This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/3Wnyz1QTSGCfnbdCaxBn0wvUFQE.roa File: 3Wnyz1QTSGCfnbdCaxBn0wvUFQE.roa (raw, json) Hash identifier: 2t4MdegjvS7rP/iU7Hj7aColKHs5vThbvVnxW3FHn4E= Subject key identifier: DD:69:F2:CF:54:13:48:60:9F:9D:B7:42:6B:10:67:D3:0B:D4:15:01 Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8 Certificate serial: 019B7910C9688D72C4DCDE7C7E6B85410A0A Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/3Wnyz1QTSGCfnbdCaxBn0wvUFQE.roa Signing time: Thu 01 Jan 2026 10:18:21 +0000 ROA not before: Thu 01 Jan 2026 10:18:21 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 3303 IP address blocks: 2a07:2902:400::/38 maxlen: 38 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.mft rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 07:00:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:79:10:c9:68:8d:72:c4:dc:de:7c:7e:6b:85:41:0a:0a Signature Algorithm: sha256WithRSAEncryption Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8 Validity Not Before: Jan 1 10:18:21 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=dd69f2cf541348609f9db7426b1067d30bd41501 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b3:62:b2:4e:bd:50:ee:7a:bd:f4:a7:0d:e1: cf:f5:83:96:9f:bc:86:4b:b3:e7:3a:86:4a:85:b5: 17:24:f1:2d:83:61:10:d9:12:80:ec:8c:3a:65:1f: f7:a6:8a:96:1b:51:ad:c7:1c:86:5d:fd:15:b2:ef: 7c:96:70:0c:85:d0:69:b0:ca:3a:c3:ea:84:90:ad: 8e:04:95:f4:00:0e:d9:e3:6e:d9:34:cd:9b:2e:f1: c1:e6:90:43:2d:4a:84:38:b9:42:b0:b7:ed:d2:5f: 94:82:0b:80:50:21:75:51:90:e9:b4:a2:d2:f5:5f: c9:79:26:7b:e7:56:2d:b4:72:2e:a1:ea:42:f1:f4: 85:b0:89:d2:e6:eb:3c:bd:e7:f5:6a:8d:ff:1e:cf: 2c:ff:5f:f5:cd:2c:b2:3d:d3:c4:ba:9a:68:5c:aa: b0:13:88:4d:e2:20:8b:bf:6c:3a:ba:9d:7a:8d:24: 89:01:52:ab:0c:8a:4a:72:33:a2:b9:08:45:3b:97: 85:78:37:ae:01:54:8d:ee:32:c0:e5:20:ba:c9:67: ad:a3:38:1d:68:f7:09:3b:38:f6:df:89:b5:60:d4: 55:12:0f:48:5c:20:94:77:75:c1:fc:19:cb:40:3e: fd:a1:c4:e8:83:f8:96:bd:ae:2b:e8:97:bf:a1:1f: d7:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:69:F2:CF:54:13:48:60:9F:9D:B7:42:6B:10:67:D3:0B:D4:15:01 X509v3 Authority Key Identifier: keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/3Wnyz1QTSGCfnbdCaxBn0wvUFQE.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a07:2902:400::/38 Signature Algorithm: sha256WithRSAEncryption 66:9d:e4:66:96:01:38:5f:cd:f5:fe:cc:ae:87:29:fa:0d:92: e1:c7:05:e7:de:46:87:3a:27:9f:e2:9a:b6:d7:57:b7:0b:a7: 64:1d:9f:f6:c2:95:a1:00:08:ae:b7:d0:a6:db:a5:fa:a5:c2: 36:ae:aa:0f:a1:63:7b:0c:32:1f:41:8a:01:85:37:3e:58:74: f8:01:e5:85:ba:ca:dc:d2:bf:5c:98:5b:d3:aa:22:c9:82:2c: 15:c7:d6:6d:f0:15:d2:1e:89:8f:65:0b:3a:22:5c:14:f8:99: 98:2f:ae:a3:6d:81:0f:76:88:2f:1d:15:4d:d6:cc:66:c4:2f: e6:d7:62:a9:15:8a:6c:88:9a:7c:86:00:32:65:9f:93:ac:6b: 3b:9a:85:cf:9d:f9:c2:73:24:40:92:88:6d:29:b1:7f:81:07: 72:1e:1c:78:ac:dc:49:71:65:8d:8e:04:6a:7b:e6:e8:6a:15: bf:6a:07:af:82:8b:14:a9:8f:90:a7:c2:7a:4d:e1:ac:37:84: 5a:8e:17:4f:65:db:cc:33:8a:c1:90:60:6f:14:2e:59:1a:8b: e6:62:5d:19:cf:c4:f0:d3:fe:68:77:d2:a0:74:d2:e1:21:96: 1a:e3:a4:a1:97:9d:4b:e8:1a:16:6e:29:3e:51:c4:cf:dd:e5: fd:a5:9b:25 -----BEGIN CERTIFICATE----- MIIE/zCCA+egAwIBAgISAZt5EMlojXLE3N58fmuFQQoKMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw OTliYjgwHhcNMjYwMTAxMTAxODIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZDY5ZjJjZjU0MTM0ODYwOWY5ZGI3NDI2YjEwNjdkMzBiZDQxNTAxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3LNisk69UO56vfSnDeHP9YOWn7yG S7PnOoZKhbUXJPEtg2EQ2RKA7Iw6ZR/3poqWG1GtxxyGXf0Vsu98lnAMhdBpsMo6 w+qEkK2OBJX0AA7Z427ZNM2bLvHB5pBDLUqEOLlCsLft0l+UgguAUCF1UZDptKLS 9V/JeSZ751YttHIuoepC8fSFsInS5us8vef1ao3/Hs8s/1/1zSyyPdPEuppoXKqw E4hN4iCLv2w6up16jSSJAVKrDIpKcjOiuQhFO5eFeDeuAVSN7jLA5SC6yWetozgd aPcJOzj234m1YNRVEg9IXCCUd3XB/BnLQD79ocTog/iWva4r6Je/oR/XBwIDAQAB o4ICCzCCAgcwHQYDVR0OBBYEFN1p8s9UE0hgn523QmsQZ9ML1BUBMB8GA1UdIwQY MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt ODhkMmRmMTBkMTViLzEvM1dueXoxUVRTR0NmbmJkQ2F4Qm4wd3ZVRlFFLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKgcpAgQw DQYJKoZIhvcNAQELBQADggEBAGad5GaWAThfzfX+zK6HKfoNkuHHBefeRoc6J5/i mrbXV7cLp2Qdn/bClaEACK630Kbbpfqlwjauqg+hY3sMMh9BigGFNz5YdPgB5YW6 ytzSv1yYW9OqIsmCLBXH1m3wFdIeiY9lCzoiXBT4mZgvrqNtgQ92iC8dFU3WzGbE L+bXYqkVimyImnyGADJln5Osazuahc+d+cJzJECSiG0psX+BB3IeHHis3ElxZY2O BGp75uhqFb9qB6+CixSpj5CnwnpN4aw3hFqOF09l28wzisGQYG8ULlkai+ZiXRnP xPDT/mh30qB00uEhlhrjpKGXnUvoGhZuKT5RxM/d5f2lmyU= -----END CERTIFICATE-----Generated at Sun Jan 25 17:22:10 2026 by rpki-client