This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/3_CiK562_dUZNZ3_jrLDLES3Cuc.roa File: 3_CiK562_dUZNZ3_jrLDLES3Cuc.roa (raw, json) Hash identifier: OThUpXsRf5i9hvgvSSvsO2HlTcX05269ZdZLERfG1DM= Subject key identifier: DF:F0:A2:2B:9E:B6:FD:D5:19:35:9D:FF:8E:B2:C3:2C:44:B7:0A:E7 Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf Certificate serial: 019AD9D8147933D9023B1D00B150F1CE55AB Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/3_CiK562_dUZNZ3_jrLDLES3Cuc.roa Signing time: Mon 01 Dec 2025 12:16:48 +0000 ROA not before: Mon 01 Dec 2025 12:16:48 +0000 ROA not after: Wed 01 Jul 2026 00:00:00 +0000 asID: 327790 IP address blocks: 2a0f:d300::/48 maxlen: 48 2a0f:d301::/48 maxlen: 48 2a0f:d302::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Sun 07 Dec 2025 00:00:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9a:d9:d8:14:79:33:d9:02:3b:1d:00:b1:50:f1:ce:55:ab Signature Algorithm: sha256WithRSAEncryption Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf Validity Not Before: Dec 1 12:16:48 2025 GMT Not After : Jul 1 00:00:00 2026 GMT Subject: CN=dff0a22b9eb6fdd519359dff8eb2c32c44b70ae7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:25:41:06:c4:ea:96:b0:e7:fb:11:bb:ea:91: a8:d4:58:a0:72:18:d3:1f:a3:3a:43:37:63:f6:4e: 95:74:2f:a9:76:5e:ca:79:be:b5:63:70:8f:eb:05: 0c:e7:ca:9c:c4:6f:41:17:a4:f1:6d:3b:20:d2:4e: 94:49:a4:59:73:1c:4f:c9:a9:1d:3f:24:09:da:fa: 34:d6:7e:a2:71:88:eb:cb:ef:e4:99:ee:54:c3:60: a3:93:42:85:74:83:16:da:40:2d:4a:c0:0d:b9:55: 69:f7:52:8e:69:2c:72:34:cd:25:3a:a3:88:00:e1: ec:5e:5b:56:c8:89:17:45:96:f8:13:a1:31:54:ab: 18:64:70:43:26:4d:b9:ae:4d:7d:2a:25:d2:b2:67: da:b9:50:5a:d8:4f:63:e5:65:9d:5b:78:21:14:68: 7a:a8:f8:01:24:9b:7c:3a:f2:8a:e4:a4:1d:be:97: 6a:ca:a0:b4:a7:dd:2b:e2:a4:c5:4a:8a:ca:8b:67: 30:db:8c:c3:f9:35:94:8c:56:72:d1:7f:d0:08:97: 0c:d9:f8:71:fc:72:16:b0:f3:04:c2:53:2b:29:b6: d7:52:64:b8:c9:f9:5b:ea:ee:50:ed:0c:ce:7c:34: 31:e5:51:30:cb:57:a9:54:52:1c:d8:27:1e:6b:1c: 7e:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:F0:A2:2B:9E:B6:FD:D5:19:35:9D:FF:8E:B2:C3:2C:44:B7:0A:E7 X509v3 Authority Key Identifier: keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/3_CiK562_dUZNZ3_jrLDLES3Cuc.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0f:d300::/48 2a0f:d301::/48 2a0f:d302::/48 Signature Algorithm: sha256WithRSAEncryption 6f:64:79:40:3e:cb:0b:29:89:1a:29:24:19:b0:e4:1c:c2:ee: a1:0d:d3:3e:aa:ee:b1:71:f9:7e:29:82:4e:19:ba:8e:ea:ad: 73:c0:54:a7:a7:e7:80:18:51:99:a7:e3:c1:b7:40:aa:9b:fc: cb:00:8f:c5:7e:89:3e:5d:94:70:29:69:2d:a5:2c:3a:c2:c0: 48:6c:a3:74:55:a4:f2:74:30:6a:56:12:6f:71:e4:84:4a:08: 34:2e:d0:23:bf:8d:d6:9c:4a:86:db:8f:9e:95:c7:58:42:05: 27:98:d6:7a:5c:b3:bf:89:b4:6a:8a:c6:a0:6f:d5:b0:23:17: 58:5b:00:ab:b7:98:6d:5b:ce:3f:86:f1:62:b8:bb:03:d1:62: 10:dd:35:0b:e5:01:cf:bb:e9:69:c4:ff:b1:c7:35:19:d6:58: 4d:f9:35:fe:ac:8e:8a:b2:df:e4:e9:ed:50:45:42:89:e4:74: f3:5b:e5:c5:6c:42:b5:25:84:19:da:d4:b8:12:1c:22:70:6c: 2d:3c:b1:f4:0d:4a:6c:c2:39:a3:2d:af:5f:56:94:ac:a6:4c: f9:1d:c8:1a:46:fb:be:53:fe:d8:59:29:ac:f8:9a:d4:57:f4: 1f:7c:36:f7:91:e6:05:f5:77:71:d5:ca:f6:77:80:d2:9b:33: c4:48:de:bd -----BEGIN CERTIFICATE----- MIIFEjCCA/qgAwIBAgISAZrZ2BR5M9kCOx0AsVDxzlWrMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi NjMwYmYwHhcNMjUxMjAxMTIxNjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZmYwYTIyYjllYjZmZGQ1MTkzNTlkZmY4ZWIyYzMyYzQ0YjcwYWU3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiVBBsTqlrDn+xG76pGo1FigchjT H6M6Qzdj9k6VdC+pdl7Keb61Y3CP6wUM58qcxG9BF6TxbTsg0k6USaRZcxxPyakd PyQJ2vo01n6icYjry+/kme5Uw2Cjk0KFdIMW2kAtSsANuVVp91KOaSxyNM0lOqOI AOHsXltWyIkXRZb4E6ExVKsYZHBDJk25rk19KiXSsmfauVBa2E9j5WWdW3ghFGh6 qPgBJJt8OvKK5KQdvpdqyqC0p90r4qTFSorKi2cw24zD+TWUjFZy0X/QCJcM2fhx /HIWsPMEwlMrKbbXUmS4yflb6u5Q7QzOfDQx5VEwy1epVFIc2Cceaxx+QwIDAQAB o4ICHjCCAhowHQYDVR0OBBYEFN/woiuetv3VGTWd/46ywyxEtwrnMB8GA1UdIwQY MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt MTQ3MGFjMzY0ZGQyLzEvM19DaUs1NjJfZFVaTlozX2pyTERMRVMzQ3VjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAAjAbAwcAKg/TAAAA AwcAKg/TAQAAAwcAKg/TAgAAMA0GCSqGSIb3DQEBCwUAA4IBAQBvZHlAPssLKYka KSQZsOQcwu6hDdM+qu6xcfl+KYJOGbqO6q1zwFSnp+eAGFGZp+PBt0Cqm/zLAI/F fok+XZRwKWktpSw6wsBIbKN0VaTydDBqVhJvceSESgg0LtAjv43WnEqG24+elcdY QgUnmNZ6XLO/ibRqisagb9WwIxdYWwCrt5htW84/hvFiuLsD0WIQ3TUL5QHPu+lp xP+xxzUZ1lhN+TX+rI6Kst/k6e1QRUKJ5HTzW+XFbEK1JYQZ2tS4EhwicGwtPLH0 DUpswjmjLa9fVpSspkz5HcgaRvu+U/7YWSms+JrUV/QffDb3keYF9Xdx1cr2d4DS mzPESN69 -----END CERTIFICATE-----Generated at Sat Dec 6 07:41:57 2025 by rpki-client