This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/O38cBxr9A2-GQPiXelr49ROZiZc.roa File: O38cBxr9A2-GQPiXelr49ROZiZc.roa (raw, json) Hash identifier: XfhbudfkGgZYXhL//4xHDQX3W6VCf7VT8aY8gLfvINM= Subject key identifier: 3B:7F:1C:07:1A:FD:03:6F:86:40:F8:97:7A:5A:F8:F5:13:99:89:97 Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Certificate serial: 019B7BA55138E058FD6BBB8A31B44893CB42 Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/O38cBxr9A2-GQPiXelr49ROZiZc.roa Signing time: Thu 01 Jan 2026 22:19:50 +0000 ROA not before: Thu 01 Jan 2026 22:19:50 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 211526 IP address blocks: 2a01:5a8:8::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:a5:51:38:e0:58:fd:6b:bb:8a:31:b4:48:93:cb:42 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4 Validity Not Before: Jan 1 22:19:50 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=3b7f1c071afd036f8640f8977a5af8f513998997 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:c6:04:75:38:6e:ec:2b:c3:2e:70:13:1d:9a: ce:72:48:3d:4c:1f:d1:d8:58:c1:4c:9c:5c:a5:71: d1:17:5a:3e:b6:e5:f8:11:e2:ab:bc:8a:be:f4:fb: 31:bc:8c:71:d1:ab:3f:37:20:5f:cf:78:ff:0c:4d: ef:f4:85:e9:73:b9:78:e4:e8:05:b0:6b:42:ed:de: 2c:4f:bb:7a:f1:73:ce:22:c9:53:c5:54:d4:7b:fd: c0:bb:5c:5d:d1:dc:75:c6:a8:08:cd:61:ad:70:aa: 2e:8a:15:b9:3f:f5:28:c3:1f:5a:d1:62:9a:8d:30: e4:16:78:38:e2:94:c4:45:64:69:b1:1b:e9:11:0a: 13:e1:55:e3:5a:44:88:f6:a2:66:a5:64:4e:03:97: cb:4a:e3:ee:e5:3b:4f:e4:3b:f5:74:35:f4:af:04: 31:2b:10:73:75:ea:6b:ca:41:2a:ed:8b:1d:be:30: 35:54:e9:05:ab:03:87:b6:a4:cd:be:1c:ba:c2:aa: cb:6d:17:67:a9:60:d2:52:8c:18:f7:aa:b8:12:c5: 31:27:88:54:ba:43:af:a2:43:d0:f0:eb:2d:df:fc: 91:9e:a5:44:72:af:1e:e9:ef:10:d2:27:39:73:99: 27:29:41:d8:e4:14:bd:b2:12:4e:97:b7:f1:af:5a: 5a:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:7F:1C:07:1A:FD:03:6F:86:40:F8:97:7A:5A:F8:F5:13:99:89:97 X509v3 Authority Key Identifier: keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/O38cBxr9A2-GQPiXelr49ROZiZc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:5a8:8::/48 Signature Algorithm: sha256WithRSAEncryption 35:2d:7f:6f:84:bb:f3:cc:d2:c6:91:3e:f2:5b:9d:44:ce:99: 92:52:30:2f:db:df:5a:4d:e0:12:e6:ea:70:b3:58:df:c9:0f: ac:fd:d4:b6:0f:23:e6:6b:61:8e:ab:c1:10:d7:93:ac:8b:d3: 18:42:4a:b9:b8:01:3f:6f:7b:3d:2b:9c:2f:d2:70:f3:6e:e4: 1c:c5:a0:53:78:1c:64:9c:0c:51:99:9a:a8:d6:4d:83:2e:75: 5c:2e:9a:14:5e:f6:fc:1c:4b:8b:bb:6d:91:32:d1:44:55:b4: f2:c4:3f:2b:66:cc:33:41:d2:21:6a:45:4a:de:6b:9d:70:a5: f9:fc:a7:60:72:89:3c:a9:ac:b1:40:07:4f:30:d7:e2:8c:17: 80:32:9a:4f:0b:9a:5a:c6:30:9b:2a:1f:94:4b:5a:d0:81:7e: a7:dd:56:b0:15:2b:99:9e:7c:29:4f:47:89:86:54:8e:45:24: 10:6d:7f:53:10:d3:cc:3b:8c:9f:17:29:3e:17:23:c2:71:31: 03:b8:a1:15:25:9a:7c:7c:b3:e9:67:ee:d4:6f:ea:f8:0b:0b: da:79:f7:a4:9f:72:52:10:a7:65:c9:70:78:62:11:9e:a5:dc: 38:2f:47:47:3e:7a:d7:26:c8:b0:82:b7:71:a6:46:14:9d:49: 30:1b:02:b1 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt7pVE44Fj9a7uKMbRIk8tCMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4 ZmI0YzQwHhcNMjYwMTAxMjIxOTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzYjdmMWMwNzFhZmQwMzZmODY0MGY4OTc3YTVhZjhmNTEzOTk4OTk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMYEdThu7CvDLnATHZrOckg9TB/R 2FjBTJxcpXHRF1o+tuX4EeKrvIq+9PsxvIxx0as/NyBfz3j/DE3v9IXpc7l45OgF sGtC7d4sT7t68XPOIslTxVTUe/3Au1xd0dx1xqgIzWGtcKouihW5P/Uowx9a0WKa jTDkFng44pTERWRpsRvpEQoT4VXjWkSI9qJmpWROA5fLSuPu5TtP5Dv1dDX0rwQx KxBzdeprykEq7YsdvjA1VOkFqwOHtqTNvhy6wqrLbRdnqWDSUowY96q4EsUxJ4hU ukOvokPQ8Ost3/yRnqVEcq8e6e8Q0ic5c5knKUHY5BS9shJOl7fxr1pa3QIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFDt/HAca/QNvhkD4l3pa+PUTmYmXMB8GA1UdIwQY MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct ODcyYmEyZDlmNDRjLzEvTzM4Y0J4cjlBMi1HUVBpWGVscjQ5Uk9aaVpjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEFqAAI MA0GCSqGSIb3DQEBCwUAA4IBAQA1LX9vhLvzzNLGkT7yW51EzpmSUjAv299aTeAS 5upws1jfyQ+s/dS2DyPma2GOq8EQ15Osi9MYQkq5uAE/b3s9K5wv0nDzbuQcxaBT eBxknAxRmZqo1k2DLnVcLpoUXvb8HEuLu22RMtFEVbTyxD8rZswzQdIhakVK3mud cKX5/Kdgcok8qayxQAdPMNfijBeAMppPC5paxjCbKh+US1rQgX6n3VawFSuZnnwp T0eJhlSORSQQbX9TENPMO4yfFyk+FyPCcTEDuKEVJZp8fLPpZ+7Ub+r4Cwvaefek n3JSEKdlyXB4YhGepdw4L0dHPnrXJsiwgrdxpkYUnUkwGwKx -----END CERTIFICATE-----Generated at Mon Jan 26 10:25:00 2026 by rpki-client