This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/4_3T9oqdjGNdYvgcmhfdmg2_xFk.roa File: 4_3T9oqdjGNdYvgcmhfdmg2_xFk.roa (raw, json) Hash identifier: C4ZhYpcFum0fbS3tRySUhTlzAuq5N1/9WgaAqXp5T1k= Subject key identifier: E3:FD:D3:F6:8A:9D:8C:63:5D:62:F8:1C:9A:17:DD:9A:0D:BF:C4:59 Certificate issuer: /CN=9d5138e1facf7b65dbb575fa7d47240c278b34df Certificate serial: 019B7C11E80670105F1BC1F4796023D00C7F Authority key identifier: 9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/4_3T9oqdjGNdYvgcmhfdmg2_xFk.roa Signing time: Fri 02 Jan 2026 00:18:26 +0000 ROA not before: Fri 02 Jan 2026 00:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207459 IP address blocks: 2a05:9bc0::/29 maxlen: 29 2a05:9bc0::/32 maxlen: 32 2a05:9bc1::/32 maxlen: 32 2a05:9bc2::/32 maxlen: 32 2a05:9bc3::/32 maxlen: 32 2a05:9bc4::/32 maxlen: 32 2a05:9bc5::/32 maxlen: 32 2a05:9bc6::/32 maxlen: 32 2a05:9bc7::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.mft rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 15:22:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:e8:06:70:10:5f:1b:c1:f4:79:60:23:d0:0c:7f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=9d5138e1facf7b65dbb575fa7d47240c278b34df Validity Not Before: Jan 2 00:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=e3fdd3f68a9d8c635d62f81c9a17dd9a0dbfc459 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:86:86:84:86:fe:72:90:24:61:0e:8e:14:aa: e1:f9:10:6c:98:e7:b5:1d:5a:a7:73:e3:1a:24:23: f5:f2:ec:e9:29:d3:82:9f:44:28:29:30:50:73:5f: 39:38:96:92:9e:c8:90:5e:f4:17:ca:32:73:47:df: 41:c0:6e:70:a3:e0:28:b3:86:6a:be:75:e8:c8:77: 44:62:9f:10:d3:58:46:e7:a9:93:a3:83:43:c2:38: 3d:81:a8:95:0a:60:50:19:99:7c:82:0f:9f:cd:2b: d6:93:f0:9f:82:78:7e:a7:3e:74:88:d1:f3:d5:3c: b1:31:c5:71:f0:8c:0e:c3:c3:61:94:64:1e:ec:b9: ae:a7:1f:56:e8:d2:da:26:f1:52:07:88:b1:00:66: fa:f4:b2:70:1c:c0:ef:b2:10:63:6d:ca:63:98:ed: 58:7a:db:e9:a1:e5:d7:a8:da:5d:ed:79:1f:10:8a: c8:50:9c:08:d5:07:01:46:a3:dd:9a:82:47:e4:55: c8:fd:82:3f:2f:54:1d:e2:5e:a1:77:c3:a3:84:73: 6d:82:57:83:28:58:d2:3d:3b:80:3e:66:25:47:dd: 6d:28:fa:d6:68:8e:16:3d:05:06:71:bf:b5:92:26: 91:91:da:65:90:8f:d2:13:16:0a:7f:66:f8:d8:1e: 4f:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:FD:D3:F6:8A:9D:8C:63:5D:62:F8:1C:9A:17:DD:9A:0D:BF:C4:59 X509v3 Authority Key Identifier: keyid:9D:51:38:E1:FA:CF:7B:65:DB:B5:75:FA:7D:47:24:0C:27:8B:34:DF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nVE44frPe2XbtXX6fUckDCeLNN8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/4_3T9oqdjGNdYvgcmhfdmg2_xFk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d001ff-8323-4b89-be3d-c2efeb3b32a5/1/nVE44frPe2XbtXX6fUckDCeLNN8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:9bc0::/29 Signature Algorithm: sha256WithRSAEncryption 4a:21:9a:3f:41:73:c6:09:60:63:36:ed:5d:96:ab:15:44:36: 71:99:58:72:56:8a:e5:b3:11:fb:14:76:e3:48:8f:0f:8e:36: 98:46:19:d3:f3:8e:09:f4:da:7f:60:5b:b2:e0:d8:b9:03:d3: bb:f6:37:bd:68:3f:fc:43:b3:4d:40:ac:83:86:49:78:5b:cc: e1:1b:a5:09:ba:2f:f1:af:39:77:af:cf:ca:ed:b1:32:89:27: 71:be:de:50:9b:ef:d1:a5:21:99:f1:76:06:2c:b8:51:2a:52: 67:fa:04:dd:28:56:c1:cf:1b:f4:05:b0:2f:b0:50:25:43:50: 34:3c:9d:31:db:04:43:86:02:e4:da:49:52:17:21:c0:87:08: 93:b7:04:40:2a:0a:8a:46:1b:6e:1c:fa:b4:16:9e:3a:b4:70: 8d:c6:2b:57:21:5f:0a:e1:86:8a:b4:1a:f4:46:ab:21:40:ca: 09:4f:10:da:32:c2:96:c1:f9:56:15:8b:7b:da:4b:2f:76:f8: a6:72:7a:a5:08:04:47:96:ba:39:b3:0b:d8:4d:ac:07:41:71: ca:83:bc:4b:36:75:df:28:39:97:63:2b:c1:4b:d0:2e:23:3e: 8a:85:b5:21:5a:db:bd:e4:52:54:1d:99:82:ef:a8:5a:cb:aa: 41:2a:c6:d2 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8EegGcBBfG8H0eWAj0Ax/MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDlkNTEzOGUxZmFjZjdiNjVkYmI1NzVmYTdkNDcyNDBjMjc4 YjM0ZGYwHhcNMjYwMTAyMDAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhlM2ZkZDNmNjhhOWQ4YzYzNWQ2MmY4MWM5YTE3ZGQ5YTBkYmZjNDU5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYaGhIb+cpAkYQ6OFKrh+RBsmOe1 HVqnc+MaJCP18uzpKdOCn0QoKTBQc185OJaSnsiQXvQXyjJzR99BwG5wo+Aos4Zq vnXoyHdEYp8Q01hG56mTo4NDwjg9gaiVCmBQGZl8gg+fzSvWk/Cfgnh+pz50iNHz 1TyxMcVx8IwOw8NhlGQe7Lmupx9W6NLaJvFSB4ixAGb69LJwHMDvshBjbcpjmO1Y etvpoeXXqNpd7XkfEIrIUJwI1QcBRqPdmoJH5FXI/YI/L1Qd4l6hd8OjhHNtgleD KFjSPTuAPmYlR91tKPrWaI4WPQUGcb+1kiaRkdplkI/SExYKf2b42B5PLwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFOP90/aKnYxjXWL4HJoX3ZoNv8RZMB8GA1UdIwQY MBaAFJ1ROOH6z3tl27V1+n1HJAwnizTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2Qt YzJlZmViM2IzMmE1LzEvNF8zVDlvcWRqR05kWXZnY21oZmRtZzJfeEZrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xMy9kMDAxZmYtODMyMy00Yjg5LWJlM2QtYzJlZmViM2IzMmE1 LzEvblZFNDRmclBlMlhidFhYNmZVY2tEQ2VMTk44LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgWbwDAN BgkqhkiG9w0BAQsFAAOCAQEASiGaP0FzxglgYzbtXZarFUQ2cZlYclaK5bMR+xR2 40iPD442mEYZ0/OOCfTaf2BbsuDYuQPTu/Y3vWg//EOzTUCsg4ZJeFvM4RulCbov 8a85d6/Pyu2xMokncb7eUJvv0aUhmfF2Biy4USpSZ/oE3ShWwc8b9AWwL7BQJUNQ NDydMdsEQ4YC5NpJUhchwIcIk7cEQCoKikYbbhz6tBaeOrRwjcYrVyFfCuGGirQa 9EarIUDKCU8Q2jLClsH5VhWLe9pLL3b4pnJ6pQgER5a6ObML2E2sB0FxyoO8SzZ1 3yg5l2MrwUvQLiM+ioW1IVrbveRSVB2Zgu+oWsuqQSrG0g== -----END CERTIFICATE-----Generated at Wed Jan 21 22:22:26 2026 by rpki-client