This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/3TtBL0qA5kisjEdyIAiW0RrkR5Y.roa File: 3TtBL0qA5kisjEdyIAiW0RrkR5Y.roa (raw, json) Hash identifier: IIwZ4eNX/TnLbTOdzNJ7spbedu7ExR/vuLghC48r7Rc= Subject key identifier: DD:3B:41:2F:4A:80:E6:48:AC:8C:47:72:20:08:96:D1:1A:E4:47:96 Certificate issuer: /CN=c833a0389592756e415cde348abbc24312b02df6 Certificate serial: 019B7910DAEE39CF758242700F2BC2001E4D Authority key identifier: C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/3TtBL0qA5kisjEdyIAiW0RrkR5Y.roa Signing time: Thu 01 Jan 2026 10:18:26 +0000 ROA not before: Thu 01 Jan 2026 10:18:26 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204254 IP address blocks: 2001:67c:754::/48 maxlen: 48 2001:67c:758::/48 maxlen: 48 2001:67c:75c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.mft rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Wed 21 Jan 2026 22:01:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:da:ee:39:cf:75:82:42:70:0f:2b:c2:00:1e:4d Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c833a0389592756e415cde348abbc24312b02df6 Validity Not Before: Jan 1 10:18:26 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd3b412f4a80e648ac8c4772200896d11ae44796 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:ed:11:6b:13:67:bd:b3:bd:14:8c:4e:ff:a9: cd:fa:ff:63:75:5d:ec:b7:c4:33:1e:3f:85:c4:8f: 42:89:aa:96:4f:0d:1c:01:93:a8:3e:f6:b0:5f:62: 97:d2:ee:e3:f0:ff:79:3a:68:55:1d:06:e2:e3:a2: ff:60:1c:71:68:31:1c:6b:52:18:40:5b:2f:db:9f: a8:71:1d:81:b0:1b:29:82:f6:9f:09:1e:d1:00:b2: 12:d1:96:55:6c:0d:54:45:16:ba:4c:75:6c:a4:67: 87:4a:25:56:e4:d3:fa:57:10:e0:1a:7d:3a:95:2d: 87:db:87:44:f9:3f:68:58:9f:55:2a:3b:a3:79:03: 5a:69:58:f7:82:9e:a1:0e:61:bd:ed:82:8d:74:b4: 4d:1b:3e:14:d8:12:8a:f3:36:63:1f:5f:ce:5f:51: f2:7b:07:dd:e1:86:7e:86:a9:7c:0c:18:e5:8a:3d: 2d:80:df:a7:77:52:5f:13:0a:d4:2d:fc:1f:ee:d8: 99:f9:45:16:95:cf:da:49:a2:c5:d3:c8:3d:f9:56: 2e:5a:6f:09:3c:30:03:b6:63:84:0e:11:16:dc:a8: e2:5a:96:0a:60:85:52:4a:76:bf:a5:8c:a1:da:e8: 61:f5:3d:d5:54:bb:ff:f4:8a:05:e7:ec:bd:62:a4: 85:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:3B:41:2F:4A:80:E6:48:AC:8C:47:72:20:08:96:D1:1A:E4:47:96 X509v3 Authority Key Identifier: keyid:C8:33:A0:38:95:92:75:6E:41:5C:DE:34:8A:BB:C2:43:12:B0:2D:F6 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yDOgOJWSdW5BXN40irvCQxKwLfY.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/3TtBL0qA5kisjEdyIAiW0RrkR5Y.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/15/cecd3a-e92a-4509-b590-9f307574051e/1/yDOgOJWSdW5BXN40irvCQxKwLfY.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:754::/48 2001:67c:758::/48 2001:67c:75c::/48 Signature Algorithm: sha256WithRSAEncryption c5:4d:87:2e:0d:46:4b:68:8a:70:0e:f9:f5:c0:2b:c1:ad:47: 83:0f:24:1a:ab:c7:3e:5e:05:8e:ba:50:7c:a7:c7:71:86:6d: 34:0c:f1:3a:29:4a:d7:31:67:5c:fd:0c:ff:21:88:d9:4d:1f: 7a:12:db:a5:db:b8:04:a2:8a:1e:d7:9b:5c:73:e6:3c:f0:84: 32:45:15:84:71:2a:0c:68:95:51:f0:23:6e:c5:e6:47:ad:d3: 34:39:79:bc:6a:59:95:0b:83:f6:c1:5e:a2:f9:1c:61:b4:ac: b7:42:3d:82:b9:c2:59:c8:ba:5f:20:00:59:6f:72:b4:d3:83: 93:40:b3:e5:fc:c5:66:da:3a:81:16:b4:9a:83:02:1c:0d:2c: d2:63:53:19:ba:cf:b6:3f:2e:f4:6d:03:23:7e:c6:21:f6:f4: 53:09:50:a0:bb:b7:b0:00:b9:00:be:af:44:e4:06:a1:64:05: e9:80:e3:89:0c:c2:4c:95:f0:8c:1c:33:43:07:98:b3:3d:51: 94:41:7d:8c:8a:f7:d1:36:b0:e5:d8:6e:9f:9c:39:0a:5e:6c: 30:a5:11:c8:9c:4d:02:c4:44:aa:03:a6:a3:db:00:95:8c:8e: 12:a3:d4:ad:4e:cd:1f:75:8e:34:5c:9c:dc:ce:51:b9:af:71: d5:42:d4:5c -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5ENruOc91gkJwDyvCAB5NMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM4MzNhMDM4OTU5Mjc1NmU0MTVjZGUzNDhhYmJjMjQzMTJi MDJkZjYwHhcNMjYwMTAxMTAxODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDNiNDEyZjRhODBlNjQ4YWM4YzQ3NzIyMDA4OTZkMTFhZTQ0Nzk2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApO0RaxNnvbO9FIxO/6nN+v9jdV3s t8QzHj+FxI9CiaqWTw0cAZOoPvawX2KX0u7j8P95OmhVHQbi46L/YBxxaDEca1IY QFsv25+ocR2BsBspgvafCR7RALIS0ZZVbA1URRa6THVspGeHSiVW5NP6VxDgGn06 lS2H24dE+T9oWJ9VKjujeQNaaVj3gp6hDmG97YKNdLRNGz4U2BKK8zZjH1/OX1Hy ewfd4YZ+hql8DBjlij0tgN+nd1JfEwrULfwf7tiZ+UUWlc/aSaLF08g9+VYuWm8J PDADtmOEDhEW3KjiWpYKYIVSSna/pYyh2uhh9T3VVLv/9IoF5+y9YqSFZwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFN07QS9KgOZIrIxHciAIltEa5EeWMB8GA1UdIwQY MBaAFMgzoDiVknVuQVzeNIq7wkMSsC32MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAt OWYzMDc1NzQwNTFlLzEvM1R0QkwwcUE1a2lzakVkeUlBaVcwUnJrUjVZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNS9jZWNkM2EtZTkyYS00NTA5LWI1OTAtOWYzMDc1NzQwNTFl LzEveURPZ09KV1NkVzVCWE40MGlydkNReEt3TGZZLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAIAEGfAdU AwcAIAEGfAdYAwcAIAEGfAdcMA0GCSqGSIb3DQEBCwUAA4IBAQDFTYcuDUZLaIpw Dvn1wCvBrUeDDyQaq8c+XgWOulB8p8dxhm00DPE6KUrXMWdc/Qz/IYjZTR96Etul 27gEoooe15tcc+Y88IQyRRWEcSoMaJVR8CNuxeZHrdM0OXm8almVC4P2wV6i+Rxh tKy3Qj2CucJZyLpfIABZb3K004OTQLPl/MVm2jqBFrSagwIcDSzSY1MZus+2Py70 bQMjfsYh9vRTCVCgu7ewALkAvq9E5AahZAXpgOOJDMJMlfCMHDNDB5izPVGUQX2M ivfRNrDl2G6fnDkKXmwwpRHInE0CxESqA6aj2wCVjI4So9StTs0fdY40XJzczlG5 r3HVQtRc -----END CERTIFICATE-----Generated at Wed Jan 21 03:04:46 2026 by rpki-client