This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/ozI9FqQeFMr6a9EQEWwunUSWNyo.roa File: ozI9FqQeFMr6a9EQEWwunUSWNyo.roa (raw, json) Hash identifier: JhSkAeJT7kDK1ZM3fmXCcAHWjB5nY9Twt+Ukh1Zc4vU= Subject key identifier: A3:32:3D:16:A4:1E:14:CA:FA:6B:D1:10:11:6C:2E:9D:44:96:37:2A Certificate issuer: /CN=b689299bc49584a645940c1dd87df0afc8aaa0fd Certificate serial: 019B7910AAC289FD0A0602838A01CCE3D8DD Authority key identifier: B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/ozI9FqQeFMr6a9EQEWwunUSWNyo.roa Signing time: Thu 01 Jan 2026 10:18:14 +0000 ROA not before: Thu 01 Jan 2026 10:18:14 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 5607 IP address blocks: 2a0c:93c0:8000::/48 maxlen: 48 2a0c:93c0:8002::/48 maxlen: 48 2a0c:93c0:c002::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.mft rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 12 Jan 2026 00:00:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:aa:c2:89:fd:0a:06:02:83:8a:01:cc:e3:d8:dd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b689299bc49584a645940c1dd87df0afc8aaa0fd Validity Not Before: Jan 1 10:18:14 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=a3323d16a41e14cafa6bd110116c2e9d4496372a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:c5:b3:4f:b6:e9:8b:07:e6:a6:8a:e8:04:9c: 8c:89:22:97:31:ab:c7:16:0e:e6:32:c8:ed:52:53: f0:e7:c5:89:04:2b:ad:70:4d:bf:86:ab:cc:75:02: 2f:26:b9:d1:02:24:0c:6c:fa:f6:c8:fa:09:f8:af: 9f:a6:16:81:ce:90:a7:8e:64:20:80:95:64:7f:20: 0a:cc:f6:73:c2:9e:bb:a3:ae:73:45:e0:fa:59:a0: 5d:73:d2:81:5a:ce:5d:0d:a9:fa:6e:6a:03:df:e8: 1e:a9:1b:a9:ca:19:f9:7b:42:50:47:31:28:11:de: 0a:1d:4b:a0:f9:5a:58:68:17:e9:a0:fd:ef:6e:f6: d3:90:1a:de:8a:e0:d3:ea:a9:47:5a:d3:7f:e2:e2: f0:38:ba:37:46:b1:5c:34:c9:b0:70:b7:f8:5b:fb: db:2c:5d:df:a5:c2:c4:c7:b8:07:18:fa:ea:65:ed: 05:dc:3c:3c:84:98:53:46:28:4c:a4:11:cf:ea:c6: f3:c7:13:2a:15:79:b2:9a:59:de:5e:f7:1c:29:f9: 5c:ae:72:b9:ec:29:0c:29:54:18:b5:f7:52:70:dc: a1:21:4f:7e:99:f8:3a:3d:5d:38:cc:bc:27:89:b7: b9:65:a7:16:46:08:4b:92:75:64:ae:e1:b1:80:36: b7:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:32:3D:16:A4:1E:14:CA:FA:6B:D1:10:11:6C:2E:9D:44:96:37:2A X509v3 Authority Key Identifier: keyid:B6:89:29:9B:C4:95:84:A6:45:94:0C:1D:D8:7D:F0:AF:C8:AA:A0:FD X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tokpm8SVhKZFlAwd2H3wr8iqoP0.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/ozI9FqQeFMr6a9EQEWwunUSWNyo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/7ca61a-ce3d-4bac-9110-c0f3bad99a40/1/tokpm8SVhKZFlAwd2H3wr8iqoP0.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0c:93c0:8000::/48 2a0c:93c0:8002::/48 2a0c:93c0:c002::/48 Signature Algorithm: sha256WithRSAEncryption 98:2e:86:b9:34:3f:14:d4:54:b6:d2:b1:0b:d7:18:e2:92:d8: d3:90:ab:61:c6:c4:a5:15:f2:1a:3d:f9:0a:a0:5a:2e:1a:f6: 3f:d3:c2:f0:eb:90:3c:c4:c7:b6:8a:33:26:a4:30:c3:a7:d8: 10:31:0b:a7:bd:c5:61:2b:54:87:ce:76:f2:cd:b0:e8:f9:81: e3:9e:ea:81:3d:08:1c:4a:08:93:bf:72:28:f1:49:40:4f:76: 8d:6e:02:36:8a:4e:46:b5:77:19:d6:cd:05:c8:1e:8e:a5:ac: c6:1f:ab:c3:e9:39:53:c4:d4:04:00:5b:38:66:f6:ce:1d:03: b3:d1:47:04:c9:c3:87:23:88:97:03:25:bb:0d:57:71:18:bf: e2:33:bd:9c:99:86:0a:1e:2a:95:f8:d7:ea:4c:90:ea:a8:eb: 1f:89:be:89:3d:1b:09:90:8f:a5:b4:58:db:d8:77:47:77:34: 56:8e:a1:0b:ad:63:02:11:69:ae:bf:99:e8:eb:e4:60:b3:4c: 88:16:87:58:70:9d:ba:ab:53:7e:68:c1:13:16:78:2a:a6:0c: d1:d0:a2:3c:16:b1:37:37:55:c3:e1:6c:ea:59:98:85:c3:50: 0f:e5:3e:b0:f4:2a:96:c9:3a:8c:b8:21:dc:93:ea:c4:87:9d: e5:35:13:1b -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt5EKrCif0KBgKDigHM49jdMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGI2ODkyOTliYzQ5NTg0YTY0NTk0MGMxZGQ4N2RmMGFmYzhh YWEwZmQwHhcNMjYwMTAxMTAxODE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhMzMyM2QxNmE0MWUxNGNhZmE2YmQxMTAxMTZjMmU5ZDQ0OTYzNzJhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtMWzT7bpiwfmporoBJyMiSKXMavH Fg7mMsjtUlPw58WJBCutcE2/hqvMdQIvJrnRAiQMbPr2yPoJ+K+fphaBzpCnjmQg gJVkfyAKzPZzwp67o65zReD6WaBdc9KBWs5dDan6bmoD3+geqRupyhn5e0JQRzEo Ed4KHUug+VpYaBfpoP3vbvbTkBreiuDT6qlHWtN/4uLwOLo3RrFcNMmwcLf4W/vb LF3fpcLEx7gHGPrqZe0F3Dw8hJhTRihMpBHP6sbzxxMqFXmymlneXvccKflcrnK5 7CkMKVQYtfdScNyhIU9+mfg6PV04zLwnibe5ZacWRghLknVkruGxgDa39wIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFKMyPRakHhTK+mvREBFsLp1EljcqMB8GA1UdIwQY MBaAFLaJKZvElYSmRZQMHdh98K/IqqD9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAt YzBmM2JhZDk5YTQwLzEvb3pJOUZxUWVGTXI2YTlFUUVXd3VuVVNXTnlvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9mMy83Y2E2MWEtY2UzZC00YmFjLTkxMTAtYzBmM2JhZDk5YTQw LzEvdG9rcG04U1ZoS1pGbEF3ZDJIM3dyOGlxb1AwLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgyTwIAA AwcAKgyTwIACAwcAKgyTwMACMA0GCSqGSIb3DQEBCwUAA4IBAQCYLoa5ND8U1FS2 0rEL1xjiktjTkKthxsSlFfIaPfkKoFouGvY/08Lw65A8xMe2ijMmpDDDp9gQMQun vcVhK1SHznbyzbDo+YHjnuqBPQgcSgiTv3Io8UlAT3aNbgI2ik5GtXcZ1s0FyB6O pazGH6vD6TlTxNQEAFs4ZvbOHQOz0UcEycOHI4iXAyW7DVdxGL/iM72cmYYKHiqV +NfqTJDqqOsfib6JPRsJkI+ltFjb2HdHdzRWjqELrWMCEWmuv5no6+Rgs0yIFodY cJ26q1N+aMETFngqpgzR0KI8FrE3N1XD4WzqWZiFw1AP5T6w9CqWyTqMuCHck+rE h53lNRMb -----END CERTIFICATE-----Generated at Sun Jan 11 10:37:16 2026 by rpki-client