This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/3s8sY8JfXcq5h0JX5tklV5kK-kI.roa File: 3s8sY8JfXcq5h0JX5tklV5kK-kI.roa (raw, json) Hash identifier: tUMXR+PdDpzmT4OFEkUcYoWlIAGQobO28dDLQShQPJw= Subject key identifier: DE:CF:2C:63:C2:5F:5D:CA:B9:87:42:57:E6:D9:25:57:99:0A:FA:42 Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Certificate serial: 019B7F819C4AD6503981EBCDE1297EB1FA7A Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/3s8sY8JfXcq5h0JX5tklV5kK-kI.roa Signing time: Fri 02 Jan 2026 16:19:19 +0000 ROA not before: Fri 02 Jan 2026 16:19:19 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 209990 IP address blocks: 2a0d:f9c0::/29 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.mft rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 07:02:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:81:9c:4a:d6:50:39:81:eb:cd:e1:29:7e:b1:fa:7a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea Validity Not Before: Jan 2 16:19:19 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=decf2c63c25f5dcab9874257e6d92557990afa42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3c:82:eb:ed:99:82:30:65:62:a9:24:56:96: cc:9e:fb:53:cf:c7:54:be:65:97:4e:f7:b6:31:6a: 88:ee:b6:cc:c9:6b:f1:77:ca:f8:4d:e2:c8:de:7e: fb:94:d2:c8:93:ea:36:df:d0:10:6a:27:02:2c:4d: fa:b3:a1:c1:8e:dc:f2:9b:ce:04:f4:d9:81:ff:89: 9f:9a:63:7d:7f:65:82:26:b4:e0:c5:1f:58:60:90: d5:0c:7f:77:d0:f4:f2:ad:a1:88:33:ea:a1:96:02: fb:79:b1:39:2c:7c:95:ff:a4:50:32:a1:a3:d1:7d: 78:16:33:04:44:9f:59:8d:32:12:81:94:9a:2d:dc: ae:8c:6e:01:93:50:fb:b7:af:c6:4e:9d:c4:ee:b4: 49:ac:53:1c:13:59:84:99:a6:dd:71:85:30:51:7d: cd:29:9a:bb:e1:10:85:11:5d:bd:5a:bf:43:a7:44: 2c:50:89:9c:c8:36:7d:8a:5d:57:9e:5d:10:99:89: b2:7d:4d:a1:e3:8c:e0:85:90:1b:3f:d3:e9:35:d6: 96:f6:96:66:96:8e:78:ba:8f:09:ad:38:b1:82:03: ea:11:06:da:f0:79:5c:6d:23:0e:ea:48:cc:3d:6d: 65:eb:d2:22:d6:7d:db:c6:76:6d:93:39:10:10:18: f6:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:CF:2C:63:C2:5F:5D:CA:B9:87:42:57:E6:D9:25:57:99:0A:FA:42 X509v3 Authority Key Identifier: keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/3s8sY8JfXcq5h0JX5tklV5kK-kI.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0d:f9c0::/29 Signature Algorithm: sha256WithRSAEncryption 36:0a:a4:af:d1:7c:2a:60:8f:a5:e4:39:40:6d:e2:2c:cc:12: 1d:f7:b0:64:9f:56:64:80:86:de:bf:0f:65:cc:5b:0f:6f:8b: 8c:1d:03:99:5b:59:d5:b6:f5:76:00:dd:0a:2a:d8:76:b8:ee: cd:cc:01:4d:20:e3:c2:11:d2:c3:49:bb:bd:36:f7:17:4a:e1: 44:7e:11:1f:53:e5:bc:1f:5f:2a:41:8b:45:b3:e7:8b:10:37: cf:62:2e:62:fe:9f:4a:81:24:21:80:50:b8:ef:e4:55:56:a6: 09:7f:2c:cd:7d:45:11:62:4a:2f:82:73:0b:fd:12:bf:44:28: 3c:fd:e4:a9:9f:ba:0e:89:01:2b:22:4f:35:79:c3:39:52:9d: 76:11:a0:df:b7:96:35:db:6d:b3:c8:aa:33:37:29:46:fc:b5: 71:62:92:38:67:62:75:0b:90:6e:fb:0e:5a:28:c0:ec:3f:6a: 85:79:d0:6e:82:dc:01:63:68:3b:a6:d6:cf:a3:7d:c8:b0:e5: 81:22:e9:8d:fa:a4:05:cb:ad:f8:5a:13:39:dd:91:0f:a3:0b: 7f:61:74:08:c2:7a:27:80:aa:7f:2e:09:6c:f3:71:a7:69:df: 9c:82:8b:6b:15:5f:8c:19:bc:a4:a8:37:ae:63:5a:cd:8a:02: d8:99:23:0d -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt/gZxK1lA5gevN4Sl+sfp6MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0 ZTQzZWEwHhcNMjYwMTAyMTYxOTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWNmMmM2M2MyNWY1ZGNhYjk4NzQyNTdlNmQ5MjU1Nzk5MGFmYTQyMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzyC6+2ZgjBlYqkkVpbMnvtTz8dU vmWXTve2MWqI7rbMyWvxd8r4TeLI3n77lNLIk+o239AQaicCLE36s6HBjtzym84E 9NmB/4mfmmN9f2WCJrTgxR9YYJDVDH930PTyraGIM+qhlgL7ebE5LHyV/6RQMqGj 0X14FjMERJ9ZjTISgZSaLdyujG4Bk1D7t6/GTp3E7rRJrFMcE1mEmabdcYUwUX3N KZq74RCFEV29Wr9Dp0QsUImcyDZ9il1Xnl0QmYmyfU2h44zghZAbP9PpNdaW9pZm lo54uo8JrTixggPqEQba8HlcbSMO6kjMPW1l69Ii1n3bxnZtkzkQEBj2iQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN7PLGPCX13KuYdCV+bZJVeZCvpCMB8GA1UdIwQY MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt ZmVhMGFmZjM1OWY1LzEvM3M4c1k4SmZYY3E1aDBKWDV0a2xWNWtLLWtJLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1 LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg35wDAN BgkqhkiG9w0BAQsFAAOCAQEANgqkr9F8KmCPpeQ5QG3iLMwSHfewZJ9WZICG3r8P ZcxbD2+LjB0DmVtZ1bb1dgDdCirYdrjuzcwBTSDjwhHSw0m7vTb3F0rhRH4RH1Pl vB9fKkGLRbPnixA3z2IuYv6fSoEkIYBQuO/kVVamCX8szX1FEWJKL4JzC/0Sv0Qo PP3kqZ+6DokBKyJPNXnDOVKddhGg37eWNdtts8iqMzcpRvy1cWKSOGdidQuQbvsO WijA7D9qhXnQboLcAWNoO6bWz6N9yLDlgSLpjfqkBcut+FoTOd2RD6MLf2F0CMJ6 J4Cqfy4JbPNxp2nfnIKLaxVfjBm8pKg3rmNazYoC2JkjDQ== -----END CERTIFICATE-----Generated at Mon Jan 26 15:17:38 2026 by rpki-client