This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/Pq1wHGL74BEeLVteAs5lNhrtrQM.roa File: Pq1wHGL74BEeLVteAs5lNhrtrQM.roa (raw, json) Hash identifier: qDOFqoYVDkkHM0mfgfSDEdkESOTUNO4RV11uRnuEsT8= Subject key identifier: 3E:AD:70:1C:62:FB:E0:11:1E:2D:5B:5E:02:CE:65:36:1A:ED:AD:03 Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019B7E38B01C94045A375F1BE6FB5A4F9A88 Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/Pq1wHGL74BEeLVteAs5lNhrtrQM.roa Signing time: Fri 02 Jan 2026 10:20:02 +0000 ROA not before: Fri 02 Jan 2026 10:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 62246 IP address blocks: 2a13:a5c0::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:b0:1c:94:04:5a:37:5f:1b:e6:fb:5a:4f:9a:88 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 2 10:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3ead701c62fbe0111e2d5b5e02ce65361aedad03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:cc:af:d5:53:15:8e:ba:c2:54:34:61:a4:89: 5f:cb:09:8e:e4:39:b1:50:3d:c2:13:64:c5:49:6c: 29:68:32:97:0e:e7:d4:92:89:f3:96:71:45:c8:4c: 48:d8:e4:35:df:f5:bd:ac:07:db:90:13:1c:30:73: 64:3f:7e:c4:45:70:30:a9:17:67:1e:0f:89:62:14: 3c:d7:f4:2a:1d:4d:c2:21:32:c5:be:e0:d2:ba:36: 7a:ab:9f:3b:b1:eb:d8:a3:34:ef:03:55:46:35:1c: 9c:7d:de:96:c7:52:e7:90:e2:44:e5:1b:47:37:58: 1c:20:02:95:c8:7d:28:eb:6e:d4:36:91:6e:0a:83: 9b:05:c1:fa:52:97:a1:28:a1:63:5c:b6:5a:2c:fb: b6:f5:f7:af:e5:69:b4:16:f7:b2:b7:3f:a0:54:48: 1f:5c:70:45:1d:43:98:67:d2:4d:5b:3b:66:93:a0: bb:ac:b8:a1:24:67:08:68:b8:c1:dc:49:ff:bf:dc: ad:25:de:43:d9:1d:b7:2c:47:8a:60:51:45:bd:14: 5c:ee:20:32:44:af:f9:d1:a9:dd:e0:01:6b:d8:b8: 7c:9b:f3:87:49:88:4f:50:85:fe:e6:47:f8:c1:67: c7:f7:73:74:fc:b5:38:5a:77:1b:df:e0:16:aa:88: e9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:AD:70:1C:62:FB:E0:11:1E:2D:5B:5E:02:CE:65:36:1A:ED:AD:03 X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/Pq1wHGL74BEeLVteAs5lNhrtrQM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c0::/32 Signature Algorithm: sha256WithRSAEncryption 2b:2b:44:be:8c:79:aa:90:61:5c:7d:55:12:01:81:5e:f4:09: d5:cb:f8:03:1b:67:d7:71:eb:c4:24:17:04:07:49:db:60:04: b3:17:07:ec:f3:d0:43:cd:53:9d:ce:5f:e8:b0:d7:12:95:9d: c8:a2:73:27:b2:2d:30:75:7d:55:3a:c7:74:2f:cc:e0:5d:ad: ba:64:58:d3:bb:fc:ea:35:55:de:9b:85:a0:a8:35:1d:0c:bb: 8b:3c:30:4a:5d:3a:36:01:d1:f9:e8:06:55:39:bd:e5:05:d5: 2f:a5:da:1a:35:61:fa:d4:4e:44:ba:a1:6c:5f:33:3c:1c:e4: 08:21:60:fa:c0:da:bb:6b:32:d5:82:65:42:c5:03:a0:b6:10: 88:88:b0:95:a4:a2:bb:5a:d9:69:be:0a:21:cd:a2:0d:5d:c3: c7:b3:81:fb:5b:8d:8c:41:a7:2b:3e:13:a9:51:99:eb:94:e2: 52:37:7d:b5:ce:8e:58:57:f6:06:48:00:be:60:6b:80:9e:6e: 9b:8d:7d:1f:a9:dc:42:e5:95:d6:93:21:92:5d:2f:2c:60:fa: cb:54:f4:66:bf:76:82:e8:88:3e:0b:c6:ea:a0:e2:d3:b2:0d: 5e:81:70:42:e1:63:86:a2:48:84:6a:88:a5:26:32:70:87:10: b7:6b:a0:bc -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+OLAclARaN18b5vtaT5qIMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTAyMTAyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzZWFkNzAxYzYyZmJlMDExMWUyZDViNWUwMmNlNjUzNjFhZWRhZDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8yv1VMVjrrCVDRhpIlfywmO5Dmx UD3CE2TFSWwpaDKXDufUkonzlnFFyExI2OQ13/W9rAfbkBMcMHNkP37ERXAwqRdn Hg+JYhQ81/QqHU3CITLFvuDSujZ6q587sevYozTvA1VGNRycfd6Wx1LnkOJE5RtH N1gcIAKVyH0o627UNpFuCoObBcH6UpehKKFjXLZaLPu29fev5Wm0Fveytz+gVEgf XHBFHUOYZ9JNWztmk6C7rLihJGcIaLjB3En/v9ytJd5D2R23LEeKYFFFvRRc7iAy RK/50and4AFr2Lh8m/OHSYhPUIX+5kf4wWfH93N0/LU4Wncb3+AWqojp+QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFD6tcBxi++ARHi1bXgLOZTYa7a0DMB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvUHExd0hHTDc0QkVlTFZ0ZUFzNWxOaHJ0clFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2 LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOlwDAN BgkqhkiG9w0BAQsFAAOCAQEAKytEvox5qpBhXH1VEgGBXvQJ1cv4Axtn13HrxCQX BAdJ22AEsxcH7PPQQ81Tnc5f6LDXEpWdyKJzJ7ItMHV9VTrHdC/M4F2tumRY07v8 6jVV3puFoKg1HQy7izwwSl06NgHR+egGVTm95QXVL6XaGjVh+tRORLqhbF8zPBzk CCFg+sDau2sy1YJlQsUDoLYQiIiwlaSiu1rZab4KIc2iDV3Dx7OB+1uNjEGnKz4T qVGZ65TiUjd9tc6OWFf2BkgAvmBrgJ5um419H6ncQuWV1pMhkl0vLGD6y1T0Zr92 guiIPgvG6qDi07INXoFwQuFjhqJIhGqIpSYycIcQt2ugvA== -----END CERTIFICATE-----Generated at Mon Jan 5 03:48:39 2026 by rpki-client