This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/igm3-NIqQRhNu9yZxNTMh_1HJYo.roa File: igm3-NIqQRhNu9yZxNTMh_1HJYo.roa (raw, json) Hash identifier: cfGF5AAxd5HmRNRxM7Asm85cxUZHuluzpiB9gp54keg= Subject key identifier: 8A:09:B7:F8:D2:2A:41:18:4D:BB:DC:99:C4:D4:CC:87:FD:47:25:8A Certificate issuer: /CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Certificate serial: 019B7F841DF02455ADC1AE941EC5C9DD6814 Authority key identifier: BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/igm3-NIqQRhNu9yZxNTMh_1HJYo.roa Signing time: Fri 02 Jan 2026 16:22:03 +0000 ROA not before: Fri 02 Jan 2026 16:22:03 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 398105 IP address blocks: 2a01:488:bb10::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.mft rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:84:1d:f0:24:55:ad:c1:ae:94:1e:c5:c9:dd:68:14 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=ba6ed0fb7b320832ac1580534c7b263f304e981b Validity Not Before: Jan 2 16:22:03 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=8a09b7f8d22a41184dbbdc99c4d4cc87fd47258a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:36:e7:21:60:cb:35:95:54:b1:46:3f:92:32: ec:46:fe:b3:c8:ca:bf:02:ee:81:4d:d3:c9:03:e8: ad:90:bc:52:da:96:e8:e9:ed:de:39:ec:3f:75:db: 83:4f:66:fe:ca:a2:55:e4:10:59:82:b7:55:02:ef: 48:2d:ee:c3:46:e6:30:b6:0a:75:73:9d:02:38:2b: 16:52:0a:84:49:31:18:34:a6:dd:df:6f:ee:c5:fb: 46:61:ac:f6:ca:7e:f6:b3:b7:ec:97:5b:d3:01:cb: 6e:33:58:3a:fe:ef:a0:95:d5:3e:61:80:7b:cb:7f: c8:e8:98:f2:43:4d:dd:07:6b:d9:08:9e:ff:3f:89: 96:fd:3e:b8:b8:8c:4e:64:71:6e:54:f3:2d:52:a9: 0f:d5:c9:8d:8a:a6:41:c2:6c:cb:23:ff:21:13:72: b2:0a:be:2a:2b:d4:d7:1c:99:e0:52:b2:2b:b6:d1: 12:79:e9:e7:b4:ed:1a:54:42:c3:4a:b1:65:35:1d: fd:8d:99:d0:e6:f2:c8:ce:94:be:fc:29:1d:00:d0: 6e:b2:91:82:cc:63:c1:48:ec:ca:c3:c4:f8:90:48: ee:a7:ac:34:3b:79:c1:2d:9a:b9:69:e9:a8:d7:66: ca:5e:3c:1f:40:49:65:07:6e:96:ef:cf:b2:74:7e: 6b:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:09:B7:F8:D2:2A:41:18:4D:BB:DC:99:C4:D4:CC:87:FD:47:25:8A X509v3 Authority Key Identifier: keyid:BA:6E:D0:FB:7B:32:08:32:AC:15:80:53:4C:7B:26:3F:30:4E:98:1B X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/um7Q-3syCDKsFYBTTHsmPzBOmBs.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/igm3-NIqQRhNu9yZxNTMh_1HJYo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/20/42041d-5931-4824-9254-161f342387d1/1/um7Q-3syCDKsFYBTTHsmPzBOmBs.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:488:bb10::/48 Signature Algorithm: sha256WithRSAEncryption 8a:e0:38:bd:ee:4a:5a:f8:14:31:e7:1d:42:aa:f4:27:22:b8: 66:21:99:a9:8e:6d:35:e1:97:dc:e9:bd:94:e3:03:50:bc:3d: b1:e0:fe:5f:bd:1e:5d:6f:6d:7c:2e:4e:b4:30:5c:04:42:68: c1:16:b2:57:12:da:b4:ca:20:42:db:06:ad:f2:5f:4b:a3:59: 21:63:c2:29:3f:83:86:0b:a7:b2:a3:e3:17:bd:0c:4c:32:a2: d6:da:57:61:7f:2f:25:3f:91:e4:0b:a9:bf:11:f8:b2:00:cf: 47:d8:3e:63:a7:66:6b:18:36:c9:5f:b8:3b:e2:a8:cc:0d:a8: dd:b6:ee:a2:6f:ed:fd:0a:32:12:f3:9b:bf:09:85:eb:0e:bb: ba:22:16:87:0d:c2:30:b1:af:f4:4b:53:0e:5b:05:28:41:35: ec:7a:d5:29:cb:eb:4f:ba:8b:fa:02:1d:da:a4:c3:43:b9:00: a9:22:ff:f7:8f:47:2b:ca:ec:1b:c2:a6:3b:48:09:1d:bc:a3: 5c:f4:a4:a2:a7:53:11:39:e3:ec:51:75:46:ff:e1:fc:70:19: 18:ef:cb:5f:46:f6:ac:f3:7a:7e:df:c6:19:f6:83:56:41:c4: 3c:ee:ff:c7:ca:c6:71:bf:f0:e8:b9:fa:75:1d:bc:0e:47:8f: 35:2a:c5:6c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/hB3wJFWtwa6UHsXJ3WgUMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGJhNmVkMGZiN2IzMjA4MzJhYzE1ODA1MzRjN2IyNjNmMzA0 ZTk4MWIwHhcNMjYwMTAyMTYyMjAzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg4YTA5YjdmOGQyMmE0MTE4NGRiYmRjOTljNGQ0Y2M4N2ZkNDcyNThhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDbnIWDLNZVUsUY/kjLsRv6zyMq/ Au6BTdPJA+itkLxS2pbo6e3eOew/dduDT2b+yqJV5BBZgrdVAu9ILe7DRuYwtgp1 c50COCsWUgqESTEYNKbd32/uxftGYaz2yn72s7fsl1vTActuM1g6/u+gldU+YYB7 y3/I6JjyQ03dB2vZCJ7/P4mW/T64uIxOZHFuVPMtUqkP1cmNiqZBwmzLI/8hE3Ky Cr4qK9TXHJngUrIrttESeenntO0aVELDSrFlNR39jZnQ5vLIzpS+/CkdANBuspGC zGPBSOzKw8T4kEjup6w0O3nBLZq5aemo12bKXjwfQEllB26W78+ydH5rmwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFIoJt/jSKkEYTbvcmcTUzIf9RyWKMB8GA1UdIwQY MBaAFLpu0Pt7MggyrBWAU0x7Jj8wTpgbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQt MTYxZjM0MjM4N2QxLzEvaWdtMy1OSXFRUmhOdTl5WnhOVE1oXzFISllvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMC80MjA0MWQtNTkzMS00ODI0LTkyNTQtMTYxZjM0MjM4N2Qx LzEvdW03US0zc3lDREtzRllCVFRIc21QekJPbUJzLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgEEiLsQ MA0GCSqGSIb3DQEBCwUAA4IBAQCK4Di97kpa+BQx5x1CqvQnIrhmIZmpjm014Zfc 6b2U4wNQvD2x4P5fvR5db218Lk60MFwEQmjBFrJXEtq0yiBC2wat8l9Lo1khY8Ip P4OGC6eyo+MXvQxMMqLW2ldhfy8lP5HkC6m/EfiyAM9H2D5jp2ZrGDbJX7g74qjM Dajdtu6ib+39CjIS85u/CYXrDru6IhaHDcIwsa/0S1MOWwUoQTXsetUpy+tPuov6 Ah3apMNDuQCpIv/3j0cryuwbwqY7SAkdvKNc9KSip1MROePsUXVG/+H8cBkY78tf Rvas83p+38YZ9oNWQcQ87v/HysZxv/Doufp1HbwOR481KsVs -----END CERTIFICATE-----Generated at Sun Jan 25 14:20:34 2026 by rpki-client