This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/o4lWv0LTRgPVdk5_FDzu00CQE4o.roa File: o4lWv0LTRgPVdk5_FDzu00CQE4o.roa (raw, json) Hash identifier: TlyDKYcMYDLXc01RpmsEuHDeSoE/K+GLiN11uaTR1mI= Subject key identifier: A3:89:56:BF:42:D3:46:03:D5:76:4E:7F:14:3C:EE:D3:40:90:13:8A Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019BA19D899BDC11DD77D785DC5177EE0D6F Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/o4lWv0LTRgPVdk5_FDzu00CQE4o.roa Signing time: Fri 09 Jan 2026 07:16:54 +0000 ROA not before: Fri 09 Jan 2026 07:16:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 20473 IP address blocks: 2a13:a5c2::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 10 Jan 2026 21:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:a1:9d:89:9b:dc:11:dd:77:d7:85:dc:51:77:ee:0d:6f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 9 07:16:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a38956bf42d34603d5764e7f143ceed34090138a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:3a:e4:44:c4:81:20:75:75:c9:49:45:03:77: 38:3a:3b:3d:1f:25:9a:07:a4:5b:5a:84:e5:7f:51: 7f:cf:28:31:6f:9e:0b:6c:ac:0a:09:80:a1:d8:31: 1a:87:8a:d1:20:ef:4d:11:4c:c6:65:da:11:40:0a: 01:86:2f:8d:6d:1a:ce:54:21:54:bb:3a:66:27:38: 20:99:85:6d:59:f0:96:03:51:43:b0:9c:53:ee:aa: 86:49:ee:3e:46:f4:b4:fd:fe:80:3a:6c:22:c9:39: b0:a8:87:5a:f4:3d:5a:55:c6:2a:c9:9b:1c:9d:16: cd:4f:1d:f9:21:0e:10:4a:14:76:84:71:1d:23:10: f5:c1:19:d8:b9:91:d4:2b:e8:fd:04:50:ac:da:16: 7f:e6:a0:1f:58:a6:48:d6:cb:3a:2e:30:6d:b6:ea: 74:ca:70:75:3a:39:f3:7b:e4:9e:8e:20:da:03:47: 86:f2:5b:9b:02:82:e2:54:b1:0b:f0:13:3a:5d:df: fa:1a:3a:2f:54:b7:10:85:0a:a4:70:d0:44:ae:7b: c6:40:1f:2b:db:67:4c:e6:d2:ef:81:e6:e8:ce:d5: 6c:f6:2d:01:f4:2c:7a:1b:1a:cd:0b:7c:ad:48:e8: e4:e8:d8:03:2e:ab:f4:c5:91:82:9c:2c:1c:06:33: 1f:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:89:56:BF:42:D3:46:03:D5:76:4E:7F:14:3C:EE:D3:40:90:13:8A X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/o4lWv0LTRgPVdk5_FDzu00CQE4o.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c2::/32 Signature Algorithm: sha256WithRSAEncryption 40:5f:4f:8c:cc:74:8e:b1:d0:1f:eb:a0:bd:02:cc:7c:97:51: d1:08:cc:0b:4f:a9:7a:fd:a5:5e:89:23:a9:81:55:3d:26:0f: 4c:8c:2e:c7:2d:68:29:50:1a:42:68:b1:22:13:e2:40:36:e9: 03:c5:73:89:4e:44:95:7e:52:2e:bb:b3:4e:86:30:9e:40:ef: 22:4d:29:6b:cb:72:eb:54:5e:41:bb:40:89:17:8f:70:a8:0e: 0c:fd:45:0d:a0:2d:88:c7:a1:a9:bd:c9:37:13:ea:e1:31:d2: b1:dc:62:9a:82:e2:16:3e:54:41:d4:e0:6e:97:3d:b8:cc:f7: 37:86:56:8d:67:74:e3:cc:03:1c:8f:ad:9d:69:b1:23:49:14: cc:d6:34:81:7c:ed:ed:fb:ad:e0:21:49:dc:21:55:5b:4d:9d: 7e:2e:e8:1b:56:3e:fd:bf:5d:54:10:4d:c3:b0:1c:d3:a7:94: 3f:89:75:13:02:c7:d9:e3:f3:1a:aa:fd:31:a5:9c:42:9b:b7: 22:35:bf:91:ff:47:02:ae:9a:1e:2a:9b:38:bf:f0:30:9c:e2: 48:b8:9e:b2:c7:b7:0f:93:24:31:bf:28:70:db:83:de:2b:f5: 38:a9:91:f6:f0:6b:1f:50:83:ed:dd:db:95:66:1d:f0:42:29: a2:fb:db:6d -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZuhnYmb3BHdd9eF3FF37g1vMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTA5MDcxNjU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzg5NTZiZjQyZDM0NjAzZDU3NjRlN2YxNDNjZWVkMzQwOTAxMzhhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjrkRMSBIHV1yUlFA3c4Ojs9HyWa B6RbWoTlf1F/zygxb54LbKwKCYCh2DEah4rRIO9NEUzGZdoRQAoBhi+NbRrOVCFU uzpmJzggmYVtWfCWA1FDsJxT7qqGSe4+RvS0/f6AOmwiyTmwqIda9D1aVcYqyZsc nRbNTx35IQ4QShR2hHEdIxD1wRnYuZHUK+j9BFCs2hZ/5qAfWKZI1ss6LjBttup0 ynB1Ojnze+SejiDaA0eG8lubAoLiVLEL8BM6Xd/6GjovVLcQhQqkcNBErnvGQB8r 22dM5tLvgeboztVs9i0B9Cx6GxrNC3ytSOjk6NgDLqv0xZGCnCwcBjMf8QIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFKOJVr9C00YD1XZOfxQ87tNAkBOKMB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvbzRsV3YwTFRSZ1BWZGs1X0ZEenUwMENRRTRvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2 LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhOlwjAN BgkqhkiG9w0BAQsFAAOCAQEAQF9PjMx0jrHQH+ugvQLMfJdR0QjMC0+pev2lXokj qYFVPSYPTIwuxy1oKVAaQmixIhPiQDbpA8VziU5ElX5SLruzToYwnkDvIk0pa8ty 61ReQbtAiRePcKgODP1FDaAtiMehqb3JNxPq4THSsdximoLiFj5UQdTgbpc9uMz3 N4ZWjWd048wDHI+tnWmxI0kUzNY0gXzt7fut4CFJ3CFVW02dfi7oG1Y+/b9dVBBN w7Ac06eUP4l1EwLH2ePzGqr9MaWcQpu3IjW/kf9HAq6aHiqbOL/wMJziSLiesse3 D5MkMb8ocNuD3iv1OKmR9vBrH1CD7d3blWYd8EIpovvbbQ== -----END CERTIFICATE-----Generated at Sat Jan 10 04:35:55 2026 by rpki-client