This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/cJoSZCFXqDtUSGkR6NyIWGdWJ5c.roa File: cJoSZCFXqDtUSGkR6NyIWGdWJ5c.roa (raw, json) Hash identifier: +4bfJl1WilU4FwTMIun4/VtCPiBZ9GR88vkRCY6T3TI= Subject key identifier: 70:9A:12:64:21:57:A8:3B:54:48:69:11:E8:DC:88:58:67:56:27:97 Certificate issuer: /CN=3b95aebaca73316dc4680c808b793e6a09565f1b Certificate serial: 019B7A5AFFA904F9326ED397B7BD0607819F Authority key identifier: 3B:95:AE:BA:CA:73:31:6D:C4:68:0C:80:8B:79:3E:6A:09:56:5F:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5WuuspzMW3EaAyAi3k-aglWXxs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/cJoSZCFXqDtUSGkR6NyIWGdWJ5c.roa Signing time: Thu 01 Jan 2026 16:19:02 +0000 ROA not before: Thu 01 Jan 2026 16:19:02 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204662 IP address blocks: 2a07:8d40:1::/48 maxlen: 48 2a07:8d40:1001::/48 maxlen: 48 2a07:8d40:2001::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/O5WuuspzMW3EaAyAi3k-aglWXxs.crl rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/O5WuuspzMW3EaAyAi3k-aglWXxs.mft rsync://rpki.ripe.net/repository/DEFAULT/O5WuuspzMW3EaAyAi3k-aglWXxs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sat 03 Jan 2026 10:01:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7a:5a:ff:a9:04:f9:32:6e:d3:97:b7:bd:06:07:81:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3b95aebaca73316dc4680c808b793e6a09565f1b Validity Not Before: Jan 1 16:19:02 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=709a12642157a83b54486911e8dc885867562797 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:25:15:ff:de:78:7a:65:13:d7:ea:bb:1b:d9: 29:f2:a7:55:57:17:23:d4:a4:bd:83:19:54:d6:6d: 33:f9:4b:a3:0d:80:74:4b:70:2a:1f:b7:63:4a:c0: 36:18:c9:ae:20:d4:7e:9a:42:9a:b9:6a:43:f0:15: 32:2b:fd:f3:5d:05:cd:e6:76:07:5e:5a:17:21:ce: 75:7e:7d:2a:8f:a9:00:48:55:b1:3f:79:c3:d5:34: b9:ff:fe:df:1c:10:95:14:ae:d6:52:9f:12:f7:36: 4e:64:ca:b5:62:6e:36:93:0c:8d:32:39:ff:82:85: bf:5a:76:59:92:29:d0:2c:a2:42:32:36:c0:1e:aa: 31:01:ef:ef:29:4f:f5:5d:80:d6:d9:aa:b3:06:8c: 7f:22:a3:f7:fa:c8:42:24:ee:87:ca:03:5d:4c:59: 66:26:32:39:71:7a:16:29:30:57:a6:44:6e:bd:94: 77:32:9a:e1:22:55:fe:cf:c7:c4:41:b6:92:00:d9: 60:85:25:cf:9e:8a:43:4c:c0:7f:d3:d9:63:ad:e2: b1:6e:4f:ba:b8:54:5a:66:3f:80:af:ba:6d:35:17: 9b:de:b1:4a:3b:86:d4:6d:cd:b1:44:a0:72:43:4c: ff:52:44:4a:6e:eb:49:d0:be:52:a3:57:24:09:69: f6:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:9A:12:64:21:57:A8:3B:54:48:69:11:E8:DC:88:58:67:56:27:97 X509v3 Authority Key Identifier: keyid:3B:95:AE:BA:CA:73:31:6D:C4:68:0C:80:8B:79:3E:6A:09:56:5F:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5WuuspzMW3EaAyAi3k-aglWXxs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/cJoSZCFXqDtUSGkR6NyIWGdWJ5c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/ab3f36-7850-4266-b67a-023cc1fc1910/1/O5WuuspzMW3EaAyAi3k-aglWXxs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:8d40:1::/48 2a07:8d40:1001::/48 2a07:8d40:2001::/48 Signature Algorithm: sha256WithRSAEncryption 5e:25:b4:8b:4f:b8:01:07:bc:e1:44:14:55:87:1b:a8:3c:8e: 83:b5:28:b5:bc:55:37:84:59:eb:1b:26:c0:9f:b8:12:3c:fc: d8:5e:1f:67:77:de:9c:b6:7f:92:9e:66:40:3f:70:a5:f3:f6: c8:f9:16:a0:b7:20:f8:a2:fa:21:6a:b3:bb:6d:c3:e7:15:57: fd:8b:57:3b:9d:8c:3c:4c:30:8c:b5:6e:2f:26:c0:49:9a:08: bf:80:7d:b6:61:27:29:33:62:22:6b:4e:dc:00:29:bb:7c:89: d5:08:39:2a:12:9b:da:cf:a9:1a:68:ac:5c:9f:98:fc:e7:13: ca:8f:8f:aa:03:4f:83:04:c3:5c:6a:65:d7:27:40:ce:f6:6f: 8a:e7:80:1e:8f:84:d9:75:b3:b3:04:ab:94:80:d2:fa:bb:7b: f3:41:3a:45:d3:c9:82:7f:b5:42:a5:cc:02:ce:b4:7e:25:b9: be:72:37:7c:2a:17:3b:ac:bc:a1:fb:c5:29:a2:d5:8b:2f:70: 84:2b:f0:b2:be:1a:e4:d6:a6:36:15:9d:e7:84:0f:b4:ae:61: 61:a9:45:6a:b1:fd:ef:90:ae:a6:f8:37:46:58:72:c5:e1:aa: d4:bc:cf:de:18:e2:c8:57:02:33:07:99:53:dd:dc:36:6e:0d: af:5e:c7:a7 -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZt6Wv+pBPkybtOXt70GB4GfMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNiOTVhZWJhY2E3MzMxNmRjNDY4MGM4MDhiNzkzZTZhMDk1 NjVmMWIwHhcNMjYwMTAxMTYxOTAyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg3MDlhMTI2NDIxNTdhODNiNTQ0ODY5MTFlOGRjODg1ODY3NTYyNzk3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCUV/954emUT1+q7G9kp8qdVVxcj 1KS9gxlU1m0z+UujDYB0S3AqH7djSsA2GMmuINR+mkKauWpD8BUyK/3zXQXN5nYH XloXIc51fn0qj6kASFWxP3nD1TS5//7fHBCVFK7WUp8S9zZOZMq1Ym42kwyNMjn/ goW/WnZZkinQLKJCMjbAHqoxAe/vKU/1XYDW2aqzBox/IqP3+shCJO6HygNdTFlm JjI5cXoWKTBXpkRuvZR3MprhIlX+z8fEQbaSANlghSXPnopDTMB/09ljreKxbk+6 uFRaZj+Ar7ptNReb3rFKO4bUbc2xRKByQ0z/UkRKbutJ0L5So1ckCWn27QIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFHCaEmQhV6g7VEhpEejciFhnVieXMB8GA1UdIwQY MBaAFDuVrrrKczFtxGgMgIt5PmoJVl8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTzVXdXVzcHpNVzNFYUF5QWkzay1hZ2xXWHhzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9hYjNmMzYtNzg1MC00MjY2LWI2N2Et MDIzY2MxZmMxOTEwLzEvY0pvU1pDRlhxRHRVU0drUjZOeUlXR2RXSjVjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC9lYy9hYjNmMzYtNzg1MC00MjY2LWI2N2EtMDIzY2MxZmMxOTEw LzEvTzVXdXVzcHpNVzNFYUF5QWkzay1hZ2xXWHhzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKgeNQAAB AwcAKgeNQBABAwcAKgeNQCABMA0GCSqGSIb3DQEBCwUAA4IBAQBeJbSLT7gBB7zh RBRVhxuoPI6DtSi1vFU3hFnrGybAn7gSPPzYXh9nd96ctn+SnmZAP3Cl8/bI+Rag tyD4ovoharO7bcPnFVf9i1c7nYw8TDCMtW4vJsBJmgi/gH22YScpM2Iia07cACm7 fInVCDkqEpvaz6kaaKxcn5j85xPKj4+qA0+DBMNcamXXJ0DO9m+K54Aej4TZdbOz BKuUgNL6u3vzQTpF08mCf7VCpcwCzrR+Jbm+cjd8Khc7rLyh+8UpotWLL3CEK/Cy vhrk1qY2FZ3nhA+0rmFhqUVqsf3vkK6m+DdGWHLF4arUvM/eGOLIVwIzB5lT3dw2 bg2vXsen -----END CERTIFICATE-----Generated at Fri Jan 2 18:20:48 2026 by rpki-client