This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/nU5CDN2WGtUSleKd7srRFrfbDEk.roa File: nU5CDN2WGtUSleKd7srRFrfbDEk.roa (raw, json) Hash identifier: cwVMrEsXanlUoOBqTwjSGD/5fQxRrPQBN7g36AxdSMA= Subject key identifier: 9D:4E:42:0C:DD:96:1A:D5:12:95:E2:9D:EE:CA:D1:16:B7:DB:0C:49 Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019B7E38AF753EA992B6CAD591260C41F2D3 Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/nU5CDN2WGtUSleKd7srRFrfbDEk.roa Signing time: Fri 02 Jan 2026 10:20:02 +0000 ROA not before: Fri 02 Jan 2026 10:20:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 55201 IP address blocks: 2a13:a5c1::/32 maxlen: 48 2a13:a5c4::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:af:75:3e:a9:92:b6:ca:d5:91:26:0c:41:f2:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 2 10:20:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=9d4e420cdd961ad51295e29deecad116b7db0c49 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:1a:e2:68:bd:79:3d:db:b4:dc:f6:83:23:8e: a2:89:97:5c:51:94:14:43:09:4b:0c:cf:c8:bc:41: e0:d1:73:74:42:44:1d:17:c6:e9:40:66:ef:55:57: 7c:43:f5:ea:c3:76:d7:ae:24:f2:55:58:d8:43:db: 1d:96:17:a0:67:88:dc:76:57:b5:b8:10:2c:b1:3d: 0f:7d:d2:25:d3:e0:86:94:40:14:da:f3:8b:bc:11: 49:3d:a6:27:ea:33:ee:40:f2:89:c0:db:ef:7e:8f: 20:ff:f2:f4:3e:4d:7e:5e:a7:d9:09:39:dc:b6:d9: a1:ca:0e:30:1f:ad:12:f8:c2:bb:8e:7b:97:ff:b8: 88:c4:17:98:f2:e0:34:00:6c:9b:19:c3:8a:8d:1a: f4:f9:bb:e2:cc:58:fa:f0:52:a3:fd:3e:f8:ee:37: 3f:4f:09:bb:69:73:66:0d:1c:37:44:db:4d:2e:a9: 54:23:7e:6b:97:41:96:54:70:77:4c:2b:1d:2a:f4: cb:39:1c:fa:de:b9:73:73:bd:e8:93:f1:04:32:6e: 3c:51:e6:8f:99:05:cc:17:5d:05:ea:b4:49:53:08: 83:3b:7f:0c:e8:5e:98:d7:02:36:f3:90:ed:62:3b: e7:aa:80:c1:25:f9:4e:e6:43:56:7e:ed:56:30:0b: 5a:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:4E:42:0C:DD:96:1A:D5:12:95:E2:9D:EE:CA:D1:16:B7:DB:0C:49 X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/nU5CDN2WGtUSleKd7srRFrfbDEk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c1::/32 2a13:a5c4::/32 Signature Algorithm: sha256WithRSAEncryption 88:c8:3b:94:21:f7:4a:6a:48:7f:b2:2b:f1:0d:8e:27:03:94: 38:b6:b6:69:ff:e9:f3:c1:3d:94:7e:eb:da:31:73:c3:da:6d: 66:66:3f:c1:fb:f1:41:4f:19:68:fe:e0:42:06:9a:4e:11:4b: 54:4d:8b:58:d9:84:15:63:96:f1:e9:6f:ef:5b:ec:79:34:97: df:fe:89:d7:83:63:b0:2b:a9:cd:f3:9a:4e:5f:7d:80:a5:a7: 37:05:68:77:d8:9b:39:cd:0b:68:5c:51:e4:46:00:41:2b:ce: e4:04:a3:6d:9e:9c:b7:b3:62:75:a9:be:75:7f:03:9e:11:3d: d2:cf:0f:15:86:f3:cc:28:70:fc:90:40:79:76:e4:f2:03:49: 35:d4:76:39:48:d7:ec:09:93:5a:a4:5f:0a:02:98:fb:ec:a1: 06:62:73:ab:3e:ea:64:03:a2:ca:7f:01:0c:b4:bb:ac:10:e1: 5d:32:bc:b0:4a:e9:a2:c5:77:d2:f4:27:b5:45:8a:93:40:65: 77:3c:67:b5:70:93:c2:7f:46:d2:08:70:fa:af:bb:6f:b7:da: 6f:0b:2a:d4:0b:e6:26:90:d0:b9:f5:fc:aa:34:3c:df:67:f3: 91:70:b3:59:a7:e5:d1:75:cf:23:7d:63:cb:74:63:6f:db:f1: b1:1d:33:4e -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+OK91PqmStsrVkSYMQfLTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTAyMTAyMDAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg5ZDRlNDIwY2RkOTYxYWQ1MTI5NWUyOWRlZWNhZDExNmI3ZGIwYzQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hriaL15Pdu03PaDI46iiZdcUZQU QwlLDM/IvEHg0XN0QkQdF8bpQGbvVVd8Q/Xqw3bXriTyVVjYQ9sdlhegZ4jcdle1 uBAssT0PfdIl0+CGlEAU2vOLvBFJPaYn6jPuQPKJwNvvfo8g//L0Pk1+XqfZCTnc ttmhyg4wH60S+MK7jnuX/7iIxBeY8uA0AGybGcOKjRr0+bvizFj68FKj/T747jc/ Twm7aXNmDRw3RNtNLqlUI35rl0GWVHB3TCsdKvTLORz63rlzc73ok/EEMm48UeaP mQXMF10F6rRJUwiDO38M6F6Y1wI285DtYjvnqoDBJflO5kNWfu1WMAtaKQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFJ1OQgzdlhrVEpXine7K0Ra32wxJMB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvblU1Q0ROMldHdFVTbGVLZDdzclJGcmZiREVrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2 LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhOlwQMF ACoTpcQwDQYJKoZIhvcNAQELBQADggEBAIjIO5Qh90pqSH+yK/ENjicDlDi2tmn/ 6fPBPZR+69oxc8PabWZmP8H78UFPGWj+4EIGmk4RS1RNi1jZhBVjlvHpb+9b7Hk0 l9/+ideDY7Arqc3zmk5ffYClpzcFaHfYmznNC2hcUeRGAEErzuQEo22enLezYnWp vnV/A54RPdLPDxWG88wocPyQQHl25PIDSTXUdjlI1+wJk1qkXwoCmPvsoQZic6s+ 6mQDosp/AQy0u6wQ4V0yvLBK6aLFd9L0J7VFipNAZXc8Z7Vwk8J/RtIIcPqvu2+3 2m8LKtQL5iaQ0Ln1/Ko0PN9n85Fws1mn5dF1zyN9Y8t0Y2/b8bEdM04= -----END CERTIFICATE-----Generated at Mon Jan 5 03:47:14 2026 by rpki-client