This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/3OkMfbNK7oywxyEduLLpDjtw4pE.roa File: 3OkMfbNK7oywxyEduLLpDjtw4pE.roa (raw, json) Hash identifier: L7QwofR/zK4j6up4RavhL5dZloz6sdS+umIJ+YznSC4= Subject key identifier: DC:E9:0C:7D:B3:4A:EE:8C:B0:C7:21:1D:B8:B2:E9:0E:3B:70:E2:91 Certificate issuer: /CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1 Certificate serial: 019B7DCA564A9F614C42D0A046618B0D210B Authority key identifier: 41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/3OkMfbNK7oywxyEduLLpDjtw4pE.roa Signing time: Fri 02 Jan 2026 08:19:30 +0000 ROA not before: Fri 02 Jan 2026 08:19:30 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 60068 IP address blocks: 2a14:30c1::/32 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.mft rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Thu 22 Jan 2026 00:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:ca:56:4a:9f:61:4c:42:d0:a0:46:61:8b:0d:21:0b Signature Algorithm: sha256WithRSAEncryption Issuer: CN=41dd1ce4eeb92ff53b633892fd457b011e1171f1 Validity Not Before: Jan 2 08:19:30 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dce90c7db34aee8cb0c7211db8b2e90e3b70e291 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:51:f6:5a:f9:45:a7:53:58:d1:c5:e9:57:2b: 55:e7:46:91:2d:98:73:b0:77:08:80:48:d2:92:02: cf:bd:d5:38:08:77:c8:6b:8f:49:70:db:81:2a:c8: 70:5b:4b:5a:34:b5:ac:d8:d2:ab:e4:6d:73:f7:05: 5e:c6:33:b6:d1:24:34:b4:c7:3d:9b:56:b4:aa:6a: 71:0e:d9:59:0a:13:49:ed:fd:e4:a9:ff:21:a0:43: 87:f5:58:a8:06:c9:36:88:1a:a5:2c:35:dd:f1:18: 9b:84:1f:00:a8:96:63:71:28:39:6f:cc:3a:81:fa: 90:a1:46:0c:64:d5:63:ba:d9:bf:80:74:c4:16:79: 49:2f:b3:9b:96:5f:4d:b9:cb:fa:e9:1b:97:b9:68: 91:61:9c:9c:d1:bf:6f:f5:86:41:c0:0f:74:c4:c2: 51:bc:99:5a:c3:8f:83:c1:2c:02:28:0c:c2:a5:31: 0f:fb:ac:b9:4c:64:a6:8c:d9:e6:f9:73:74:68:6e: 1b:d4:d5:32:b9:17:22:16:97:bc:81:3b:1e:63:2f: e5:26:f5:67:1e:c7:c4:73:4f:2d:95:bc:8c:d2:57: 55:77:e9:8e:77:20:c2:e6:bd:7c:b8:4c:cd:29:a9: c7:4d:7d:9e:2d:2c:cf:2f:64:14:3a:06:ac:65:cb: 1d:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:E9:0C:7D:B3:4A:EE:8C:B0:C7:21:1D:B8:B2:E9:0E:3B:70:E2:91 X509v3 Authority Key Identifier: keyid:41:DD:1C:E4:EE:B9:2F:F5:3B:63:38:92:FD:45:7B:01:1E:11:71:F1 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qd0c5O65L_U7YziS_UV7AR4RcfE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/3OkMfbNK7oywxyEduLLpDjtw4pE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/db/1acc61-b95a-406e-80fc-88521ad99c7e/1/Qd0c5O65L_U7YziS_UV7AR4RcfE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:30c1::/32 Signature Algorithm: sha256WithRSAEncryption 77:63:e5:d5:38:c4:5a:3b:47:f8:b7:cb:da:48:cc:be:e0:c2: ed:f7:62:12:cd:2b:e1:2d:26:23:ba:f1:c7:aa:ee:79:ac:9a: 58:82:9e:5b:15:5d:21:1c:85:19:b4:ea:74:14:58:87:21:ab: 69:8a:94:dc:ec:8e:74:08:2f:1b:04:31:f8:09:c4:9d:c2:f3: 89:a5:52:14:84:fc:35:08:9b:f9:55:f4:01:87:b6:0f:ff:79: c6:a2:a3:e3:84:f9:ae:da:4b:31:9f:14:fe:0c:14:3a:0b:f5: 16:bb:d9:4d:be:62:2a:b6:c1:8c:df:de:e0:a9:57:8e:5e:12: 29:df:e5:79:80:fa:29:3f:d8:6b:ad:02:05:c3:99:49:8d:ce: 84:22:07:41:31:32:8c:84:e8:58:1b:8c:26:25:8e:a5:59:ab: d7:51:0e:af:a5:fb:c9:22:f9:d7:02:dc:79:ed:cd:9e:c1:b0: 11:26:0e:c2:4a:c1:7f:4e:e9:bd:96:2b:54:d7:57:b6:5d:fb: d8:e3:9c:cb:73:51:b3:f4:4e:cd:8e:da:22:d9:ad:8d:73:99: 98:b1:68:7b:9f:f9:2f:7a:e0:7c:ea:74:f2:87:18:1d:b5:a7: 40:6c:43:0b:4c:1b:d5:73:98:a9:22:53:9e:a5:d8:06:d3:ff: 04:db:6d:aa -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt9ylZKn2FMQtCgRmGLDSELMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQxZGQxY2U0ZWViOTJmZjUzYjYzMzg5MmZkNDU3YjAxMWUx MTcxZjEwHhcNMjYwMTAyMDgxOTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkY2U5MGM3ZGIzNGFlZThjYjBjNzIxMWRiOGIyZTkwZTNiNzBlMjkxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVH2WvlFp1NY0cXpVytV50aRLZhz sHcIgEjSkgLPvdU4CHfIa49JcNuBKshwW0taNLWs2NKr5G1z9wVexjO20SQ0tMc9 m1a0qmpxDtlZChNJ7f3kqf8hoEOH9VioBsk2iBqlLDXd8RibhB8AqJZjcSg5b8w6 gfqQoUYMZNVjutm/gHTEFnlJL7Obll9Nucv66RuXuWiRYZyc0b9v9YZBwA90xMJR vJlaw4+DwSwCKAzCpTEP+6y5TGSmjNnm+XN0aG4b1NUyuRciFpe8gTseYy/lJvVn HsfEc08tlbyM0ldVd+mOdyDC5r18uEzNKanHTX2eLSzPL2QUOgasZcsdBwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNzpDH2zSu6MsMchHbiy6Q47cOKRMB8GA1UdIwQY MBaAFEHdHOTuuS/1O2M4kv1FewEeEXHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMt ODg1MjFhZDk5YzdlLzEvM09rTWZiTks3b3l3eHlFZHVMTHBEanR3NHBFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9kYi8xYWNjNjEtYjk1YS00MDZlLTgwZmMtODg1MjFhZDk5Yzdl LzEvUWQwYzVPNjVMX1U3WXppU19VVjdBUjRSY2ZFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhQwwTAN BgkqhkiG9w0BAQsFAAOCAQEAd2Pl1TjEWjtH+LfL2kjMvuDC7fdiEs0r4S0mI7rx x6rueayaWIKeWxVdIRyFGbTqdBRYhyGraYqU3OyOdAgvGwQx+AnEncLziaVSFIT8 NQib+VX0AYe2D/95xqKj44T5rtpLMZ8U/gwUOgv1FrvZTb5iKrbBjN/e4KlXjl4S Kd/leYD6KT/Ya60CBcOZSY3OhCIHQTEyjIToWBuMJiWOpVmr11EOr6X7ySL51wLc ee3NnsGwESYOwkrBf07pvZYrVNdXtl372OOcy3NRs/ROzY7aItmtjXOZmLFoe5/5 L3rgfOp08ocYHbWnQGxDC0wb1XOYqSJTnqXYBtP/BNttqg== -----END CERTIFICATE-----Generated at Wed Jan 21 07:23:27 2026 by rpki-client