This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/3dDFlJIiwev5JNzj0uspF-q-hAM.roa File: 3dDFlJIiwev5JNzj0uspF-q-hAM.roa (raw, json) Hash identifier: 2MPQXp2XuzXpOvR5MvmUSNMeQLpCxYJhhEk2RjVnZhI= Subject key identifier: DD:D0:C5:94:92:22:C1:EB:F9:24:DC:E3:D2:EB:29:17:EA:BE:84:03 Certificate issuer: /CN=665e4d7ea8a3470c9703ee7551481c36f774febb Certificate serial: 019B7AC8CBA951D157A2CFEAA8A3D9B46C2A Authority key identifier: 66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/3dDFlJIiwev5JNzj0uspF-q-hAM.roa Signing time: Thu 01 Jan 2026 18:18:58 +0000 ROA not before: Thu 01 Jan 2026 18:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215338 IP address blocks: 2a0e:6a87::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/Zl5NfqijRwyXA-51UUgcNvd0_rs.crl rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/Zl5NfqijRwyXA-51UUgcNvd0_rs.mft rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:c8:cb:a9:51:d1:57:a2:cf:ea:a8:a3:d9:b4:6c:2a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=665e4d7ea8a3470c9703ee7551481c36f774febb Validity Not Before: Jan 1 18:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddd0c5949222c1ebf924dce3d2eb2917eabe8403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:87:32:6b:87:64:fe:7f:9e:e3:ae:43:e8:df: 1c:bf:75:a0:e7:81:80:36:69:32:fe:5e:a8:0c:ca: 6f:b3:ff:8f:26:e0:cf:16:4b:71:d9:3c:2f:ee:a9: 0f:b4:37:6d:78:ca:75:5e:3d:ae:8e:d3:4e:e6:e1: 79:52:c9:4b:d1:6d:29:85:f9:89:7a:c8:a6:c1:3e: d4:3f:90:6c:20:29:c7:89:bd:7f:0f:db:f3:f9:1d: fb:ba:f3:8d:39:6b:02:76:88:e2:d5:a3:91:e9:01: 42:c2:80:1b:4c:3d:f2:99:07:43:c7:d1:ef:74:cc: b7:a5:66:5b:67:52:7c:e6:29:68:3b:d4:cb:b2:e5: c7:dd:b7:01:3a:18:1e:4d:64:99:c3:88:7d:fe:93: 38:6a:a4:e2:bd:c2:77:51:8b:62:02:de:07:7f:de: e9:cc:b0:15:c8:2e:2c:ef:f6:d0:e6:7a:83:80:92: 30:f7:96:8f:3c:97:ea:43:33:56:d9:f0:6d:36:5a: 37:d3:0a:b7:0b:f7:01:d0:28:bf:3d:eb:39:4e:56: 23:c9:8c:45:7c:c5:62:ab:59:2c:65:c2:5c:13:ee: 90:4c:61:35:17:ba:2c:6b:fc:72:49:67:3f:ab:00: b4:8c:77:0c:62:71:16:e7:48:3b:ec:9c:a5:77:d6: e2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:D0:C5:94:92:22:C1:EB:F9:24:DC:E3:D2:EB:29:17:EA:BE:84:03 X509v3 Authority Key Identifier: keyid:66:5E:4D:7E:A8:A3:47:0C:97:03:EE:75:51:48:1C:36:F7:74:FE:BB X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zl5NfqijRwyXA-51UUgcNvd0_rs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/3dDFlJIiwev5JNzj0uspF-q-hAM.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/44/14ddd1-deac-41ff-ba6b-162ed624e282/1/Zl5NfqijRwyXA-51UUgcNvd0_rs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0e:6a87::/32 Signature Algorithm: sha256WithRSAEncryption 85:b2:64:d2:e7:90:41:0c:e6:36:dc:01:7a:e2:9d:c9:ad:28: 49:d5:d2:c0:7f:b4:ad:e5:2a:cc:f1:1a:1d:8f:8c:0a:82:c6: 42:1e:7e:c2:98:e3:aa:62:6a:b7:b0:83:4d:3f:9a:b0:eb:dc: 5c:51:20:46:f1:2b:17:2e:80:4d:86:1f:84:38:fd:d0:03:09: a6:6d:1b:df:3f:a2:03:63:fb:bd:47:8c:a9:2f:15:aa:71:b4: 80:a3:6a:12:9a:95:40:ec:d6:22:2c:ff:20:2b:29:73:84:54: cb:91:f8:0a:b4:47:44:fe:a3:98:e0:4c:44:20:bc:13:8f:59: ab:f5:77:f7:50:42:5f:7e:69:4d:81:2c:91:40:4b:69:87:e6: 17:55:02:e2:8f:0f:2f:09:dc:42:f0:23:8e:b3:92:85:1e:c3: b5:16:9c:b2:11:31:43:d5:42:a2:09:f0:dc:8a:b5:dd:6b:96: f4:33:d8:c9:97:1a:fc:ec:ea:46:71:af:75:24:15:49:d4:79: 33:58:6a:fa:73:83:77:38:52:29:0b:73:b2:f6:46:f9:0d:30: 87:c2:39:d4:06:0a:13:1e:f0:8a:df:36:39:90:75:44:10:86: ef:ba:66:6b:a8:5d:6a:6d:12:a3:4c:f3:1a:bd:26:da:a6:ed: ab:77:5e:a7 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt6yMupUdFXos/qqKPZtGwqMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY2NWU0ZDdlYThhMzQ3MGM5NzAzZWU3NTUxNDgxYzM2Zjc3 NGZlYmIwHhcNMjYwMTAxMTgxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGQwYzU5NDkyMjJjMWViZjkyNGRjZTNkMmViMjkxN2VhYmU4NDAzMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4cya4dk/n+e465D6N8cv3Wg54GA Nmky/l6oDMpvs/+PJuDPFktx2Twv7qkPtDdteMp1Xj2ujtNO5uF5UslL0W0phfmJ esimwT7UP5BsICnHib1/D9vz+R37uvONOWsCdoji1aOR6QFCwoAbTD3ymQdDx9Hv dMy3pWZbZ1J85iloO9TLsuXH3bcBOhgeTWSZw4h9/pM4aqTivcJ3UYtiAt4Hf97p zLAVyC4s7/bQ5nqDgJIw95aPPJfqQzNW2fBtNlo30wq3C/cB0Ci/Pes5TlYjyYxF fMViq1ksZcJcE+6QTGE1F7osa/xySWc/qwC0jHcMYnEW50g77Jyld9biEQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN3QxZSSIsHr+STc49LrKRfqvoQDMB8GA1UdIwQY MBaAFGZeTX6oo0cMlwPudVFIHDb3dP67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmIt MTYyZWQ2MjRlMjgyLzEvM2RERmxKSWl3ZXY1Sk56ajB1c3BGLXEtaEFNLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC80NC8xNGRkZDEtZGVhYy00MWZmLWJhNmItMTYyZWQ2MjRlMjgy LzEvWmw1TmZxaWpSd3lYQS01MVVVZ2NOdmQwX3JzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg5qhzAN BgkqhkiG9w0BAQsFAAOCAQEAhbJk0ueQQQzmNtwBeuKdya0oSdXSwH+0reUqzPEa HY+MCoLGQh5+wpjjqmJqt7CDTT+asOvcXFEgRvErFy6ATYYfhDj90AMJpm0b3z+i A2P7vUeMqS8VqnG0gKNqEpqVQOzWIiz/ICspc4RUy5H4CrRHRP6jmOBMRCC8E49Z q/V391BCX35pTYEskUBLaYfmF1UC4o8PLwncQvAjjrOShR7DtRacshExQ9VCognw 3Iq13WuW9DPYyZca/OzqRnGvdSQVSdR5M1hq+nODdzhSKQtzsvZG+Q0wh8I51AYK Ex7wit82OZB1RBCG77pma6hdam0So0zzGr0m2qbtq3depw== -----END CERTIFICATE-----Generated at Sun Jan 18 10:33:39 2026 by rpki-client