This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/ox2Wfo3GjgI5qclmFBQzRvWFiwk.roa File: ox2Wfo3GjgI5qclmFBQzRvWFiwk.roa (raw, json) Hash identifier: HIdOko7O9yGAFOy4Nnvp9Ps0Vn1M8Ss4upiUCfRzfB4= Subject key identifier: A3:1D:96:7E:8D:C6:8E:02:39:A9:C9:66:14:14:33:46:F5:85:8B:09 Certificate issuer: /CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7 Certificate serial: 019AB6DA0F587C7F05998660E7BCBA09F2F1 Authority key identifier: F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/ox2Wfo3GjgI5qclmFBQzRvWFiwk.roa Signing time: Mon 24 Nov 2025 17:12:15 +0000 ROA not before: Mon 24 Nov 2025 17:12:15 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 64286 IP address blocks: 2001:3500::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.mft rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 16 Dec 2025 22:36:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:b6:da:0f:58:7c:7f:05:99:86:60:e7:bc:ba:09:f2:f1 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f2a253cdf507a03e1f579d202d8df11d68f5c3d7 Validity Not Before: Nov 24 17:12:15 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=a31d967e8dc68e0239a9c96614143346f5858b09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:49:65:ae:08:b0:c7:0e:c0:06:6e:30:8e:83: 58:14:e6:0e:3c:e4:5d:d9:81:18:00:41:15:d3:ab: 3a:05:cf:34:c9:8b:32:44:33:58:a4:43:c5:40:dd: 7e:bd:9b:81:8b:09:9a:17:f5:00:f0:2c:66:75:8e: 63:81:06:c6:91:de:27:8d:fc:3f:d2:9e:64:c0:42: 2c:2c:35:2d:99:92:13:d3:86:c8:4e:76:e1:e4:e9: e1:2c:24:29:c8:10:48:90:0a:b3:9d:ad:78:a8:43: e8:44:a8:04:33:bf:c2:33:f4:72:4d:39:20:1b:c5: ec:77:ea:2e:59:f0:5a:e3:b9:90:a1:24:99:d5:cf: 45:75:6e:46:00:34:78:d8:1c:2f:b1:4d:cb:05:1b: 54:7e:f7:40:29:4f:bb:5c:a1:98:ca:a7:1b:34:af: ae:8e:72:ba:5e:ed:6d:a4:bf:27:9f:7d:10:cb:0b: 7d:01:f1:ed:5b:78:2a:00:8e:ef:e0:87:d9:1b:42: 2f:9e:f5:f9:85:a1:39:3c:c4:85:df:11:73:c8:70: cf:7b:fe:e9:b4:26:dd:31:c0:31:57:5f:a9:7c:72: d5:8c:b3:a5:1b:b7:e4:25:74:9d:87:4e:13:ad:9a: f9:bd:e6:7a:34:d8:f9:8d:47:3d:bd:52:db:05:71: 67:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:1D:96:7E:8D:C6:8E:02:39:A9:C9:66:14:14:33:46:F5:85:8B:09 X509v3 Authority Key Identifier: keyid:F2:A2:53:CD:F5:07:A0:3E:1F:57:9D:20:2D:8D:F1:1D:68:F5:C3:D7 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8qJTzfUHoD4fV50gLY3xHWj1w9c.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/ox2Wfo3GjgI5qclmFBQzRvWFiwk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/51/10ebec-2784-4daa-8df7-be4d5d09d710/1/8qJTzfUHoD4fV50gLY3xHWj1w9c.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:3500::/32 Signature Algorithm: sha256WithRSAEncryption 4c:f3:cf:9c:95:78:99:ca:eb:62:9a:b4:ab:93:31:88:f1:55: 69:a3:2d:54:e4:e1:1e:4a:8b:db:a4:e1:03:08:85:65:37:0a: 35:ee:60:5a:0f:82:fe:44:37:56:f8:e5:04:dd:2d:e0:90:28: 15:1b:a3:9d:f7:b5:e6:c0:3f:27:e1:72:bd:5d:99:37:cc:3f: 3c:da:5a:05:4a:73:33:d7:41:57:76:22:02:99:16:03:1c:f5: 00:96:d6:3a:5c:0d:ff:18:5d:ec:2a:b5:e6:39:87:ad:52:4c: 82:14:b1:03:34:f6:4c:31:5c:d5:d0:4e:f7:bf:b3:5e:4c:b6: ed:7a:24:a3:ba:a3:d3:4d:52:24:16:db:84:cd:76:40:bf:21: 77:05:46:43:00:6f:e9:41:f9:2e:08:ad:37:a5:1b:8b:c9:b3: 5e:ac:e0:b3:60:d6:26:a9:b3:2a:49:b5:e3:72:a5:3c:51:d5: 7f:f0:ca:cb:0a:1e:31:90:55:da:1e:54:be:f9:f1:8b:5e:73: f8:35:a7:81:aa:ce:d6:63:b2:fb:f7:4f:2e:5e:3a:b9:50:aa: 33:3e:b0:18:78:18:69:69:32:de:5c:7c:67:4c:d2:42:11:68: 93:0a:e9:70:1e:2a:f4:f0:bd:4b:fe:1f:49:98:fe:31:ef:a5: e3:61:b8:b0 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZq22g9YfH8FmYZg57y6CfLxMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYyYTI1M2NkZjUwN2EwM2UxZjU3OWQyMDJkOGRmMTFkNjhm NWMzZDcwHhcNMjUxMTI0MTcxMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzFkOTY3ZThkYzY4ZTAyMzlhOWM5NjYxNDE0MzM0NmY1ODU4YjA5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzUllrgiwxw7ABm4wjoNYFOYOPORd 2YEYAEEV06s6Bc80yYsyRDNYpEPFQN1+vZuBiwmaF/UA8CxmdY5jgQbGkd4njfw/ 0p5kwEIsLDUtmZIT04bITnbh5OnhLCQpyBBIkAqzna14qEPoRKgEM7/CM/RyTTkg G8Xsd+ouWfBa47mQoSSZ1c9FdW5GADR42BwvsU3LBRtUfvdAKU+7XKGYyqcbNK+u jnK6Xu1tpL8nn30Qywt9AfHtW3gqAI7v4IfZG0IvnvX5haE5PMSF3xFzyHDPe/7p tCbdMcAxV1+pfHLVjLOlG7fkJXSdh04TrZr5veZ6NNj5jUc9vVLbBXFnbwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFKMdln6Nxo4COanJZhQUM0b1hYsJMB8GA1UdIwQY MBaAFPKiU831B6A+H1edIC2N8R1o9cPXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjct YmU0ZDVkMDlkNzEwLzEvb3gyV2ZvM0dqZ0k1cWNsbUZCUXpSdldGaXdrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MS8xMGViZWMtMjc4NC00ZGFhLThkZjctYmU0ZDVkMDlkNzEw LzEvOHFKVHpmVUhvRDRmVjUwZ0xZM3hIV2oxdzljLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAIAE1ADAN BgkqhkiG9w0BAQsFAAOCAQEATPPPnJV4mcrrYpq0q5MxiPFVaaMtVOThHkqL26Th AwiFZTcKNe5gWg+C/kQ3VvjlBN0t4JAoFRujnfe15sA/J+FyvV2ZN8w/PNpaBUpz M9dBV3YiApkWAxz1AJbWOlwN/xhd7Cq15jmHrVJMghSxAzT2TDFc1dBO97+zXky2 7Xoko7qj001SJBbbhM12QL8hdwVGQwBv6UH5LgitN6Ubi8mzXqzgs2DWJqmzKkm1 43KlPFHVf/DKywoeMZBV2h5Uvvnxi15z+DWngarO1mOy+/dPLl46uVCqMz6wGHgY aWky3lx8Z0zSQhFokwrpcB4q9PC9S/4fSZj+Me+l42G4sA== -----END CERTIFICATE-----Generated at Tue Dec 16 04:33:44 2025 by rpki-client