This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/SdOMrTA1LJZTbylGBdmnZADVV2c.roa File: SdOMrTA1LJZTbylGBdmnZADVV2c.roa (raw, json) Hash identifier: 2oF71VsuS57X0mplIwyTPLvBv9+R4wlk3shw+VNP3cg= Subject key identifier: 49:D3:8C:AD:30:35:2C:96:53:6F:29:46:05:D9:A7:64:00:D5:57:67 Certificate issuer: /CN=3cfaa40f6263e00d1291698576a617a5b5d68a9c Certificate serial: 019B797E04B1F40099CE1684826FCA500BE0 Authority key identifier: 3C:FA:A4:0F:62:63:E0:0D:12:91:69:85:76:A6:17:A5:B5:D6:8A:9C Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/SdOMrTA1LJZTbylGBdmnZADVV2c.roa Signing time: Thu 01 Jan 2026 12:17:40 +0000 ROA not before: Thu 01 Jan 2026 12:17:40 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 212377 IP address blocks: 2001:67c:98c::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.crl rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.mft rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 27 Jan 2026 01:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:7e:04:b1:f4:00:99:ce:16:84:82:6f:ca:50:0b:e0 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=3cfaa40f6263e00d1291698576a617a5b5d68a9c Validity Not Before: Jan 1 12:17:40 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=49d38cad30352c96536f294605d9a76400d55767 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:25:b2:93:70:d1:27:5d:50:a7:20:ee:4b:2d: fb:f9:41:0a:e1:8e:19:e4:93:37:5c:90:86:e9:cf: 21:c7:b8:85:d5:c6:06:19:ad:45:34:a7:db:65:b7: 0f:19:da:86:fa:1b:22:e0:03:ee:7a:e4:9d:46:48: c1:6b:a3:6e:d1:5e:53:49:ea:46:ef:fe:a7:02:51: 79:15:ce:22:a1:95:6b:71:2e:d5:cb:0a:b6:3e:e9: 35:52:e9:27:77:85:21:cb:bb:d4:82:15:83:70:60: 11:a6:3b:41:15:df:c7:b2:2f:07:b3:30:6a:2a:b7: 11:07:0e:d3:f7:c0:b9:4b:9d:c1:39:5f:ff:0d:bb: c9:d6:74:ff:c0:4c:f8:3a:67:e1:f5:5b:92:64:c9: 15:c5:c1:7c:84:fd:9d:7c:0b:f2:17:1f:06:5c:9b: b6:8f:bd:fb:39:20:96:f5:0d:dc:13:49:3a:da:0a: bd:b8:f1:8c:bc:9f:cf:e4:3f:a1:1a:61:ae:8a:11: 90:cf:0d:40:86:42:e2:5c:7d:1a:4a:37:4b:53:ee: d6:3f:66:d0:67:65:0d:0a:05:8c:8b:79:5d:40:2c: 21:95:3a:fd:eb:90:8a:40:41:42:30:fd:84:34:24: 4d:56:81:d6:57:83:25:c0:c2:cb:36:62:9b:2c:1d: 1e:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:D3:8C:AD:30:35:2C:96:53:6F:29:46:05:D9:A7:64:00:D5:57:67 X509v3 Authority Key Identifier: keyid:3C:FA:A4:0F:62:63:E0:0D:12:91:69:85:76:A6:17:A5:B5:D6:8A:9C X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/SdOMrTA1LJZTbylGBdmnZADVV2c.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2001:67c:98c::/48 Signature Algorithm: sha256WithRSAEncryption 29:46:ce:21:d2:80:59:38:07:e3:f4:43:51:ec:c0:9e:26:07: dc:d3:4a:de:1f:c8:3e:5f:00:6c:8d:12:ef:38:af:db:fd:33: db:48:2a:b1:0f:d5:08:ea:b2:c7:29:07:fb:75:d0:4f:93:30: 40:e9:77:7e:86:6c:cd:62:26:5c:d9:69:5a:b5:31:36:22:71: 10:bc:38:8c:1a:08:4a:d0:52:59:26:b5:1f:ec:2d:e5:32:64: 8e:4d:32:1c:f0:a0:b9:b2:e1:68:3c:0d:03:1a:99:3c:58:12: 5e:56:02:53:8d:46:70:36:ee:17:86:49:42:37:f5:01:35:48: 43:0d:67:7f:96:79:71:be:e7:b4:43:f8:4a:88:6a:d4:c2:b4: c6:5e:20:7b:1a:ab:3b:98:79:70:5e:66:8d:59:c8:cf:70:3f: 7e:da:7f:5d:cf:2e:50:f1:07:13:30:ad:5d:05:e5:ac:a5:c0: c9:49:10:6e:d8:78:81:3f:44:82:89:3a:31:eb:d2:e3:d3:1f: 54:1b:15:a4:fa:aa:a6:be:ca:46:f4:47:60:43:ae:5d:d0:15: 82:d5:25:5e:90:65:8d:4b:22:f2:f5:18:3b:10:47:ab:c5:40: 51:4e:25:a4:9a:93:5f:92:b5:9b:11:9b:fd:51:ca:9a:7d:17: 52:f0:40:06 -----BEGIN CERTIFICATE----- MIIFADCCA+igAwIBAgISAZt5fgSx9ACZzhaEgm/KUAvgMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDNjZmFhNDBmNjI2M2UwMGQxMjkxNjk4NTc2YTYxN2E1YjVk NjhhOWMwHhcNMjYwMTAxMTIxNzQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0OWQzOGNhZDMwMzUyYzk2NTM2ZjI5NDYwNWQ5YTc2NDAwZDU1NzY3MIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCWyk3DRJ11QpyDuSy37+UEK4Y4Z 5JM3XJCG6c8hx7iF1cYGGa1FNKfbZbcPGdqG+hsi4APueuSdRkjBa6Nu0V5TSepG 7/6nAlF5Fc4ioZVrcS7Vywq2Puk1Uuknd4Uhy7vUghWDcGARpjtBFd/Hsi8HszBq KrcRBw7T98C5S53BOV//DbvJ1nT/wEz4Omfh9VuSZMkVxcF8hP2dfAvyFx8GXJu2 j737OSCW9Q3cE0k62gq9uPGMvJ/P5D+hGmGuihGQzw1AhkLiXH0aSjdLU+7WP2bQ Z2UNCgWMi3ldQCwhlTr965CKQEFCMP2ENCRNVoHWV4MlwMLLNmKbLB0eUwIDAQAB o4ICDDCCAggwHQYDVR0OBBYEFEnTjK0wNSyWU28pRgXZp2QA1VdnMB8GA1UdIwQY MBaAFDz6pA9iY+ANEpFphXamF6W11oqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUFBxa0QySmo0QTBTa1dtRmRxWVhwYlhXaXB3LmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84NDVhZWUtZGFhYy00NjQxLTlmMzEt OWU3ZjBmOTQxMDQ5LzEvU2RPTXJUQTFMSlpUYnlsR0JkbW5aQURWVjJjLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC81MC84NDVhZWUtZGFhYy00NjQxLTlmMzEtOWU3ZjBmOTQxMDQ5 LzEvUFBxa0QySmo0QTBTa1dtRmRxWVhwYlhXaXB3LmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmM MA0GCSqGSIb3DQEBCwUAA4IBAQApRs4h0oBZOAfj9ENR7MCeJgfc00reH8g+XwBs jRLvOK/b/TPbSCqxD9UI6rLHKQf7ddBPkzBA6Xd+hmzNYiZc2WlatTE2InEQvDiM GghK0FJZJrUf7C3lMmSOTTIc8KC5suFoPA0DGpk8WBJeVgJTjUZwNu4XhklCN/UB NUhDDWd/lnlxvue0Q/hKiGrUwrTGXiB7Gqs7mHlwXmaNWcjPcD9+2n9dzy5Q8QcT MK1dBeWspcDJSRBu2HiBP0SCiTox69Lj0x9UGxWk+qqmvspG9EdgQ65d0BWC1SVe kGWNSyLy9Rg7EEerxUBRTiWkmpNfkrWbEZv9UcqafRdS8EAG -----END CERTIFICATE-----Generated at Mon Jan 26 09:23:34 2026 by rpki-client