This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/3IB8mthpDOk_BFBQubUuplUkjXo.roa File: 3IB8mthpDOk_BFBQubUuplUkjXo.roa (raw, json) Hash identifier: e+u6WkaJwntAo2oCWNchAEYFIeKwoZYuEMGJQKwp5uE= Subject key identifier: DC:80:7C:9A:D8:69:0C:E9:3F:04:50:50:B9:B5:2E:A6:55:24:8D:7A Certificate issuer: /CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2 Certificate serial: 019B7C11C5A5E2AD4500DF6D8321F6F2B527 Authority key identifier: 31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/3IB8mthpDOk_BFBQubUuplUkjXo.roa Signing time: Fri 02 Jan 2026 00:18:18 +0000 ROA not before: Fri 02 Jan 2026 00:18:18 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 33988 IP address blocks: 2a0b:8f00::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.mft rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 22:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:11:c5:a5:e2:ad:45:00:df:6d:83:21:f6:f2:b5:27 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3188fae3ebbb3d74feeddcf507f83e67db8850a2 Validity Not Before: Jan 2 00:18:18 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dc807c9ad8690ce93f045050b9b52ea655248d7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d2:08:00:41:24:88:84:f2:67:25:29:ef:75: 42:86:53:d9:61:03:48:2f:92:ce:a1:dc:a4:e1:08: ea:e4:7c:e2:64:45:01:4f:26:46:c8:45:f6:81:9d: 8d:e6:20:96:53:eb:6a:53:d2:4d:35:60:9a:d4:9a: 76:bf:d8:9e:0f:2c:41:e6:4d:b0:e0:0d:98:1d:25: 41:82:c1:81:00:b2:cc:9c:62:91:36:51:f2:55:f6: 06:7d:ca:0a:b5:c6:4d:08:7e:82:82:17:d4:53:90: 1b:c7:0a:f2:ba:bf:69:05:2e:35:0b:cd:89:84:10: 2d:2f:23:cb:e6:65:23:ae:db:4e:99:9c:97:2c:f9: a7:fd:8e:55:6d:29:f4:7f:56:a7:af:f9:ff:5b:cc: 43:e2:0f:9c:c5:b1:05:0f:31:21:06:5e:6e:32:08: 56:8c:85:f2:3b:60:61:a4:a2:c4:0b:ca:f7:c7:80: 74:c9:65:4d:1e:a0:7c:55:54:bb:b3:89:98:7f:63: 98:98:bb:2c:6c:9d:3d:0a:0b:92:d2:e8:42:43:91: a6:d9:4a:f3:9d:cd:90:ee:74:b5:5d:1e:fb:b3:ad: ae:fd:a9:08:26:07:50:5f:ab:e6:5a:cc:8f:da:38: 54:fe:49:c0:a3:92:e8:4c:4f:93:cd:a4:df:a2:4a: 8f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:80:7C:9A:D8:69:0C:E9:3F:04:50:50:B9:B5:2E:A6:55:24:8D:7A X509v3 Authority Key Identifier: keyid:31:88:FA:E3:EB:BB:3D:74:FE:ED:DC:F5:07:F8:3E:67:DB:88:50:A2 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYj64-u7PXT-7dz1B_g-Z9uIUKI.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/3IB8mthpDOk_BFBQubUuplUkjXo.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ea29f2-c340-4d61-b5bb-b853dff8765c/1/MYj64-u7PXT-7dz1B_g-Z9uIUKI.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a0b:8f00::/29 Signature Algorithm: sha256WithRSAEncryption 89:30:3d:1d:91:54:da:39:cd:83:68:d7:b0:00:22:16:d5:7a: 02:24:83:d1:2a:c6:b1:8e:68:1a:86:17:f0:bd:2a:b3:3c:a0: 5f:e0:26:a7:56:51:e5:b9:36:8a:0b:c6:8d:b4:16:41:f5:d8: bf:58:9c:dc:ac:c2:14:39:1c:85:4f:c8:0f:e4:1b:8c:41:af: 9b:5c:fa:15:79:ed:a1:3e:7f:f3:bf:9e:4c:2e:dc:94:ca:4f: e5:1b:28:ba:39:92:99:88:a7:fc:db:78:dc:f6:10:55:fc:df: 3f:b5:d1:a6:21:c4:33:3a:d7:e9:00:38:5b:33:e5:af:4a:4b: 30:57:bd:f8:55:5f:95:0f:65:1b:9e:89:37:e5:f6:2d:25:bf: 6a:67:26:88:d3:6b:72:bd:60:c6:c0:ef:da:c4:0f:53:1e:ac: 71:fc:a3:07:47:c2:d4:4f:37:11:50:09:a2:b1:3e:a2:e4:3a: 6f:75:26:00:af:fa:b8:0f:34:1b:bb:d0:eb:46:ab:65:fb:47: ee:b2:42:67:47:2c:54:4b:1e:12:ac:a1:ff:c7:f3:23:ad:25: e6:26:b8:d8:c6:50:b6:76:cc:dc:79:27:c4:41:d4:77:40:02: e3:bd:3e:59:d4:fa:86:92:96:e1:4b:f3:bd:68:2c:c9:b1:c5: 28:4a:98:f3 -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8EcWl4q1FAN9tgyH28rUnMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDMxODhmYWUzZWJiYjNkNzRmZWVkZGNmNTA3ZjgzZTY3ZGI4 ODUwYTIwHhcNMjYwMTAyMDAxODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkYzgwN2M5YWQ4NjkwY2U5M2YwNDUwNTBiOWI1MmVhNjU1MjQ4ZDdhMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutIIAEEkiITyZyUp73VChlPZYQNI L5LOodyk4Qjq5HziZEUBTyZGyEX2gZ2N5iCWU+tqU9JNNWCa1Jp2v9ieDyxB5k2w 4A2YHSVBgsGBALLMnGKRNlHyVfYGfcoKtcZNCH6CghfUU5Abxwryur9pBS41C82J hBAtLyPL5mUjrttOmZyXLPmn/Y5VbSn0f1anr/n/W8xD4g+cxbEFDzEhBl5uMghW jIXyO2BhpKLEC8r3x4B0yWVNHqB8VVS7s4mYf2OYmLssbJ09CguS0uhCQ5Gm2Urz nc2Q7nS1XR77s62u/akIJgdQX6vmWsyP2jhU/knAo5LoTE+TzaTfokqPFQIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFNyAfJrYaQzpPwRQULm1LqZVJI16MB8GA1UdIwQY MBaAFDGI+uPruz10/u3c9Qf4PmfbiFCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmIt Yjg1M2RmZjg3NjVjLzEvM0lCOG10aHBET2tfQkZCUXViVXVwbFVralhvLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8yZS9lYTI5ZjItYzM0MC00ZDYxLWI1YmItYjg1M2RmZjg3NjVj LzEvTVlqNjQtdTdQWFQtN2R6MUJfZy1aOXVJVUtJLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKguPADAN BgkqhkiG9w0BAQsFAAOCAQEAiTA9HZFU2jnNg2jXsAAiFtV6AiSD0SrGsY5oGoYX 8L0qszygX+Amp1ZR5bk2igvGjbQWQfXYv1ic3KzCFDkchU/ID+QbjEGvm1z6FXnt oT5/87+eTC7clMpP5RsoujmSmYin/Nt43PYQVfzfP7XRpiHEMzrX6QA4WzPlr0pL MFe9+FVflQ9lG56JN+X2LSW/amcmiNNrcr1gxsDv2sQPUx6scfyjB0fC1E83EVAJ orE+ouQ6b3UmAK/6uA80G7vQ60arZftH7rJCZ0csVEseEqyh/8fzI60l5ia42MZQ tnbM3HknxEHUd0AC470+WdT6hpKW4UvzvWgsybHFKEqY8w== -----END CERTIFICATE-----Generated at Mon Jan 26 05:02:14 2026 by rpki-client