This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/vRnOd3PnfHy_jU5pZ4WIsTYRCWw.roa File: vRnOd3PnfHy_jU5pZ4WIsTYRCWw.roa (raw, json) Hash identifier: 7FlXvhfa90lex347GsLnc36ToXN40osfZPSoD2JqSaU= Subject key identifier: BD:19:CE:77:73:E7:7C:7C:BF:8D:4E:69:67:85:88:B1:36:11:09:6C Certificate issuer: /CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Certificate serial: 019B7E38BB5590CD7D88D5B92DF460A39DDE Authority key identifier: FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/vRnOd3PnfHy_jU5pZ4WIsTYRCWw.roa Signing time: Fri 02 Jan 2026 10:20:05 +0000 ROA not before: Fri 02 Jan 2026 10:20:05 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213700 IP address blocks: 2a13:a5c7:2800::/40 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.mft rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 05 Jan 2026 18:00:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:38:bb:55:90:cd:7d:88:d5:b9:2d:f4:60:a3:9d:de Signature Algorithm: sha256WithRSAEncryption Issuer: CN=fdd6ee010b990a33735756b4fe2f3d3c2671dd9d Validity Not Before: Jan 2 10:20:05 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=bd19ce7773e77c7cbf8d4e69678588b13611096c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b6:2f:12:ad:dd:3a:94:ee:e9:fd:0a:04:77: 37:47:b3:4e:47:12:1e:c7:0c:27:0d:3e:42:1a:87: 4d:c9:a2:a3:0c:25:5b:6b:f6:da:7f:6d:a9:c9:9e: b7:72:48:d1:7b:88:fa:8c:01:de:d2:df:b2:27:a1: 5d:b0:ca:8e:03:41:eb:06:cb:04:74:c0:54:04:8a: 2f:4a:c8:79:62:d8:94:8d:e4:7d:09:02:72:8b:de: 11:3e:7e:70:1d:97:74:ef:ef:0e:f7:02:55:81:38: 54:0b:91:77:88:2a:9b:79:1d:be:18:f9:71:57:83: 8b:8b:96:92:e4:4f:2e:cd:e6:b1:d7:e6:49:b2:a2: d8:79:14:03:ee:f7:5a:31:93:dd:47:a6:7e:f3:80: 46:4f:c9:f2:0b:94:38:83:32:e1:e2:6f:34:04:4d: a6:ea:42:5e:70:e1:9c:72:55:de:dd:5b:76:b7:88: fa:8e:61:74:df:2e:0e:e6:30:49:3f:f6:8b:92:9a: 42:33:e5:c8:0e:4e:44:18:f1:ef:c6:e9:a9:49:fb: 32:b3:49:c1:a8:d2:80:13:28:e5:c3:79:e7:96:ae: 3a:e1:20:8d:c7:d3:0e:19:a7:8f:f5:b3:1f:a5:26: 09:7c:e4:7d:c8:e3:20:b7:8d:36:70:87:b1:35:cf: 89:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:19:CE:77:73:E7:7C:7C:BF:8D:4E:69:67:85:88:B1:36:11:09:6C X509v3 Authority Key Identifier: keyid:FD:D6:EE:01:0B:99:0A:33:73:57:56:B4:FE:2F:3D:3C:26:71:DD:9D X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_dbuAQuZCjNzV1a0_i89PCZx3Z0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/vRnOd3PnfHy_jU5pZ4WIsTYRCWw.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2d1a35-ff8a-46b4-8c47-63c721cf1f56/1/_dbuAQuZCjNzV1a0_i89PCZx3Z0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:a5c7:2800::/40 Signature Algorithm: sha256WithRSAEncryption 4e:92:13:0e:77:80:4e:24:03:64:4f:32:6b:d3:91:43:e3:c4: 7e:2f:12:27:53:1f:57:1b:6d:5e:9a:21:e5:c9:de:82:05:95: cf:89:52:9c:83:1b:07:1a:68:cd:0a:27:d8:88:6a:fc:8d:9e: 04:f2:7e:db:a9:01:2f:7a:7a:46:bc:c2:92:00:61:ed:44:40: 3b:0b:67:08:20:31:fa:60:f5:49:e6:63:23:19:fb:ba:08:ed: d2:3d:65:74:1e:55:81:e4:76:c8:4e:66:fa:9f:fa:66:33:0f: 9b:14:ac:ca:bb:c6:7a:82:5d:ec:eb:b7:d4:f0:bf:95:64:50: ca:9f:22:52:5b:66:ed:86:41:5d:b3:b3:d6:98:56:1b:4a:41: 6e:8c:fa:e6:76:19:0a:66:34:80:7a:68:a5:17:3f:50:14:e3: c3:3f:a3:74:0d:29:16:a4:ae:2c:c1:47:70:5c:57:86:46:8d: 06:d2:ef:9b:32:ed:d4:53:95:dd:02:9c:fa:99:43:95:f4:06: 4f:3e:f2:3e:bb:ed:34:39:7c:73:b3:b1:e5:4b:20:84:13:cb: 04:3e:fc:ca:c8:02:2a:23:c3:27:41:ba:08:f2:03:1e:e1:88: 20:6e:43:bf:d1:2e:44:35:b6:9c:c8:d9:2a:29:c2:73:c7:ee: ca:54:4e:0a -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt+OLtVkM19iNW5LfRgo53eMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGZkZDZlZTAxMGI5OTBhMzM3MzU3NTZiNGZlMmYzZDNjMjY3 MWRkOWQwHhcNMjYwMTAyMTAyMDA1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhiZDE5Y2U3NzczZTc3YzdjYmY4ZDRlNjk2Nzg1ODhiMTM2MTEwOTZjMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7YvEq3dOpTu6f0KBHc3R7NORxIe xwwnDT5CGodNyaKjDCVba/baf22pyZ63ckjRe4j6jAHe0t+yJ6FdsMqOA0HrBssE dMBUBIovSsh5YtiUjeR9CQJyi94RPn5wHZd07+8O9wJVgThUC5F3iCqbeR2+GPlx V4OLi5aS5E8uzeax1+ZJsqLYeRQD7vdaMZPdR6Z+84BGT8nyC5Q4gzLh4m80BE2m 6kJecOGcclXe3Vt2t4j6jmF03y4O5jBJP/aLkppCM+XIDk5EGPHvxumpSfsys0nB qNKAEyjlw3nnlq464SCNx9MOGaeP9bMfpSYJfOR9yOMgt402cIexNc+JaQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFL0Zzndz53x8v41OaWeFiLE2EQlsMB8GA1UdIwQY MBaAFP3W7gELmQozc1dWtP4vPTwmcd2dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDct NjNjNzIxY2YxZjU2LzEvdlJuT2QzUG5mSHlfalU1cFo0V0lzVFlSQ1d3LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zYS8yZDFhMzUtZmY4YS00NmI0LThjNDctNjNjNzIxY2YxZjU2 LzEvX2RidUFRdVpDak56VjFhMF9pODlQQ1p4M1owLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhOlxygw DQYJKoZIhvcNAQELBQADggEBAE6SEw53gE4kA2RPMmvTkUPjxH4vEidTH1cbbV6a IeXJ3oIFlc+JUpyDGwcaaM0KJ9iIavyNngTyftupAS96eka8wpIAYe1EQDsLZwgg Mfpg9UnmYyMZ+7oI7dI9ZXQeVYHkdshOZvqf+mYzD5sUrMq7xnqCXezrt9Twv5Vk UMqfIlJbZu2GQV2zs9aYVhtKQW6M+uZ2GQpmNIB6aKUXP1AU48M/o3QNKRakrizB R3BcV4ZGjQbS75sy7dRTld0CnPqZQ5X0Bk8+8j677TQ5fHOzseVLIIQTywQ+/MrI AiojwydBugjyAx7hiCBuQ7/RLkQ1tpzI2SopwnPH7spUTgo= -----END CERTIFICATE-----Generated at Mon Jan 5 03:47:13 2026 by rpki-client