This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/3lfjDZ_LyMbB8PjRnMxPCrvVikA.roa File: 3lfjDZ_LyMbB8PjRnMxPCrvVikA.roa (raw, json) Hash identifier: lHB/WmiejVwebpUIQdg5G2VpXchvQiJHaJHJxGNpYIs= Subject key identifier: DE:57:E3:0D:9F:CB:C8:C6:C1:F0:F8:D1:9C:CC:4F:0A:BB:D5:8A:40 Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f Certificate serial: 019B7F13FAC86884F94D0E942C0874AB788B Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/3lfjDZ_LyMbB8PjRnMxPCrvVikA.roa Signing time: Fri 02 Jan 2026 14:19:34 +0000 ROA not before: Fri 02 Jan 2026 14:19:34 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 56420 IP address blocks: 2a02:2698:6400::/38 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 05 Feb 2026 23:01:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:13:fa:c8:68:84:f9:4d:0e:94:2c:08:74:ab:78:8b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f Validity Not Before: Jan 2 14:19:34 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de57e30d9fcbc8c6c1f0f8d19ccc4f0abbd58a40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:2b:85:e1:d2:f6:1d:98:30:8e:f3:d2:f8:06: 5e:97:e0:9c:12:7b:5a:cd:c5:94:ca:1e:80:b7:e9: a7:c1:80:e3:27:b8:46:9b:42:4f:e9:07:43:7e:c7: 98:63:e0:c2:9e:ff:b8:4a:17:1b:96:8f:83:94:11: f2:68:48:d2:c7:57:23:55:b2:90:a1:df:eb:2a:83: aa:8e:fc:23:e6:60:61:00:50:14:8d:61:ac:fd:6f: 94:9b:c7:26:9a:61:6f:52:fb:4e:2b:42:6a:ae:03: 29:36:b4:c0:4e:e5:a1:8f:4d:4c:ea:be:e8:2b:cb: 06:f2:12:0c:c6:8f:40:7e:88:74:0e:a1:94:8a:3f: b1:8d:58:2f:09:7b:cf:32:76:92:52:22:89:db:1f: 1b:a8:ee:59:5e:92:fa:37:e6:f9:81:57:81:95:70: 75:2d:85:27:4e:ff:a2:f8:43:da:16:ff:d9:c7:f5: fb:58:cf:e1:53:70:66:35:0d:fc:08:63:61:4b:52: 8e:57:14:7c:6e:14:d3:77:e1:d0:a6:f6:66:d5:1f: e2:ba:4b:e6:0e:25:5a:c6:d7:92:4b:77:7e:3b:74: bc:d0:b5:0d:10:34:bc:1e:5e:5e:cc:7a:69:3d:f1: 96:1a:1d:ac:e9:85:48:44:8a:50:87:79:33:9e:5c: 8a:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:57:E3:0D:9F:CB:C8:C6:C1:F0:F8:D1:9C:CC:4F:0A:BB:D5:8A:40 X509v3 Authority Key Identifier: keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/3lfjDZ_LyMbB8PjRnMxPCrvVikA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a02:2698:6400::/38 Signature Algorithm: sha256WithRSAEncryption 6b:8e:04:c9:07:81:a7:16:b4:e3:bf:3a:da:1a:95:f2:91:f1: 98:64:a6:22:28:68:08:8f:9a:2f:b3:7b:be:64:8e:54:b3:e9: a5:42:b1:35:83:14:a0:15:1c:f9:be:d7:b3:16:a9:4d:b1:d8: ce:cc:5f:ad:24:b6:db:4c:8e:0a:05:d0:51:2c:c2:06:38:ca: 52:c3:25:6a:7c:72:b1:99:32:b7:2a:17:79:66:dd:64:b8:82: 27:3a:5b:32:93:d6:4c:b8:2a:37:7e:2c:92:c8:32:52:01:d4: 94:54:d3:72:a0:4e:f1:de:32:3e:4f:cc:98:51:f1:7d:2d:ac: f1:9e:35:1f:0f:02:62:af:e4:6a:a0:85:e7:91:0d:35:ed:40: 4d:30:09:29:79:c9:28:f1:ab:d1:9b:68:99:c2:e5:2e:60:34: 43:bc:35:64:13:6e:d8:c9:ad:35:e4:71:15:63:b8:09:8c:95: 22:32:3f:22:3a:a8:2c:ab:6d:ab:c2:0b:41:28:b1:47:7b:0b: 25:17:db:84:21:13:85:e5:15:05:ef:9c:01:d8:dc:f4:59:63: 79:e2:af:20:c5:6e:a6:4c:27:2b:22:c0:e5:52:78:e5:a5:a2: e7:2e:72:ac:da:cb:18:69:47:fb:ca:1a:fd:4d:71:60:15:3e: 49:40:03:1a -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt/E/rIaIT5TQ6ULAh0q3iLMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi ODJiNWYwHhcNMjYwMTAyMTQxOTM0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTU3ZTMwZDlmY2JjOGM2YzFmMGY4ZDE5Y2NjNGYwYWJiZDU4YTQwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SuF4dL2HZgwjvPS+AZel+CcEnta zcWUyh6At+mnwYDjJ7hGm0JP6QdDfseYY+DCnv+4Shcblo+DlBHyaEjSx1cjVbKQ od/rKoOqjvwj5mBhAFAUjWGs/W+Um8cmmmFvUvtOK0JqrgMpNrTATuWhj01M6r7o K8sG8hIMxo9Afoh0DqGUij+xjVgvCXvPMnaSUiKJ2x8bqO5ZXpL6N+b5gVeBlXB1 LYUnTv+i+EPaFv/Zx/X7WM/hU3BmNQ38CGNhS1KOVxR8bhTTd+HQpvZm1R/iukvm DiVaxteSS3d+O3S80LUNEDS8Hl5ezHppPfGWGh2s6YVIRIpQh3kznlyKuQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFN5X4w2fy8jGwfD40ZzMTwq71YpAMB8GA1UdIwQY MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt Y2YwYWEzZWNhZDI4LzEvM2xmakRaX0x5TWJCOFBqUm5NeFBDcnZWaWtBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4 LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgImmGQw DQYJKoZIhvcNAQELBQADggEBAGuOBMkHgacWtOO/OtoalfKR8ZhkpiIoaAiPmi+z e75kjlSz6aVCsTWDFKAVHPm+17MWqU2x2M7MX60ktttMjgoF0FEswgY4ylLDJWp8 crGZMrcqF3lm3WS4gic6WzKT1ky4Kjd+LJLIMlIB1JRU03KgTvHeMj5PzJhR8X0t rPGeNR8PAmKv5GqgheeRDTXtQE0wCSl5ySjxq9GbaJnC5S5gNEO8NWQTbtjJrTXk cRVjuAmMlSIyPyI6qCyrbavCC0EosUd7CyUX24QhE4XlFQXvnAHY3PRZY3niryDF bqZMJysiwOVSeOWloucucqzayxhpR/vKGv1NcWAVPklAAxo= -----END CERTIFICATE-----Generated at Thu Feb 5 05:54:58 2026 by rpki-client