This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/1SSyQfD3O61r-0_FItqO3lw_MmA.roa File: 1SSyQfD3O61r-0_FItqO3lw_MmA.roa (raw, json) Hash identifier: RJ3ZJVTKNWpK9z9PjQZWQb60GRcUi85TrZFBl50s/Uk= Subject key identifier: D5:24:B2:41:F0:F7:3B:AD:6B:FB:4F:C5:22:DA:8E:DE:5C:3F:32:60 Certificate issuer: /CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5 Certificate serial: 019B78A210E901570203FFDE89777DA1A1F8 Authority key identifier: 36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/1SSyQfD3O61r-0_FItqO3lw_MmA.roa Signing time: Thu 01 Jan 2026 08:17:25 +0000 ROA not before: Thu 01 Jan 2026 08:17:25 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 6079 IP address blocks: 2a09:dc00::/29 maxlen: 29 2a0a:1f40::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.mft rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 20 Jan 2026 08:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:78:a2:10:e9:01:57:02:03:ff:de:89:77:7d:a1:a1:f8 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3622fc2f8ad8b008357dbe6f0195960c9de61bd5 Validity Not Before: Jan 1 08:17:25 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=d524b241f0f73bad6bfb4fc522da8ede5c3f3260 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:8a:f3:fc:e1:68:37:27:b4:c5:6a:4e:0e:85: 3a:e1:f7:40:42:ea:af:40:56:0f:e3:d1:a8:8b:4f: 06:60:ce:1f:57:b8:4f:e9:48:44:0b:95:95:bc:64: 94:ee:bc:d7:32:68:2a:bd:9c:63:7b:53:d9:61:ca: 24:af:4f:1a:18:18:e7:31:d0:b4:dd:33:8b:6b:69: 81:31:83:a9:4c:2b:f8:d9:06:65:88:5b:61:b2:48: b6:52:29:3a:00:bc:ef:78:04:27:5c:55:f5:a5:91: 75:25:56:99:c1:04:28:ef:49:a3:a3:45:fd:2d:e4: 44:01:69:19:86:47:03:89:9d:4c:70:f5:5c:f0:a6: 5b:3d:b3:50:13:a8:09:48:03:80:71:8e:85:c5:f5: 21:4b:31:3d:1c:fd:ef:2c:ff:73:5a:a7:99:7d:75: 2f:d7:e4:3a:c3:50:be:18:06:04:b1:38:3c:30:c1: a0:0d:c8:83:02:63:89:72:62:7c:3c:a0:3c:ac:1e: 8b:39:47:99:0c:f2:0b:04:f3:db:a5:23:ff:62:7f: e3:c7:f1:8c:41:b3:b2:4c:6c:9b:01:57:08:fd:6b: b1:b2:86:4c:b5:0d:ae:3a:4b:f9:f9:7e:99:ca:e1: 9c:17:b1:54:fd:6d:a6:63:99:10:3c:2e:00:9a:bd: c7:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:24:B2:41:F0:F7:3B:AD:6B:FB:4F:C5:22:DA:8E:DE:5C:3F:32:60 X509v3 Authority Key Identifier: keyid:36:22:FC:2F:8A:D8:B0:08:35:7D:BE:6F:01:95:96:0C:9D:E6:1B:D5 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/1SSyQfD3O61r-0_FItqO3lw_MmA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/f63e58-9efc-4082-82bb-08835dff6c4f/1/NiL8L4rYsAg1fb5vAZWWDJ3mG9U.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a09:dc00::/29 2a0a:1f40::/29 Signature Algorithm: sha256WithRSAEncryption ac:76:dd:00:22:b4:90:35:ea:36:a7:ef:14:b6:a6:2e:11:71: e3:5f:1c:0a:1e:07:6d:e4:13:35:db:85:12:c7:d2:7b:4c:1e: 96:6e:b0:24:82:82:f7:94:b2:46:9f:b5:fa:57:e7:00:ae:0b: 2b:c5:f8:4b:9c:80:f3:bd:60:45:9f:ac:d6:4e:2a:08:8d:f9: 7a:93:25:2d:d6:5e:bc:ea:dc:ff:32:af:d9:28:46:81:55:0b: dc:9e:45:27:16:bd:ff:fe:15:c9:28:09:aa:5b:76:6e:76:eb: db:96:fe:2d:ec:8b:eb:8b:1e:02:da:a8:45:57:c2:5a:42:5b: 68:03:ff:1f:da:87:cb:91:45:99:b2:69:4e:f0:67:01:2d:a8: a9:fd:b7:0e:70:84:a1:f1:d7:ab:f2:77:92:af:1f:53:02:63: 4c:00:e8:00:9f:11:f9:b5:b7:b6:07:23:c5:0d:cb:5f:3f:fe: 51:ee:f5:7a:90:11:f3:5d:cb:dd:8f:ae:bc:2f:e1:e1:37:e6: 62:3a:41:31:a7:82:d1:ed:db:64:64:b7:2b:2f:1f:cf:94:2d: 16:4b:d3:b8:4b:27:9f:8a:f2:40:ad:25:bd:12:60:2d:8b:b0: 2f:6c:1e:d1:08:b6:a1:98:31:15:a4:ec:bb:06:55:5e:e6:c6: ee:14:e9:1d -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt4ohDpAVcCA//eiXd9oaH4MA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDM2MjJmYzJmOGFkOGIwMDgzNTdkYmU2ZjAxOTU5NjBjOWRl NjFiZDUwHhcNMjYwMTAxMDgxNzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkNTI0YjI0MWYwZjczYmFkNmJmYjRmYzUyMmRhOGVkZTVjM2YzMjYwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw4rz/OFoNye0xWpODoU64fdAQuqv QFYP49Goi08GYM4fV7hP6UhEC5WVvGSU7rzXMmgqvZxje1PZYcokr08aGBjnMdC0 3TOLa2mBMYOpTCv42QZliFthski2Uik6ALzveAQnXFX1pZF1JVaZwQQo70mjo0X9 LeREAWkZhkcDiZ1McPVc8KZbPbNQE6gJSAOAcY6FxfUhSzE9HP3vLP9zWqeZfXUv 1+Q6w1C+GAYEsTg8MMGgDciDAmOJcmJ8PKA8rB6LOUeZDPILBPPbpSP/Yn/jx/GM QbOyTGybAVcI/WuxsoZMtQ2uOkv5+X6ZyuGcF7FU/W2mY5kQPC4Amr3HMQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFNUkskHw9zuta/tPxSLajt5cPzJgMB8GA1UdIwQY MBaAFDYi/C+K2LAINX2+bwGVlgyd5hvVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmIt MDg4MzVkZmY2YzRmLzEvMVNTeVFmRDNPNjFyLTBfRkl0cU8zbHdfTW1BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMS9mNjNlNTgtOWVmYy00MDgyLTgyYmItMDg4MzVkZmY2YzRm LzEvTmlMOEw0cllzQWcxZmI1dkFaV1dESjNtRzlVLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKgncAAMF AyoKH0AwDQYJKoZIhvcNAQELBQADggEBAKx23QAitJA16jan7xS2pi4RceNfHAoe B23kEzXbhRLH0ntMHpZusCSCgveUskaftfpX5wCuCyvF+EucgPO9YEWfrNZOKgiN +XqTJS3WXrzq3P8yr9koRoFVC9yeRScWvf/+FckoCapbdm5269uW/i3si+uLHgLa qEVXwlpCW2gD/x/ah8uRRZmyaU7wZwEtqKn9tw5whKHx16vyd5KvH1MCY0wA6ACf Efm1t7YHI8UNy18//lHu9XqQEfNdy92Prrwv4eE35mI6QTGngtHt22RktysvH8+U LRZL07hLJ5+K8kCtJb0SYC2LsC9sHtEItqGYMRWk7LsGVV7mxu4U6R0= -----END CERTIFICATE-----Generated at Mon Jan 19 16:52:00 2026 by rpki-client