This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/Nda1eBhsJwT4E7HRchbC4K3iiqs.roa File: Nda1eBhsJwT4E7HRchbC4K3iiqs.roa (raw, json) Hash identifier: IyraCeQZ++qiXcc0IC+bQds8y+BEFwAlU5YYks8WhRk= Subject key identifier: 35:D6:B5:78:18:6C:27:04:F8:13:B1:D1:72:16:C2:E0:AD:E2:8A:AB Certificate issuer: /CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031 Certificate serial: 019B79ECD33DC519DC62CC6C45883E9889A3 Authority key identifier: 3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/Nda1eBhsJwT4E7HRchbC4K3iiqs.roa Signing time: Thu 01 Jan 2026 14:18:42 +0000 ROA not before: Thu 01 Jan 2026 14:18:42 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213210 IP address blocks: 2001:678:9b4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.mft rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:ec:d3:3d:c5:19:dc:62:cc:6c:45:88:3e:98:89:a3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3a12854a8400d8c87ea4de7a22fdf1bf574a9031 Validity Not Before: Jan 1 14:18:42 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=35d6b578186c2704f813b1d17216c2e0ade28aab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:63:f3:8c:c2:89:e1:71:15:1d:b6:2c:91:e9: 3b:55:d9:30:b9:02:d3:a0:c8:be:f5:e5:2f:eb:21: e7:69:d0:5a:70:4e:40:d6:7c:fa:10:b4:09:ca:97: 70:ee:ce:62:5a:dc:48:6e:96:bc:54:5f:88:13:ee: e1:cb:2b:7b:8b:be:8d:f6:75:03:e0:a4:2f:77:aa: f1:d8:86:2c:d3:d3:be:3c:62:62:15:ba:46:ad:5c: d1:98:3a:95:55:5a:73:b0:5e:06:83:e5:0e:ca:9e: c0:87:3a:1e:be:3e:8c:72:31:44:9b:43:6c:16:44: dc:51:54:7e:68:1c:72:a0:ea:32:10:01:b4:24:50: 13:4b:18:ef:76:28:42:56:e6:35:23:8a:4c:f7:7c: b2:b9:5a:3c:ac:a5:85:98:7d:ef:43:4d:0b:4a:27: 6d:8c:0d:d6:ad:4e:cd:5c:8f:cf:44:0d:6b:9c:eb: 8f:79:e3:66:ca:43:68:4f:1f:1f:8a:fe:4e:28:72: ad:af:4f:1f:01:17:7c:32:a1:0c:5f:10:f1:04:46: f8:3f:33:97:8d:ed:ec:f6:11:fc:c6:8f:eb:b7:ef: 88:db:17:ac:9a:45:35:4f:2d:9a:b2:bc:b6:c4:50: ce:e5:93:b1:4d:3a:da:ba:75:86:85:50:84:b3:2e: 6b:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:D6:B5:78:18:6C:27:04:F8:13:B1:D1:72:16:C2:E0:AD:E2:8A:AB X509v3 Authority Key Identifier: keyid:3A:12:85:4A:84:00:D8:C8:7E:A4:DE:7A:22:FD:F1:BF:57:4A:90:31 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/Nda1eBhsJwT4E7HRchbC4K3iiqs.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/2b6e16-9ce8-49da-9ed3-6829d68e2a54/1/OhKFSoQA2Mh-pN56Iv3xv1dKkDE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:9b4::/48 Signature Algorithm: sha256WithRSAEncryption 42:bd:08:55:44:3b:2f:23:72:3c:05:f1:7c:c8:bf:70:b7:32: 63:2a:da:1f:2d:8b:17:c3:cc:39:f0:97:9c:1b:57:c1:c6:ae: 61:4e:33:bd:f8:18:a4:7e:95:f9:07:71:ab:19:9e:78:2d:e5: b0:e7:49:7d:ef:92:05:69:b2:ab:c4:7f:da:88:62:b2:5d:47: e5:37:27:e6:d6:37:e1:49:ce:08:9a:f3:a1:ab:76:45:c8:f2: ca:50:57:f9:1a:af:69:83:29:cf:6e:66:24:42:46:8b:97:9f: 68:63:85:b9:05:24:11:34:de:f3:c0:86:51:42:e9:69:e0:7a: 1a:2f:63:ff:4d:09:f1:ef:ca:eb:88:c8:02:45:25:2c:95:e3: 2e:c8:ae:11:d6:76:43:ea:94:e1:72:31:fe:10:9a:e6:a2:9d: d9:14:cd:a6:89:4f:f3:01:c8:23:d1:10:fe:8f:37:39:b1:33: 6a:c7:81:1e:9e:9f:a0:fc:51:78:8c:58:c2:a8:9b:6e:48:ed: fa:28:33:12:72:55:dd:3d:3d:aa:56:dc:89:ea:dc:e5:33:32: 71:d4:90:17:00:0d:b9:7a:5e:34:9d:52:ce:39:1e:1f:c3:0d: 85:e3:3f:76:47:78:3b:33:cd:5b:51:77:a9:ca:c7:16:b0:16: 29:06:24:1e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt57NM9xRncYsxsRYg+mImjMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNhMTI4NTRhODQwMGQ4Yzg3ZWE0ZGU3YTIyZmRmMWJmNTc0 YTkwMzEwHhcNMjYwMTAxMTQxODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWQ2YjU3ODE4NmMyNzA0ZjgxM2IxZDE3MjE2YzJlMGFkZTI4YWFiMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWPzjMKJ4XEVHbYskek7VdkwuQLT oMi+9eUv6yHnadBacE5A1nz6ELQJypdw7s5iWtxIbpa8VF+IE+7hyyt7i76N9nUD 4KQvd6rx2IYs09O+PGJiFbpGrVzRmDqVVVpzsF4Gg+UOyp7Ahzoevj6McjFEm0Ns FkTcUVR+aBxyoOoyEAG0JFATSxjvdihCVuY1I4pM93yyuVo8rKWFmH3vQ00LSidt jA3WrU7NXI/PRA1rnOuPeeNmykNoTx8fiv5OKHKtr08fARd8MqEMXxDxBEb4PzOX je3s9hH8xo/rt++I2xesmkU1Ty2asry2xFDO5ZOxTTraunWGhVCEsy5rFwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDXWtXgYbCcE+BOx0XIWwuCt4oqrMB8GA1UdIwQY MBaAFDoShUqEANjIfqTeeiL98b9XSpAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMt NjgyOWQ2OGUyYTU0LzEvTmRhMWVCaHNKd1Q0RTdIUmNoYkM0SzNpaXFzLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC8yYjZlMTYtOWNlOC00OWRhLTllZDMtNjgyOWQ2OGUyYTU0 LzEvT2hLRlNvUUEyTWgtcE41Nkl2M3h2MWRLa0RFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAm0 MA0GCSqGSIb3DQEBCwUAA4IBAQBCvQhVRDsvI3I8BfF8yL9wtzJjKtofLYsXw8w5 8JecG1fBxq5hTjO9+BikfpX5B3GrGZ54LeWw50l975IFabKrxH/aiGKyXUflNyfm 1jfhSc4ImvOhq3ZFyPLKUFf5Gq9pgynPbmYkQkaLl59oY4W5BSQRNN7zwIZRQulp 4HoaL2P/TQnx78rriMgCRSUsleMuyK4R1nZD6pThcjH+EJrmop3ZFM2miU/zAcgj 0RD+jzc5sTNqx4Eenp+g/FF4jFjCqJtuSO36KDMSclXdPT2qVtyJ6tzlMzJx1JAX AA25el40nVLOOR4fww2F4z92R3g7M81bUXepyscWsBYpBiQe -----END CERTIFICATE-----Generated at Mon Feb 9 19:54:33 2026 by rpki-client