This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/9ynuhrMRe01fV95Cyr9pzp74us8.roa File: 9ynuhrMRe01fV95Cyr9pzp74us8.roa (raw, json) Hash identifier: CPCA7Ls7etQTzU55irYgM6cXEy0L5hugJu12dcKcECk= Subject key identifier: F7:29:EE:86:B3:11:7B:4D:5F:57:DE:42:CA:BF:69:CE:9E:F8:BA:CF Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019B7E38C284893C2D1BE3271C11EB393F95 Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/9ynuhrMRe01fV95Cyr9pzp74us8.roa Signing time: Fri 02 Jan 2026 10:20:07 +0000 ROA not before: Fri 02 Jan 2026 10:20:07 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 216056 IP address blocks: 2a13:a5c3:ff30::/44 maxlen: 48 2a13:a5c7:1600::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:c2:84:89:3c:2d:1b:e3:27:1c:11:eb:39:3f:95 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 2 10:20:07 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=f729ee86b3117b4d5f57de42cabf69ce9ef8bacf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:9f:f5:8f:f8:52:f4:29:75:c4:bd:01:79:8a: 5d:a0:74:4d:06:bb:3a:7a:65:37:51:70:af:b4:29: bb:68:ec:d6:4c:20:3d:82:a4:90:38:15:59:cb:b6: 37:5f:d8:0c:e6:cd:22:c1:8c:ff:c0:cc:4d:65:af: 13:e6:1e:d8:85:3f:a1:e9:26:12:4f:59:5f:1b:94: a3:44:fb:de:92:b2:d4:f7:49:de:ce:e5:17:71:87: 04:52:9c:d9:01:6a:74:7f:b2:50:24:10:b0:b5:c6: 67:89:b8:fc:69:06:5d:d2:9a:14:e9:26:c5:ce:ce: 66:13:13:92:f0:1c:e2:bb:6f:f4:ea:17:b1:e6:a2: 5e:65:9f:3f:2b:56:c2:13:98:b2:66:36:07:dc:ae: 46:c1:21:b9:3a:25:23:6f:7e:21:67:c3:48:64:43: 8e:11:2b:e4:a4:d1:ac:de:31:e9:2b:3a:c9:12:f9: 70:94:7e:88:27:89:1f:c2:87:66:d8:58:91:5d:a1: 53:ec:ec:ac:27:48:2e:ba:b8:2b:a6:b3:25:63:7a: 5a:3d:82:9b:c0:b9:63:fc:a8:5a:00:a3:c1:5e:ef: 3e:74:75:ed:a6:5d:72:f2:ba:ba:d1:05:fa:81:a7: 16:34:1c:dc:2d:2c:c1:12:1d:d7:89:37:51:5a:a0: 79:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:29:EE:86:B3:11:7B:4D:5F:57:DE:42:CA:BF:69:CE:9E:F8:BA:CF X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/9ynuhrMRe01fV95Cyr9pzp74us8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c3:ff30::/44 2a13:a5c7:1600::/40 Signature Algorithm: sha256WithRSAEncryption b3:ac:9a:62:1b:d7:38:a6:04:3f:05:f2:bd:59:1b:c9:2a:20: fe:45:43:3b:32:18:eb:8d:5f:fe:1d:a2:0d:b5:ef:a8:6d:55: ab:7f:77:d8:b9:9d:ce:d5:e8:b7:6a:5f:ca:21:35:de:aa:09: 5d:d8:bd:24:9a:14:1d:4a:5c:75:67:61:cc:03:63:a6:72:9c: b2:8a:1b:cd:5a:69:31:29:cd:81:70:7b:be:ed:70:73:5d:1e: 90:63:72:71:de:64:c7:b4:ce:ed:7d:f5:4e:9e:b7:32:b5:37: 15:de:5c:01:08:be:26:38:c6:88:6c:c8:51:7c:b0:af:69:58: 10:51:26:a5:b0:48:3b:51:44:11:65:46:c3:8b:11:c9:41:98: 15:4d:c9:c5:0b:52:02:8a:fa:64:fa:93:0c:01:61:f9:66:76: c9:be:b0:db:c7:67:63:a9:07:68:c6:47:3c:65:ae:5d:59:48: b0:ef:72:c4:8f:6c:4a:74:c4:47:00:6c:c9:b9:9e:d8:d1:0d: 2f:15:45:8c:78:16:a6:98:7f:ad:8b:02:d1:16:1c:c8:05:a7: e2:a3:10:56:f5:39:ed:5f:71:4d:86:ea:ff:58:66:40:eb:b1: 95:ac:d2:2b:3b:e3:8e:03:29:ed:87:8c:5f:9e:6f:1b:63:a6: 86:ca:4d:87 -----BEGIN CERTIFICATE----- MIIFCDCCA/CgAwIBAgISAZt+OMKEiTwtG+MnHBHrOT+VMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTAyMTAyMDA3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhmNzI5ZWU4NmIzMTE3YjRkNWY1N2RlNDJjYWJmNjljZTllZjhiYWNmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ/1j/hS9Cl1xL0BeYpdoHRNBrs6 emU3UXCvtCm7aOzWTCA9gqSQOBVZy7Y3X9gM5s0iwYz/wMxNZa8T5h7YhT+h6SYS T1lfG5SjRPvekrLU90nezuUXcYcEUpzZAWp0f7JQJBCwtcZnibj8aQZd0poU6SbF zs5mExOS8Bziu2/06hex5qJeZZ8/K1bCE5iyZjYH3K5GwSG5OiUjb34hZ8NIZEOO ESvkpNGs3jHpKzrJEvlwlH6IJ4kfwodm2FiRXaFT7OysJ0guurgrprMlY3paPYKb wLlj/KhaAKPBXu8+dHXtpl1y8rq60QX6gacWNBzcLSzBEh3XiTdRWqB52QIDAQAB o4ICFDCCAhAwHQYDVR0OBBYEFPcp7oazEXtNX1feQsq/ac6e+LrPMB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvOXludWhyTVJlMDFmVjk1Q3lyOXB6cDc0dXM4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2 LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcEKhOlw/8w AwYAKhOlxxYwDQYJKoZIhvcNAQELBQADggEBALOsmmIb1zimBD8F8r1ZG8kqIP5F QzsyGOuNX/4dog2176htVat/d9i5nc7V6LdqX8ohNd6qCV3YvSSaFB1KXHVnYcwD Y6ZynLKKG81aaTEpzYFwe77tcHNdHpBjcnHeZMe0zu199U6etzK1NxXeXAEIviY4 xohsyFF8sK9pWBBRJqWwSDtRRBFlRsOLEclBmBVNycULUgKK+mT6kwwBYflmdsm+ sNvHZ2OpB2jGRzxlrl1ZSLDvcsSPbEp0xEcAbMm5ntjRDS8VRYx4FqaYf62LAtEW HMgFp+KjEFb1Oe1fcU2G6v9YZkDrsZWs0is7444DKe2HjF+ebxtjpobKTYc= -----END CERTIFICATE-----Generated at Mon Jan 5 03:48:30 2026 by rpki-client