This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Nd-3OgfsEaz8b4S5w3TUrvK6cro.roa File: Nd-3OgfsEaz8b4S5w3TUrvK6cro.roa (raw, json) Hash identifier: mF1iVKzCaasZfOfUE/ngfbabUJDFZXu+iLVs9MfoTkU= Subject key identifier: 35:DF:B7:3A:07:EC:11:AC:FC:6F:84:B9:C3:74:D4:AE:F2:BA:72:BA Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Certificate serial: 019B3B82D9C308CE9D89215A3E0FD4AEB1C5 Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Nd-3OgfsEaz8b4S5w3TUrvK6cro.roa Signing time: Sat 20 Dec 2025 11:26:29 +0000 ROA not before: Sat 20 Dec 2025 11:26:29 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 214515 IP address blocks: 2a05:9080:6::/48 maxlen: 48 2a05:9080:16::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 27 Dec 2025 20:00:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:3b:82:d9:c3:08:ce:9d:89:21:5a:3e:0f:d4:ae:b1:c5 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b Validity Not Before: Dec 20 11:26:29 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=35dfb73a07ec11acfc6f84b9c374d4aef2ba72ba Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:61:cc:67:23:7e:28:3f:a7:aa:f4:83:c7:8f: 70:9b:38:84:59:71:45:39:0b:22:61:a8:c9:3d:27: 6a:42:8e:12:ab:b7:17:6e:74:61:81:f2:22:6e:ac: 1f:a8:88:ad:34:19:42:67:d5:8b:87:b2:32:ee:6c: 32:a1:4b:c2:36:c4:af:24:8b:99:98:5e:e0:d1:67: f5:32:54:5f:3b:d5:02:64:82:d2:22:2b:4a:20:a4: d0:e0:23:d3:09:d1:f7:08:f8:90:9a:31:87:d3:02: 52:96:b3:a9:fe:aa:fd:84:5a:7a:2b:51:da:5c:57: 1f:84:91:97:ed:3f:b3:48:b7:1a:34:14:33:38:24: 5f:6e:e5:f3:a2:a5:8b:f9:d5:5c:76:55:c7:4c:45: 23:0c:f8:69:1c:58:84:96:55:26:b6:9e:d8:76:dc: ab:db:a6:55:16:83:ea:b0:79:a3:57:18:57:09:7d: 77:02:3e:37:88:ce:cb:f2:da:32:fd:bd:a6:17:08: a3:44:52:74:f9:84:c9:67:1d:fe:ec:e4:c2:13:8a: e7:91:d1:50:b3:15:3b:dc:0f:fd:66:e0:fe:49:2a: a5:58:b6:06:97:6c:19:ad:76:dd:83:2e:d7:e1:12: 55:25:78:0e:56:40:83:c1:af:1e:06:2d:e9:a9:36: 4d:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:DF:B7:3A:07:EC:11:AC:FC:6F:84:B9:C3:74:D4:AE:F2:BA:72:BA X509v3 Authority Key Identifier: keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/Nd-3OgfsEaz8b4S5w3TUrvK6cro.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a05:9080:6::/48 2a05:9080:16::/48 Signature Algorithm: sha256WithRSAEncryption 1c:30:cb:74:7b:58:df:95:f0:ff:f8:32:81:91:7c:c1:10:bf: 6f:14:27:24:ed:3a:82:f9:27:d3:b8:a8:2f:41:dc:9c:6b:c4: 7c:83:76:a5:e1:1c:ae:e9:86:e4:76:41:0c:aa:ed:66:3a:01: 03:fb:66:51:ae:ca:f4:52:7c:d7:6e:46:31:9e:42:b5:b7:ce: 6e:9c:6e:aa:cb:70:56:55:30:ca:9c:53:78:ab:51:8c:5c:40: 2d:83:d4:a0:fd:f7:ff:ec:ce:eb:fd:31:b2:cd:f0:3b:44:df: e5:42:41:72:63:38:b3:af:1e:9e:1a:ce:0f:b2:3b:f8:8b:8e: 00:19:12:98:1c:74:e6:5d:a9:d7:f0:1e:56:3c:e7:52:86:78: e3:39:cd:0a:af:cc:60:0a:7e:28:3a:6a:35:21:26:8f:bd:cc: 35:05:e8:ac:84:63:6c:12:1f:cd:73:4d:53:c2:0d:9d:6a:17: e7:87:9a:55:d1:b4:33:f6:fe:fc:67:2c:9a:e3:1e:a6:f4:c3: f0:b2:18:1f:83:86:76:96:95:51:9c:98:05:b3:d7:09:c5:59: 70:20:a0:35:4a:08:9a:e4:e8:56:81:6f:fe:1b:36:17:4c:7e: 7a:4c:e2:9f:03:ab:e3:05:a7:83:d0:da:ae:29:59:62:61:a2: a3:44:b7:d4 -----BEGIN CERTIFICATE----- MIIFCTCCA/GgAwIBAgISAZs7gtnDCM6diSFaPg/UrrHFMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw Y2MzNGIwHhcNMjUxMjIwMTEyNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygzNWRmYjczYTA3ZWMxMWFjZmM2Zjg0YjljMzc0ZDRhZWYyYmE3MmJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtWHMZyN+KD+nqvSDx49wmziEWXFF OQsiYajJPSdqQo4Sq7cXbnRhgfIibqwfqIitNBlCZ9WLh7Iy7mwyoUvCNsSvJIuZ mF7g0Wf1MlRfO9UCZILSIitKIKTQ4CPTCdH3CPiQmjGH0wJSlrOp/qr9hFp6K1Ha XFcfhJGX7T+zSLcaNBQzOCRfbuXzoqWL+dVcdlXHTEUjDPhpHFiEllUmtp7Ydtyr 26ZVFoPqsHmjVxhXCX13Aj43iM7L8toy/b2mFwijRFJ0+YTJZx3+7OTCE4rnkdFQ sxU73A/9ZuD+SSqlWLYGl2wZrXbdgy7X4RJVJXgOVkCDwa8eBi3pqTZNUQIDAQAB o4ICFTCCAhEwHQYDVR0OBBYEFDXftzoH7BGs/G+EucN01K7yunK6MB8GA1UdIwQY MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt MDk0ODk4OWU2ZDU1LzEvTmQtM09nZnNFYXo4YjRTNXczVFVydks2Y3JvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1 LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAKgWQgAAG AwcAKgWQgAAWMA0GCSqGSIb3DQEBCwUAA4IBAQAcMMt0e1jflfD/+DKBkXzBEL9v FCck7TqC+SfTuKgvQdyca8R8g3al4Ryu6YbkdkEMqu1mOgED+2ZRrsr0UnzXbkYx nkK1t85unG6qy3BWVTDKnFN4q1GMXEAtg9Sg/ff/7M7r/TGyzfA7RN/lQkFyYziz rx6eGs4Psjv4i44AGRKYHHTmXanX8B5WPOdShnjjOc0Kr8xgCn4oOmo1ISaPvcw1 BeishGNsEh/Nc01Twg2dahfnh5pV0bQz9v78Zyya4x6m9MPwshgfg4Z2lpVRnJgF s9cJxVlwIKA1Sgia5OhWgW/+GzYXTH56TOKfA6vjBaeD0NquKVliYaKjRLfU -----END CERTIFICATE-----Generated at Sat Dec 27 05:36:36 2025 by rpki-client