This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/TOF3ZgA2E3UTCvybT5QOxSPJdVo.roa File: TOF3ZgA2E3UTCvybT5QOxSPJdVo.roa (raw, json) Hash identifier: iSQvu/X4RZ2TX/v9Xw2MSqYTLV+RJbk0Qnv9Fb30Cgo= Subject key identifier: 4C:E1:77:66:00:36:13:75:13:0A:FC:9B:4F:94:0E:C5:23:C9:75:5A Certificate issuer: /CN=2901d76431c6e873d3c44730571e1e50d602057c Certificate serial: 019B7B36A821BA224E4CDC0F293D0A6B6E8F Authority key identifier: 29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/TOF3ZgA2E3UTCvybT5QOxSPJdVo.roa Signing time: Thu 01 Jan 2026 20:18:58 +0000 ROA not before: Thu 01 Jan 2026 20:18:58 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212037 IP address blocks: 2001:67c:1680::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.mft rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 15:10:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:36:a8:21:ba:22:4e:4c:dc:0f:29:3d:0a:6b:6e:8f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=2901d76431c6e873d3c44730571e1e50d602057c Validity Not Before: Jan 1 20:18:58 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=4ce1776600361375130afc9b4f940ec523c9755a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:93:1d:ea:69:b7:65:70:3f:d9:9b:1b:b5:03: a5:60:ab:1f:f5:df:60:ac:1f:f4:37:e5:ea:e1:d2: 27:a8:3e:ff:00:3e:20:b8:d4:9a:2f:a9:2d:9c:0a: 50:df:d6:21:67:89:5e:07:10:37:5c:67:7b:c8:e3: 0d:05:86:e7:ef:d6:3b:98:d0:d4:58:40:af:62:84: 37:0d:38:ed:8f:ce:41:2c:9b:e1:a7:e5:a8:18:c9: b7:71:3e:00:f5:d5:a2:90:d1:5d:51:e8:0c:d0:89: 1b:9f:fa:31:99:05:b7:4a:cf:a5:bc:53:ac:ea:f1: e0:a4:5b:d6:04:51:be:2b:69:f6:6e:8d:53:d1:b4: a5:c7:a2:30:75:00:a6:59:0e:4a:d7:64:67:77:1e: eb:be:3c:95:21:a8:11:0f:91:ac:b5:e3:ee:4f:e0: 38:08:74:4c:fc:41:53:5f:f8:df:3e:16:2d:f7:c8: b2:46:99:25:af:33:cb:72:ae:f3:73:e3:66:2a:11: 7b:c7:44:c0:d6:04:5a:76:3d:bf:bd:b2:fd:0e:88: 54:4d:82:db:f4:ad:92:19:e0:a6:25:a5:3d:ca:f0: 64:a3:21:7d:16:3c:57:97:2e:55:8b:c2:fa:e0:55: a0:a1:e0:72:71:85:4a:21:2a:a0:9c:b4:93:2d:5a: f5:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:E1:77:66:00:36:13:75:13:0A:FC:9B:4F:94:0E:C5:23:C9:75:5A X509v3 Authority Key Identifier: keyid:29:01:D7:64:31:C6:E8:73:D3:C4:47:30:57:1E:1E:50:D6:02:05:7C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQHXZDHG6HPTxEcwVx4eUNYCBXw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/TOF3ZgA2E3UTCvybT5QOxSPJdVo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/69/05c3a1-c8fe-40ff-9c52-3e6f0324410a/1/KQHXZDHG6HPTxEcwVx4eUNYCBXw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:1680::/48 Signature Algorithm: sha256WithRSAEncryption b3:a4:13:6e:ea:3c:2a:a8:c6:50:e9:62:0d:58:d9:88:8c:9c: ad:20:27:d9:84:02:20:a8:7a:5e:51:c2:b7:bb:42:b6:a8:20: 17:c5:0e:3d:e9:9a:5e:39:bf:6f:4f:65:e7:e7:9d:82:ef:42: ed:cf:1e:d7:c1:2f:6f:40:90:23:de:3d:42:98:6a:d3:51:d0: b9:5c:fc:74:b2:2e:ee:15:c3:f9:54:e0:01:9f:3e:ad:e7:cf: 3e:f8:2c:ca:40:c6:67:c1:38:6e:bb:5c:6a:54:04:79:17:76: c2:0a:d5:ab:ef:34:54:f8:14:31:8f:76:fc:da:7b:2a:5a:e3: 46:6b:44:30:97:af:31:5a:cc:20:19:7c:08:69:9f:d0:6a:97: e9:cf:0d:bf:89:ed:e6:be:2f:20:94:85:87:9c:cc:19:8f:d5: c9:e1:df:0e:4f:6b:51:0c:04:0a:bf:94:3d:24:ee:e7:e7:c1: a2:51:64:d1:cf:d8:3d:38:be:23:d7:70:17:23:46:81:4e:4e: 34:b4:42:54:69:68:05:50:e7:df:10:57:57:60:61:28:d7:84: 9d:b2:70:7d:d1:f1:3e:dc:a9:bd:d2:37:c2:75:ff:9f:54:24: 30:56:8b:9f:bd:1b:96:c6:17:ae:b9:b4:7d:d6:6d:59:d9:47: 94:26:da:fb -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7NqghuiJOTNwPKT0Ka26PMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDI5MDFkNzY0MzFjNmU4NzNkM2M0NDczMDU3MWUxZTUwZDYw MjA1N2MwHhcNMjYwMTAxMjAxODU4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0Y2UxNzc2NjAwMzYxMzc1MTMwYWZjOWI0Zjk0MGVjNTIzYzk3NTVhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJMd6mm3ZXA/2ZsbtQOlYKsf9d9g rB/0N+Xq4dInqD7/AD4guNSaL6ktnApQ39YhZ4leBxA3XGd7yOMNBYbn79Y7mNDU WECvYoQ3DTjtj85BLJvhp+WoGMm3cT4A9dWikNFdUegM0Ikbn/oxmQW3Ss+lvFOs 6vHgpFvWBFG+K2n2bo1T0bSlx6IwdQCmWQ5K12Rndx7rvjyVIagRD5GstePuT+A4 CHRM/EFTX/jfPhYt98iyRpklrzPLcq7zc+NmKhF7x0TA1gRadj2/vbL9DohUTYLb 9K2SGeCmJaU9yvBkoyF9FjxXly5Vi8L64FWgoeBycYVKISqgnLSTLVr1vQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEzhd2YANhN1Ewr8m0+UDsUjyXVaMB8GA1UdIwQY MBaAFCkB12Qxxuhz08RHMFceHlDWAgV8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTIt M2U2ZjAzMjQ0MTBhLzEvVE9GM1pnQTJFM1VUQ3Z5YlQ1UU94U1BKZFZvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82OS8wNWMzYTEtYzhmZS00MGZmLTljNTItM2U2ZjAzMjQ0MTBh LzEvS1FIWFpESEc2SFBUeEVjd1Z4NGVVTllDQlh3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfBaA MA0GCSqGSIb3DQEBCwUAA4IBAQCzpBNu6jwqqMZQ6WINWNmIjJytICfZhAIgqHpe UcK3u0K2qCAXxQ496ZpeOb9vT2Xn552C70Ltzx7XwS9vQJAj3j1CmGrTUdC5XPx0 si7uFcP5VOABnz6t588++CzKQMZnwThuu1xqVAR5F3bCCtWr7zRU+BQxj3b82nsq WuNGa0Qwl68xWswgGXwIaZ/Qapfpzw2/ie3mvi8glIWHnMwZj9XJ4d8OT2tRDAQK v5Q9JO7n58GiUWTRz9g9OL4j13AXI0aBTk40tEJUaWgFUOffEFdXYGEo14SdsnB9 0fE+3Km90jfCdf+fVCQwVoufvRuWxheuubR91m1Z2UeUJtr7 -----END CERTIFICATE-----Generated at Mon Feb 9 22:15:31 2026 by rpki-client