This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/2U3Vq1QnP8ctuHADYZl7AYfrN8Q.roa File: 2U3Vq1QnP8ctuHADYZl7AYfrN8Q.roa (raw, json) Hash identifier: aSqIWAFTh+DEyVISsUqiiF4heoz8JVrFxkyTiK/xNAk= Subject key identifier: D9:4D:D5:AB:54:27:3F:C7:2D:B8:70:03:61:99:7B:01:87:EB:37:C4 Certificate issuer: /CN=dd8ae4d9ad863dda1401b490c28cff82d998e3b5 Certificate serial: 019B7F14D8B610DDA2C199B814A81249A268 Authority key identifier: DD:8A:E4:D9:AD:86:3D:DA:14:01:B4:90:C2:8C:FF:82:D9:98:E3:B5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Yrk2a2GPdoUAbSQwoz_gtmY47U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/2U3Vq1QnP8ctuHADYZl7AYfrN8Q.roa Signing time: Fri 02 Jan 2026 14:20:31 +0000 ROA not before: Fri 02 Jan 2026 14:20:31 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 215230 IP address blocks: 2001:678:a30::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/3Yrk2a2GPdoUAbSQwoz_gtmY47U.crl rsync://rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/3Yrk2a2GPdoUAbSQwoz_gtmY47U.mft rsync://rpki.ripe.net/repository/DEFAULT/3Yrk2a2GPdoUAbSQwoz_gtmY47U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 20:00:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:14:d8:b6:10:dd:a2:c1:99:b8:14:a8:12:49:a2:68 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=dd8ae4d9ad863dda1401b490c28cff82d998e3b5 Validity Not Before: Jan 2 14:20:31 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d94dd5ab54273fc72db8700361997b0187eb37c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:5d:13:e2:c5:ac:38:04:3d:60:4c:c7:8f:aa: 1f:2d:85:2f:81:c4:b0:37:83:eb:87:ad:2e:6e:be: bb:12:7e:98:77:0f:af:95:de:cc:44:33:6d:5c:90: 8f:1c:5b:b0:b3:d5:1e:d8:79:b5:19:b5:77:76:ea: 4d:5e:e7:ba:7f:3f:90:99:a2:95:84:b0:65:50:43: 15:aa:c3:c0:d0:98:3e:eb:17:e2:6a:a8:51:d0:d0: d0:6f:e8:e0:93:f0:91:ef:47:c6:94:9f:e9:a3:7a: 84:4b:01:79:0f:eb:de:4f:c3:c2:69:5d:cf:d6:00: a7:0a:f4:f3:95:d6:ac:03:06:8f:10:83:37:40:4e: 89:36:9e:4f:1f:d2:3c:05:fb:6a:a1:f2:99:6d:31: 41:1c:bb:7c:58:cd:89:23:8e:25:ae:1e:c8:18:0b: 5e:d3:a1:02:e4:ef:e3:8e:5e:29:86:2c:28:d2:64: 15:50:bb:40:6f:46:d6:e9:4b:7c:e6:c9:cd:22:b0: c6:76:35:77:14:fd:65:9e:07:0c:88:fc:db:11:6c: f1:a7:18:1f:65:1b:0b:5d:b4:d6:96:ea:10:5f:2f: a8:c3:4e:28:91:df:ef:69:6a:d8:cf:64:cb:71:f5: 9c:88:d1:6f:52:c7:44:7f:94:c2:6d:b1:dc:d2:54: dc:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:4D:D5:AB:54:27:3F:C7:2D:B8:70:03:61:99:7B:01:87:EB:37:C4 X509v3 Authority Key Identifier: keyid:DD:8A:E4:D9:AD:86:3D:DA:14:01:B4:90:C2:8C:FF:82:D9:98:E3:B5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Yrk2a2GPdoUAbSQwoz_gtmY47U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/2U3Vq1QnP8ctuHADYZl7AYfrN8Q.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/347d71-ff78-4b3a-a5db-4de9345c83bf/1/3Yrk2a2GPdoUAbSQwoz_gtmY47U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:678:a30::/48 Signature Algorithm: sha256WithRSAEncryption 14:3c:20:b6:c2:d2:55:f6:ae:c1:6d:21:12:7c:f6:97:cf:2c: 13:16:c9:c4:27:57:4a:93:2f:5c:cf:e7:ff:93:0c:a7:75:00: f0:5e:0f:9e:8b:1e:4c:4e:bb:e0:f7:8d:78:67:57:6b:5c:e0: ba:7c:3d:c1:7d:c9:fd:8a:ec:fd:5e:de:3a:ef:6d:a4:85:da: 16:03:b2:db:4b:ed:6f:64:10:12:51:d8:00:d4:59:24:43:fb: a7:46:04:48:14:bb:41:03:26:00:71:f3:6d:45:be:cc:64:15: 38:ff:61:a9:83:fb:b1:6a:79:81:63:f9:b9:30:b2:ae:20:8a: af:df:14:65:50:70:9d:37:49:ae:89:a8:b0:8a:ac:e9:7c:fe: 84:5e:d4:fb:5e:94:3d:61:5f:0b:50:5d:58:bb:41:0a:7f:ae: ba:56:c3:1c:6f:e4:6e:58:03:ee:4e:4a:34:ce:22:0c:10:0a: 60:6b:c3:25:9d:f2:25:5c:6a:6b:43:4b:62:0d:0c:c4:05:c3: 25:69:5d:02:e5:b3:97:ad:91:f6:e3:da:f5:96:5d:22:93:df: d3:7b:42:98:40:86:17:a2:ef:ec:18:ce:9e:9d:1c:71:98:2d: 9b:1d:ac:86:8d:55:3c:0b:cb:48:b6:a1:64:a5:49:b7:41:c3: 6e:de:f9:8e -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FNi2EN2iwZm4FKgSSaJoMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGRkOGFlNGQ5YWQ4NjNkZGExNDAxYjQ5MGMyOGNmZjgyZDk5 OGUzYjUwHhcNMjYwMTAyMTQyMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkOTRkZDVhYjU0MjczZmM3MmRiODcwMDM2MTk5N2IwMTg3ZWIzN2M0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy10T4sWsOAQ9YEzHj6ofLYUvgcSw N4Prh60ubr67En6Ydw+vld7MRDNtXJCPHFuws9Ue2Hm1GbV3dupNXue6fz+QmaKV hLBlUEMVqsPA0Jg+6xfiaqhR0NDQb+jgk/CR70fGlJ/po3qESwF5D+veT8PCaV3P 1gCnCvTzldasAwaPEIM3QE6JNp5PH9I8BftqofKZbTFBHLt8WM2JI44lrh7IGAte 06EC5O/jjl4phiwo0mQVULtAb0bW6Ut85snNIrDGdjV3FP1lngcMiPzbEWzxpxgf ZRsLXbTWluoQXy+ow04okd/vaWrYz2TLcfWciNFvUsdEf5TCbbHc0lTcnQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFNlN1atUJz/HLbhwA2GZewGH6zfEMB8GA1UdIwQY MBaAFN2K5Nmthj3aFAG0kMKM/4LZmOO1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvM1lyazJhMkdQZG9VQWJTUXdvel9ndG1ZNDdVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zNDdkNzEtZmY3OC00YjNhLWE1ZGIt NGRlOTM0NWM4M2JmLzEvMlUzVnExUW5QOGN0dUhBRFlabDdBWWZyTjhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kMi8zNDdkNzEtZmY3OC00YjNhLWE1ZGItNGRlOTM0NWM4M2Jm LzEvM1lyazJhMkdQZG9VQWJTUXdvel9ndG1ZNDdVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAow MA0GCSqGSIb3DQEBCwUAA4IBAQAUPCC2wtJV9q7BbSESfPaXzywTFsnEJ1dKky9c z+f/kwyndQDwXg+eix5MTrvg9414Z1drXOC6fD3Bfcn9iuz9Xt46722khdoWA7Lb S+1vZBASUdgA1FkkQ/unRgRIFLtBAyYAcfNtRb7MZBU4/2Gpg/uxanmBY/m5MLKu IIqv3xRlUHCdN0muiaiwiqzpfP6EXtT7XpQ9YV8LUF1Yu0EKf666VsMcb+RuWAPu Tko0ziIMEApga8MlnfIlXGprQ0tiDQzEBcMlaV0C5bOXrZH249r1ll0ik9/Te0KY QIYXou/sGM6enRxxmC2bHayGjVU8C8tItqFkpUm3QcNu3vmO -----END CERTIFICATE-----Generated at Tue Jan 20 06:03:50 2026 by rpki-client