This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/3lrbo6HwulxPMj0oO3FNbjtlzV8.roa File: 3lrbo6HwulxPMj0oO3FNbjtlzV8.roa (raw, json) Hash identifier: hbeRK358TvH6JocXoJjiTBC8YjChMTIhujSLDouBY5Q= Subject key identifier: DE:5A:DB:A3:A1:F0:BA:5C:4F:32:3D:28:3B:71:4D:6E:3B:65:CD:5F Certificate issuer: /CN=e363a9d7023b3cb0032912dcaac9c563c90a9772 Certificate serial: 019B79113CF3B0D7D87B2E915ED665031489 Authority key identifier: E3:63:A9:D7:02:3B:3C:B0:03:29:12:DC:AA:C9:C5:63:C9:0A:97:72 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/42Op1wI7PLADKRLcqsnFY8kKl3I.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/3lrbo6HwulxPMj0oO3FNbjtlzV8.roa Signing time: Thu 01 Jan 2026 10:18:51 +0000 ROA not before: Thu 01 Jan 2026 10:18:51 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 198024 IP address blocks: 2a00:89e0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/42Op1wI7PLADKRLcqsnFY8kKl3I.crl rsync://rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/42Op1wI7PLADKRLcqsnFY8kKl3I.mft rsync://rpki.ripe.net/repository/DEFAULT/42Op1wI7PLADKRLcqsnFY8kKl3I.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 13:01:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:11:3c:f3:b0:d7:d8:7b:2e:91:5e:d6:65:03:14:89 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e363a9d7023b3cb0032912dcaac9c563c90a9772 Validity Not Before: Jan 1 10:18:51 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de5adba3a1f0ba5c4f323d283b714d6e3b65cd5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:d0:5e:31:89:55:0a:50:ab:7d:91:f2:aa:83: 2a:58:e5:8c:20:9c:3e:69:17:f1:93:ac:35:48:38: 99:e1:72:fa:6e:da:4b:34:58:47:b7:f8:1f:c5:b2: 17:5e:30:29:d4:45:c8:08:e7:84:cc:d2:1d:3c:69: ca:2e:b8:46:e3:cc:4d:fb:88:f2:94:9d:6d:96:09: 6c:e6:0f:ae:12:81:42:46:d6:a0:77:64:b7:9f:12: 2d:c9:94:e4:72:6d:2e:ff:5b:68:94:4d:6d:71:30: bd:ae:6f:90:20:e1:3e:78:8c:ab:11:cc:c8:38:73: 1e:2d:9d:2d:69:07:5e:99:2e:b3:39:62:f3:4a:cd: 15:be:0b:89:a5:3f:6f:38:77:ce:19:bd:cf:b6:11: 7a:fc:7c:c6:c7:06:ac:ed:00:c4:43:d7:cf:6e:41: 5a:a6:ad:19:21:fc:21:01:10:84:17:bc:11:b9:d9: ce:ef:02:84:9d:ed:f6:23:b3:3d:0b:f8:e5:ca:4f: dc:da:95:df:6f:64:a5:d5:91:60:f6:c5:d9:ad:d3: d4:7c:c6:fb:b6:f6:fb:e7:24:1f:38:ea:96:34:71: ca:72:8b:88:a2:1a:95:5f:90:57:ea:6c:b0:01:be: 2b:fc:fd:07:dc:a0:40:3d:aa:ac:0a:08:f8:9d:52: 42:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:5A:DB:A3:A1:F0:BA:5C:4F:32:3D:28:3B:71:4D:6E:3B:65:CD:5F X509v3 Authority Key Identifier: keyid:E3:63:A9:D7:02:3B:3C:B0:03:29:12:DC:AA:C9:C5:63:C9:0A:97:72 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/42Op1wI7PLADKRLcqsnFY8kKl3I.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/3lrbo6HwulxPMj0oO3FNbjtlzV8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2d5337-da24-4ce8-a3b7-c302c10ec5c0/1/42Op1wI7PLADKRLcqsnFY8kKl3I.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a00:89e0::/32 Signature Algorithm: sha256WithRSAEncryption 21:86:6b:2f:19:39:89:15:43:7b:28:c5:a3:e4:3a:b6:31:2c: ff:f8:0c:57:26:80:6f:ee:e3:92:8d:f6:1e:8e:ad:f5:f8:2e: 51:6f:8a:c7:93:45:7f:75:73:f3:87:c0:37:97:93:ed:1e:22: 28:45:be:5c:5e:ef:51:28:4c:6f:32:49:ab:2f:85:b5:d4:bc: c6:c6:74:d1:3e:aa:cb:0b:cd:88:fa:99:73:20:3a:c5:80:a6: 5a:50:b5:5a:a6:fa:4e:1b:9a:da:2a:7b:53:63:f1:47:45:33: 41:05:00:4b:4f:2d:90:c4:82:c6:bf:c2:4b:e9:3f:f6:4c:50: 58:0b:90:8c:ce:f1:4f:ba:5f:a3:b0:50:76:c4:4e:67:17:d6: 77:56:e2:67:d8:91:d1:26:5b:aa:64:bf:33:f5:d1:a5:09:d3: af:6d:72:9f:59:31:a7:af:a0:91:72:3c:33:46:6f:c7:52:ea: e9:a2:60:b4:fa:2b:67:4d:32:ee:48:e4:81:b9:6b:6f:98:3a: ee:cc:cd:2f:53:e0:fd:23:f5:15:92:9f:4e:cd:2f:7c:f9:87: 99:d8:08:9b:e4:a0:12:80:46:a4:8e:67:ea:2c:17:a9:7f:34: de:c1:b7:f2:28:75:9c:18:ee:ca:32:73:22:37:8a:f8:a3:d9: 61:04:9d:96 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt5ETzzsNfYey6RXtZlAxSJMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUzNjNhOWQ3MDIzYjNjYjAwMzI5MTJkY2FhYzljNTYzYzkw YTk3NzIwHhcNMjYwMTAxMTAxODUxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTVhZGJhM2ExZjBiYTVjNGYzMjNkMjgzYjcxNGQ2ZTNiNjVjZDVmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdBeMYlVClCrfZHyqoMqWOWMIJw+ aRfxk6w1SDiZ4XL6btpLNFhHt/gfxbIXXjAp1EXICOeEzNIdPGnKLrhG48xN+4jy lJ1tlgls5g+uEoFCRtagd2S3nxItyZTkcm0u/1tolE1tcTC9rm+QIOE+eIyrEczI OHMeLZ0taQdemS6zOWLzSs0VvguJpT9vOHfOGb3PthF6/HzGxwas7QDEQ9fPbkFa pq0ZIfwhARCEF7wRudnO7wKEne32I7M9C/jlyk/c2pXfb2Sl1ZFg9sXZrdPUfMb7 tvb75yQfOOqWNHHKcouIohqVX5BX6mywAb4r/P0H3KBAPaqsCgj4nVJCRwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN5a26Oh8LpcTzI9KDtxTW47Zc1fMB8GA1UdIwQY MBaAFONjqdcCOzywAykS3KrJxWPJCpdyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNDJPcDF3STdQTEFES1JMY3FzbkZZOGtLbDNJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yZDUzMzctZGEyNC00Y2U4LWEzYjct YzMwMmMxMGVjNWMwLzEvM2xyYm82SHd1bHhQTWowb08zRk5ianRselY4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wOS8yZDUzMzctZGEyNC00Y2U4LWEzYjctYzMwMmMxMGVjNWMw LzEvNDJPcDF3STdQTEFES1JMY3FzbkZZOGtLbDNJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgCJ4DAN BgkqhkiG9w0BAQsFAAOCAQEAIYZrLxk5iRVDeyjFo+Q6tjEs//gMVyaAb+7jko32 Ho6t9fguUW+Kx5NFf3Vz84fAN5eT7R4iKEW+XF7vUShMbzJJqy+FtdS8xsZ00T6q ywvNiPqZcyA6xYCmWlC1Wqb6Thua2ip7U2PxR0UzQQUAS08tkMSCxr/CS+k/9kxQ WAuQjM7xT7pfo7BQdsROZxfWd1biZ9iR0SZbqmS/M/XRpQnTr21yn1kxp6+gkXI8 M0Zvx1Lq6aJgtPorZ00y7kjkgblrb5g67szNL1Pg/SP1FZKfTs0vfPmHmdgIm+Sg EoBGpI5n6iwXqX803sG38ih1nBjuyjJzIjeK+KPZYQSdlg== -----END CERTIFICATE-----Generated at Mon Jan 26 22:36:23 2026 by rpki-client