This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/1-TUZNCrJ10ahOEwp41oreLSGBDg.roa File: 1-TUZNCrJ10ahOEwp41oreLSGBDg.roa (raw, json) Hash identifier: rLHCPObogTydMGgdo3ZcC9IneY90Ca9C6c4YIyl/Zc4= Subject key identifier: F9:35:19:34:2A:C9:D7:46:A1:38:4C:29:E3:5A:2B:78:B4:86:04:38 Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019B7E38AD8A7D825D15953245DA6B603ECE Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/1-TUZNCrJ10ahOEwp41oreLSGBDg.roa Signing time: Fri 02 Jan 2026 10:20:02 +0000 ROA not before: Fri 02 Jan 2026 10:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 31898 IP address blocks: 2a13:a5c7:1703::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:ad:8a:7d:82:5d:15:95:32:45:da:6b:60:3e:ce Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 2 10:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f93519342ac9d746a1384c29e35a2b78b4860438 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:6a:12:7a:d9:b5:f4:88:7c:be:5f:e1:71:77: ce:e2:da:7a:3c:3b:3e:8e:f7:69:08:93:7c:aa:21: cf:b0:99:43:88:f9:5c:d3:49:9c:96:7a:66:9b:8f: 18:ad:3b:d6:18:af:e3:01:40:76:c7:06:31:03:64: e9:70:96:09:08:2e:d9:fa:a2:df:b2:f7:96:4c:2a: da:ed:43:46:c5:02:72:da:12:e3:d6:50:bc:7e:96: 45:04:01:84:ba:90:b0:a8:6a:d1:0c:88:ef:d2:3e: 06:14:d9:49:ab:3b:30:f8:f0:be:ec:08:47:b5:40: a8:c6:58:82:6d:31:ea:c5:9a:d7:cb:8f:3d:ea:2b: 17:3d:64:2b:7d:05:ed:8b:89:aa:d6:e5:f4:b7:6b: 27:1f:b8:3d:16:3c:50:96:c3:77:09:68:22:e2:df: 4d:04:83:56:96:0d:4d:3e:64:b2:5b:fc:92:b7:1f: 1e:f4:40:92:bf:cb:46:35:0e:fa:d3:fc:0f:9a:89: 11:b5:b8:17:3b:dd:c5:d9:6d:04:ab:ad:b0:c2:b8: 4f:69:a6:bf:24:13:50:55:0d:e9:58:a7:77:64:45: 5a:58:bc:fd:d8:ec:d0:91:26:d6:37:61:16:1a:62: 63:c6:5a:f0:f8:8e:39:bd:8b:c3:97:b3:12:88:ce: 23:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:35:19:34:2A:C9:D7:46:A1:38:4C:29:E3:5A:2B:78:B4:86:04:38 X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/1-TUZNCrJ10ahOEwp41oreLSGBDg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c7:1703::/48 Signature Algorithm: sha256WithRSAEncryption 82:66:39:b2:da:ed:56:62:af:12:7f:5d:d9:2b:98:ab:37:40: 05:04:5a:27:36:c2:e3:64:73:82:51:14:81:9e:11:d2:4e:72: 29:bf:d0:77:2a:23:b1:d1:5d:4d:53:99:23:eb:00:37:d9:37: d2:5e:a6:ba:36:34:f9:d7:b4:7a:7b:42:99:87:22:58:49:df: 0d:d9:98:3d:e0:91:62:77:cb:85:19:51:7f:e3:a6:f4:fc:28: 6f:0c:e6:97:5e:a8:a3:d7:55:e5:18:85:87:be:4e:08:ce:de: 18:8c:20:fb:a5:fa:f6:ff:50:16:3c:ef:8f:ed:83:e7:20:7a: 5e:03:18:97:9d:9a:96:3f:a0:be:ff:18:38:31:ab:9b:26:3a: 48:50:4f:5c:2e:3a:0e:70:10:3e:39:e9:ce:f9:db:df:80:c9: 6c:96:23:a5:ae:d9:45:15:5d:12:08:c8:d4:5f:b6:a4:05:6a: 94:27:9a:ae:10:3a:34:71:bc:e2:45:a7:ae:07:e3:97:63:9c: f2:6a:46:5a:d2:e1:ec:7a:40:52:b6:2d:16:f5:e9:55:91:27: 9a:ec:e9:3d:04:e8:44:0b:11:c7:e6:50:db:fb:5e:40:ea:8c: 18:73:14:97:8a:52:3c:51:24:3c:90:ec:4d:29:18:1f:62:f6: 0b:9c:50:52 -----BEGIN CERTIFICATE----- MIIFATCCA+mgAwIBAgISAZt+OK2KfYJdFZUyRdprYD7OMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTAyMTAyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmOTM1MTkzNDJhYzlkNzQ2YTEzODRjMjllMzVhMmI3OGI0ODYwNDM4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7moSetm19Ih8vl/hcXfO4tp6PDs+ jvdpCJN8qiHPsJlDiPlc00mclnpmm48YrTvWGK/jAUB2xwYxA2TpcJYJCC7Z+qLf sveWTCra7UNGxQJy2hLj1lC8fpZFBAGEupCwqGrRDIjv0j4GFNlJqzsw+PC+7AhH tUCoxliCbTHqxZrXy4896isXPWQrfQXti4mq1uX0t2snH7g9FjxQlsN3CWgi4t9N BINWlg1NPmSyW/yStx8e9ECSv8tGNQ760/wPmokRtbgXO93F2W0Eq62wwrhPaaa/ JBNQVQ3pWKd3ZEVaWLz92OzQkSbWN2EWGmJjxlrw+I45vYvDl7MSiM4jxQIDAQAB o4ICDTCCAgkwHQYDVR0OBBYEFPk1GTQqyddGoThMKeNaK3i0hgQ4MB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvMS1UVVpOQ3JKMTBhaE9Fd3A0MW9yZUxTR0JEZy5yb2Ew gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0 b3J5L0RFRkFVTFQvM2EvMmQxYTM1LWZmOGEtNDZiNC04YzQ3LTYzYzcyMWNmMWY1 Ni8xL19kYnVBUXVaQ2pOelYxYTBfaTg5UENaeDNaMC5jcmwwGAYDVR0gAQH/BA4w DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoTpccX AzANBgkqhkiG9w0BAQsFAAOCAQEAgmY5strtVmKvEn9d2SuYqzdABQRaJzbC42Rz glEUgZ4R0k5yKb/QdyojsdFdTVOZI+sAN9k30l6mujY0+de0entCmYciWEnfDdmY PeCRYnfLhRlRf+Om9Pwobwzml16oo9dV5RiFh75OCM7eGIwg+6X69v9QFjzvj+2D 5yB6XgMYl52alj+gvv8YODGrmyY6SFBPXC46DnAQPjnpzvnb34DJbJYjpa7ZRRVd EgjI1F+2pAVqlCearhA6NHG84kWnrgfjl2Oc8mpGWtLh7HpAUrYtFvXpVZEnmuzp PQToRAsRx+ZQ2/teQOqMGHMUl4pSPFEkPJDsTSkYH2L2C5xQUg== -----END CERTIFICATE-----Generated at Mon Jan 5 03:50:01 2026 by rpki-client