This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/3kLb2SclnRZ3nd2D3Q0PJ_hFvoA.roa File: 3kLb2SclnRZ3nd2D3Q0PJ_hFvoA.roa (raw, json) Hash identifier: 6pxbFnk+ektQu+gyRYaAFu/ZHeh+7fJhw5N9t7HsTNc= Subject key identifier: DE:42:DB:D9:27:25:9D:16:77:9D:DD:83:DD:0D:0F:27:F8:45:BE:80 Certificate issuer: /CN=40cc81ff82ced61aef8476ace7a0e818bbae8fc4 Certificate serial: 019B7C131C34DA1FDBA6434DE82BCB8EA4EE Authority key identifier: 40:CC:81:FF:82:CE:D6:1A:EF:84:76:AC:E7:A0:E8:18:BB:AE:8F:C4 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QMyB_4LO1hrvhHas56DoGLuuj8Q.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/3kLb2SclnRZ3nd2D3Q0PJ_hFvoA.roa Signing time: Fri 02 Jan 2026 00:19:45 +0000 ROA not before: Fri 02 Jan 2026 00:19:45 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 204774 IP address blocks: 2a13:5000::/29 maxlen: 48 2a13:5000::/48 maxlen: 64 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/QMyB_4LO1hrvhHas56DoGLuuj8Q.crl rsync://rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/QMyB_4LO1hrvhHas56DoGLuuj8Q.mft rsync://rpki.ripe.net/repository/DEFAULT/QMyB_4LO1hrvhHas56DoGLuuj8Q.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Mon 26 Jan 2026 13:21:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7c:13:1c:34:da:1f:db:a6:43:4d:e8:2b:cb:8e:a4:ee Signature Algorithm: sha256WithRSAEncryption Issuer: CN=40cc81ff82ced61aef8476ace7a0e818bbae8fc4 Validity Not Before: Jan 2 00:19:45 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=de42dbd927259d16779ddd83dd0d0f27f845be80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:17:62:5b:8a:39:50:6f:af:0c:6c:53:34:39: c9:e1:e6:e6:3d:f1:f4:4a:da:6e:9c:d2:67:c2:00: 2d:59:af:b3:bf:63:20:1c:88:d7:5b:16:30:7f:96: f2:36:11:0e:f2:6a:27:91:bb:5a:72:13:8f:e3:a8: b7:bc:fd:60:2c:40:67:21:a3:b9:10:84:25:52:82: c6:70:ce:c2:58:36:1a:cd:2b:b6:6c:61:a2:58:2d: ca:e0:1f:4c:7e:76:f1:ee:dc:9b:97:48:c4:1c:3b: c3:80:8f:15:64:bd:c8:96:53:f9:c8:25:32:69:bb: 49:1a:c8:4a:61:28:61:e9:b8:dd:e5:1c:93:ca:ac: 17:0b:97:b0:a8:65:2d:77:37:c0:a1:e4:60:21:34: d3:8b:87:f0:7e:76:96:e0:64:a1:b0:8d:d9:a2:64: 91:ff:d2:67:df:3b:ba:f2:fd:4e:7f:93:61:61:69: 7c:78:63:99:32:5f:c5:a4:70:a8:00:49:e7:f9:96: 64:31:18:43:55:6c:08:4c:85:bc:3c:4b:21:00:03: a6:f4:fd:1d:86:15:55:b1:e3:9a:c6:9e:4a:1b:f3: 37:8d:dd:21:1c:ef:ef:1d:fe:29:d7:ed:4c:1b:52: 96:8e:4c:51:9d:bc:8d:46:92:4e:8d:29:17:2d:29: aa:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:42:DB:D9:27:25:9D:16:77:9D:DD:83:DD:0D:0F:27:F8:45:BE:80 X509v3 Authority Key Identifier: keyid:40:CC:81:FF:82:CE:D6:1A:EF:84:76:AC:E7:A0:E8:18:BB:AE:8F:C4 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QMyB_4LO1hrvhHas56DoGLuuj8Q.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/3kLb2SclnRZ3nd2D3Q0PJ_hFvoA.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8e1f53-b674-40e8-8bb8-db5d89e8a17c/1/QMyB_4LO1hrvhHas56DoGLuuj8Q.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2a13:5000::/29 Signature Algorithm: sha256WithRSAEncryption 88:ed:9a:41:e6:ea:b7:37:f8:7b:ef:9d:0d:36:3e:8e:98:d7: aa:ce:a0:7d:bd:5d:64:fa:37:15:f4:23:44:40:03:74:3c:f9: 8b:c2:6b:36:8e:35:15:af:68:98:1d:ed:c5:be:95:80:0d:1b: a5:15:0c:44:a8:e3:10:d9:aa:63:5b:f6:4b:40:0e:eb:3a:be: d9:5c:91:d8:27:b0:bf:6d:a4:60:1d:5d:9f:a9:ed:cb:2d:b4: bb:d5:3c:c1:75:fc:17:18:43:ac:a3:68:e0:39:e4:3b:81:22: 6a:b9:09:9e:7d:b5:d4:d5:28:75:69:6a:16:1c:91:1a:e0:98: 0b:48:4f:b5:f4:a2:e5:f1:19:34:76:6b:c1:15:33:98:e1:f4: f2:64:7a:8e:d4:2e:05:c5:6c:2a:03:33:21:f0:59:ac:e2:54: f0:94:3b:81:b5:e5:e1:f4:ed:57:69:2d:7b:88:39:78:18:6c: 43:2b:a3:71:b9:77:72:79:d0:cc:58:bf:3f:b9:06:62:db:7c: eb:c1:8e:2b:fe:64:1c:9f:ad:83:1f:4d:8e:41:c4:c6:4e:f0: 2e:38:a7:80:d2:7a:71:9a:49:b5:59:ae:d3:49:32:d7:bd:6d: b6:14:7c:12:7b:f1:7e:62:b5:f6:fc:7a:2a:57:36:ab:4d:96: 30:3a:ab:3b -----BEGIN CERTIFICATE----- MIIE/jCCA+agAwIBAgISAZt8Exw02h/bpkNN6CvLjqTuMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDQwY2M4MWZmODJjZWQ2MWFlZjg0NzZhY2U3YTBlODE4YmJh ZThmYzQwHhcNMjYwMTAyMDAxOTQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD EyhkZTQyZGJkOTI3MjU5ZDE2Nzc5ZGRkODNkZDBkMGYyN2Y4NDViZTgwMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxdiW4o5UG+vDGxTNDnJ4ebmPfH0 StpunNJnwgAtWa+zv2MgHIjXWxYwf5byNhEO8monkbtachOP46i3vP1gLEBnIaO5 EIQlUoLGcM7CWDYazSu2bGGiWC3K4B9Mfnbx7tybl0jEHDvDgI8VZL3IllP5yCUy abtJGshKYShh6bjd5RyTyqwXC5ewqGUtdzfAoeRgITTTi4fwfnaW4GShsI3ZomSR /9Jn3zu68v1Of5NhYWl8eGOZMl/FpHCoAEnn+ZZkMRhDVWwITIW8PEshAAOm9P0d hhVVseOaxp5KG/M3jd0hHO/vHf4p1+1MG1KWjkxRnbyNRpJOjSkXLSmqawIDAQAB o4ICCjCCAgYwHQYDVR0OBBYEFN5C29knJZ0Wd53dg90NDyf4Rb6AMB8GA1UdIwQY MBaAFEDMgf+CztYa74R2rOeg6Bi7ro/EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvUU15Ql80TE8xaHJ2aEhhczU2RG9HTHV1ajhRLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZTFmNTMtYjY3NC00MGU4LThiYjgt ZGI1ZDg5ZThhMTdjLzEvM2tMYjJTY2xuUlozbmQyRDNRMFBKX2hGdm9BLnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC84MS84ZTFmNTMtYjY3NC00MGU4LThiYjgtZGI1ZDg5ZThhMTdj LzEvUU15Ql80TE8xaHJ2aEhhczU2RG9HTHV1ajhRLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNQADAN BgkqhkiG9w0BAQsFAAOCAQEAiO2aQebqtzf4e++dDTY+jpjXqs6gfb1dZPo3FfQj READdDz5i8JrNo41Fa9omB3txb6VgA0bpRUMRKjjENmqY1v2S0AO6zq+2VyR2Cew v22kYB1dn6ntyy20u9U8wXX8FxhDrKNo4DnkO4EiarkJnn211NUodWlqFhyRGuCY C0hPtfSi5fEZNHZrwRUzmOH08mR6jtQuBcVsKgMzIfBZrOJU8JQ7gbXl4fTtV2kt e4g5eBhsQyujcbl3cnnQzFi/P7kGYtt868GOK/5kHJ+tgx9NjkHExk7wLjingNJ6 cZpJtVmu00ky171tthR8EnvxfmK19vx6Klc2q02WMDqrOw== -----END CERTIFICATE-----Generated at Sun Jan 25 19:35:11 2026 by rpki-client