This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/3f7sN_W1BMqH2bAJDrYmekJsJtY.roa File: 3f7sN_W1BMqH2bAJDrYmekJsJtY.roa (raw, json) Hash identifier: 1cW9ojab+mnjJYb+u24Z5r0k3W5TZOEjLnBbQc0hNSE= Subject key identifier: DD:FE:EC:37:F5:B5:04:CA:87:D9:B0:09:0E:B6:26:7A:42:6C:26:D6 Certificate issuer: /CN=f0eccc48200cef0216c2ce53869fd192b4a23f54 Certificate serial: 019B7758C3D7DBEC0A0A6C31102C56C3C88C Authority key identifier: F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/3f7sN_W1BMqH2bAJDrYmekJsJtY.roa Signing time: Thu 01 Jan 2026 02:17:44 +0000 ROA not before: Thu 01 Jan 2026 02:17:44 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 50873 IP address blocks: 2001:678:fb4::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/8OzMSCAM7wIWws5Thp_RkrSiP1Q.crl rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/8OzMSCAM7wIWws5Thp_RkrSiP1Q.mft rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 03 Feb 2026 06:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:77:58:c3:d7:db:ec:0a:0a:6c:31:10:2c:56:c3:c8:8c Signature Algorithm: sha256WithRSAEncryption Issuer: CN=f0eccc48200cef0216c2ce53869fd192b4a23f54 Validity Not Before: Jan 1 02:17:44 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddfeec37f5b504ca87d9b0090eb6267a426c26d6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f8:bd:a0:97:1d:5d:64:8e:38:c2:b2:c9:00:8d: 65:1b:6c:35:31:73:ab:8a:ff:05:30:4b:39:30:8f: d3:8b:f6:33:aa:a0:bd:fb:69:b9:61:38:e7:36:87: b9:d2:d2:ac:a8:c8:e4:23:a3:fd:bd:33:c2:4a:60: b8:22:b0:66:38:45:f0:d5:64:7e:40:87:e3:71:0a: 99:67:26:75:a6:70:e8:1b:83:e9:66:3c:5e:22:ed: 99:51:49:ad:94:b7:0e:59:3b:6b:51:c4:88:5f:e5: 6e:9c:c1:05:6a:33:25:7e:6d:23:c4:a5:55:15:a8: 43:92:24:c4:72:b5:38:1f:8b:79:2f:d0:98:76:0d: f4:08:7a:13:32:b2:c5:10:e1:12:9d:93:1b:f0:9a: 55:f0:52:b1:c1:e2:9e:e6:db:c2:28:22:ca:20:6b: 7e:25:66:4d:11:1f:bd:1a:4c:5d:e9:92:99:d9:34: ef:15:71:00:82:a8:f4:8a:fb:fe:14:50:e5:78:c2: d7:0f:30:7c:53:2a:95:8a:42:59:40:27:f1:2e:ed: d9:2e:07:01:c8:d0:57:dc:7d:9d:1f:46:00:11:7f: e4:7b:97:b2:cb:ff:6f:0e:b0:2f:79:8f:be:2c:b9: 37:9a:7a:07:b8:e6:e1:2c:b0:c8:48:cf:55:6e:f1: b3:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:FE:EC:37:F5:B5:04:CA:87:D9:B0:09:0E:B6:26:7A:42:6C:26:D6 X509v3 Authority Key Identifier: keyid:F0:EC:CC:48:20:0C:EF:02:16:C2:CE:53:86:9F:D1:92:B4:A2:3F:54 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8OzMSCAM7wIWws5Thp_RkrSiP1Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/3f7sN_W1BMqH2bAJDrYmekJsJtY.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/98/cdb809-d1d4-4557-b430-bb65c5900f75/1/8OzMSCAM7wIWws5Thp_RkrSiP1Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:fb4::/48 Signature Algorithm: sha256WithRSAEncryption 94:3d:da:03:bd:f1:fe:13:48:85:94:da:db:ce:29:37:06:2d: fa:c2:8f:17:b8:66:7b:9b:68:51:57:68:67:25:0f:a1:0d:d9: a6:a9:9c:dc:90:7d:29:a8:de:05:94:33:c6:72:28:ca:ec:7f: 2b:f7:a1:ad:f1:db:59:ac:05:a1:7c:66:4a:04:aa:fa:9e:0e: d0:bd:39:c0:88:a7:4b:6d:90:a4:95:f2:60:68:66:f9:db:0e: a9:c5:2a:89:06:ae:c9:98:33:3c:8a:61:b9:ad:94:2d:53:38: 30:c5:2e:b3:5d:ce:61:33:35:43:21:18:29:32:b4:6a:74:59: f8:4a:5a:3f:e8:97:71:47:3d:a5:46:83:7a:b4:b4:54:8e:cc: a1:81:12:f7:6a:4b:b3:36:00:fc:2d:6b:69:da:06:c4:f1:bb: 6f:d3:bd:4f:d4:da:33:44:27:6d:a7:27:f5:52:f6:97:fa:9d: 65:6f:60:18:14:f6:50:d8:ee:a4:98:9b:4c:bb:6c:98:fc:31: f2:7a:70:44:5b:e9:5b:b5:8b:e4:07:44:ae:f4:e4:35:64:f7: 36:86:6e:bb:03:34:f5:03:1e:02:f7:8d:b8:53:4a:45:04:42: 01:f0:4c:31:81:09:05:e8:10:f8:7c:a1:b6:cb:44:9f:ba:b6: a6:a1:45:f9 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt3WMPX2+wKCmwxECxWw8iMMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGYwZWNjYzQ4MjAwY2VmMDIxNmMyY2U1Mzg2OWZkMTkyYjRh MjNmNTQwHhcNMjYwMTAxMDIxNzQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGZlZWMzN2Y1YjUwNGNhODdkOWIwMDkwZWI2MjY3YTQyNmMyNmQ2MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+L2glx1dZI44wrLJAI1lG2w1MXOr iv8FMEs5MI/Ti/YzqqC9+2m5YTjnNoe50tKsqMjkI6P9vTPCSmC4IrBmOEXw1WR+ QIfjcQqZZyZ1pnDoG4PpZjxeIu2ZUUmtlLcOWTtrUcSIX+VunMEFajMlfm0jxKVV FahDkiTEcrU4H4t5L9CYdg30CHoTMrLFEOESnZMb8JpV8FKxweKe5tvCKCLKIGt+ JWZNER+9Gkxd6ZKZ2TTvFXEAgqj0ivv+FFDleMLXDzB8UyqVikJZQCfxLu3ZLgcB yNBX3H2dH0YAEX/ke5eyy/9vDrAveY++LLk3mnoHuObhLLDISM9VbvGzJwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFN3+7Df1tQTKh9mwCQ62JnpCbCbWMB8GA1UdIwQY MBaAFPDszEggDO8CFsLOU4af0ZK0oj9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvOE96TVNDQU03d0lXd3M1VGhwX1JrclNpUDFRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jZGI4MDktZDFkNC00NTU3LWI0MzAt YmI2NWM1OTAwZjc1LzEvM2Y3c05fVzFCTXFIMmJBSkRyWW1la0pzSnRZLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC85OC9jZGI4MDktZDFkNC00NTU3LWI0MzAtYmI2NWM1OTAwZjc1 LzEvOE96TVNDQU03d0lXd3M1VGhwX1JrclNpUDFRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeA+0 MA0GCSqGSIb3DQEBCwUAA4IBAQCUPdoDvfH+E0iFlNrbzik3Bi36wo8XuGZ7m2hR V2hnJQ+hDdmmqZzckH0pqN4FlDPGcijK7H8r96Gt8dtZrAWhfGZKBKr6ng7QvTnA iKdLbZCklfJgaGb52w6pxSqJBq7JmDM8imG5rZQtUzgwxS6zXc5hMzVDIRgpMrRq dFn4Slo/6JdxRz2lRoN6tLRUjsyhgRL3akuzNgD8LWtp2gbE8btv071P1NozRCdt pyf1UvaX+p1lb2AYFPZQ2O6kmJtMu2yY/DHyenBEW+lbtYvkB0Su9OQ1ZPc2hm67 AzT1Ax4C9424U0pFBEIB8EwxgQkF6BD4fKG2y0SfuramoUX5 -----END CERTIFICATE-----Generated at Mon Feb 2 14:10:30 2026 by rpki-client