This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FfkicRnds0SyM8Ri9Cp-q39uDR8.roa File: FfkicRnds0SyM8Ri9Cp-q39uDR8.roa (raw, json) Hash identifier: biBnPAucsy15z3WhNtWi3egdIRrJTjNrL9lhRCi/Suk= Subject key identifier: 15:F9:22:71:19:DD:B3:44:B2:33:C4:62:F4:2A:7E:AB:7F:6E:0D:1F Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321 Certificate serial: 019B7F15340ED6C1EED194DEFE23C66B2D9F Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FfkicRnds0SyM8Ri9Cp-q39uDR8.roa Signing time: Fri 02 Jan 2026 14:20:54 +0000 ROA not before: Fri 02 Jan 2026 14:20:54 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 207625 IP address blocks: 2a14:db80:2::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:00:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7f:15:34:0e:d6:c1:ee:d1:94:de:fe:23:c6:6b:2d:9f Signature Algorithm: sha256WithRSAEncryption Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321 Validity Not Before: Jan 2 14:20:54 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=15f9227119ddb344b233c462f42a7eab7f6e0d1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:03:35:84:e0:df:56:ce:ba:46:95:ef:9f:e2: 8e:25:8f:ed:89:6d:2f:14:48:30:56:36:dc:c1:77: 6c:70:4f:64:0d:19:5c:df:1f:52:77:c5:70:ff:58: c7:4b:29:96:f3:a6:23:17:03:ec:c2:9b:83:84:76: fb:01:ce:16:9a:6d:6a:21:e9:d0:09:8c:c6:ae:4a: e3:fb:39:92:d2:0a:40:7f:28:f2:cc:2d:1f:8a:2c: 6d:25:c3:51:30:2e:19:f0:ef:0d:d5:c9:2d:e6:1a: 9f:b9:52:51:e3:d6:19:b9:ca:47:e4:59:df:ab:f4: e7:da:74:f7:34:c0:8f:c8:27:0d:7f:03:b6:b3:eb: 4f:0a:46:1e:30:15:75:09:2a:1b:71:cb:c0:30:79: d2:bd:2f:6d:03:e6:00:a4:2b:32:a8:8f:0b:75:5e: 6d:5b:3f:c2:eb:e0:77:28:9b:72:df:49:bb:1c:34: 01:57:39:67:39:fb:07:1d:86:58:8f:1a:0c:98:0e: 4a:f5:c4:6e:bc:9e:32:74:6e:c3:83:bb:ce:e0:4b: 8d:28:ea:b0:0c:a6:79:4e:3a:a4:30:97:41:ef:e9: 2c:20:3f:93:38:1b:16:9a:fc:e8:b9:5d:c7:b9:b2: e6:c7:d6:fe:c0:80:f7:10:bc:69:4f:7b:ce:05:57: 02:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:F9:22:71:19:DD:B3:44:B2:33:C4:62:F4:2A:7E:AB:7F:6E:0D:1F X509v3 Authority Key Identifier: keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/FfkicRnds0SyM8Ri9Cp-q39uDR8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a14:db80:2::/48 Signature Algorithm: sha256WithRSAEncryption 1b:9a:69:99:c6:d2:12:90:7e:51:42:8e:ff:8a:80:4d:30:15: 67:39:0c:e5:84:a5:db:af:77:57:ce:ad:fe:16:c0:71:90:62: 2a:f5:de:7d:f1:02:60:aa:8f:af:aa:63:6e:a2:1a:5b:c2:96: 35:4f:7c:59:8b:47:e9:a0:08:9f:a5:aa:22:b8:7d:a4:d6:c3: 8c:58:2c:bd:32:80:85:4c:e4:8f:8e:dc:b9:57:1d:8e:55:e8: 7c:9e:cd:bc:87:a5:d8:5e:b0:a9:b0:4d:f3:80:31:6b:67:56: 29:8d:4a:5f:90:22:cb:26:92:53:5e:f9:6a:5b:2f:ac:e1:f5: bc:00:5c:32:c2:c9:ff:fb:da:b5:64:54:82:1b:b8:8b:e9:84: d8:b2:00:fd:db:98:6b:cd:cf:5e:db:70:3c:bb:40:19:60:7a: 02:38:1d:55:3f:12:7d:94:ee:6b:23:16:12:13:24:3f:9a:5b: bb:20:7c:82:b9:0d:69:b7:80:df:98:13:8b:a5:5f:a3:8d:74: fe:80:81:b6:de:2f:a8:e8:3f:dc:c0:cc:03:9c:57:15:04:c4: 90:b5:a4:25:04:2f:53:5c:6e:cb:f6:db:59:43:12:b2:84:20: 1a:f9:9b:79:80:de:96:75:54:59:7c:4a:e4:12:2d:77:25:59: 2e:6d:de:2c -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt/FTQO1sHu0ZTe/iPGay2fMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx ZDMzMjEwHhcNMjYwMTAyMTQyMDU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EygxNWY5MjI3MTE5ZGRiMzQ0YjIzM2M0NjJmNDJhN2VhYjdmNmUwZDFmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQM1hODfVs66RpXvn+KOJY/tiW0v FEgwVjbcwXdscE9kDRlc3x9Sd8Vw/1jHSymW86YjFwPswpuDhHb7Ac4Wmm1qIenQ CYzGrkrj+zmS0gpAfyjyzC0fiixtJcNRMC4Z8O8N1ckt5hqfuVJR49YZucpH5Fnf q/Tn2nT3NMCPyCcNfwO2s+tPCkYeMBV1CSobccvAMHnSvS9tA+YApCsyqI8LdV5t Wz/C6+B3KJty30m7HDQBVzlnOfsHHYZYjxoMmA5K9cRuvJ4ydG7Dg7vO4EuNKOqw DKZ5TjqkMJdB7+ksID+TOBsWmvzouV3HubLmx9b+wID3ELxpT3vOBVcCoQIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFBX5InEZ3bNEsjPEYvQqfqt/bg0fMB8GA1UdIwQY MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt NDNkZjQ3ZDVhMWU3LzEvRmZraWNSbmRzMFN5TThSaTlDcC1xMzl1RFI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3 LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhTbgAAC MA0GCSqGSIb3DQEBCwUAA4IBAQAbmmmZxtISkH5RQo7/ioBNMBVnOQzlhKXbr3dX zq3+FsBxkGIq9d598QJgqo+vqmNuohpbwpY1T3xZi0fpoAifpaoiuH2k1sOMWCy9 MoCFTOSPjty5Vx2OVeh8ns28h6XYXrCpsE3zgDFrZ1YpjUpfkCLLJpJTXvlqWy+s 4fW8AFwywsn/+9q1ZFSCG7iL6YTYsgD925hrzc9e23A8u0AZYHoCOB1VPxJ9lO5r IxYSEyQ/mlu7IHyCuQ1pt4DfmBOLpV+jjXT+gIG23i+o6D/cwMwDnFcVBMSQtaQl BC9TXG7L9ttZQxKyhCAa+Zt5gN6WdVRZfErkEi13JVkubd4s -----END CERTIFICATE-----Generated at Sun Jan 25 19:59:59 2026 by rpki-client