This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/n7USEOktH5zuMAuITWQF7AXRczQ.roa File: n7USEOktH5zuMAuITWQF7AXRczQ.roa (raw, json) Hash identifier: ikLG4Fs9JJDgwb3XKOBoWhu8ubnMCzT/Buk9vuX9UaM= Subject key identifier: 9F:B5:12:10:E9:2D:1F:9C:EE:30:0B:88:4D:64:05:EC:05:D1:73:34 Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd Certificate serial: 019B7DCA2C6955458B82B9BC75450495DE73 Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/n7USEOktH5zuMAuITWQF7AXRczQ.roa Signing time: Fri 02 Jan 2026 08:19:20 +0000 ROA not before: Fri 02 Jan 2026 08:19:20 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207432 IP address blocks: 2a11:d440::/29 maxlen: 64 2a11:ef40::/29 maxlen: 64 2a11:fbc0::/29 maxlen: 64 2a12:ac0::/29 maxlen: 64 2a12:2a40::/29 maxlen: 64 2a12:33c0::/29 maxlen: 64 2a12:3b00::/29 maxlen: 64 2a12:3b80::/29 maxlen: 64 2a12:4d00::/29 maxlen: 64 2a12:4f80::/29 maxlen: 64 2a12:5a80::/29 maxlen: 64 2a12:6e80::/29 maxlen: 64 2a12:9c00::/29 maxlen: 64 2a12:a400::/29 maxlen: 64 2a12:b980::/29 maxlen: 64 2a12:cd80::/29 maxlen: 64 2a12:dd80::/29 maxlen: 64 2a12:ef80::/29 maxlen: 64 2a12:f000::/29 maxlen: 64 2a12:f400::/29 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 18:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:2c:69:55:45:8b:82:b9:bc:75:45:04:95:de:73 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd Validity Not Before: Jan 2 08:19:20 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9fb51210e92d1f9cee300b884d6405ec05d17334 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:68:d6:15:8a:21:46:4a:5b:3c:e5:65:07:c9: f9:18:5a:24:e7:7f:0f:c7:e5:42:6f:4b:51:c8:50: 06:d9:f6:55:26:d4:a2:d5:29:7a:81:f8:26:b9:9f: 5c:fc:87:c1:8b:59:37:d5:79:e2:e1:4c:18:a7:ba: 81:a3:4e:0f:f6:78:69:7a:ac:d0:37:2d:10:7a:ae: 1e:b0:73:fc:17:7a:1f:ae:01:9c:64:de:19:14:c3: 35:1c:fb:88:a3:e4:35:73:a2:01:ec:77:e9:e0:8f: 21:4f:03:59:fb:ff:c0:ef:b3:ec:6f:71:93:7d:8c: 7d:b4:f1:80:fb:ac:62:fa:70:e7:ec:12:a8:c6:b2: e2:45:6c:61:f4:e9:d8:cc:e6:c5:19:1c:78:27:2f: 4a:90:50:75:10:98:f6:69:c3:0a:d9:0d:06:e3:da: d0:64:98:49:33:48:d4:11:5e:a3:dd:22:d4:97:05: 9d:89:17:d0:71:26:09:2c:cc:05:e9:56:7d:80:c4: 0e:26:be:bd:3f:7e:40:f1:a5:c1:97:bd:44:14:bc: 69:cd:6b:19:ba:d9:b8:85:fb:63:ff:62:93:25:4f: 8c:b0:76:93:33:f6:2d:bf:53:7c:84:7c:65:2b:1a: 4a:2c:09:49:e3:64:15:b0:59:ad:4f:8a:c5:dc:73: 30:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:B5:12:10:E9:2D:1F:9C:EE:30:0B:88:4D:64:05:EC:05:D1:73:34 X509v3 Authority Key Identifier: keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/n7USEOktH5zuMAuITWQF7AXRczQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a11:d440::/29 2a11:ef40::/29 2a11:fbc0::/29 2a12:ac0::/29 2a12:2a40::/29 2a12:33c0::/29 2a12:3b00::/29 2a12:3b80::/29 2a12:4d00::/29 2a12:4f80::/29 2a12:5a80::/29 2a12:6e80::/29 2a12:9c00::/29 2a12:a400::/29 2a12:b980::/29 2a12:cd80::/29 2a12:dd80::/29 2a12:ef80::/29 2a12:f000::/29 2a12:f400::/29 Signature Algorithm: sha256WithRSAEncryption 4e:6c:af:28:6d:9c:ca:dd:8c:36:5f:39:e1:df:fd:1b:2a:70: 5c:c5:5c:ec:92:bf:8c:74:eb:db:3b:51:99:fb:51:f2:6e:03: 34:ea:51:03:8a:bd:16:05:e1:9d:c1:65:f6:f9:a2:aa:1c:3d: 39:bc:c1:01:bf:bb:ac:b3:44:e8:91:93:77:d4:ff:72:bc:fa: 65:f4:0c:d3:11:d2:17:c8:e7:31:a7:c8:8d:12:ba:87:78:23: 5e:dc:a1:00:92:ef:5f:76:9b:77:83:cc:20:46:18:ca:e7:1a: de:b1:42:e9:b9:b0:fc:5e:e0:d0:55:c4:aa:35:50:52:ca:ab: 96:22:22:6b:5f:c3:2f:c2:e2:5a:b1:6e:49:73:1f:8b:26:61: a4:2b:90:bd:89:8b:e6:77:36:32:64:01:02:49:48:71:d0:ae: 60:6c:73:13:f2:2b:20:38:35:ae:56:4a:76:a0:c4:85:18:a3: fa:22:6d:30:81:cc:f8:c5:a6:15:38:73:30:c3:c3:b7:ff:ce: f5:f7:42:1a:ca:44:e3:42:d9:4d:d9:e1:8d:c9:6d:3a:94:a5: ef:81:90:37:8d:0c:bc:6d:81:9e:7d:58:b9:c9:a4:ef:48:0f: 25:ee:11:ab:09:c8:8d:74:d9:4f:ae:03:c2:00:09:45:61:c8: 5e:fc:66:05 -----BEGIN CERTIFICATE----- MIIFiDCCBHCgAwIBAgISAZt9yixpVUWLgrm8dUUEld5zMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2 OWExZmQwHhcNMjYwMTAyMDgxOTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZmI1MTIxMGU5MmQxZjljZWUzMDBiODg0ZDY0MDVlYzA1ZDE3MzM0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmjWFYohRkpbPOVlB8n5GFok538P x+VCb0tRyFAG2fZVJtSi1Sl6gfgmuZ9c/IfBi1k31Xni4UwYp7qBo04P9nhpeqzQ Ny0Qeq4esHP8F3ofrgGcZN4ZFMM1HPuIo+Q1c6IB7Hfp4I8hTwNZ+//A77Psb3GT fYx9tPGA+6xi+nDn7BKoxrLiRWxh9OnYzObFGRx4Jy9KkFB1EJj2acMK2Q0G49rQ ZJhJM0jUEV6j3SLUlwWdiRfQcSYJLMwF6VZ9gMQOJr69P35A8aXBl71EFLxpzWsZ utm4hftj/2KTJU+MsHaTM/Ytv1N8hHxlKxpKLAlJ42QVsFmtT4rF3HMw4wIDAQAB o4IClDCCApAwHQYDVR0OBBYEFJ+1EhDpLR+c7jALiE1kBewF0XM0MB8GA1UdIwQY MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et OTk0ODA2ZjA4MWYwLzEvbjdVU0VPa3RINXp1TUF1SVRXUUY3QVhSY3pRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAIwgYwDBQMq EdRAAwUDKhHvQAMFAyoR+8ADBQMqEgrAAwUDKhIqQAMFAyoSM8ADBQMqEjsAAwUD KhI7gAMFAyoSTQADBQMqEk+AAwUDKhJagAMFAyoSboADBQMqEpwAAwUDKhKkAAMF AyoSuYADBQMqEs2AAwUDKhLdgAMFAyoS74ADBQMqEvAAAwUDKhL0ADANBgkqhkiG 9w0BAQsFAAOCAQEATmyvKG2cyt2MNl854d/9GypwXMVc7JK/jHTr2ztRmftR8m4D NOpRA4q9FgXhncFl9vmiqhw9ObzBAb+7rLNE6JGTd9T/crz6ZfQM0xHSF8jnMafI jRK6h3gjXtyhAJLvX3abd4PMIEYYyuca3rFC6bmw/F7g0FXEqjVQUsqrliIia1/D L8LiWrFuSXMfiyZhpCuQvYmL5nc2MmQBAklIcdCuYGxzE/IrIDg1rlZKdqDEhRij +iJtMIHM+MWmFThzMMPDt//O9fdCGspE40LZTdnhjcltOpSl74GQN40MvG2Bnn1Y ucmk70gPJe4RqwnIjXTZT64DwgAJRWHIXvxmBQ== -----END CERTIFICATE-----Generated at Mon Jan 19 21:24:07 2026 by rpki-client