This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/3Yx2vfa7XpKGoKje1_1k7pHSStk.roa File: 3Yx2vfa7XpKGoKje1_1k7pHSStk.roa (raw, json) Hash identifier: 4SXl0Toh/4xYp5qzMatRJXmfZoTd3stX8dho8IkBhRc= Subject key identifier: DD:8C:76:BD:F6:BB:5E:92:86:A0:A8:DE:D7:FD:64:EE:91:D2:4A:D9 Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f Certificate serial: 019B7F157F6513BBCD17D2BC291618604CD7 Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/3Yx2vfa7XpKGoKje1_1k7pHSStk.roa Signing time: Fri 02 Jan 2026 14:21:13 +0000 ROA not before: Fri 02 Jan 2026 14:21:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 8075 IP address blocks: 2a01:6f8:c2e0::/48 maxlen: 50 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.mft rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 19 Jan 2026 06:00:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:7f:65:13:bb:cd:17:d2:bc:29:16:18:60:4c:d7 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f Validity Not Before: Jan 2 14:21:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd8c76bdf6bb5e9286a0a8ded7fd64ee91d24ad9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:75:3b:98:e4:55:c6:32:5a:5f:ad:3b:37:32: 27:47:d3:c5:0b:5c:ea:3d:12:fa:6d:ef:00:de:53: b1:d3:e8:e1:2f:0f:32:6a:67:dc:d3:b8:40:4f:ed: 15:3d:d1:23:5b:61:19:35:5d:8c:6f:b0:0b:5d:3c: ae:77:bf:e0:7e:5b:9e:0b:b8:16:de:05:b5:0f:a6: d9:07:9a:b6:99:2c:0f:13:35:d3:13:d1:ec:68:d7: a0:12:66:3c:b7:d8:14:d6:e1:3f:c6:77:18:15:f6: 36:75:2a:8d:20:2c:6e:7e:83:29:b5:53:09:a5:18: 83:00:b8:c3:a7:b2:c4:a9:dd:35:55:48:11:d8:d8: b6:a7:04:f3:0e:3d:8c:a0:01:ae:b7:34:0c:5f:16: f1:57:7c:d2:df:4f:f2:f1:ae:ca:46:6a:fb:f4:38: d9:2a:bc:a4:d4:dd:c5:e8:b9:5b:ff:b5:8f:cb:fe: 4c:df:ce:cc:27:60:2b:cc:f9:e2:66:7f:bb:1f:e9: 59:6e:59:cb:f7:27:9b:63:21:9a:31:46:a6:e1:89: 90:69:26:5e:2f:c4:0c:e4:48:7d:a7:b5:63:77:53: 16:cd:9f:ad:16:e7:f8:fa:b7:c6:3d:08:7b:70:b4: 8b:49:82:2b:af:6b:b3:03:7e:fb:59:a5:54:ad:a9: 5b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:8C:76:BD:F6:BB:5E:92:86:A0:A8:DE:D7:FD:64:EE:91:D2:4A:D9 X509v3 Authority Key Identifier: keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/3Yx2vfa7XpKGoKje1_1k7pHSStk.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:6f8:c2e0::/48 Signature Algorithm: sha256WithRSAEncryption 79:bd:c7:d2:51:0e:0c:46:5f:4d:45:d0:56:f7:94:76:0c:0d: 78:26:44:1c:1a:b9:f0:0a:34:64:e4:0d:6c:4f:a2:7d:85:b5: 00:6d:92:e5:2a:60:0e:8b:e8:81:bd:8e:6e:10:10:1c:71:f1: 59:52:cc:7f:c7:88:f9:17:3c:94:ed:fc:62:58:9c:8c:c3:ff: 72:cb:75:6a:2e:97:1a:8a:c7:4a:09:a2:f7:dd:84:14:28:20: fc:17:32:03:8b:2e:51:62:7e:de:d1:8a:ba:a0:73:08:0a:53: 37:35:fa:17:3f:a8:91:9c:8b:11:26:3d:bd:b2:b7:33:44:a5: ef:3b:23:56:1c:88:4e:c4:b4:7c:fd:c7:a0:97:bc:fe:7a:40: ed:4e:33:30:9d:21:74:99:a5:56:6c:33:6b:50:8f:b6:54:de: 35:ff:03:4f:ab:e0:f0:df:a5:d4:a2:17:10:26:90:75:4b:80: cb:ef:d0:4c:e6:66:a3:3b:ad:ed:b2:54:b9:5e:0a:ad:51:06: fd:a7:9c:d9:a9:32:54:f8:57:66:25:ba:e4:fc:cf:28:21:b7: 16:3c:e5:a4:1b:49:a6:4a:9d:c2:9d:bc:a5:ab:83:94:be:3e: 00:6f:dd:b0:07:19:48:8e:34:13:6d:96:f6:05:f1:ce:da:42: ea:1a:55:66 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FX9lE7vNF9K8KRYYYEzXMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4 ZDQ3OWYwHhcNMjYwMTAyMTQyMTEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDhjNzZiZGY2YmI1ZTkyODZhMGE4ZGVkN2ZkNjRlZTkxZDI0YWQ5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnU7mORVxjJaX607NzInR9PFC1zq PRL6be8A3lOx0+jhLw8yamfc07hAT+0VPdEjW2EZNV2Mb7ALXTyud7/gflueC7gW 3gW1D6bZB5q2mSwPEzXTE9HsaNegEmY8t9gU1uE/xncYFfY2dSqNICxufoMptVMJ pRiDALjDp7LEqd01VUgR2Ni2pwTzDj2MoAGutzQMXxbxV3zS30/y8a7KRmr79DjZ Kryk1N3F6Llb/7WPy/5M387MJ2ArzPniZn+7H+lZblnL9yebYyGaMUam4YmQaSZe L8QM5Eh9p7Vjd1MWzZ+tFuf4+rfGPQh7cLSLSYIrr2uzA377WaVUralbhwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFN2Mdr32u16ShqCo3tf9ZO6R0krZMB8GA1UdIwQY MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt YjE2NmFlMmVmMjg3LzEvM1l4MnZmYTdYcEtHb0tqZTFfMWs3cEhTU3RrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3 LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEG+MLg MA0GCSqGSIb3DQEBCwUAA4IBAQB5vcfSUQ4MRl9NRdBW95R2DA14JkQcGrnwCjRk 5A1sT6J9hbUAbZLlKmAOi+iBvY5uEBAccfFZUsx/x4j5FzyU7fxiWJyMw/9yy3Vq LpcaisdKCaL33YQUKCD8FzIDiy5RYn7e0Yq6oHMIClM3NfoXP6iRnIsRJj29srcz RKXvOyNWHIhOxLR8/cegl7z+ekDtTjMwnSF0maVWbDNrUI+2VN41/wNPq+Dw36XU ohcQJpB1S4DL79BM5majO63tslS5XgqtUQb9p5zZqTJU+FdmJbrk/M8oIbcWPOWk G0mmSp3Cnbylq4OUvj4Ab92wBxlIjjQTbZb2BfHO2kLqGlVm -----END CERTIFICATE-----Generated at Sun Jan 18 16:37:48 2026 by rpki-client