This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3qg1KGc8omoslEG7jKlx4gx_LhQ.roa File: 3qg1KGc8omoslEG7jKlx4gx_LhQ.roa (raw, json) Hash identifier: TnGs+EX2f9uQeebTem+/sfQFkc/zmqJQ5dURkVKi/n4= Subject key identifier: DE:A8:35:28:67:3C:A2:6A:2C:94:41:BB:8C:A9:71:E2:0C:7F:2E:14 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B47BBA4C5A6AD1D4BB21A6FB47D3 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3qg1KGc8omoslEG7jKlx4gx_LhQ.roa Signing time: Fri 02 Jan 2026 12:20:13 +0000 ROA not before: Fri 02 Jan 2026 12:20:13 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33874 IP address blocks: 2a01:838::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b4:7b:ba:4c:5a:6a:d1:d4:bb:21:a6:fb:47:d3 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:13 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dea83528673ca26a2c9441bb8ca971e20c7f2e14 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:e2:b1:12:c3:23:ca:4d:9c:d6:ab:e4:44:a7: 25:eb:76:8f:60:75:7d:7d:0d:4d:c9:bc:72:f1:dd: bb:e8:e9:9b:0b:51:83:d6:cb:9e:25:2b:32:8a:fd: a8:f5:76:5f:ba:7d:02:b5:26:26:e9:57:46:ab:5a: 51:82:27:c7:42:b8:47:7e:76:6a:b0:11:88:44:f1: ea:ec:5f:73:b9:83:17:35:15:b8:ff:de:df:d0:14: d2:da:e0:a2:d9:8b:7f:0a:39:85:46:26:2c:98:a8: 44:f5:e3:96:94:0b:02:88:17:64:2f:91:24:f0:32: e0:72:48:d2:7f:fd:c0:44:8e:e3:4d:6f:57:e9:c2: d6:55:f8:e0:c5:af:6f:68:e9:a7:44:db:ef:40:ed: 4a:df:03:88:2f:9d:37:8f:ff:66:2d:cb:3b:3b:75: f7:06:3e:8c:7e:be:43:b4:3e:43:7e:aa:f8:f2:aa: 60:f5:fc:02:eb:fb:1c:bf:05:00:1b:cc:9b:c1:d2: 2e:3c:29:c7:c9:26:c9:4a:80:a7:b1:7f:69:1b:d2: 78:57:12:49:0e:1c:22:7a:de:59:90:d3:d3:f1:83: 66:88:14:6b:47:18:7f:25:88:5d:5d:5b:0f:93:8f: 18:ee:9e:d0:9a:7d:28:23:f9:49:11:d5:cb:44:cf: 0f:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:A8:35:28:67:3C:A2:6A:2C:94:41:BB:8C:A9:71:E2:0C:7F:2E:14 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/3qg1KGc8omoslEG7jKlx4gx_LhQ.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:838::/32 Signature Algorithm: sha256WithRSAEncryption 0a:be:aa:17:96:86:7f:1e:07:6e:74:61:1e:f6:d5:85:d9:0d: 8b:b8:6e:f5:ec:3e:c7:e4:0b:db:33:75:ef:3c:ad:ad:c2:90: 34:d7:53:82:10:e8:8f:bf:38:73:9f:83:cc:66:9e:9f:d8:f2: 22:eb:3f:34:b1:41:c5:39:6a:5a:1b:a6:38:7a:84:6a:79:bd: 68:53:59:fd:08:b8:35:af:6a:20:78:2d:4d:61:e4:22:94:f1: 74:7d:23:81:29:43:5b:c5:22:1d:65:a0:18:90:23:23:ca:ea: e4:73:b6:d1:94:10:fa:be:0e:b9:e4:ad:76:8c:72:01:90:b7: 0c:21:78:b2:01:eb:ad:4f:69:9c:16:b1:fe:00:2c:6b:b4:36: 23:67:fb:41:27:76:65:e1:e7:7b:34:6a:68:31:68:3a:9f:d3: cd:a9:9d:9f:95:d4:25:c2:50:ea:7c:f4:e0:db:15:e8:5f:27: 85:7c:a7:85:46:b4:1a:9d:be:de:7c:48:cd:31:ba:2b:f1:c5: 6d:b7:e1:81:33:5a:d8:ae:b4:b4:b3:ae:3e:20:c3:4a:ec:68: 7d:57:7f:23:c9:c4:ee:94:41:6b:bc:e2:7a:a3:5f:dd:2a:a7: aa:79:6b:a8:ca:75:f7:71:b0:54:d7:d2:de:f6:4a:99:d2:f7: 66:4d:38:73 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt+prR7ukxaatHUuyGm+0fTMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZWE4MzUyODY3M2NhMjZhMmM5NDQxYmI4Y2E5NzFlMjBjN2YyZTE0MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuKxEsMjyk2c1qvkRKcl63aPYHV9 fQ1Nybxy8d276OmbC1GD1sueJSsyiv2o9XZfun0CtSYm6VdGq1pRgifHQrhHfnZq sBGIRPHq7F9zuYMXNRW4/97f0BTS2uCi2Yt/CjmFRiYsmKhE9eOWlAsCiBdkL5Ek 8DLgckjSf/3ARI7jTW9X6cLWVfjgxa9vaOmnRNvvQO1K3wOIL503j/9mLcs7O3X3 Bj6Mfr5DtD5Dfqr48qpg9fwC6/scvwUAG8ybwdIuPCnHySbJSoCnsX9pG9J4VxJJ Dhwiet5ZkNPT8YNmiBRrRxh/JYhdXVsPk48Y7p7Qmn0oI/lJEdXLRM8PfwIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN6oNShnPKJqLJRBu4ypceIMfy4UMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvM3FnMUtHYzhvbW9zbEVHN2pLbHg0Z3hfTGhRLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgEIODAN BgkqhkiG9w0BAQsFAAOCAQEACr6qF5aGfx4HbnRhHvbVhdkNi7hu9ew+x+QL2zN1 7zytrcKQNNdTghDoj784c5+DzGaen9jyIus/NLFBxTlqWhumOHqEanm9aFNZ/Qi4 Na9qIHgtTWHkIpTxdH0jgSlDW8UiHWWgGJAjI8rq5HO20ZQQ+r4OueStdoxyAZC3 DCF4sgHrrU9pnBax/gAsa7Q2I2f7QSd2ZeHnezRqaDFoOp/Tzamdn5XUJcJQ6nz0 4NsV6F8nhXynhUa0Gp2+3nxIzTG6K/HFbbfhgTNa2K60tLOuPiDDSuxofVd/I8nE 7pRBa7zieqNf3SqnqnlrqMp193GwVNfS3vZKmdL3Zk04cw== -----END CERTIFICATE-----Generated at Sun Jan 25 20:47:43 2026 by rpki-client