This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/3bPVd7jFCS7N3e5JXMYi_9rWaCg.roa File: 3bPVd7jFCS7N3e5JXMYi_9rWaCg.roa (raw, json) Hash identifier: JHMYdqdnq4mAo5n4eKgm6BzdJx3xO4yBvGMrRLec2ec= Subject key identifier: DD:B3:D5:77:B8:C5:09:2E:CD:DD:EE:49:5C:C6:22:FF:DA:D6:68:28 Certificate issuer: /CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Certificate serial: 019B7B358ADD89D81A52AE2FC5BB51282A98 Authority key identifier: 67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/3bPVd7jFCS7N3e5JXMYi_9rWaCg.roa Signing time: Thu 01 Jan 2026 20:17:45 +0000 ROA not before: Thu 01 Jan 2026 20:17:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 213436 IP address blocks: 2a14:67c1:500::/40 maxlen: 48 2a14:67c1:600::/40 maxlen: 48 2a14:67c1:1000::/36 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.mft rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7b:35:8a:dd:89:d8:1a:52:ae:2f:c5:bb:51:28:2a:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=67f31bde46516347f4edfcbe30edac9a09e4e0e0 Validity Not Before: Jan 1 20:17:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ddb3d577b8c5092ecdddee495cc622ffdad66828 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e2:3d:4a:84:02:ae:91:39:3a:ca:8d:0b:97: e2:4a:a2:4c:cc:5d:22:fe:49:24:4b:02:9f:f1:5f: b9:d1:aa:47:66:43:3d:14:47:e9:a8:da:9d:86:93: 5f:5a:70:18:43:b7:f9:de:5b:3b:77:2a:60:e0:d0: 20:6b:14:63:84:b0:cd:50:df:dc:85:70:c5:5a:1a: f4:11:5f:4f:8b:58:57:33:64:bf:1e:fe:1b:a4:dd: 52:5b:76:7b:2b:d5:06:74:1e:91:13:e7:19:2d:df: fc:80:da:a5:c8:21:d8:b3:99:bd:47:ba:ae:d9:24: 0d:01:d1:98:cf:c7:36:1a:e4:bf:16:48:e2:f3:c5: ef:84:2c:c9:e3:46:13:75:7d:3a:cf:ea:6a:88:8b: d8:0b:e2:f0:cb:b1:49:f8:fb:af:c7:cc:bc:10:dd: 22:a3:c7:5f:d9:ec:a1:a2:e5:2b:67:73:72:b6:f5: 18:52:7e:7b:83:f3:09:9d:41:e0:df:d3:e5:b5:4e: 80:ef:02:22:7d:7c:c8:0b:ce:84:d3:44:1f:07:94: 3f:1e:d1:d8:9b:cf:65:ac:1e:41:af:28:b7:32:5b: a4:5f:02:aa:7d:c9:6f:95:66:ae:5d:58:74:d8:e7: 90:3e:f6:76:0c:20:8e:69:63:7e:95:a0:fc:38:c8: 88:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:B3:D5:77:B8:C5:09:2E:CD:DD:EE:49:5C:C6:22:FF:DA:D6:68:28 X509v3 Authority Key Identifier: keyid:67:F3:1B:DE:46:51:63:47:F4:ED:FC:BE:30:ED:AC:9A:09:E4:E0:E0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z_Mb3kZRY0f07fy-MO2smgnk4OA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/3bPVd7jFCS7N3e5JXMYi_9rWaCg.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/00/732b6c-48e4-4350-8a56-f6cc4ef0f7df/1/Z_Mb3kZRY0f07fy-MO2smgnk4OA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:67c1:500::-2a14:67c1:6ff:ffff:ffff:ffff:ffff:ffff 2a14:67c1:1000::/36 Signature Algorithm: sha256WithRSAEncryption 8e:a0:3f:bb:09:48:b2:e4:d1:d8:77:f5:59:f5:2f:7d:c3:5e: 64:25:18:b6:78:9b:4e:2e:b6:9e:c2:b9:f3:9a:6a:97:d6:6f: 0b:f5:a4:26:c9:49:78:a2:fc:d6:1b:b9:cc:5b:ec:59:28:85: d3:05:a5:b1:1e:11:b7:6e:36:5b:1e:e3:58:57:c2:99:83:ff: e1:5b:6e:66:85:43:76:ac:32:2e:13:83:00:a3:d0:e5:59:cc: fc:39:e3:c5:79:a0:dc:56:4f:d7:6c:6a:2b:e7:6b:06:c5:db: b1:d9:c0:f4:74:4d:91:4b:87:63:59:b3:09:ee:4f:bf:15:1b: 85:d6:ff:9e:c0:f7:ff:7f:24:93:55:5c:c8:de:7f:f9:1f:b4: e7:de:af:e4:af:43:a7:63:8f:02:a8:52:8b:1f:31:f4:a9:c3: f2:9f:91:7e:ce:ea:2f:0c:d1:9e:35:3b:d5:cf:61:a2:86:4e: bb:2d:62:ac:8e:ea:70:56:7d:45:67:ee:90:be:cf:83:69:4e: 0a:90:99:fa:88:77:a0:92:7c:8a:f7:22:23:e4:98:0e:ca:bc: 06:c1:ed:67:e0:47:f3:bd:fd:c5:a2:b2:1d:6d:12:1d:2a:bc: 81:82:56:fe:b8:c6:ca:f9:e5:e7:f5:fa:71:54:95:1f:3c:2a: 62:1d:79:4d -----BEGIN CERTIFICATE----- MIIFETCCA/mgAwIBAgISAZt7NYrdidgaUq4vxbtRKCqYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDY3ZjMxYmRlNDY1MTYzNDdmNGVkZmNiZTMwZWRhYzlhMDll NGUwZTAwHhcNMjYwMTAxMjAxNzQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZGIzZDU3N2I4YzUwOTJlY2RkZGVlNDk1Y2M2MjJmZmRhZDY2ODI4MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquI9SoQCrpE5OsqNC5fiSqJMzF0i /kkkSwKf8V+50apHZkM9FEfpqNqdhpNfWnAYQ7f53ls7dypg4NAgaxRjhLDNUN/c hXDFWhr0EV9Pi1hXM2S/Hv4bpN1SW3Z7K9UGdB6RE+cZLd/8gNqlyCHYs5m9R7qu 2SQNAdGYz8c2GuS/Fkji88XvhCzJ40YTdX06z+pqiIvYC+Lwy7FJ+Puvx8y8EN0i o8df2eyhouUrZ3NytvUYUn57g/MJnUHg39PltU6A7wIifXzIC86E00QfB5Q/HtHY m89lrB5Bryi3MlukXwKqfclvlWauXVh02OeQPvZ2DCCOaWN+laD8OMiIIwIDAQAB o4ICHTCCAhkwHQYDVR0OBBYEFN2z1Xe4xQkuzd3uSVzGIv/a1mgoMB8GA1UdIwQY MBaAFGfzG95GUWNH9O38vjDtrJoJ5ODgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYt ZjZjYzRlZjBmN2RmLzEvM2JQVmQ3akZDUzdOM2U1SlhNWWlfOXJXYUNnLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8wMC83MzJiNmMtNDhlNC00MzUwLThhNTYtZjZjYzRlZjBmN2Rm LzEvWl9NYjNrWlJZMGYwN2Z5LU1PMnNtZ25rNE9BLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaMBADBgAqFGfB BQMGACoUZ8EGAwYEKhRnwRAwDQYJKoZIhvcNAQELBQADggEBAI6gP7sJSLLk0dh3 9Vn1L33DXmQlGLZ4m04utp7CufOaapfWbwv1pCbJSXii/NYbucxb7FkohdMFpbEe EbduNlse41hXwpmD/+FbbmaFQ3asMi4TgwCj0OVZzPw548V5oNxWT9dsaivnawbF 27HZwPR0TZFLh2NZswnuT78VG4XW/57A9/9/JJNVXMjef/kftOfer+SvQ6djjwKo UosfMfSpw/KfkX7O6i8M0Z41O9XPYaKGTrstYqyO6nBWfUVn7pC+z4NpTgqQmfqI d6CSfIr3IiPkmA7KvAbB7WfgR/O9/cWish1tEh0qvIGCVv64xsr55ef1+nFUlR88 KmIdeU0= -----END CERTIFICATE-----Generated at Sun Jan 25 12:01:31 2026 by rpki-client