This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/qzIbIOdweY6pocYgDw-BYpuwt2k.roa File: qzIbIOdweY6pocYgDw-BYpuwt2k.roa (raw, json) Hash identifier: RCGDZNml0heHLSfAzhIyGN2imnWRjKRBHXZrfhyhHtA= Subject key identifier: AB:32:1B:20:E7:70:79:8E:A9:A1:C6:20:0F:0F:81:62:9B:B0:B7:69 Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B441D03B102FBC5FDF381417140F Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/qzIbIOdweY6pocYgDw-BYpuwt2k.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 30722 IP address blocks: 2a01:820::/32 maxlen: 32 2a01:827::/32 maxlen: 32 2a01:8d0::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 09:01:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b4:41:d0:3b:10:2f:bc:5f:df:38:14:17:14:0f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=ab321b20e770798ea9a1c6200f0f81629bb0b769 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:7c:b7:71:53:84:ba:e1:f8:3b:45:21:f1:1b: 77:95:11:3b:6e:84:f2:b4:e3:33:b4:e9:ce:47:b7: 35:d3:ae:f8:0d:01:30:7c:98:64:c7:81:8a:2c:2d: 62:69:39:87:ed:02:00:eb:8c:43:31:1c:36:06:ff: 25:25:95:a0:ba:d9:65:8f:4f:d4:7a:b9:05:26:81: 39:cf:5b:d6:13:d6:85:79:c6:3f:cd:36:0c:12:0d: 41:05:36:74:de:f9:50:8f:92:44:4b:14:dc:a3:10: 14:aa:86:de:96:2d:78:18:1a:42:bf:fb:dd:fb:22: 87:f7:fe:bb:e8:85:62:b6:23:39:11:10:5d:5d:82: 71:f3:25:5c:4b:0d:55:c9:8a:04:02:4f:dd:6f:f0: 04:58:33:ac:4b:46:3e:cb:39:32:4d:8a:77:0d:8b: de:7d:2c:d4:30:b2:1f:3e:27:e8:22:d4:40:5e:24: e3:34:56:1e:00:60:2e:33:52:31:a6:17:75:98:29: 06:97:40:7d:3c:d8:3a:25:82:38:93:98:da:3d:c6: 5e:6c:e3:a1:a2:c2:07:e7:78:c0:4d:39:3e:20:dd: 0f:a1:b8:99:e8:19:54:2b:78:01:5f:08:11:9d:0b: 8f:e4:34:e9:cc:aa:c8:98:00:23:e6:6a:25:04:7b: 23:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:32:1B:20:E7:70:79:8E:A9:A1:C6:20:0F:0F:81:62:9B:B0:B7:69 X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/qzIbIOdweY6pocYgDw-BYpuwt2k.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:820::/32 2a01:827::/32 2a01:8d0::/32 Signature Algorithm: sha256WithRSAEncryption 92:1c:3c:58:1e:8d:44:15:4d:32:fb:e9:d5:d8:cd:c8:64:e6: 82:e1:66:3f:36:6c:45:2a:1a:53:9f:0a:87:da:34:15:f9:24: 58:74:eb:11:dc:9e:a6:3d:d0:71:63:c9:ca:f9:88:3d:ee:b4: 24:f8:84:33:43:f2:11:df:4a:2e:24:47:3b:01:e0:ca:bf:65: 86:f3:70:09:58:d2:4a:d6:84:5a:46:fa:69:07:b0:24:7a:df: 3a:27:a8:d9:6a:d3:45:63:cf:2a:98:7d:e6:57:c5:77:39:28: fb:38:cd:11:e7:6a:e2:c2:e7:3a:35:5b:1c:59:cd:99:70:40: eb:8a:a4:ef:ca:18:67:5e:3b:e1:bb:08:88:7e:e4:61:16:69: 26:f8:8a:65:87:eb:f0:27:45:a2:19:13:51:8b:d2:94:9b:76: 8e:e5:db:cf:16:ba:c8:a1:b9:21:1e:0a:85:ca:43:9f:46:bd: 29:f8:12:07:48:4a:7a:00:c1:f5:4f:5e:3d:fe:16:62:04:ea: b3:d3:ce:37:17:0b:88:33:51:8a:16:cb:10:3f:23:f0:e7:5b: 05:6f:1c:6b:7f:05:39:f4:76:f2:82:c4:22:a6:8e:46:16:7c: 66:ca:b8:b5:a5:0c:bc:3b:61:0c:f8:02:77:6d:09:1f:53:8f: db:aa:29:37 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt+prRB0DsQL7xf3zgUFxQPMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhhYjMyMWIyMGU3NzA3OThlYTlhMWM2MjAwZjBmODE2MjliYjBiNzY5MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA63y3cVOEuuH4O0Uh8Rt3lRE7boTy tOMztOnOR7c10674DQEwfJhkx4GKLC1iaTmH7QIA64xDMRw2Bv8lJZWgutllj0/U erkFJoE5z1vWE9aFecY/zTYMEg1BBTZ03vlQj5JESxTcoxAUqobeli14GBpCv/vd +yKH9/676IVitiM5ERBdXYJx8yVcSw1VyYoEAk/db/AEWDOsS0Y+yzkyTYp3DYve fSzUMLIfPifoItRAXiTjNFYeAGAuM1Ixphd1mCkGl0B9PNg6JYI4k5jaPcZebOOh osIH53jATTk+IN0PobiZ6BlUK3gBXwgRnQuP5DTpzKrImAAj5molBHsjxwIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFKsyGyDncHmOqaHGIA8PgWKbsLdpMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEvcXpJYklPZHdlWTZwb2NZZ0R3LUJZcHV3dDJrLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgEIIAMF ACoBCCcDBQAqAQjQMA0GCSqGSIb3DQEBCwUAA4IBAQCSHDxYHo1EFU0y++nV2M3I ZOaC4WY/NmxFKhpTnwqH2jQV+SRYdOsR3J6mPdBxY8nK+Yg97rQk+IQzQ/IR30ou JEc7AeDKv2WG83AJWNJK1oRaRvppB7Aket86J6jZatNFY88qmH3mV8V3OSj7OM0R 52riwuc6NVscWc2ZcEDriqTvyhhnXjvhuwiIfuRhFmkm+Iplh+vwJ0WiGRNRi9KU m3aO5dvPFrrIobkhHgqFykOfRr0p+BIHSEp6AMH1T149/hZiBOqz0843FwuIM1GK FssQPyPw51sFbxxrfwU59HbygsQipo5GFnxmyri1pQy8O2EM+AJ3bQkfU4/bqik3 -----END CERTIFICATE-----Generated at Sun Jan 25 18:06:38 2026 by rpki-client