This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa File: x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa (raw, json) Hash identifier: aW1SwGzhZKDv9vTg+ztGzAN+MHGjx+qNx1xNIM7zvvM= Subject key identifier: C7:74:B3:9B:2C:CB:B7:C3:98:C8:62:0F:ED:86:0A:CD:E4:B1:D6:DD Certificate issuer: /CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Certificate serial: 019B7EA6B14046DBE1850513C1E452DFAB50 Authority key identifier: B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa Signing time: Fri 02 Jan 2026 12:20:12 +0000 ROA not before: Fri 02 Jan 2026 12:20:12 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 12302 IP address blocks: 2a01:878::/32 maxlen: 32 2a01:8fa::/32 maxlen: 32 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.mft rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7e:a6:b1:40:46:db:e1:85:05:13:c1:e4:52:df:ab:50 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=b3a5d99863db2e49b44f6c324eb04388fc7515d2 Validity Not Before: Jan 2 12:20:12 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=c774b39b2ccbb7c398c8620fed860acde4b1d6dd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:97:fb:f9:ec:df:f7:5f:31:cd:08:a8:08:2b: 09:64:ac:ef:ae:03:68:6e:d5:d2:46:ad:7a:74:ec: 7a:7f:ee:70:06:f7:db:05:e7:c7:52:1a:3b:f5:1e: 61:0d:ea:f9:83:33:ce:12:01:95:7f:5b:53:a8:91: 6a:a7:95:0a:91:a4:b4:aa:d9:d0:6f:a8:af:b6:db: 08:85:84:29:c0:9f:8a:4a:ac:ab:94:95:5c:d9:02: a0:0d:2b:14:6c:92:bc:53:4c:b7:36:75:d4:51:09: 74:a0:de:e6:db:89:2a:55:c6:6b:f1:bc:5d:e0:fd: e2:b7:b0:ba:2e:ea:f1:52:2e:2e:cc:f4:80:ce:e2: 07:49:47:df:02:b9:ee:ae:f9:a5:20:68:ce:a3:93: 99:84:78:b6:66:ae:1e:eb:ce:3d:f5:c4:9d:42:d8: a9:8f:a1:af:33:c7:9e:30:86:20:85:5c:4d:a8:71: c0:4a:1a:ec:ea:24:97:e6:ec:e0:1f:9e:1b:48:ab: 9a:90:1e:25:b5:76:fd:75:d9:bf:26:63:6b:21:47: cd:63:2b:bf:3d:26:3b:bc:02:af:71:22:ce:16:68: 23:46:d6:26:d0:78:51:0e:f8:30:dc:ca:67:90:3b: f8:a8:10:23:26:42:1c:78:14:08:2c:cc:e3:3a:8c: e1:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C7:74:B3:9B:2C:CB:B7:C3:98:C8:62:0F:ED:86:0A:CD:E4:B1:D6:DD X509v3 Authority Key Identifier: keyid:B3:A5:D9:98:63:DB:2E:49:B4:4F:6C:32:4E:B0:43:88:FC:75:15:D2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6XZmGPbLkm0T2wyTrBDiPx1FdI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/x3SzmyzLt8OYyGIP7YYKzeSx1t0.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/28/29e9bc-b190-409e-86b0-eec5d50efa94/1/s6XZmGPbLkm0T2wyTrBDiPx1FdI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a01:878::/32 2a01:8fa::/32 Signature Algorithm: sha256WithRSAEncryption 05:2c:db:3b:88:ad:dd:76:7b:2b:1a:d8:2e:33:4d:7e:62:14: 9a:ba:0b:11:d8:16:19:b6:99:5a:ac:3e:ec:a6:4f:99:f7:06: 11:32:94:ab:0f:b5:29:25:16:14:70:73:2b:ab:69:e9:a8:fd: 54:df:d1:38:6e:4a:de:b6:3f:9d:ba:0f:46:b1:fc:f3:48:b4: e6:7c:00:b6:21:e5:d9:96:18:e5:49:85:a3:40:9c:a8:0c:68: b9:ee:86:04:de:be:a1:ae:ea:16:6c:5f:53:2e:b1:99:fd:0f: 4b:60:ec:c5:15:a4:dd:d0:c8:67:af:4c:f8:29:1f:d5:e7:c3: fc:1b:a1:30:ec:88:56:19:4b:6e:ef:a7:90:4c:3c:4e:b7:61: 5c:37:95:bf:86:56:59:f0:5c:44:26:af:b1:78:b7:7b:fa:48: 0d:df:d9:c1:0d:41:c0:9f:8c:21:05:8a:0d:3b:9a:d2:1b:27: cd:0b:5d:e4:1f:ed:29:51:78:22:11:d2:91:40:4a:eb:50:fd: 15:a1:7a:10:b4:21:34:2b:4c:c2:2f:bd:74:7c:27:f1:6d:b9: 59:ff:a4:f0:ff:8c:54:fc:45:c3:07:bd:86:3b:e1:09:49:c4: 9f:42:ad:ae:ab:15:f9:31:d3:54:22:16:e0:b7:c2:7e:12:5f: 83:f1:01:d1 -----BEGIN CERTIFICATE----- MIIFBTCCA+2gAwIBAgISAZt+prFARtvhhQUTweRS36tQMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGIzYTVkOTk4NjNkYjJlNDliNDRmNmMzMjRlYjA0Mzg4ZmM3 NTE1ZDIwHhcNMjYwMTAyMTIyMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhjNzc0YjM5YjJjY2JiN2MzOThjODYyMGZlZDg2MGFjZGU0YjFkNmRkMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpf7+ezf918xzQioCCsJZKzvrgNo btXSRq16dOx6f+5wBvfbBefHUho79R5hDer5gzPOEgGVf1tTqJFqp5UKkaS0qtnQ b6ivttsIhYQpwJ+KSqyrlJVc2QKgDSsUbJK8U0y3NnXUUQl0oN7m24kqVcZr8bxd 4P3it7C6LurxUi4uzPSAzuIHSUffArnurvmlIGjOo5OZhHi2Zq4e68499cSdQtip j6GvM8eeMIYghVxNqHHAShrs6iSX5uzgH54bSKuakB4ltXb9ddm/JmNrIUfNYyu/ PSY7vAKvcSLOFmgjRtYm0HhRDvgw3MpnkDv4qBAjJkIceBQILMzjOozhlQIDAQAB o4ICETCCAg0wHQYDVR0OBBYEFMd0s5ssy7fDmMhiD+2GCs3ksdbdMB8GA1UdIwQY MBaAFLOl2Zhj2y5JtE9sMk6wQ4j8dRXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAt ZWVjNWQ1MGVmYTk0LzEveDNTem15ekx0OE9ZeUdJUDdZWUt6ZVN4MXQwLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yOC8yOWU5YmMtYjE5MC00MDllLTg2YjAtZWVjNWQ1MGVmYTk0 LzEvczZYWm1HUGJMa20wVDJ3eVRyQkRpUHgxRmRJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKgEIeAMF ACoBCPowDQYJKoZIhvcNAQELBQADggEBAAUs2zuIrd12eysa2C4zTX5iFJq6CxHY Fhm2mVqsPuymT5n3BhEylKsPtSklFhRwcyuraemo/VTf0ThuSt62P526D0ax/PNI tOZ8ALYh5dmWGOVJhaNAnKgMaLnuhgTevqGu6hZsX1MusZn9D0tg7MUVpN3QyGev TPgpH9Xnw/wboTDsiFYZS27vp5BMPE63YVw3lb+GVlnwXEQmr7F4t3v6SA3f2cEN QcCfjCEFig07mtIbJ80LXeQf7SlReCIR0pFASutQ/RWhehC0ITQrTMIvvXR8J/Ft uVn/pPD/jFT8RcMHvYY74QlJxJ9Cra6rFfkx01QiFuC3wn4SX4PxAdE= -----END CERTIFICATE-----Generated at Sun Jan 25 14:36:32 2026 by rpki-client