This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/zIwXYCF_qQZomhHz-X85FuBZGIA.roa File: zIwXYCF_qQZomhHz-X85FuBZGIA.roa (raw, json) Hash identifier: RZTxg5aQOBFbSjJwS0t1zHG9UjIHCREaOssi1fvfsZw= Subject key identifier: CC:8C:17:60:21:7F:A9:06:68:9A:11:F3:F9:7F:39:16:E0:59:18:80 Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42 Certificate serial: 019B78A2F3FDBB26C281BA883ED9B4299C05 Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/zIwXYCF_qQZomhHz-X85FuBZGIA.roa Signing time: Thu 01 Jan 2026 08:18:23 +0000 ROA not before: Thu 01 Jan 2026 08:18:23 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 1299 IP address blocks: 2001:2000:3000::/40 maxlen: 40 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:f3:fd:bb:26:c2:81:ba:88:3e:d9:b4:29:9c:05 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42 Validity Not Before: Jan 1 08:18:23 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=cc8c1760217fa906689a11f3f97f3916e0591880 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d4:c0:e3:a4:1d:2c:b3:3c:d8:c4:f1:b3:cf: a1:21:17:19:09:e9:72:3b:58:84:ad:e3:b4:50:0e: 21:ac:b2:87:02:e1:2a:d2:4a:94:09:a8:0e:40:6d: af:c8:80:1b:df:16:e2:e5:20:39:07:99:f7:88:af: 74:a2:f9:45:b0:d7:55:49:c7:32:8c:85:d9:e3:69: 1b:08:10:6a:7d:19:6d:18:a9:c1:74:58:53:81:fd: 14:4c:e4:85:a5:33:94:82:30:d5:c3:2c:d4:e9:42: 56:6b:04:c4:f2:fe:69:a7:98:14:58:6e:a1:31:70: 73:d0:ce:d2:92:e9:a2:15:6b:f4:86:a4:56:a4:53: 75:f6:14:7e:89:6f:e4:91:2f:5a:75:90:e2:2d:33: e7:16:4b:20:b2:54:21:01:7d:6a:27:fa:83:81:67: 4b:49:3f:49:65:1e:8f:18:c2:80:61:41:75:21:96: 1c:23:6d:5b:0f:40:27:4d:f4:e9:f0:34:9f:1c:9d: 62:2d:8d:72:ad:b7:bb:46:23:8a:4d:48:33:5d:41: 00:7b:20:e0:77:ab:25:98:ce:95:e6:b8:1e:cb:97: ab:43:cb:1b:07:72:a2:00:76:8c:2d:c8:d3:6a:f2: b4:7f:47:29:3d:78:3f:31:a8:12:cb:42:9e:8d:ea: f0:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:8C:17:60:21:7F:A9:06:68:9A:11:F3:F9:7F:39:16:E0:59:18:80 X509v3 Authority Key Identifier: keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/zIwXYCF_qQZomhHz-X85FuBZGIA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:2000:3000::/40 Signature Algorithm: sha256WithRSAEncryption 1a:7a:e0:aa:6c:08:5b:7f:4b:74:01:86:4b:0a:19:04:18:f9: 7a:72:5d:9d:a4:90:42:f7:03:78:8a:be:f3:c5:5b:bf:17:32: 42:30:d9:09:99:ee:c8:e2:96:74:d9:28:45:40:14:4d:7d:18: 0f:90:2b:3d:0d:9e:db:06:0a:25:c0:82:28:b3:ce:0e:68:7d: 04:a6:9e:48:43:3d:db:2b:93:24:33:34:d3:9a:df:a6:97:00: a2:61:8c:33:25:18:50:50:c6:bd:c7:53:c7:b5:5c:8a:84:9d: e9:c7:98:09:00:3d:1c:51:7b:ec:6a:a8:63:e5:9e:7b:d9:d9: d3:36:4f:b9:c2:53:3b:69:1a:52:01:35:39:42:63:c5:08:e4: 35:ba:8d:3a:a3:fd:cb:46:b9:22:fb:e1:f9:1a:5f:2a:85:88: c6:70:1d:f0:d1:a8:0f:19:86:21:e5:d3:29:7c:1c:c6:74:aa: 03:87:60:e6:b8:d3:b4:f4:9e:32:2d:86:c9:99:9c:70:89:59: 82:bf:33:9b:7b:16:46:4b:82:eb:ec:48:af:38:15:c7:3c:03: a6:e8:de:55:7b:9e:a3:fd:49:74:12:60:c5:44:cc:97:3d:7d: c7:33:d7:21:23:3b:77:94:bf:cc:5e:d2:3c:77:13:c2:c0:cd: f7:9e:a9:1f -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt4ovP9uybCgbqIPtm0KZwFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5 NjZkNDIwHhcNMjYwMTAxMDgxODIzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjYzhjMTc2MDIxN2ZhOTA2Njg5YTExZjNmOTdmMzkxNmUwNTkxODgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdTA46QdLLM82MTxs8+hIRcZCely O1iEreO0UA4hrLKHAuEq0kqUCagOQG2vyIAb3xbi5SA5B5n3iK90ovlFsNdVSccy jIXZ42kbCBBqfRltGKnBdFhTgf0UTOSFpTOUgjDVwyzU6UJWawTE8v5pp5gUWG6h MXBz0M7SkumiFWv0hqRWpFN19hR+iW/kkS9adZDiLTPnFksgslQhAX1qJ/qDgWdL ST9JZR6PGMKAYUF1IZYcI21bD0AnTfTp8DSfHJ1iLY1yrbe7RiOKTUgzXUEAeyDg d6slmM6V5rgey5erQ8sbB3KiAHaMLcjTavK0f0cpPXg/MagSy0KejerwhQIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFMyMF2Ahf6kGaJoR8/l/ORbgWRiAMB8GA1UdIwQY MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt NDY2ZTljYWI3ODY0LzEvekl3WFlDRl9xUVpvbWhIei1YODVGdUJaR0lBLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0 LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAIAEgADAw DQYJKoZIhvcNAQELBQADggEBABp64KpsCFt/S3QBhksKGQQY+XpyXZ2kkEL3A3iK vvPFW78XMkIw2QmZ7sjilnTZKEVAFE19GA+QKz0NntsGCiXAgiizzg5ofQSmnkhD PdsrkyQzNNOa36aXAKJhjDMlGFBQxr3HU8e1XIqEnenHmAkAPRxRe+xqqGPlnnvZ 2dM2T7nCUztpGlIBNTlCY8UI5DW6jTqj/ctGuSL74fkaXyqFiMZwHfDRqA8ZhiHl 0yl8HMZ0qgOHYOa407T0njIthsmZnHCJWYK/M5t7FkZLguvsSK84Fcc8A6bo3lV7 nqP9SXQSYMVEzJc9fccz1yEjO3eUv8xe0jx3E8LAzfeeqR8= -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:23 2026 by rpki-client