 -----END CERTIFICATE-----Generated at Tue Feb 10 00:03:25 2026 by rpki-client